Pure-FTPd + Ubuntu Karmic

pure-ftpd v1.0.22 + karmic + ftp-proxy 1.9.2.4

Sekaligus installasi untuk ftp-proxy nya, jadi klo ada yang lewat squid bisa dimainkan gituh.

  • # apt-get install pure-ftpd pure-ftpd-common
    pilih standalone, lalu pilih no ketika setuid root, enable virtual chroots pilih no
  • # cd /etc/pure-ftpd/conf
    karena bentuk konfigurasi pure-ftpd ini berdasarkan nama file, maka harus detail tulisannya.

    • # rm *
      hapus semua file konfigurasi terlebih dahulu, jadi setup ulang confnya
    • # pico AltLog

      clf:/var/log/pure-ftpd/transfer.log

    • # pico ChrootEveryone

      yes

    • # pico FSCharset

      UTF-8

    • # pico MinUID

      33

    • # pico NoAnonymous

      yes

    • # pico PAMAuthentication

      no

    • # pico PureDB

      /etc/pure-ftpd/pureftpd.pdb

    • # pico UnixAuthentication

      no

  • # cd /etc/pure-ftpd/auth
    • # rm *
      hapus semua file konfigurasi terlebih dahulu, jadi setup ulang authnya
    • # ln -s /etc/pure-ftpd/conf/PureDB /etc/pure-ftpd/auth/50pure
  • # pure-pw useradd nama_login_ftpnya -u administrator -d /home/administrator
    data login disesuaikan. untuk -u berarti nama user ubuntunya dan -d adalah home untuk nama_login_ftp
  • # pure-pw mkdb
    apabila ada penambahan atau pengurangan user, maka harus menjalankan perintah ini
  • # /etc/init.d/pure-ftpd start
    maka ftp server sudah dapat dijalankan
  • # apt-get install ftp-proxy
    install ftp proxy nya
  • # pico /etc/default/ftp-proxy

    RUN_DAEMON=yes

  • # pico /etc/proxy-suite/ftp-proxy.conf
    silahkan konfigurasi filenya apabila dianggap perlu
  • # /etc/init.d/ftp-proxy start

Maka seharusnya sudah dapat diakses 2 service tersebut. Untuk ftp yaitu melalui port 21 sedangkan untuk ftp-proxy yaitu melalui port 2121.

Referensi :
http://ubuntuforums.org/showthread.php?t=1079223

Iklan
Ditulis dalam Tutorial. 2 Comments »

Shorewall + FWLogWatch

Melanjutkan yang sebelumnya, selanjutnya adalah untuk melakukan log parser dari shorewall.

Aplikasi yang digunakan adalah fwlogwatch

  • # apt-get install fwlogwatch
  • # dpkg-reconfigure fwlogwatch
    jalankan sebagai daemon dan pilih none untuk email sehingga tidak kirim email
  • # pico /etc/fwlogwatch/fwlogwatch.config
    untuk masalah status_password, bisa disetup dengan cara htpasswd -nb nama_usernya password_usernya

    parser=nfs
    dst_port = on
    html = yes
    realtime_response = yes
    server_status = yes
    bind_to = 0.0.0.0
    listen_port = 888
    status_user =
    // status password below is for blank password!
    status_password=UGFufMo4FEB5Q
    refresh = 120

  • # /etc/init.d/fwlogwatch start
    jangan lupa untuk allow port 8.8.8 pada shorewall, sehingga dapat diakses dari inet

Referensi :
http://linux.or.id/node/1023
http://ubuntuforums.org/showthread.php?t=518646

Shorewall 4.0 + Ubuntu 9.04

Installasi shorewall di ubuntu 9.04
Berhubung dapetnya ubuntu 9.04 maka akhir-akhir ini maennya di ubuntu 9.04. Terpaksa nda bisa diupgrade ke 9.10 karena ubuntunya ada di vps, sehingga klo dipaksa upgrade akan bermasalah ketika menggunakan kernel barunya.

