On Wed, 15 Feb 2006 01:34:02 -0900 hadi sumarsono <[EMAIL PROTECTED]> wrote:
> On Mon, 13 Feb 2006 15:23:48 +0800 > Nyoman D <[EMAIL PROTECTED]> wrote: > > > "bayu" <[EMAIL PROTECTED]> wrote: > Nah ini yg masih bikin bingung karena sdh aktifkan ip_forward > tetap aja nggak nyambung mIRC-nya. > Ada cara lain lagi......? > Dulu sih sdh pernah nyambung (waktu trial) tp saya sendiri lupa > apa yang sudah ku-lakukan, msh coba ingat2 nih..... > ----------------------Ini firewall.conf -nya ------------------------------- # Linux Firewall configuration -- http://projectfiles.com/firewall/ # Generated by '/etc/rc.d/rc.firewall save ' # on Wed Feb 15 17:18:10 AKST 2006. # Generated with version: "2.0rc9". PERMIT="" INTERNAL_INTERFACES="eth0" DYNAMIC_INTERFACES="ppp0" DENY_OUTBOUND="" ALLOW_INBOUND="" BLACKLIST="" STATIC_INSIDE_OUTSIDE="" PORT_FORWARDS="" PORT_FWD_ALL="yes" PORT_FWD_ROUTED_NETWORKS="yes" ADDITIONAL_ROUTED_NETWORKS="" TRUST_ROUTED_NETWORKS="yes" SHARED_INTERNAL="yes" FIREWALL_IP="" TRUST_LOCAL_EXTERNAL_NETWORKS="no" DMZ_INTERFACES="" NAT_EXTERNAL="yes" ADDITIONAL_NAT_INTERFACES="" IGNORE_INTERFACES="" LOGGING="no" NO_RP_FILTER_INTERFACES="" INTERNAL_DHCP="yes" RFC_1122_COMPLIANT="yes" DROP_NEW_WITHOUT_SYN="no" DUMP_TCP_ON_INIT="no" TTL_STEALTH_ROUTER="no" LOG_LIMIT="1/minute" LOG_BURST="5" LOG_LEVEL="notice" return # Generated by iptables-save v1.2.10 on Wed Feb 15 17:18:10 2006 *mangle :PREROUTING ACCEPT [3:1580] :INPUT ACCEPT [3:1580] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [3:1624] :POSTROUTING ACCEPT [3:1624] COMMIT # Completed on Wed Feb 15 17:18:10 2006 # Generated by iptables-save v1.2.10 on Wed Feb 15 17:18:10 2006 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -s 192.168.0.0/255.255.255.0 -o ppp0 -j MASQUERADE COMMIT # Completed on Wed Feb 15 17:18:10 2006 # Generated by iptables-save v1.2.10 on Wed Feb 15 17:18:10 2006 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [3:1624] :TRUSTED - [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -s 192.168.0.0/255.255.255.0 -i eth0 -m state --state NEW -j ACCEPT -A INPUT -i eth0 -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT -A INPUT -i lo -m state --state NEW -j ACCEPT -A INPUT -m state --state NEW -j TRUSTED -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 192.168.0.0/255.255.255.0 -i eth0 -m state --state NEW -j ACCEPT -A FORWARD -m state --state NEW -j TRUSTED -A OUTPUT -d 192.168.0.0/255.255.255.0 -o eth0 -p icmp -j ACCEPT -A OUTPUT -p icmp -m state --state INVALID -j DROP -A TRUSTED -d 192.168.0.100 -p icmp -m icmp --icmp-type 8 -j ACCEPT -A TRUSTED -p icmp -j DROP -A TRUSTED -j REJECT --reject-with icmp-port-unreachable COMMIT # Completed on Wed Feb 15 17:18:10 2006 ----------------- Ini squid.conf -nya -------------------------- ############################## # WELCOME TO SQUID 2 # # ------------------ # ######## no cache at cgi ############ hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY ######## caching set ################### cache_dir ufs /project/squid/cache 500 16 256 cache_mem 8 MB maximum_object_size 8192 KB maximum_object_size_in_memory 8 KB ######### timing access ################ forward_timeout 3 minutes connect_timeout 5 minutes read_timeout 3 minutes request_timeout 5 minutes dns_nameservers 203.130.208.12 203.130.196.5 dns_nameservers 202.159.32.3 202.159.33.3 ######### access_list ################## acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports ########## access_control ############### acl porn url_regex "/etc/squid/porn" acl noporn url_regex "/etc/squid/noporn" http_access deny porn !noporn #acl our_network src 192.168.0.0/24 #http_access allow our_network ########## aturan_client ################ acl our_MASTER src 192.168.0.100 http_access allow our_MASTER acl wjr1 src 192.168.0.1 acl wjr2 src 192.168.0.2 acl wjr3 src 192.168.0.3 acl wjr4 src 192.168.0.4 #-------------------------->client_ke-1 #http_access allow wjr1 #-------------------------->client_ke-2 http_access allow wjr2 #-------------------------->client_ke-3 #http_access allow wjr3 #-------------------------->client_ke-4 http_access allow wjr4 ######### batas maks.akses situs ######## client_db on acl akeh_konek maxconn 3 http_access deny our_MASTER akeh_konek http_access deny wjr1 akeh_konek http_access deny wjr2 akeh_konek http_access deny wjr3 akeh_konek http_access deny wjr4 akeh_konek http_access allow !akeh_konek http_access deny all logfile_rotate 5 Dan sdh ip_forward sdh diaktifkan (#/etc/rc.d/rc.ip_forward start) Hari ini coba lagi mIRC -nya masih belum nyambung. Ada linuxer yg jalan Slack 10.0 atau varian-nya, help me please...?8,(
pgpwpxUzWQqjP.pgp
Description: PGP signature
