Anda di halaman 1dari 18

::LINUX NETWORK ADMINISTRATION::.

1. LINUX NETWORKING & TCP/IP


2. KONEKSI INTERNET MENGGUNAKAN DIAL-UP MODEM
3. DNS (DOMAIN NAME SYSTEM) SERVER
4. WEB SERVER
5. CGI
6. E-MAIL SERVER DENGAN POSTFIX
7. PROXY SERVER (SQUID)

LINUX NETWORKING & TCP/IP

KONSEP JARINGAN
Jaringan komputer adalah kumpulan dua atau lebih komputer yang terhubung (media kabel,
wireless dll) satu sama lain. Perangkat jaringan komputer terdiri dari:

• Perangkat keras jaringan komputer, yaitu: hub, ethernet, bridge dll.


• Protokol Komunikasi data, misalnya TCP/IP, IPX dll.
• Perangkat lunak atau aplikasi untuk komunikasi, yaitu: aplikasi server dan client.

Jenis jaringan ditinjau dari jumlah komputer dan jangkauannya:

• LAN (Local Area Network), adalah jaringan komputer yang jumlah dan jangkauan komputer
relatif lebih sedikit, misalnya jaringan komputer dalam satu gedung atau kampus.
• WAN (Wide Area Network), adalah jaringan komputer yang meliputi jumlah dan jangkauan
komputer relatif lebih luas, misalnya jaringan komputer antar kota auatu daerah.
• Internet, adalah jaringan komputer yang lebih luas dan bersifat global.

PROTOKOL TCP/IP (Transmission Control Protocol/Internet Protocol)


Adalah merupakan sekumpulan protokol yang didesain untuk melakukan fungsi-fungsi
komunikasi data pada jaringan komputer yang masing-masing protokol bertanggung jawab atas bagian-
bagian tertentu dari komunikasi data.
Model layer TCP/IP

• Network Interface Layer, bertanggung jawab dalam pengiriman dan penerimaan data dari dan
ke media fisik, media fisik dapat berupa kabel, serat optik, atau gelombang radio.
• Interner Layer, bertanggung jawab dalam proses pengiriman data ke alamat yang tepat.
• Transpot Layer, bertanggung jawab untuk mengadakan komunikasi antara dua host/komputer.
• Aplication Layer, pada layer ini terdapat semua aplikasi yang menggunakan protokol TCP/IP.

Konfigurasi Jaringan Langkah-langkah membuat konfigurasi jaringan:

1. Client A

Aan:

A. Set Ip Address

]# ifconfig eth0 192.168.2.2 (bersifat temporer) atau


]# echo "ifconfig eth0 192.168.2.2" >> /etc/rc.local (bersifat permanen & diaktifkan dengan
reboot)

B. Buat Gateway Jaringan

]# route add default gw 192.168.2.254 (bersifat temporer) atau


]# echo "route add default gw 192.168.2.254" >> /etc/rc.local (bersifat permanen & diaktifkan
dengan reboot)

C. Cek Connect/Tidaknya Jaringan

]# ping 192.168.2.3
Rohmad:

A. Set Ip Address
]# ifconfig eth0 192.168.2.3 (bersifat temporer) atau
]# echo "ifconfig eth0 192.168.2.3" >> /etc/rc.local (bersifat permanen & diaktifkan dengan
reboot)

B. Buat Gateway Jaringan

]# route add default gw 192.168.2.254 (bersifat temporer) atau


]# echo "route add default gw 192.168.2.254" >> /etc/rc.local (bersifat permanen & diaktifkan
dengan reboot)

C. Cek Connect/Tidaknya Jaringan

]# ping 192.168.2.2

2. Client B, C, D,E dan F = Client A


3. Server A

A. Set Ip Address

]# ifconfig eth0 192.168.4.2 (bersifat temporer) atau


]# echo "ifconfig eth0 192.168.4.2" >> /etc/rc.local (bersifat permanen & diaktifkan dengan
reboot)

B. Daftar Gateway Client Ke Server

]# ifconfig eth0:1 192.168.2.254


]# ifconfig eth0:2 192.168.3.254

C. Buat Gateway Server

]# route add default gw 192.168.2.254 (bersifat temporer) atau


]# echo "route add default gw 192.168.2.254" >> /etc/rc.local (bersifat permanen & diaktifkan
dengan reboot)

