(ask) blok akses dg ACL squid & IPtables via Vbox | Forum Pengguna Ubuntu Indonesia

Forum dan Chating untuk Pengguna Ubuntu di Indonesia

Anda belum log in. [Login] Ubuntu Indonesia » Forum » » Ubuntu Server » (ask) blok akses dg ACL squid & IPtables via Vbox

Siapa yang Online

28 terdaftar (ahsanp, aishingoyamamoto, alfurqonMoyudan, amree, blackshirt, CDX, chiki, DaniarRa, DBom_Net, devin, dzizee, enka, gr33nc0d3, IntegerManual, khaerul, kokon, layarsentuh, lisnux, MasDjo, myitanium, ninja, nurs, pupil, qibulqibul, saa7_go, Sudoers, thrvers, wahyutigasatu), 228 Tamu dan 13 Laba-Laba online.

Pengguna Terbaru

ahsanp, Oechiex, TOMIA, capbagus15, wong_proling
16802 Pengguna Terdaftar

Posting Terbanyak

thrvers	3655
aptfast	3606
deny26	2435
ninja	2038
Sudoers	1848
blackshirt	1803
lisnux	1779
yogieza	1779
zarkasichan	1544
Nexus	1430

Pengguna Hari Ini

isul

Terdaftar: 26 Nov 11
Pesan: 8

Statistik Forum

16802 Pengguna
16 Forum
9424 Topik
90620 Pesan

Max Online: 441 @10 Jan 12 16:03

MediaWiki FUI

UbuntuGeek

Open Source Indonesia

Daftar Link2 Penting Open Source Indonesia

BlogLog Ubuntu Indonesia

BlogLog: Ringkasan Blog-Blog Ubuntu dalam Bahasa Indonesia

Opsi Topik

Menilai Topik Ini

#29493 - 05 Jul 10 04:34 (ask) blok akses dg ACL squid & IPtables via Vbox
amanda Warga Terdaftar: 22 May 10 Pesan: 204	maz mau tanya gimana cara blokir akses client menggunakan proxy squid dengan acl dan iptables?? disini Qcb menggunakan vbox dimana nanti client pura2nya berada (win$) interface Ubuntu = ppp0 squid server = 192.168.1.1 squid port = 3128 name host only adapter di Vbox = vboxnet0 host only network nya : IPv4 Adress = 192.168.1.1 IPv4 Network Mask = 255.555.555.0 untuk setting eth0 di Vbox : IP = 192.168.1.2 netmask = 255.255.255.0 gateway = 192.168.1.1 DNS = 8.8.8.8 8.8.4.4 (sama dg dns di squid.conf) untuk acl di squid.conf cm saya tambahkan sebagai cb cb: acl lan src 192.168.1.0/24 acl block dstdomain .youtube.com .facebook.com .friendster.com http_access allow lan http_access deny block http_access deny all untuk iptablesnya : Code: #!/bin/sh iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X echo "1" > /proc/sys/net/ipv4/ip_forward iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -i ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE iptables --append FORWARD --in-interface vboxnet0 -j ACCEPT iptables -A INPUT -i vboxnet0 -j ACCEPT iptables -A OUTPUT -o vboxnet0 -j ACCEPT iptables -t nat -A PREROUTING -i vboxnet0 -p tcp --dport 80 -j DNAT --to 192.168.1.1:3128 iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -A INPUT -j LOG iptables -A INPUT -j DROP pas Q cb akses youtube.com di vbox malah g keblok maz begitu juga facebook.com & friendster.com ..malahan bisa browsing dg ACL yg Q blok di squid.conf ak cek log squid nya sih jalan pas browsing di Vbox (tidak ada error pas instalasi maupun konfigurasi squid di Ubuntu) bisakah IPtables diatur menggunakan module --string untuk memblok akses client dalam hal ini di Vbox ?? misal konfigurasi IPtables di Ubuntu nya: Code: iptables -A INPUT -m string --algo kmp --string youtube -j REJECT iptables -A FORWARD -m string --algo kmp --string youtube -j REJECT iptables -A INPUT -m string --algo kmp --string Youtube -j REJECT iptables -A FORWARD -m string --algo kmp --string Youtube -j REJECT kira kira yg kurang / salah di mana ya maz?maklum baru belajar.... seblum nya trimakasih... . _________________________ UbuntuKu UbuntuMu
Top

