[admin] mohon di koreksi skrip ini

Wed, 20 Nov 2002 17:40:54 -0800 

salam semua....
saya coba blokir site di salah satu warnet sekolah
dasar, dan mohon dikoreksi  kenapa kok masih bisa di
buka... 

skrip iptables di rc.local
echo 1 >/proc/sys/net/ipv4/ip_forward
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING
--out-interface eth0 -j MASQUERADE
iptables --append FORWARD --in-interface eth1 -j
ACCEPT
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A INPUT -i eth0 -m state --state
ESTABLISHED, RELATED -j ACCEPT
iptables -A INPUT -p tcp -tcp-option ! 2 -j REJECT
--reject-with tcp-reset
iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -syn -s 192.168.0.0/24
--dport 139 -j ACCEPT
iptables -A INPUT -p tcp -syn -s trancas --dport 139
-j ACCEPT
iptables -A INPUT DROP
echo 1 > /proc/sys/net/ipv4/tcp_syncookies

skrip squid.conf:
http_port 8080
icp_port 0
cache_mem 80 MB
maximum_object_size 256 KB
cache_dir ufs /var/spool/squid 200 16 256
memory_pools_limit 32 MB
redirect_rewrites_host_header off
replacement_policy GDSF
half_closed_clients off

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl lan src 192.168.30.0/255.255.255.0
acl Safe_ports port 80 443 210 119 563 70 21
1025-65535
acl CONNECT method CONNECT
acl notsex url_regex -i "/etc/squid/notsex"
acl sex url_regex -i "/etc/squid/sex"
no_cache deny SEX
http_access allow notsex all
http_access deny sex all
http_access allow lan
http_access allow localhost
http_access deny !Safe_ports
http_access deny CONNECT
http_access deny all

wasalam
canshie


__________________________________________________
Do you Yahoo!?
Yahoo! Web Hosting - Let the expert host your site
http://webhosting.yahoo.com

-- 
Utk berhenti langganan, kirim email ke [EMAIL PROTECTED]
Informasi arsip di http://www.linux.or.id/milis.php3

Kirim email ke