Konfigurasi Server Debian GNU/Linux 5.0.1 "Lenny" DAN ROUTER
1. Apt-get install
dhcp3-server
2. Apt-get install squid
3. Apt-get install php5
4. Apt-get install postfix
5. Apt-get install
squirrelmail
6. Apt-get install
courier-imap
7. Apt-get install
courier-pop
DHCP SERVER
#nano /etc/dhcp3/dhcpd.conf
subnet 192.168.10.0 netmask 255.255.255.248 {
range 192.168.10.2 192.168.10.6;
option
domain-name-servers 192.168.10.1;
option domain-name
"sekolah.sch.id";
option
routers 192.168.10.1;
option
broadcast-address 192.168.10.7;
default-lease-time
600;
max-lease-time
7200;
}
tekan ctrl+O = simpan
tekan ctrl+x = keluar
#/etc/init.d/dhcp3-server restart
DNS SERVER
# nano /etc/bind/named.conf
zone "sekolah.sch.id" {
type
master;
file
"/etc/bind/db.sekolah";
};
zone "yahoo.com" {
type
master;
file "/etc/bind/db.yahoo";
};
zone "google.com" {
type
master;
file
"/etc/bind/db.google";
};
zone "192.in-addr.arpa" {
type
master;
file
"/etc/bind/db.192";
};
#cd /etc/bind/
#cp db.127 db.192
#cp db.local db.sekolah
#cp db.local db.google
#cp db.local db.yahoo
#nano db.sekolah
$TTL 604800
@ IN SOA sekolah.sch.id. root.localhost. (
2 ;
Serial
604800 ;
Refresh
86400 ;
Retry
2419200 ;
Expire
604800
) ; Negative Cache TTL
;
@ IN NS sekolah.sch.id.
www IN A 192.168.10.1
@ IN AAAA ::1
#nano db.192
$TTL 604800
@ IN SOA sekolah.sch.id. root.localhost. (
1 ;
Serial
604800 ;
Refresh
86400 ;
Retry
2419200 ;
Expire
604800
) ; Negative Cache TTL
;
@ IN NS sekolah.sch.id.
1.10.168 IN PTR sekolah.sch.id.
#/etc/init.d/bind9 restart
#ping www.sekolah.sch.id (jika reply maka
berhasil)
#nslookup
HTTP SERVER
#nano /var/www/index.html
Selamat Datang Di Web Server
MAIL SERVER
#nano /etc/postfix/main.cf
mynetworks = 127.0.0.0/8 192.168.10.0/29
#mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
mydomain = sekolah.sch.id
name_mailbox = Maildir/
#cd /etc/skel/
#maildirmake Maildir/
#cd Maildir/
#adduser admin
Enter password:admin
Retype password:admin
Tekan enter-enter, kemudian y
enter.
WEBMAIL SERVER
#nano /etc/apache2/site-available/default
Alias /webmail/
"/usr/share/squirrelmail/"
Options
Indexes MultiViews FollowSymLinks
AllowOverride
None
Order
deny,allow
Deny
from all
Allow
from all
#/etc/squirrelmail/conf.pl
- Pilih 2, 1
- Ketik = sekolah.sch.id
- Pilih a, 8
- Ketik = courier
- Pilih q, y
#/etc/init.d/apache2 restart
PROXY SERVER
#nano /etc/squid/squid.conf
http_port 3128 transparent
acl filter1 dstdomain
"/etc/squid/domain"
acl filter2 url_regex -i
"/etc/squid/kata"
acl client src 192.168.10.0/29
http_access deny filter1
http_access deny filter2
http_access allow
client
cache_mgr admin@sekolah.sch.id
#/etc/init.d/squid restart
ROUTER dan FIREWALL
#nano /etc/network/interfaces
ð cut dan edit untuk eth1
ð Ctrl+k = cut
ð Ctrl+u = paste
# The primary network
interface
allow-hotplug eth0
iface eth0 inet dhcp
allow-hotplug eth1
iface eth1 inet static
address 172.16.10.1
netmask 255.255.255.240
network 172.16.10.0
broadcast 192.16.10.15
#nano /etc/sysctl.conf
net.ipv4.ip_forward=1
#nano /etc/rc.local
iptables
-F
iptables
-t nat -F
iptables
-t nat -A POSTROUTING -j MASQUERADE
iptables
-t nat -A PREROUTING -p tcp -m tcp --dport 80 -i eth1 -s 172.16.10.0/28 -j DNAT
--to-destination 192.168.10.1:3128
iptables
-P INPUT DROP
iptables
-P FORWARD ACCEPT
iptables
-P OUTPUT DROP
iptables
-A FORWARD -p udp --sport 137:139 -j DROP
iptables
-A INPUT -p icmp -j ACCEPT
iptables
-A FORWARD -p icmp -j ACCEPT
iptables
-A OUTPUT -p icmp -j ACCEPT
iptables
-A INPUT -m state --state NEW -i eth1 -j ACCEPT
iptables
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables
-A INPUT -m state --state NEW,INVALID -i eth1 -j DROP
#exit 0
#/etc/init.d/networking restart
#reboot
No comments