D. Buat Gateway Masing-Masing Jaringan

]# route add -net 192.168.2.0/24 gw 192.168.2.254


]# route add -net 192.168.3.0/24 gw 192.168.3.254

E. Masukkan Ip Forward

]# echo "1" >> /proc/sys/net/ipv4/ip_forward

4. Server B, C, D, E dan F = Server A


5. Pusat

A. Set Ip Address
]# ifconfig eth0 192.168.13.1 (bersifat temporer) atau
]# echo "ifconfig eth0 192.168.13.1" >> /etc/rc.local (bersifat permanen & diaktifkan dengan
reboot)

B. Daftar Gateway Server Ke Pusat

]# ifconfig eth0:1 192.168.4.2


]# ifconfig eth0:2 192.168.7.2
]# ifconfig eth0:3 192.168.10.2

C. Buat Gateway Server

]# route add default gw 192.168.4.2 (bersifat temporer) atau


]# echo "route add default gw 192.168.4.2" >> /etc/rc.local (bersifat permanen & diaktifkan
dengan reboot)

D. Masukkan Ip Forward

]# echo "1" >> /proc/sys/net/ipv4/ip_forward


nb. Jangan lupa untuk mengecek connect/tidaknya jaringan client, server & pusat

KONEKSI INTERNET MENGGUNAKAN DIAL-UP MODEM


Server

1. ]# kppp

>>KPPP
1a.Setup/Configure
1b.Accounts
2b.New
3a.Dialog Setup/Manual Setup
4a.Dial
4b.Connection Name: (misal telkom)
4c.Add Phone Number : (misal 080989999)
4d.OK
5a.Modems
5b.New
6a.Device
7a.Modem Device : /dev/ttyS0
7b.Flow Control : Hardware [CRTSCTS]
7c.Line Termination : CR
7d.Connection Speed : 57600
7e.OK
>>KPPP
Connect to : telkom
login ID : telkomnet@instan
Password : telkom
Connect

2. ]# ifconfig eth0 192.168.13.1


3. ]# route n (lihat apakah gateway kpp0 telah connect/belum) Jika belum,
4. ]# route add default gw (masukkan nomor gateway kpp0/p-t-p) Nomor gateway kpp0/p-t-p
dapat dilihat di ifconfig
5. ]# vi /etc/resolv.conf (samakan nameserver dengan ip address)
6. ]# echo "1" >> /proc/sys/net/ipv4/ip_forward
7. ]# cat /proc/sys/net/ipv4/ip_forward (jika keluar angka 1 berarti benar)
8. ]# service iptables stop
9. ]# iptables -t nat -A POSTROUTING -s 192.168.13.0/24 -o ppp0 -j MASQUERADE
10. ]# service named restart

Client

1. Set ip yang sama kelasnya dengan server

]# ifconfig eth0 192.168.13.2

2. Gateway diarahkan ke server

]#route add default gw 192.168.13.254

3. Resolv diarahkan ke server

]#echo "nameserver 192.168.13.1" >> /etc/resolv.conf

DNS (DOMAIN NAME SYSTEM) SERVER


-Untuk mengetahui ada/tidaknya BIND:
]# rpm qa | grep bind

Konfigurasi DNS

A. Client

1. root]# vi /etc/resolv.conf (samakan nameserver dengan ip address)


2. root]# vi /etc/named.conf

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};

zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};

zone "aan.depok.ok" IN {
type master;
file "aan.depok.ok.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

3. root]# cd /var/named && ls


4. named]# cp localhost.zone aan.depok.ok.zone
5. named]# vi aan.depok.ok.zone

SEBELUM DIRUBAH
TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

1D IN NS @
1D IN A 127.0.0.1
~
SETELAH DIRUBAH
$TTL 86400
$ORIGIN aan.depok.ok.
@ 1D IN SOA ns.aan.depok.ok. root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

@ 1D IN NS ns.aan.depok.ok.
@ 1D IN MX 10 mail.aan.depok.ok.
web 1D IN A 192.168.2.2
mail 1D IN A 192.168.2.2
www 1D IN A 192.168.2.2
~

6. named]# killall named (Khusus Redhat 9)


7. named]# service named restart
8. named]# dig www.aan.depok.ok any (untuk mengecek)

JIKA BENAR INILAH YANG KELUAR


; <<>> DiG 9.2.1 <<>> www.aan.depok.ok any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52320
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.aan.depok.ok. IN ANY
;; ANSWER SECTION:
www.aan.depok.ok. 86400 IN A 192.168.2.2

;; AUTHORITY SECTION:
aan.depok.ok. 86400 IN NS ns.aan.depok.ok.

