Instalasi DansGuardian
Revision as of 10:43, 2 April 2008 by Onnowpurbo (talk | contribs)
Install SSH, Squid cache & DansGuardian
# apt-get install openssh-server squid dansguardian
Konfigurasi DansGuardian
# vi /etc/dansguardian/dansguardian.conf
Lakukan
- Jika IP address Server adalah, 192.168.0.1. Ubah
accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'
menjadi
accessdeniedaddress = 'http://192.168.0.1/cgi-bin/dansguardian.pl'
- Buang / comment kalimat "UNCONFIGURED - Please remove this line after configuration" setelah semua proses konfigurasi selesai.
- Ubah variabel 'virusscan' menjadi off, jika anda belum menyiapkan clamav untuk DansGuardian. Biasanya di Ubuntu clamav akan terinstall bersama DansGuardian.
Siapkan port ke Firewall. Bagian ini memang sifatnya optional, tapi sangat di sarankan. Copy perintah berikut ke file /etc/network/if-up.d/iptables-config
#!/bin/bash iptables -F # set the default policy for each of the pre-defined chains iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # to allow incoming SSH and Proxy iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -m state --state NEW -p tcp -m tcp -s 127.0.0.1 --dport 3128 -j ACCEPT iptables -A INPUT -m state --state NEW -p tcp -m tcp --dport 8080 -j ACCEPT # drop everything else iptables -A INPUT -i eth+ -p udp -j DROP iptables -A INPUT -i eth+ -p tcp -m tcp --syn -j DROP
Pastikan iptables-config dapat di execute / jalankan
# chmod +x /etc/network/if-up.d/iptables-config
Aktifkan SSH, DansGuardian, & Squid cache saat startup
# update-rc.d ssh defaults # update-rc.d squid defaults # update-rc.d dansguardian defaults
Restart
# /etc/init.d/networking restart # /etc/init.d/squid restart # /etc/init.d/dansguardian restart
selesai
Setup di Sisi Client
Pastikan proxy server di arahkan ke
IP address Server DansGuardian Port 8080