Disini hanya akan memberi contoh konfigurasi shorewall untuk satu interface dan server berfungsi untuk melayani HTTP, SSH dan NTP. Jangan lupa untuk hati-hati dalam hal konfigurasi ini, karena klo salah konfigurasi maka apabila mengakses servernya secara remote .. bisa putus dan harus akses ke server fisiknya.
Installasi dan konfigurasi shorewall

  • # apt-get install shorewall-common shorewall-perl
    shorewall-perl berfungsi sebagai compiler shorewall, sehingga tidak perlu menggunakan lagi shorewall-shell.
  • # cp /usr/share/doc/shorewall-common/examples/one-interface/* /etc/shorewall/
  • # mv /etc/shorewall/shorewall.conf /etc/shorewall/shorewall.conf.default
  • # cd /etc/shorewall/ && gunzip shorewall.conf.gz
  • # pico shorewall.conf
    ubah STARTUP_ENABLED=No menjadi STARTUP_ENABLED=Yes

    STARTUP_ENABLED=Yes

  • # pico /etc/default/shorewall
    ubah startup=0 menjadi startup=1

    startup=1

  • # pico rules
    file /etc/shorewall/rules merupakan file yang berisi rule untuk shorewall ini, jadi disini letak intinya

    #############################################################################################################
    #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
    # PORT PORT(S) DEST LIMIT GROUP

    # Accept all from admin
    # Membolehkan semua trafik yang berasal dari 192.168.0.2 ke server
    ACCEPT net:192.168.0.2 $FW

    # Drop Ping from the “bad” net zone.. and prevent your log from being flooded..
    # Blok semua ping yang berasal dari luar ke server
    Ping/DROP net $FW

    # Permit all ICMP traffic FROM the firewall TO the net zone
    # Membolehkan ping dari server ke luar
    ACCEPT $FW net icmp

    # Secara default localhost dapat mengakses localhost
    # TCP HTTP & SSH
    # Membolehkan trafik tcp 80 dan 22 ke server
    ACCEPT net $FW tcp 80
    ACCEPT net $FW tcp 22

    # UDP NTP
    # Membolehkan trafik udp 123 ke server
    ACCEPT net $FW udp 123

    #LAST LINE — ADD YOUR ENTRIES BEFORE THIS ONE — DO NOT REMOVE

  • # /etc/init.d/shorewall start
    apabila tidak ada masalah, maka firewall akan jalan. hati-hati pada step ini karena bisa jadi koneksi akan terputus. tapi selama percobaan ini sih nda ada masalah đŸ˜€
  • # iptables -L -n
    perintah ini berfungsi untuk melihat rule yang telah dibuat oleh shorewall

Referensi :
http://ngadimin.com/2009/07/18/standalone-firewall-di-ubuntu-dengan-shorewall/

Ditulis dalam Tutorial. 1 Comment »

In The Name Of Greater Israel

By Anait Brutian* | Sabbah Report | www.sabbah.biz

On February 2, 2010, the Israeli Knesset held the inaugural meeting of The Lobby for Greater Israel. According to Knesset members Arye Eldad (National Union), "This kind of lobby should have been unnecessary … We could have expected that after disengagement [from Gaza and parts of northern Samaria in 2005] all talk of creating a Palestinian state would have been taken off the table and that no one would try to get rid of settlements … Instead, we are once more hearing about a two-state solution and a [construction] freeze. I am certain that with this unity we can save the Land of Israel"(1). Made up of 39 Knesset members, out of which 12 from Netanyahu's Likud party and others from Shas, Israel Beiteinu, Habayit Hayehudi, the National Union, United Torah Judaism and Kadima, the lobby aims at acting as a "protective wall against any threat to the settlements"(2). Minister-without-portfolio Bennie Begin (Likud) went further than the official mission of the lobby, suggesting that the creation of a Palestinian state threatened Jewish security and rights to the Land of Israel(3). Yoav Sorek and Moriya Taassan, representing The Israeli Initiative, expressed a similar sentiment during the meeting: "We hope that this important lobby will grow to support Eretz Yisrael and help stop the discrimination against Israeli citizens living in Judea and Samaria"(4).