;; Query time: 7 msec


;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu May 11 13:04:23 2006
;; MSG SIZE rcvd: 67

9. named]# tail /var/log/messages (untuk mengetahui kesalahan)

B. Server

1. root]# vi /etc/resolv.conf (samakan nameserver dengan ip address)


2. root]# vi /etc/named.conf

controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
zone "." IN {
type hint;
file "named.ca";
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "aan.depok.ok" IN {
type master;
file "aan.depok.ok.zone";
allow-update { none; };
};
zone "depok.ok" IN {
type master;
file "depok.ok.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};

3. root]# cd /var/named && ls


4. named]# cp localhost.zone depok.ok.zone
5. named]# vi depok.ok.zone

SEBELUM DIRUBAH
TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

1D IN NS @
1D IN A 127.0.0.1
~
SETELAH DIRUBAH
$TTL 86400
$ORIGIN depok.ok.
@ 1D IN SOA ns.depok.ok. root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum

@ 1D IN NS ns.depok.ok.
@ 1D IN MX 10 mail.depok.ok.
web 1D IN A 192.168.13.1
mail 1D IN A 192.168.13.1
www 1D IN A 192.168.13.1
aan 1D IN NS ns.aan.depok.ok.
ns.aan 1D IN A 192.168.2.2
dian 1D IN NS ns.dian.depok.ok.
ns.dian 1D IN A 192.168.3.2
samrodin 1D IN NS ns.samrodin.depok.ok.
ns.samrodin 1D IN A 192.168.6.2
bambang 1D IN NS ns.bambang.depok.ok.
ns.bambang 1D IN A 192.168.8.2
rohmad 1D IN NS ns.rohmad.depok.ok.
ns.rohmad 1D IN A 192.168.2.3
~
~

6. named]# service iptables stop


7. named]# killall named (Khusus Redhat 9)
8. named]# service named restart
9. named]# dig www.depok.ok any

JIKA BENAR INILAH YANG KELUAR


; <<>> DiG 9.2.1
• <>> www.depok.ok any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52320
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.depok.ok. IN ANY

;; ANSWER SECTION:
www.depok.ok. 86400 IN A 192.168.13.1
;; AUTHORITY SECTION:
depok.ok. 86400 IN NS ns.depok.ok.

;; Query time: 7 msec


;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu May 11 13:04:23 2006
;; MSG SIZE rcvd: 67

10. Samakan resolv client dengan server agar keduanya connect

]# echo "nameserver 192.168.13.1" >> /etc/resolv.conf

11. named]# dig www.aan.depok.ok any


12. named]# dig www.dian.depok.ok any (dan seterusnya)
13. named]# tail /var/log/messages (untuk mengetahui kesalahan)

WEB SERVER

A. Konfigurasi Apache Web Server

1. root]# vi /etc/httpd/conf/httpd.conf

SEBELUM DIRUBAH
# DocumentRoot: The directory . . .
#
DocumentRoot "/var/www/html"
#
# Each directory to which Apache . . .
#
# First, we configure the . . .
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

#
# Note that from this point forward . . .
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">

#
# Possible values for . . .
#
# The Options directive . . .
#
Options Indexes FollowSymLinks

#
# AllowOverride controls . . .
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all

</Directory>
SETELAH DIRUBAH
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
#DocumentRoot "/var/www/html"
DocumentRoot "/var/aan"

#
# Each directory to which Apache . . .
#
# First, we configure the . . .
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

#
# Note that from this point forward . . .
#

#
# This should be changed to whatever you set DocumentRoot to.
#
#<Directory "/var/www/html">
<Directory "/var/aan">

#
# Possible values for . . .
#
# The Options directive . . .
#
Options Indexes FollowSymLinks

#
# AllowOverride controls . . .
#
AllowOverride None

#
# Controls who can get stuff from this server.
#
Order allow,deny
Allow from all

</Directory>
2. root]# mkdir /var/aan
3. root]# cd /var/aan
4. aan]# vi index.html

<h1> Belajar Membuat Apache Web Server </h1>

5. aan]# service httpd restart


6. Cek di browser dengan mengetik: http://localhost

B. Konfigurasi User Webspace

1. root]# vi /etc/httpd/conf/httpd.conf

SEBELUM DIRUBAH
<IfModule mod_userdir.c>
#
# UserDir is disabled . . .
#
#UserDir disable

#
# To enable requests to /~user/ . . .
#
#UserDir public_html

</IfModule>
SETELAH DIRUBAH
<IfModule mod_userdir.c>
#
# UserDir is disabled . . .
#
#UserDir disable

#
# To enable requests to /~user/ . . .
#
#UserDir public_html
UserDir aan_banget

</IfModule>

2. root]# useradd ansori


3. root]# passwd ansori

Changing password for user ansori. New password: BAD PASSWORD: it is based on a
dictionary word Retype new password: passwd: all authentication tokens updated successfully.

