Router
Assalamu'alaikum Warahmatullahi Wabarakatuh
Udah lama gak update blog ini. Blog lain juga udah lama gak di-update sih. Coba setup router. Langkah-langkahnya:
1. Edit hostname
:~# vim /etc/hostname
router-server
2. Edit/tambahkan hosts
:~# vim /etc/hosts
127.0.0.1 localhost.localdomain localhost router-server.perusahaan.co.id router-server
3. Edit resolv.conf
:~# vim /etc/resolv.conf
search
nameserver 202.XXX.XXX.2
nameserver 202.XXX.XXX.4
4. Edit interfaces
:~# vim /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 202.XXX.XXX.12
netmask 255.255.255.192
gateway 202.XXX.XXX.1
auto eth1
iface eth1 inet static
address 202.XXX.XXX.249
netmask 255.255.255.248
auto eth1:1
iface eth1:1 inet static
address 192.168.0.254
netmask 255.255.255.0
5. Buat script iptables, disesuaikan dengan kebutuhan. Contoh:
:~# vim /etc/init.d/rc.firewall
#!/bin/sh
wan="202.XXX.XXX.12"
lan="192.168.0.0/24"
office="202.XXX.XXX.192/26"
ns2="202.XXX.XXX.4"
ohle="202.XXX.XXX.9/32"
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables -t nat --flush
iptables -t mangle --flush
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -s $lan -d ! $lan -j SNAT --to $wan
iptables -t nat -I PREROUTING -p tcp -i eth0 -s ! $office --dport 8080 -j DNAT --to 192.168.0.1:8080
6. :~# update-rc.d rc.firewall defaults
Wassalamu'alaikum Warahmatullahi Wabarakatuh
Udah lama gak update blog ini. Blog lain juga udah lama gak di-update sih. Coba setup router. Langkah-langkahnya:
1. Edit hostname
:~# vim /etc/hostname
router-server
2. Edit/tambahkan hosts
:~# vim /etc/hosts
127.0.0.1 localhost.localdomain localhost router-server.perusahaan.co.id router-server
3. Edit resolv.conf
:~# vim /etc/resolv.conf
search
nameserver 202.XXX.XXX.2
nameserver 202.XXX.XXX.4
4. Edit interfaces
:~# vim /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 202.XXX.XXX.12
netmask 255.255.255.192
gateway 202.XXX.XXX.1
auto eth1
iface eth1 inet static
address 202.XXX.XXX.249
netmask 255.255.255.248
auto eth1:1
iface eth1:1 inet static
address 192.168.0.254
netmask 255.255.255.0
5. Buat script iptables, disesuaikan dengan kebutuhan. Contoh:
:~# vim /etc/init.d/rc.firewall
#!/bin/sh
wan="202.XXX.XXX.12"
lan="192.168.0.0/24"
office="202.XXX.XXX.192/26"
ns2="202.XXX.XXX.4"
ohle="202.XXX.XXX.9/32"
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables --flush
iptables -t nat --flush
iptables -t mangle --flush
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -t nat -A POSTROUTING -s $lan -d ! $lan -j SNAT --to $wan
iptables -t nat -I PREROUTING -p tcp -i eth0 -s ! $office --dport 8080 -j DNAT --to 192.168.0.1:8080
6. :~# update-rc.d rc.firewall defaults
Wassalamu'alaikum Warahmatullahi Wabarakatuh