[tanya-jawab] latihan SQUID & SHOREWALL

Martin Panggabean Wed, 12 Sep 2007 23:37:37 -0700

Teman(s)

Saya lagi coba2 setting 1 PC dgn 2 ethernet ( eth0, eth1 ) utk jalanin SQUID
dan Shorewall di CentOS 4.4. Sementara ini sy pake jaringan lokal dulu
dengan konfigurasi:


------------------eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.11.101
NETMASK=255.255.255.0
NETWORK=192.168.11.0
BROADCAST=192.168.11.255

-------------------eth1
DEVICE=eth1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.11.4
NETMASK=255.255.255.0
NETWORK=192.168.11.0
BROADCAST=192.168.11.255

---------------------network
NETWORKING=yes
HOSTNAME=jip-gateway
GATEWAY=192.168.11.1    # gateway utk jaringan 192.168.11.0/24
GATEWAYDEV=eth0

------------------------rules di shorewall
REDIRECT        loc     3128    tcp     www     -
ACCEPT          $FW     net     tcp     www


.... saya setting di client
____________________


------------------eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.11.101
NETMASK=255.255.255.0
NETWORK=192.168.11.0
BROADCAST=192.168.11.255

---------------------network
NETWORKING=yes
HOSTNAME=komputer-budi
GATEWAY=192.168.11.1
GATEWAYDEV=eth0


setelah saya coba browsing dari client tersebut ... request dari klien di
blok ... namun anehnya di /var/log/messages itu
----------------------------------------------------------------------------------------------------------------------------------
Sep 13 12:42:54 jip-gateway kernel: Shorewall:FORWARD:REJECT:IN=eth0
OUT=eth0 SRC=192.168.11.45 DST=202.43.162.29 LEN=48 TOS=0x00 PREC=0x00
TTL=127 ID=17739 DF PROTO=TCP SPT=1787 DPT=80 WINDOW=65535 RES=0x00 SYN
URGP=0
Sep 13 12:42:55 jip-gateway kernel: Shorewall:FORWARD:REJECT:IN=eth0
OUT=eth0 SRC=192.168.11.45 DST=202.43.162.29 LEN=48 TOS=0x00 PREC=0x00
TTL=127 ID=17741 DF PROTO=TCP SPT=1787 DPT=80 WINDOW=65535 RES=0x00 SYN
URGP=0
Sep 13 12:42:55 jip-gateway kernel: Shorewall:FORWARD:REJECT:IN=eth0
OUT=eth0 SRC=192.168.11.45 DST=202.43.162.29 LEN=48 TOS=0x00 PREC=0x00
TTL=127 ID=17743 DF PROTO=TCP SPT=1787 DPT=80 WINDOW=65535 RES=0x00 SYN
URGP=0
---------------------------------------------------------------------------------------------------------------------------------------
Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth0 SRC=192.168.11.45
DST=202.43.162.29  --- > loh kok request-nya(IN=eth0) bukan dari eth1 ....

apa karena request NETWORK yg sama makanya IN-nya dikenali dari eth0 ?  Kalo
memang begitu ... gimana caranya ngakalin supaya saya bisa nyoba dari lokal
network ??
soalnya kalo saya nyobain tambah rules di shorewall :
REDIRECT        net     3128    tcp     www     -

browsing-nya lancar .... he.he.he.he


THX
Martin


--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis

[tanya-jawab] latihan SQUID & SHOREWALL

Kirim email ke