iptables tidak jalan

Diskusi tentang Ubuntu Server baik webserver, database server, samba server dan service lainnya serta jaringan menggunakan Sistem Operasi Ubuntu.
User avatar
newbei
Posts: 80
Joined: 14 Jan 2013, 09:58

iptables tidak jalan

Postby newbei » 04 Sep 2013, 10:03

Mohon bantuannya mas bro/sis semua.
scrip iptables saya yang ada di /etc/rc.local seperti di bawah ini.

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128
iptables -A OUTPUT -p tcp -dport 7777 -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:64:EE:D4 -j DROP
iptables -I FORWARD -m mac --mac-source 6C:F0:49:97:09:9E -j DROP
iptables -I FORWARD -m mac --mca-source 1C:6F:65:69:1B:CB -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:64:EE:C5 -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:69:18:DA -j DROP
iptables -I FORWARD -m mac --mca-source 48:5B:39:97:14:2B -j DROP
iptables -I FORWARD -m mac --mca-source 1C:6F:65:69:18:2F -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:65:52:98 -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:64:ED:64 -j DROP
iptables -I FORWARD -m mac --mac-source 48:5B:39:98:4C:40 -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:67:F4:98 -j DROP
iptables -I FORWARD -m mac --mac-source 1C:6F:65:AF:5A:7F -j DROP

iptables -A INPUT -m string --algo kmp --string 4shared -j REJECT
iptables -A FORWARD -m string --algo kmp --string 4shared -j REJECT

iptables -A INPUT -m string --algo kmp --string torrent.net -j REJECT
iptables -A FORWARD -m string --algo kmp --string torrent.net -j REJECT

iptables -A INPUT -m string --algo kmp --string porn -j REJECT
iptables -A FORWARD -m string --algo kmp --string porn -j REJECT

iptables -A INPUT -m string --algo kmp --string torrent -j REJECT # utk memblok torrent
iptables -A FORWARD -m string --algo kmp --string torrent -j REJECT #utk blok torrent
iptables -I FORWARD -m string --string "BitTorrent protocol" --algo bm -j DROP

iptables -A FORWARD -p tcp -d 69.171.224.0/19 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A OUTPUT -p tcp -d 69.171.224.0/19 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A FORWARD -p tcp -d 66.220.144.0/20 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A OUTPUT -p tcp -d 66.220.144.0/20 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A FORWARD -p tcp -d 69.63.176.0/20 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A OUTPUT -p tcp -d 69.63.176.0/20 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A FORWARD -p tcp -d 65.52.0.0/14 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP
iptables -A OUTPUT -p tcp -d 65.53.0.0/14 -m time --timestart 06:00:00 --timestop 22:00:00 -j DROP

iptables -I FORWARD -m tcp -p tcp -m
iptables -I FORWARD -d 69.171.224.0/19 -j DROP
iptables -I OUTPUT -d 69.171.224.0/19 -j DROP
iptables -I FORWARD -d 66.220.144.0/20 -j DROP
iptables -I OUTPUT -d 66.220.144.0/20 -J DROP
iptables -I FORWARD -d 69.63.176.0/20 -j DROP
iptables -I OUTPUT -d 69.63.176.0/20 -j DROP
iptables -I FORWARD -d 65.52.0.0/14 -j DROP
iptables -I OUTPUT -d 65.52.0.0/14 -j DROP
iptables -I FORWARD -m tcp -p tcp -d 69.171.228.70 --dport 443-j REJECT
iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT

exit 0

Tapi waktu saya mau cek apakah ini berjalan atau tidak dengan perintah
#iptables -L-v
Hasil nya:
Chain INPUT (policy ACCEPT 1195K packets, 714M bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 30M packets, 17G bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 1361K packets, 817M bytes)
pkts bytes target prot opt in out source destination

Mohon bantuan dan koreksinya.

Salam
User avatar
q_p
Posts: 3109
Joined: 14 Oct 2012, 13:01
Contact:

Re: iptables tidak jalan

Postby q_p » 04 Sep 2013, 10:37

pkts bytes [color:#660000]target prot[/color] opt in out [color:#990000]source destination[/color]
Kayaknya belum jalan mas.
  1. Misalnya ini =

    Code: Select all

    ...
    iptables -I FORWARD -m mac --mca-source 1C:6F:65:69:1B:CB -j DROP
    ...
    masak cuma segitu ?
  2. Dan yang ini =

    Code: Select all

    ...
    ...--mca-source ...
    ...
    bukannya --mac-source ?
cmiiw
User avatar
newbei
Posts: 80
Joined: 14 Jan 2013, 09:58

Re: iptables tidak jalan

Postby newbei » 04 Sep 2013, 11:31

Pragola_Pati wrote:
pkts bytes [color:#660000]target prot[/color] opt in out [color:#990000]source destination[/color]
Kayaknya belum jalan mas.
  1. Misalnya ini =

    Code: Select all

    ...
    iptables -I FORWARD -m mac --mca-source 1C:6F:65:69:1B:CB -j DROP
    ...
    masak cuma segitu ?

    Maaf mas, bukan begitu perintah utk memblok mac address?
    Mohon penjelasan nya?
  2. Dan yang ini =

    Code: Select all

    ...
    ...--mca-source ...
    ...
    bukannya --mac-source ?

Yang ini sudah saya rubah mas menjadi --mac.... :)
cmiiw

Return to “Ubuntu Server”

Who is online

Users browsing this forum: No registered users and 1 guest