Scrip memblokir situs di Debian ( Linux )

Ukky_sanjaya

MEMBANGUN GATEWAY INTERNET
( Membangun PC Router dan proxy server )

> ..Masuk pada terminal root.

                                             - Mengaktifkan interface card,gunakan perintah :

  Ø  Ifconfig eth0 up

  Ø  Ifconfig eth1 up

2                        -  Nano /etc/network/interface

  -  Di setting terlebih dahulu

 . Auto eth0

Iface eth0 inet static

               Address 192.168.1.2

               Netmask 255.255.255.0

               Network 192.168.1.0

               Broadcast 192.168.1.255

               Gateway 192.168.1.1

 .  Auto eth1

Iface eth1 inet static

               Address 192.168.55.1

               Netmask 255.255.255.0

               Network 192.168.55.0

               Broadcast 192.168.55.255   ( ctrl x = y )

3                       -  Kemudian restart dulu : /etc/init.d/networking restart

4                       -  Cek ip-nya dengan menggunakan “ifconfig”

5                       -  Memastikan jaringan server apakah sudah terhubung dengan gateway dan client
                      cek ip “192.168.1.2” dan “192.168.55.1 =>ping

6                       -  Lalu tambahkan tabel nat untuk sharing koneksi internet :

  Ø  Iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE

  Ø  Echo 1 > /proc/sys/net/ipv4/ip_forward

      Untuk ngecek hasilnya : cat /proc/sys/net/ipv4/ip_fordward  

  Ø  Nano /etc/rc.local

      Iptables –t nat –A POSTROUTING –o eth0 –j MASQUERADE

      Echo 1 > /proc/sys/net/ipv4/ip_forward   ( ctrl x = y )

7                       -   Selanjut.e menambahkan ip dns ke isp => restart

  Ø  Nano /etc/resolv.conf

        Nameserver 8.8.8.8                        alamat google :

        Nameserver 8.8.4.4       

8                       -   Setelah konfigurasi router ..lalu kita lanjutkan ke proxy –nya

  Ø  Apt-cdrom add => masukkan cd debian

9                       - Kemudian   apt-get install squid

1                       - Nano /etc/squid/squid.conf => ctrl w

  Ø  http_port 3128 => transparent   ( ctrl w )

  Ø  cache_mem => 16 MB   ( ctrl w )

  Ø  cache_mgr => www.smkn1sidayu.sch.id           tanda pagar hilang

  Ø  visible_hostname => meqie@yahoo.com

  Ø  http_access deny all => tambahkan pagar   ( ctrl w )

  Ø  acl CONNECT    ( ctrl w )

·         acl url dstdomain “/etc/squid/url”

·         acl key url_regex –i “/etc/squid/key”

·         http_access deny key

·         http_access deny url

·         acl lan src 192.168.55.0/24

·         http_access allow lan

·         http_access allow all   ( ctrl x = y )

1                                      1.   cd /etc/squid/

          Ø  nano url

                                   ·         facebook.com

                                   ·         google.com

                                   ·         youtube.com   ( ctrl x = y )

          Ø  nano key

                                   ·         porn

                                   ·         sex

                                   ·         17thn.us   ( ctrl x = y )

1                                     2.   Squid -z

1                                     3.   Iptables  –t nat –A PREROUTING –s 192.168.55.0/24 –p tcp - -dport 80  

                                            –j REDIRECT - -to-port 3128

1                                     4.   Iptables-save > /etc/iptables => lalu squid di restart dulu