Install SAMBA Server :
# gandi@debian:/$ apt-get install samba
2). Edit file konfigurasi SAMBA Server :
# gandi@debian:/$ pico /etc/samba/smb.conf
#
# Sample configuration file for the Samba suite for Debian GNU/Linux.
#
#
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options most of which
# are not shown in this example
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentary and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command
# “testparm” to check that you have not made any basic syntactic
# errors.
#
#=================== Global Settings====================
[global]
workgroup = gandi
netbios name = gandi
security = user “(Untuk settingan menggunakan password)”
[gandi]
comment = Beckz punya
path = /etc/
public = yes
valid users = @users
force group = users
write list = yes
read only = no
writeable = yes
3). Jalankan SAMBA Server :
# gandi@debian:~$ /etc/init.d/samba restart
4). Menambah dan mengelola “User SAMBA” :
# beckz@debian:~$ useradd dimas -m -G gandi “(menambah user baru)”
# beckz@debian:~$ smbpasswd gandi -a “(memberikan password pada user)”
Selengkapnya...
Jumat, 20 November 2009
Konfigurasi Samba Server Linux Debian
Konfigurasi Proxy Server (squid) Linux Debian
nstall Proxy Server :
# beckz@debian:~$ apt-get install squid
2). Edit file konfigurasi Proxy Server :
# beckz@debian:~$ pico /etc/squid/squid.conf
# WELCOME TO SQUID 2.6.STABLE5
# —————————-
#
# This is the default Squid configuration file. You may wish
# to look at the Squid home page (http://www.squid-cache.org/)
# for the FAQ and other documentation.
#
# The default Squid config file shows what the defaults for
# various options happen to be. If you don’t need to change the
# default, you shouldn’t uncomment the line. Doing so may cause
# run-time problems. In some cases “none” refers to no default
# setting at all, while in other cases it refers to a valid
# option – the comments for that keyword indicate if this is the
# case.
#
# NETWORK OPTIONS
# —————————————————————————–
# TAG: http_port
# Usage: port [options]
# hostname:port [options]
# 1.2.3.4:port [options]
#
# The socket addresses where Squid will listen for HTTP client
# requests. You may specify multiple socket addresses.
# There are three forms: port alone, hostname with port, and
# IP address with port. If you specify a hostname or IP
# address, Squid binds the socket to that specific
# address. This replaces the old ‘tcp_incoming_address’
# option. Most likely, you do not need to bind to a specific
# address, so you can use the port number alone.
#
# The default port number is 3128.
#
# If you are running Squid in accelerator mode, you
# probably want to listen on port 80 also, or instead.
#
# The -a command line option will override the *first* port
# number listed here. That option will NOT override an IP
# address, however.
#
# You may specify multiple socket addresses on multiple lines.
# options are:
# transparent Support for transparent proxies
# vhost Accelerator using Host directive
# vport Accelerator with IP virtual host support
# vport= As above, but uses specified port number
# rather than the http_port number.
# defaultsite= Main web site name for accelerators.
# urlgroup= Default urlgroup to mark requests
# with (see also acl urlgroup and
# url_rewrite_program)
# protocol= Protocol to reconstruct accelerated
# requests with. Defaults to http.
# no-connection-auth
# Prevent forwarding of Microsoft
# connection oriented authentication
# (NTLM, Negotiate and Kerberos)
# tproxy Support Linux TPROXY for spoofing
# outgoing connections using the client
# If you run Squid on a dual-homed machine with an internal
# and an external interface we recommend you to specify the
# internal address:port in http_port. This way Squid will only be
# visible on the internal address.
#
# Squid normally listens to port 3128
http_port 3128 transparent “(Untuk menyetting transparent proxy)”
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl beckz src 192.168.13.0/255.255.255.0 “(Jaringan komputer server)”
acl becks dstdomain www.google.com “(Situs yang di blokir)”
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 # https
acl SSL_ports port 563 # snews
acl SSL_ports port 873 # rsync
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl Safe_ports port 631 # cups
acl Safe_ports port 873 # rsync
acl Safe_ports port 901 # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
# Example rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks
http_access allow localhost
http_access allow beckz
http_access deny becks
# TAG: cache_mgr
# Email-address of local cache manager who will receive
# mail if the cache dies. The default is “webmaster”.
#
#Default:
cache_mgr beckz.net
# TAG: visible_hostname
# If you want to present a special hostname in error messages, etc,
# define this. Otherwise, the return value of gethostname()
# will be used. If you have multiple caches in a cluster and
# get errors about IP-forwarding you must set them to have individual
# names with this setting.
#
#Default:
visible_hostname beckz.net “(Hostname yang terlihat)”
# TAG: always_direct
# Usage: always_direct allow|deny [!]aclname …
#
# Here you can use ACL elements to specify requests which should
# ALWAYS be forwarded by Squid to the origin servers without using
# any peers. For example, to always directly forward requests for
# local servers ignoring any parents or siblings you may have use
# something like:
# NOTE: If your goal is to make the client forward the request
# directly to the origin server bypassing Squid then this needs
# to be done in the client configuration. Squid configuration
# can only tell Squid how Squid should fetch the object.
#
# NOTE: This directive is not related to caching. The replies
# is cached as usual even if you use always_direct. To not cache
# the replies see no_cache.
#
# This option replaces some v1.1 options such as local_domain
# and local_ip.
#
#Default:
always_direct allow all
3). Ketikkan perintah di bawah ini :
#beckz@debian:~$ iptables -A PREROUTING -t nat -p -m tcp -s 192.168.13.0/24 -d 0/0 \–dport 80 -j REDIRECT –to-port 3128
4). Jalankan Proxy Server :
beckz@debian:~$ /etc/init.d/squid restart
Selengkapnya...
Konfigurasi DNS Server Linux Debian
1). Install DNS Server :
# beckz@debian:~$ apt-get install bind9
2). Edit file konfigurasi DNS Server :
# beckz@debian:~$ pico /etc/bind/named.conf
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
include “/etc/bind/named.conf.options”;
// prime the server with knowledge of the root servers
zone “.” {
type hint;
file “/etc/bind/db.root”;
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone “beckz.net.” {
type master;
file “/etc/bind/db.debian”;
};
zone “192.in-addr.arpa” {
type master;
file “/etc/bind/db.192″;
};
zone “beckz.com.” { “(Untuk settingan dua DNS Server)”
type master;
file “/etc/bind/db.debian2″;
};
zone “0.in-addr.arpa” {
type master;
file “/etc/bind/db.0″;
};
zone “255.in-addr.arpa” {
type master;
file “/etc/bind/db.255″;
};
// zone “com” { type delegation-only; };
// zone “net” { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the “root-delegations-only” feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including “MUSEUM” and “DE”, and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { “DE”; “MUSEUM”; };
include “/etc/bind/named.conf.local”;
3). Edit file konfigurasi DNS Server di db.debian dan db.192
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA beckz.net. root.beckz.net. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS beckz.net.
@ IN A 192.168.13.13
www IN A 192.168.13.13
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA beckz.net. root.beckz.net. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS beckz.net.
13.13.168 IN PTR beckz.net.
www IN PTR beckz.net.
;
; BIND data file for local loopback interface
;
$TTL 604800
@ IN SOA beckz.com. root.beckz.com. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS beckz.com.
@ IN A 192.168.14.14
www IN A 192.168.14.14
4). Jalankan DNS Server :
# beckz@debian:~$ /etc/init.d/bind9 restart
Stopping domain name service…: bind.
Starting domain name service…: bind.
Selengkapnya...
Postingan