4. root]# mkdir /home/ansori/aan_banget


5. root]# vi /home/ansori/aan_banget/index.html

<h1> Belajar Membuat User Webspace </h1>


6. root]# chmod 755 /home/ansori
7. root]# chmod 755 /home/ansori/aan_banget/
8. root]# chmod 755 /home/ansori/aan_banget/index.html
9. root]# service httpd restart
10. Cek di browser dengan mengetik: http://localhost/~ansori
11. root]#tail /var/log/httpd/error_log (untuk mengetahui kesalahan)

Virtual Host

1. root]# vi /etc/httpd/conf/httpd.conf

SEBELUM DIRUBAH
### Section 3: Virtual Hosts
#
# VirtualHost: . . .
#
#NameVirtualHost *

# VirtualHost . . .
#
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
SETELAH DIRUBAH
### Section 3: Virtual Hosts
#
# VirtualHost: . . .
#
#NameVirtualHost *

# VirtualHost . . .
#
#<VirtualHost *>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>

<VirtualHost 192.168.1.127>
ServerAdmin aan@lpknf.aan.banget
DocumentRoot /var/aan
ServerName www.lpknf.aan.banget
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>

2. root]# vi /etc/hosts
SEBELUM DIRUBAH
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
SETELAH DIRUBAH
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.127 www.lpknf.aan.banget

3. root]# service httpd restart


4. Cek di browser dengan mengetik: www.lpknf.aan.banget

CGI

1. root]# vi /etc/httpd/conf/httpd.conf

TIDAK MEMERLUKAN PERUBAHAN


#
# ScriptAlias: . . .
#
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

<IfModule mod_cgid.c>
#
# Additional . . .
Scriptsock run/httpd.cgid
</IfModule>

#
# "/var/www/cgi-bin" . . .

<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

2. root]# cd /var/www/cgi-bin/
3. cgi-bin]# vi aan

#!/bin/sh
echo Content-type: text/plain
echo

echo "Anda Berhasil Belajar CGI"

4. cgi-bin]# chmod +x aan


5. cgi-bin]# chmod 755 /var/
6. cgi-bin]# chmod 755 /var/www/
7. cgi-bin]# chmod 755 /var/www/cgi-bin/
8. cgi-bin]# chmod 755 /var/www/cgi-bin/aan
9. cgi-bin]# service httpd restart
10. Cek di browser dengan mengetik: http://localhost/cgi-bin/aan

E-MAIL SERVER DENGAN POSTFIX


Konfigurasi:

1. root]# rpm -qa|grep postfix


2. root]# vi /etc/postfix/main.cf

Edit file agar menjadi seperti dibawah ini:


#soft_bounce = no

queue_directory = /var/spool/postfix

command_directory = /usr/sbin

daemon_directory = /usr/libexec/postfix

mail_owner = postfix

#default_privs = nobody

myhostname = mail.ansori.batman.return

mydomain = ansori.batman.return

#myorigin = $myhostname
myorigin = $mydomain

inet_interfaces = all

#mydestination = $myhostname, localhost.$mydomain, $mydomain


mydestination = $myhostname, $mydomain
#mydestination = $myhostname, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain

#mynetworks_style = class
#mynetworks_style = subnet
#mynetworks_style = host

#mynetworks = 192.168.1.158
mynetworks = 192.168.1.0/24, 127.0.0.0/8
#mynetworks =

3. root]# service postfix restart


4. root]# postfix check

postfix/postfix-script: warning: /var/spool/postfix/etc/resolv.conf and /etc/resolv.conf differ

