Saturday, January 24, 2015

Instruksi Praktikum 25 Januari ( XIISMK pa) dan 26 Januari (XIISMK pi)

Materi : Instalasi SQUID pada Server Debian

A. Topologi

     Internet 192.168.150.254/24
                            |
                            |
     PC Server     eth0  192,168,150.(no.urut PC Server) /24
                          eth1   192.168.125.1/24
                           |
                           |
     PC Client     eth0   192.168.125.(terserah....) /24

B.   Langkah Kerja

1. Install OS Debian
2. Buat Partisi [swap : 2048 MB], [root system 40 GB] dan [/home 40 GB]
3. Konfigurasi Interface

   ~:#nano /etc/network/interfaces
   
    |   ........
    |   auto eth0
    |   iface eth0 inet static
    |             address 192.168.150.X
    |             netmask 255.255.255.0
    |             gateway 192.168.150.254
    |             dns-nameservers 202.134.1.10,202.134.2.5,8.8.8.8
    |
    |   auto eth1
    |   iface eth1 inet static
    |           address 192.168.125.1
    |           netmask 255.255.255.0
    |
 
4. Konfigurasi Hosts dan Hostname
 
    nama host = namasiswa
    nama domain = namasiswa

    ex. 192.168.5,1     rezki

   ~:#nano /etc/hosts

   |    .......
   |    127.0.0.1               localhost
   |    192.168.125.X      rezki                         #gunakan interface eth1
   |    ......

   ~:#nano /etc/hostname

   |   kadal

5. Konfigurasi NAT dan /etc/resolv.conf

   ~:#iptables -t nat -A POSTROUTING -s 192.168.125.0/24 -j MASQUERADE
   ~:#iptables-save > /etc/iptables
   ~:#echo "up command iptables-restore < /etc/iptables" >> /etc/network/interfaces

   ~:#nano /etc/resolv.conf

   |  search kadal.net
   |  nameserver 192.168.125.1
   |  nameserver 202.134.1.10
   |  nameserver 202.134.2.5
   |  nameserver 8.8.8.8
 
6. Reboot System!

7. konfigurasi PC Client anda, pastikan dapat melakukan ping ke alamat berikut ini
    192.168.125.1
    192.168.150.254
    202.134.1.10

    lakukan diagnosa dan troubleshoot jika terjadi masalah,
    laporkan hasil pekerjaan anda pada instruktur,

    Install SSH server supaya Server dapat dikonfigurasi secara remote menggunakan\
    applikasi putty dari PC Client

    langkah kerja berikutnya anda disarankan untuk mengupdate list repository
    untuk melengkapi applikasi pendukung praktikum ini.

    ~:#nano /etc/apt/source.list

#tambahkan list berikut ini dibagian akhir file
deb http://kambing.ui.ac.id/debian/ wheezy main non-free contrib
deb-src http://kambing.ui.ac.id/debian/ wheezy main non-free contrib
deb http://kebo.vlsm.org/debian/ wheezy main non-free contrib
deb-src http://kebo.vlsm.org/debian/ wheezy main non-free contrib
deb http://security.debian.org/ wheezy/updates main contrib non-free
deb-src http://security.debian.org/ wheezy/updates main contrib non-free
deb http://mirror.kioss.undip.ac.id/debian wheezy main non-free contrib
deb http://mirror.kioss.undip.ac.id/debian-volatile wheezy/volatile main contrib
deb http://mirror.kioss.undip.ac.id/debian-security wheezy/updates main non-free contrib
deb http://mirror.kioss.undip.ac.id/debian wheezy main non-free contrib
deb http://mirror.kioss.undip.ac.id/debian-volatile wheezy/volatile main contrib
deb http://mirror.kioss.undip.ac.id/debian-security wheezy/updates main non-free contrib
deb http://mirror.kioss.undip.ac.id/debian stable-proposed-updates main non-free contrib
deb http://mirror.poliwangi.ac.id/debian wheezy main contrib non-free
deb http://mirror.poliwangi.ac.id/debian wheezy-lts main contrib non-free
deb http://mirror.poliwangi.ac.id/debian wheezy-proposed-updates main contrib non-free
deb http://mirror.poliwangi.ac.id/debian wheezy-updates main contrib non-free
deb http://mirror.poliwangi.ac.id/debian-security wheezy/updates main contrib non-free

   
     lakukan update list repository
      ~:#apt-get update

l8.  Lakukan instalasi SQUID
       ~:#apt-get install squid

      langkah Konfigurasi Squid
   
       ~:#nano /etc/squid/squid.conf

#. . .
http_port 3128 transparent                                              #tambahkan “transparent”
cache_mem 16 MB                                                             #kurang-lebih ¼ dari kapasitas RAM
cache_mgr namasiswad@kadal.net                                #sesuaikan nama siswa peserta ujian
visible_hostname proxy.kadal.net                                   #tambahkan secara lengkap

#. . .
#. . .
acl url dstdomain “/etc/squid/url”                                   #url domain yang di blok
acl key url_regex –i “/etc/squid/key”                              #url kata yang di blok
http_access deny url
http_access deny key
acl lan src 192.168.125.0/24                                               #ip network lokal
http_access allow lan
http_access allow all
#....


19. Konfigurasi ulang IPTABLES
 
     ~:#iptables -t nat -a PREROUTING -s 192.168.125.0/24 -p tcp --dport 80 -j REDIRECT --to-port 3128


20. Membuat file "url" dan file "key"

~:#:nano /etc/squid/url
www.kadal.com
www.iwak.com

~:#nano /etc/squid/key
coro
jerapah

21. Restart layanan squid
      ~:#/etc/init.d/squid restart

     ~:#squid -z


optional!
anda dapat modifikasi tampilan peringatan akses web yang dilarang

/usr/share/squid/errors/English/ERR_ACCESS_DENIED

22. Setting manual pada PC Client
   
Control Panel à Network & Internet connection à  internet option à tab  Connectionà LAN  Setting à Use proxy [address] port [3128]
     
 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)