Itu dah ngikutin tutorial dari mas fajar memang ini juga pakai speedy mas aku tapi dah minta ip static coba saya test dulu saran anda
Makasih Quoting K4m3h4m3 <[EMAIL PROTECTED]>: > konfigurasi rules banyak sekali........... > > saya tambahkan di kolom interfaces untuk options, > > kalau menggunakan speedy atau ISP yg lain di eth0 net biasanya pake optins > dhcp > > > untuk lebih jelasnya mungkin bisa simak artikel ini > > http://linux2.arinet.org dengan artikel Download Panduan Praktis dan > Lengkap Membuat Gateway Internet Arinet > > catatan: > > konfigurasi rules berkaitan dengan policy, kalau di policy di ijinkan masuk > sebenarnya di rules gak perlu di setting ACCEPT lagi paket yg akan > didaftafkan biar file konfigurasi lebih ringkas > > salam, > > > > > ikatlah ilmu pengetahuan dengan menulis > > > > <[EMAIL PROTECTED]> wrote on 27 Rajab 1428, 05:24 PM: > Subject: Re: [tanya-jawab] Tanya firewall > >/etc/shorewall/rules > >#Transparent proxy > >REDIRECT loc 3128 tcp www - > >ACCEPT $FW net tcp www > > > >#Accept DNS connections from the firewall to the network > >DNS/ACCEPT $FW net > >DNS/ACCEPT net $FW > >DNS/ACCEPT loc net > >DNS/ACCEPT $FW loc > >DNS/ACCEPT loc $FW > > > > > >#Accept SSH connections from local network for administration > >SSH/ACCEPT loc $FW > >SSH/ACCEPT net $FW > >SSH/ACCEPT loc net > >SSH/ACCEPT $FW loc > > > >#Allow Ping from local network > >Ping/ACCEPT loc $FW > > > >#Reject Ping from "bad" net zone.. and prevent your log from being > >flooded.. > >#Ping/REJECT net $FW > >ACCEPT $FW loc icmp > >ACCEPT $FW net icmp > >ACCEPT loc $FW icmp > > > >#Web > >Web/ACCEPT loc net > > > >#Mail > >POP3/ACCEPT loc net > >SMTP/ACCEPT loc net > >ICQ/ACCEPT loc net > > > >#others rules > >ACCEPT loc net tcp > >2082,2095 > >ACCEPT loc net tcp 5050 > >ACCEPT loc net udp 5050 > >ACCEPT loc net tcp 5010 > >ACCEPT loc $FW tcp 25 > >ACCEPT net $FW tcp 443 > >ACCEPT net $FW udp 6277 > >ACCEPT loc $FW tcp 5050 > >ACCEPT $FW loc tcp 5050 > >ACCEPT loc $FW udp 5050 > >ACCEPT fw loc udp 5050 > > > >/etc/shorewall/interfaces > > > >#ZONE INTERFACE BROADCAST OPTIONS > >net eth0 detect > >loc eth1 detect > > net eth0 detect dhcp,tcpflag,routefilter > loc eth1 detect > > >#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE > > > >/etc/shorewall/zones > >#ZONE TYPE OPTIONS IN OUT > ># OPTIONS OPTIONS > >fw firewall > >net ipv4 > >loc ipv4 > >#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE > > > >/etc/shorewall/masq > >#INTERFACE SOURCE ADDRESS PROTO PORT(S) > >IPSEC > >eth0 eth1 > >#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE > > > > > >-------------------------------------------------------------- > >This mail sent through Bina Nusantara Student Webmail Services > >(http://webmail.student.binus.ac.id) > > > > > >-- > >FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > >Unsubscribe: kirim email ke [EMAIL PROTECTED] > >Arsip dan info milis selengkapnya di http://linux.or.id/milis > > > > > > --------------------------------------------- > Free POP3 Email from www.Gawab.com > Sign up NOW and get your account @gawab.com!! > > -- > FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab > Unsubscribe: kirim email ke [EMAIL PROTECTED] > Arsip dan info milis selengkapnya di http://linux.or.id/milis > -------------------------------------------------------------- This mail sent through Bina Nusantara Student Webmail Services (http://webmail.student.binus.ac.id) -- FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab Unsubscribe: kirim email ke [EMAIL PROTECTED] Arsip dan info milis selengkapnya di http://linux.or.id/milis