The claims of "discrimination against Israeli citizens living in Judea and Samaria" are unsubstantiated. Of course, there is discrimination, but it is aimed at Palestinians living under Israeli occupation. The charge of discrimination clarifies the mindset and the aims of The Israeli Initiative. The introductory statement of their website begins with the following declaration: "The ‘Palestinian State' solution has failed. For many years, Israel has repeatedly attempted to resolve the Arab-Israeli conflict and reach a state of peace and stability with the Palestinians, based primarily on the formula of ‘land for peace'… It is now quite clear that the concept of "the Palestinian State" has collapsed. If we desire peace, we must soberly examine the reality and understand where we went wrong. Now is the time to display creativity and advance towards peace along a different path"(5). And the "different path," beyond the fake humanitarian niceties, is based upon the "extension of Israeli sovereignty over Judea and Samaria, instead of handing over theses parts of the country for a Palestinian State"(6). In this context the declaration that "The Israeli Initiative is a plan for peace between Israel and its neighbours"(7) is a mockery if not an affront. One might consider the truth of the statement of Haaretz's Gideon Levy: "Israel is not asked ‘to give' anything to the Palestinians. It is only being asked to return – to return their stolen land and restore their trampled self-respect."(8).

Israel's proposed sovereignty over the entire region "from Jordan River to the Mediterranean" is justified as a means of preventing "Shiite penetration into the heart of the western region of the Middle East" and a guarantee to "Israel's existence as a Jewish State"(9). The statement cunningly hides the fact that these expansionist aspirations were part of the Zionist agenda long before the "Shiite penetration into the heart of the western region of the Middle East." The founder of the World Zionist Organization, Theodor Herzl wrote: "Spirit the penniless population across the frontier by denying it employment … Both the process of expropriation and the removal of the poor must be carried out discreetly and circumspectly" (Theodore Herzl, Complete Diaries, June 12, 1895 entry(10)). A similar sentiment was expressed by Joseph Weitz, head of the Jewish Agency for the Colonization Department who argued for "the need to sustain the character of the state which will henceforth be Jewish … with a non-Jewish minority limited to 15 percent." Weitz admitted reaching this fundamental position as early as 1940(11).

As for the worn-out claim that "Israel's existence as a Jewish State" is at stake, it was challenged by the statement of Israeli General Matityahu Peled, who openly admitted: "The thesis that the danger of genocide was hanging over us in June 1967 and that Israel was fighting for its physical existence is only bluff, which was born and developed after the war"(12). Gideon Levy referred to the period as "the time of big lies: lies about the great danger that lay at our doorstep – a danger that was bogus or inflated – and lies about the territories that were temporarily ‘liberated,' " to be used as bargaining chips for an ill-defined peace that "we may not have really been aiming for even then"(13). Israel's expansionism, cleverly disguised as self-defence, legitimized its aggression. To insure the support of its allies in the West, Israel chose the method of well-orchestrated provocations that induced a barrage of resistance from the Palestinians. The Second Intifada, sparked by Ariel Sharon's armed march to Jerusalem's Temple Mount in September 28, 2000, is a classic case. Not everyone was aware of the provocations and their true purpose. But even without this knowledge, the truth can be revealed through Ben-Gurion's plans of May 1948: "We should prepare to go over to the offensive. Our aim is to smash Lebanon, Trans-Jordan, and Syria. The weak point is Lebanon, for the Moslem regime is artificial and easy for us to undermine. We shall establish a Christian state there, and then we will smash the Arab Legion, eliminate Trans-Jordan; Syria will fall to us. We then bomb and move on and take Port Said, Alexandria and Sinai"(14).

During the same month of the same year, while outlining his infamous plan of conquest, David Ben-Gurion was also drafting the document called The Declaration of the Establishment of the State of Israel(15) – his name is the first among the signatories of the document, dated May 14, 1948. "The State of Israel will … foster the development of the country for the benefit of all its inhabitants; it will be based on freedom, justice and peace as envisaged by the prophets of Israel; it will ensure complete equality of social and political rights to all its inhabitants irrespective of religion, race or sex; it will guarantee freedom of religion, conscience, language, education and culture; it will safeguard the Holy Places of all religions; and it will be faithful to the principles of the Charter of the United Nations"(16). Among other "guarantees" of the Declaration are "equal citizenship and due representation in all its provisional and permanent institutions"(17). Even if we dismiss the experience of the past 61 years, the discrepancies between Ben-Gurion's statement of May 1948 and the Declaration of the Establishment of the State of Israel of May 14, 1948 clearly demonstrate that the founders of the State of Israel had a devious design from the start: a deliberate plan of deception that hides Israel's expansionist agenda in the region. In light of this disclosure their claims to "Judea and Samaria" come as no surprise: "Judea and Samaria form the geographical and historical heart of western Eretz Israel and there is no reason – moral, legal, demographic or geographic – to abandon those parts of the country that provide vital strategic depth and land reserves"(18). Ironically, the historical claims to the region popped into existence only after the decision to establish a Jewish homeland in Palestine. One may wonder what the claims would have been if another "Jewish homeland" – Argentina or East Africa (known as the Uganda Project) – had been chosen instead.