5. root]# cp /etc/resolv.conf /var/spool/postfix/etc/resolv.conf


cp: overwrite `/var/spool/postfix/etc/resolv.conf'? y

6. root]# postfix check


7. root]# service postfix restart
8. root]# netstat -tanp |grep 25

tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3296/


tcp 0 1 192.168.1.140:1025 127.0.0.1:25 SYN_SENT 4199/

9. root]# ps -axf
10. root]# service sendmail stop
11. root]# service postfix restart
12. root]# netstat -tanp |grep 25

tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 4295/

13. root]# ls /etc/xinetd.d/


14. root]# vi /etc/xinetd.d/pop3s
15. root]# vi /etc/xinetd.d/ipop2
16. root]# vi /etc/xinetd.d/ipop3
17. root]# vi /etc/xinetd.d/imap
18. root]# vi /etc/xinetd.d/imaps
19. root]# service xinetd restart

nb. Di dalam file pop3s, ipop2, ipop3, imap & imaps, ubah disable=no

20. root]# netstat -tanp |grep 110

tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN 16033/xinetd

21. root]# netstat -tanp |grep 143

tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN 16057/xinetd


tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 3143/

22. root]# adduser aan


23. root]# passwd aan

Changing password for user aan.


New password:
BAD PASSWORD: it's WAY too short
Retype new password:
passwd: all authentication tokens updated successfully.

24. root]# service httpd restart


25. Coba di browser dengan mengetik http://localhost/webmail, setelah login masukkan username
dan password yang telah anda buat, lalu cobalah kirim dengan compose, contoh:
To : sam@batman.return
Subject : latihan
Isi E-Mail dan kirim

26. Untuk Mengetahui E-Mail Yang Diterima Melalui Terminal

root]# tail /var/spool/mail/aan


Importance: Normal
X-Mailer: SquirrelMail (version 1.2.10)
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit

coba kirim (isi e-mail yang dikirim oleh sam@batman.return)

27. Untuk Mengetahui Apakah Email Kita Telah Terkirim Melalui Terminal

root]# tail /var/log/maillog

PROXY SERVER (SQUID)


Konfigurasi:

1. root]# vi /etc/squid/squid.conf

Edit file agar menjadi seperti dibawah ini:


#Default:
http_port 3128

#Default:
# cache_mgr root
cache_mgr ansori@lpknf.or.id

#Default:
cache_mem 64 MB

#Default:
cache_effective_user squid
cache_effective_group squid

#Default:
# none
visible_hostname localhost

#Default:
cache_dir ufs /etc/squid/cache 100 16 256

2. root]# mkdir /etc/squid/cache


3. root]# chown -R squid.squid /etc/squid/cache/
4. root]# squid -z
5. root]# service squid restart
6. root]# vi /etc/squid/squid.conf

#Recommended minimum configuration:


acl all src 0.0.0.0/0.0.0.0
acl cara1 dstdomain www.detik.com
acl cara2 dstdomain "/etc/squid/domainterlarang"
acl cara3 url_regex -i porno, xxx, sex, biru
acl cara4 url_regex -i "/etc/squid/kataterlarang"
acl cara5 dst "/etc/squid/ipterlarang"
acl bebasporno time S M T H W F A 21:00-24:00
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
http_access deny cara1
http_access deny cara2
http_access deny cara3
http_access deny cara4
http_access deny cara5
http_access allow bebasporno
# Exampe rule allowing access from your local networks. Adapt
# to list your (internal) IP networks from where browsing should
# be allowed
#acl our_networks src 192.168.1.0/24 192.168.2.0/24
#http_access allow our_networks

7. root]# squid -z
8. root]# service squid restart
9. Tampilan Ketika Web Yang Kita Block Di Buka

root]# vi /etc/squid/errors/ERR_ACCESS_DENIED
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-
1">
<TITLE>ERROR: The requeste URL could not be retrieved</TITLE>
<STYLE type="text/css">
</HEAD><BODY>
<H1>MAMNUAK</H1>
<H2>ANDA MENGAKSES SITUS TERLARANG</H2>
<HR noshade size="5px">
<P>
While trying to retrieve the URL:
<A HREF="%U">%U
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
AWAS AJING GILA
</STRONG>
<P>
Access control configuration prevents your request from
being allowed at this time. Please contact your service provider if
you feel this is incorrect.
</UL>
<P>ANSORY <A HREF="mailto:%w">%w.
//untuk memforward
<html><head><body>FORWARD</body><script language="javascript">
window.location="http://eramuslim.com"</script>
</head></html>
NB:
Untuk Mengetahui Ip yang Memakai Akses-akses yang terlah di block:
root]# tail /var/log/squid/acces.log