tanya : gagal redirect port pada proxy

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

tanya : gagal redirect port pada proxy

Postby vandyid » 13 Apr 2013, 13:52

om saya redirect port 80 ke 6666 gagal terus, saya pake lusca proxy di ubuntu 12.04, kecuali di masing2 browser client diisi manual ip ama port proxynya. Sudah saya coba iptable ini semua, tapi tetep aj nggak isa, mohon bantuanya ya om, thank's :

#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

/usr/local/squid/sbin/squid -D
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.5.0/255.255.255.0 --dport 80 -j DNAT --to 192.168.5.1:6666
iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.5.0/255.255.255.0 --dport 6666 -j DNAT --to 192.168.5.1:6666
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.88.222

exit 0
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 13 Apr 2013, 18:12

Gunakan port yang umum untuk proxy saja mas, 3128.

Code: Select all

#!/bin/sh
# ------------------------------------------------------------------------------------
# See URL: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
# (c) 2006, nixCraft under GNU/GPL v2.0+
# -------------------------------------------------------------------------------------
# squid server IP
SQUID_SERVER="192.168.1.1"
# Interface connected to Internet
INTERNET="eth0"
# Interface connected to LAN
LAN_IN="eth1"
# Squid port
SQUID_PORT="3128"

# DO NOT MODIFY BELOW
# Clean old firewall
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
# Load IPTABLES modules for NAT and IP conntrack support
modprobe ip_conntrack
modprobe ip_conntrack_ftp
# For win xp ftp client
#modprobe ip_nat_ftp
echo 1 > /proc/sys/net/ipv4/ip_forward
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
# Unlimited access to loop back
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT
# set this system as a router for Rest of LAN
iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE
iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT
# unlimited access to LAN
iptables -A INPUT -i $LAN_IN -j ACCEPT
iptables -A OUTPUT -o $LAN_IN -j ACCEPT
# DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT
# if it is same system
iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT
# DROP everything and Log it
iptables -A INPUT -j LOG
iptables -A INPUT -j DROP
exit 0
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 13 Apr 2013, 21:08

thank's om pragola, saya coba dulu
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 15 Apr 2013, 09:36

Om Pragola, kalo saya browsing munculnya kek gini :
Image

selain itu saya ping google.com dari PC client juga tidak bisa om pragola
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 15 Apr 2013, 14:21

Topologi jaringannya kayak apa mas ?
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 15 Apr 2013, 16:44

internet --> modem adsl --> mikrotik --> switch/hub --> client & ubuntu proxy --> access point --> client

mas pragola pati, itu ubuntu proxynya masih coba2, kalo sudah berhasil, mikrotiknya mau tak ganti ubuntu server.
User avatar
beling
Posts: 15
Joined: 16 Feb 2013, 20:14
Location: gresik
Contact:

Re: tanya : gagal redirect port pada proxy

Postby beling » 15 Apr 2013, 18:09

keliatannya topologinya proxy sejajar client ya, klo ditempat saya proxynya sejajar mikrotik, jadi NAT nya ikut difirewall mikrotiknya
Tampilkan
ip fi nat
add action=dst-nat chain=dstnat comment="" disabled=no dst-address-list="!IP Proxy" dst-port=80 in-interface=LAN protocol=tcp src-address=192.168.1.0/24 to-addresses=192.168.5.1 to-ports=3128

maaf klo OOT :)
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 15 Apr 2013, 19:05

^
@vandyid
@beling
Nah ya gitu seharusnya, informasi yang sekiranya mendukung pertanyaan disertakan. Biar tidak kerja dua kali :D

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 22 guests