#29496 - 05 Jul 10 05:47 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: amanda]
ninja Warga Terdaftar: 27 Jan 10 Pesan: 2038 Lokasi: Tangerang, Banten, indonesia	newbie izin nyimak dolo... _________________________ My Blog \| Twitter \| Optimalisasi & Desktop Efek
Top

#29581 - 05 Jul 10 20:15 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: ninja]
Rh354 Warga Terdaftar: 14 Mar 10 Pesan: 714 Lokasi: between the truth and the lies	ijin menyimak sis _________________________ OS : Slackware 13.1 Kernel : 2.6.35 CPU Type : i686 Processor : Intel Celeron M 1,4 GHz Axioo Centaur series ============================ LEARN from yesterday,LIVE for today,and HOPE for tomorrow
Top

#29632 - 06 Jul 10 05:12 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: Rh354]
belajarlinux Warga Terdaftar: 30 Jun 10 Pesan: 62	waduh... ane terlalu newbie gan... _________________________ Ilmu akan bermanfaat ketika diamalkan.
Top

#29647 - 06 Jul 10 07:33 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: belajarlinux]
amanda Warga Terdaftar: 22 May 10 Pesan: 204	udah bisa maz ternyata di ACL squid nya yg bermasalah,, bisanya dijadikan list bukan domain Code: acl blocklist url_regex -i "/etc/squid/blocklist.acl http_access deny blocklist (http_access deny blocklist ak letakkan di atas http_access allow manager localhost) hasilnya : Klik untuk menampilkan... Tq maz semua nya .. . _________________________ UbuntuKu UbuntuMu
Top

#29845 - 07 Jul 10 12:09 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: amanda]
Rh354 Warga Terdaftar: 14 Mar 10 Pesan: 714 Lokasi: between the truth and the lies	bukannya dari dl emang di list yak di acl _________________________ OS : Slackware 13.1 Kernel : 2.6.35 CPU Type : i686 Processor : Intel Celeron M 1,4 GHz Axioo Centaur series ============================ LEARN from yesterday,LIVE for today,and HOPE for tomorrow
Top

#29930 - 07 Jul 10 20:51 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: Rh354]
amanda Warga Terdaftar: 22 May 10 Pesan: 204	kl penulisannya di squid.conf gini : acl block dstdomain .youtube.com .facebook.com .friendster.com g bisa ngeblok di client (vbox) tapi kl di buat list acl blocklist url_regex -i "/etc/squid/blocklist.acl >> bisa sebelumnya ku cb juga dengan acl blocklist url_regex -i "/etc/squid/blocklist.txt >> g mau _________________________ UbuntuKu UbuntuMu
Top

#29932 - 07 Jul 10 21:11 Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: amanda]
thrvers Z Warga Terdaftar: 01 Jan 10 Pesan: 3655 Lokasi: Surabaya, Indonesia	' kok aneh sis?? dah coba cek squid.conf abis ubah2 tu setting: $ sudo squid -k parse ada error2 nda ato cman warning _________________________ Gabung yuk: IRC: #ubuntu-indonesia @irc.freenode.net FB : ubuntu-indonesia.com Sharing so fun rezzz - 1 2 3
Top

#29937 - 07 Jul 10 21:31

Re: (ask) blok akses dg ACL squid & IPtables via Vbox [Re: thrvers]

amanda Offline

Warga

Terdaftar: 22 May 10
Pesan: 204

udah , g ada error nya ky nya

Code:

