tanya : gagal redirect port pada proxy

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

tanya : gagal redirect port pada proxy

Postby vandyid » 13 Apr 2013, 13:52

om saya redirect port 80 ke 6666 gagal terus, saya pake lusca proxy di ubuntu 12.04, kecuali di masing2 browser client diisi manual ip ama port proxynya. Sudah saya coba iptable ini semua, tapi tetep aj nggak isa, mohon bantuanya ya om, thank's :
#!/bin/sh -e
#
# rc.local
#
# This script is executed at the end of each multiuser runlevel.
# Make sure that the script will "exit 0" on success or any other
# value on error.
#
# In order to enable or disable this script just change the execution
# bits.
#
# By default this script does nothing.

/usr/local/squid/sbin/squid -D
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.5.0/255.255.255.0 --dport 80 -j DNAT --to 192.168.5.1:6666
iptables -t nat -A PREROUTING -i eth1 -p tcp -s 192.168.5.0/255.255.255.0 --dport 6666 -j DNAT --to 192.168.5.1:6666
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.88.222

exit 0
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 13 Apr 2013, 18:12

Gunakan port yang umum untuk proxy saja mas, 3128.

Code: Select all

#!/bin/sh # ------------------------------------------------------------------------------------ # See URL: http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html # (c) 2006, nixCraft under GNU/GPL v2.0+ # ------------------------------------------------------------------------------------- # squid server IP SQUID_SERVER="192.168.1.1" # Interface connected to Internet INTERNET="eth0" # Interface connected to LAN LAN_IN="eth1" # Squid port SQUID_PORT="3128" # DO NOT MODIFY BELOW # Clean old firewall iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X # Load IPTABLES modules for NAT and IP conntrack support modprobe ip_conntrack modprobe ip_conntrack_ftp # For win xp ftp client #modprobe ip_nat_ftp echo 1 > /proc/sys/net/ipv4/ip_forward # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT ACCEPT # Unlimited access to loop back iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # Allow UDP, DNS and Passive FTP iptables -A INPUT -i $INTERNET -m state --state ESTABLISHED,RELATED -j ACCEPT # set this system as a router for Rest of LAN iptables --table nat --append POSTROUTING --out-interface $INTERNET -j MASQUERADE iptables --append FORWARD --in-interface $LAN_IN -j ACCEPT # unlimited access to LAN iptables -A INPUT -i $LAN_IN -j ACCEPT iptables -A OUTPUT -o $LAN_IN -j ACCEPT # DNAT port 80 request comming from LAN systems to squid 3128 ($SQUID_PORT) aka transparent proxy iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j DNAT --to $SQUID_SERVER:$SQUID_PORT # if it is same system iptables -t nat -A PREROUTING -i $INTERNET -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT # DROP everything and Log it iptables -A INPUT -j LOG iptables -A INPUT -j DROP exit 0
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 13 Apr 2013, 21:08

thank's om pragola, saya coba dulu
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 15 Apr 2013, 09:36

Om Pragola, kalo saya browsing munculnya kek gini :
Image
selain itu saya ping google.com dari PC client juga tidak bisa om pragola
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 15 Apr 2013, 14:21

Topologi jaringannya kayak apa mas ?
User avatar
vandyid
Posts: 13
Joined: 28 Feb 2011, 06:14
Location: semarang

Re: tanya : gagal redirect port pada proxy

Postby vandyid » 15 Apr 2013, 16:44

internet --> modem adsl --> mikrotik --> switch/hub --> client & ubuntu proxy --> access point --> client

mas pragola pati, itu ubuntu proxynya masih coba2, kalo sudah berhasil, mikrotiknya mau tak ganti ubuntu server.
User avatar
beling
Posts: 15
Joined: 16 Feb 2013, 20:14
Location: gresik
Contact:

Re: tanya : gagal redirect port pada proxy

Postby beling » 15 Apr 2013, 18:09

keliatannya topologinya proxy sejajar client ya, klo ditempat saya proxynya sejajar mikrotik, jadi NAT nya ikut difirewall mikrotiknya
[spoiler]ip fi nat
add action=dst-nat chain=dstnat comment="" disabled=no dst-address-list="!IP Proxy" dst-port=80 in-interface=LAN protocol=tcp src-address=192.168.1.0/24 to-addresses=192.168.5.1 to-ports=3128[/spoiler]
maaf klo OOT :)
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: tanya : gagal redirect port pada proxy

Postby q_p » 15 Apr 2013, 19:05

^
@vandyid
@beling
Nah ya gitu seharusnya, informasi yang sekiranya mendukung pertanyaan disertakan. Biar tidak kerja dua kali :D

Who is online

Users browsing this forum: No registered users and 9 guests