Instalasi DansGuardian

From OnnoWiki
Revision as of 09:22, 26 March 2008 by Onnowpurbo (talk | contribs) (New page: Install SSH, Squid cache & DansGuardian # apt-get install openssh-server squid dansguardian Konfigurasi DansGuardian # vi /etc/dansguardian/dansguardian.conf Lakukan * Buang / co...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Install SSH, Squid cache & DansGuardian

# apt-get install openssh-server squid dansguardian

Konfigurasi DansGuardian

# vi /etc/dansguardian/dansguardian.conf 

Lakukan

  • Buang / comment kalimat UNCONFIGURED
  • Ubah variabel 'virusscan' menjadi off, jika anda belum menyiapkan clamav untuk DansGuardian

Siapkan port ke Firewall. Bagian ini memang sifatnya optional, tapi sangat di sarankan. Copy perintah berikut ke file /etc/network/if-up.d/iptables-config

#!/bin/bash
iptables -F
# set the default policy for each of the pre-defined chains
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# to allow incoming SSH and Proxy
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp -m tcp -s 127.0.0.1 --dport 3128 -j ACCEPT
iptables -A INPUT -m state --state NEW -p tcp -m tcp --dport 8080 -j ACCEPT
# drop everything else
iptables -A INPUT -i eth+ -p udp -j DROP
iptables -A INPUT -i eth+ -p tcp -m tcp --syn -j DROP

Pastikan iptables-config dapat di execute / jalankan

# chmod +x /etc/network/if-up.d/iptables-config

Aktifkan SSH, DansGuardian, & Squid cache saat startup

# update-rc.d ssh defaults 
# update-rc.d squid defaults 
# update-rc.d dansguardian defaults 

Restart

# /etc/init.d/networking restart
# /etc/init.d/squid restart
# /etc/init.d/dansguardian restart

selesai