2010/07/07 19:26:38| Starting Squid Cache version 2.7.STABLE9 for i386-debian-linux-gnu...
2010/07/07 19:26:38| Process ID 2986
2010/07/07 19:26:38| With 1024 file descriptors available
2010/07/07 19:26:38| Using epoll for the IO loop
2010/07/07 19:26:38| DNS Socket created at 0.0.0.0, port 38453, FD 6
2010/07/07 19:26:38| Adding nameserver 180.131.144.144 from squid.conf
2010/07/07 19:26:38| Adding nameserver 180.131.144.145 from squid.conf
2010/07/07 19:26:38| helperOpenServers: Starting 7 'storeurl-ubuntu.pl' processes
2010/07/07 19:26:38| logfileOpen: opening log /cache/access.log
2010/07/07 19:26:38| Swap maxSize 4096000 + 6144 KB, estimated 315549 objects
2010/07/07 19:26:38| Target number of buckets: 15777
2010/07/07 19:26:38| Using 16384 Store buckets
2010/07/07 19:26:38| Max Mem  size: 6144 KB
2010/07/07 19:26:38| Max Swap size: 4096000 KB
2010/07/07 19:26:38| Local cache digest enabled; rebuild/rewrite every 3600/3600 sec
2010/07/07 19:26:38| Store logging disabled
2010/07/07 19:26:38| Rebuilding storage in /cache (CLEAN)
2010/07/07 19:26:38| Using Least Load store dir selection
2010/07/07 19:26:38| Current Directory is /
2010/07/07 19:26:38| Loaded Icons.
2010/07/07 19:26:38| Accepting transparently proxied HTTP connections at 192.168.1.1, port 3128, FD 19.
2010/07/07 19:26:38| HTCP Disabled.
2010/07/07 19:26:38| WCCP Disabled.
2010/07/07 19:26:38| Ready to serve requests.
2010/07/07 19:26:38| Store rebuilding is 24.7% complete
2010/07/07 19:26:39| Done reading /cache swaplog (16602 entries)
2010/07/07 19:26:39| Finished rebuilding storage from disk.
2010/07/07 19:26:39|     16602 Entries scanned
2010/07/07 19:26:39|         0 Invalid entries.
2010/07/07 19:26:39|         0 With invalid flags.
2010/07/07 19:26:39|     16602 Objects loaded.
2010/07/07 19:26:39|         0 Objects expired.
2010/07/07 19:26:39|         0 Objects cancelled.
2010/07/07 19:26:39|         0 Duplicate URLs purged.
2010/07/07 19:26:39|         0 Swapfile clashes avoided.
2010/07/07 19:26:39|   Took 0.6 seconds (30010.3 objects/sec).
2010/07/07 19:26:39| Beginning Validation Procedure
2010/07/07 19:26:39|   Completed Validation Procedure
2010/07/07 19:26:39|   Validated 16602 Entries
2010/07/07 19:26:39|   store_swap_size = 186848k
2010/07/07 19:26:39| storeLateRelease: released 0 objects..

penulisan acl juga dah ku cb dengan

Code:

acl blocklist url_regex -i "/etc/squid/blocklist.txt"
http_access deny blocklist

dan

Code:

acl blocklist url_regex "/etc/squid/blocklist.txt"
http_access deny blocklist

alhasil bisanya cm dengan :

Code:

acl blocklist url_regex -i "/etc/squid/blocklist.acl
http_access deny blocklist

wew..

diEdit oleh amanda (07 Jul 10 21:35)

_________________________
UbuntuKu UbuntuMu

Top

Topik Sebelumnya

Daftar Pesan

Topik Berikutnya

Moderator: bleTux, bulugading, MasDjo, yudiarbi

Download Ebook FUI

Uneg-Uneg Pengguna

Ubuntu 11.10 Oneiric

Ubuntu-Indonesia.com
di Facebook

Kamus Dwibahasa