Firewall Untuk Proxy DansGuardian

From OnnoWiki
Revision as of 13:42, 10 June 2010 by Onnowpurbo (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Bagi anda yang membutuhkan firewall bersama DansGuardian. Dapat menginstalasi script berikut.

Siapkan port ke Firewall. Bagian ini memang sifatnya optional, tapi sangat di sarankan. Copy perintah berikut ke file /etc/network/if-up.d/iptables-config 

#!/bin/bash
iptables -F
# set the default policy for each of the pre-defined chains
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# to allow incoming SSH and Proxy
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp -m tcp -s 127.0.0.1 --dport 3128 -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp -m tcp --dport 8080 -j ACCEPT
# drop everything else
iptables -A INPUT -i eth+ -p udp -j DROP
iptables -A INPUT -i eth+ -p tcp -m tcp --syn -j DROP

Pastikan iptables-config dapat di execute / jalankan 

# chmod +x /etc/network/if-up.d/iptables-config


Pranala Menarik

Retrieved from "https://onnocenter.or.id/wiki/index.php?title=Firewall_Untuk_Proxy_DansGuardian&oldid=20221"