In the hands of the Zionists, history conveniently fits into the political agenda of the moment. The Israeli Initiative's claim on "Judea and Samaria" provides the pseudo-historical context for the expansionist aims of the State of Israel. The International Israel Allies Caucus Foundation's fist meeting at Washington, DC in May 2008 did not explicitly mention "Judea and Samaria" but aimed at the dismantling of UNRWA, considered an obstacle to the Israeli plans to "rehabilitate" the Palestinian refugees(19). The use of the word "rehabilitate" schemes not only to hide the true intention of relocating the entire Palestinian population "in a range of countries that welcome immigration"(20) but also downplays the inhuman nature of this proposal by presenting it as a "humanitarian solution," "the noblest gift to Palestinian society and to the world at large"(21). Interestingly enough, the Balfour Declaration of November 2, 1917 does not contain a word close in meaning to "relocation" or its newly hatched cognate "rehabilitation." "His Majesty's government view with favour the establishment in Palestine of a national home for the Jewish people, and will use their best endeavours to facilitate the achievement of this object, it being clearly understood that nothing shall be done which may prejudice the civil and religious rights of existing and non-Jewish communities in Palestine …"(22). Instead, it implies that there was a mutual agreement ("it being clearly understood") that "the civil and religious rights of existing and non-Jewish communities" would not be jeopardized. As with the Balfour Declaration, so too with The Declaration of the Establishment of the State of Israel ("equal citizenship and due representation in all its provisional and permanent institutions"(23)), written agreements bear no value, when one deals with the Zionists.

The distorted "history survey" in the Declaration provides a clear example of the cunning modus operandi designed for the benefit of the gullible Gentiles that supported the Declaration: "After being forcibly exiled from their land, the people kept faith with it through their Dispersion and never ceased to pray and hope for their return to it and for the restoration in it of their political freedom"(24). The exile mentioned in this document doesn't have a date. Which exile are they talking about? In 722 BCE King Shalmaneser V captured Samaria and the Israelites were deported to Assyria and dispersed throughout the vast empire. The Babylonian exile took place between 587 and 539 BCE and was accompanied by the destruction of the First Temple. The destruction of the Second Temple at 70 CE was NOT accompanied by a deportation. Thus the "forcible exile" mentioned in the Declaration is FALSE. It is ludicrous to assume that the signatories of this document did not know their own history. Just as it was convenient to hide their true intentions behind the efforts to dismantle UNRWA, so too, is the misrepresentation of history in this and other documents.

The Eretz Israel HaShlema, i.e., the whole or complete Land of Israel (Greater Israel in common parlance) could not be achieved without the eviction of the Palestinians by the settlers(25). The distorted history used by the Zionists serves them as a pretext for depopulating the Palestinian territories from their indigenous inhabitants and making room for the settlers. The movement Gush Emunim (Hebrew for "block of the faithful"), founded in 1974 by Rabbi Tzvi Yehuda Kook, the son of fundamentalist Rabbi Abraham Kook, promoted the slogan "The Land of Israel, for the people of Israel, according to the Torah of Israel"(26). The militant activities of this movement are not limited to rhetoric alone – their tactics include planting small Jewish groups in largely Arab communities, invoking their God-given right to the Land of Israel(27). Despite their belief that God created the world for the Jews and "holy wars" are acceptable to conquer it(28), similar to other Zionist projects, Gush Emunim never openly espoused violence. Yet, on April 27, 1984 the Israeli broadcasting service Kol Yisrael leaked a plot to blow up six Arab buses during rush hour. The group of Israeli suspects arrested in relation to the plot, were also responsible for the 1980 assassination attempts of Arab mayors in three West Bank cities, 1983 attacks on an Islamic College in Hebron and other acts of violence. Their plans also included an elaborate plot to blow up the Dome of the Rock in Jerusalem(29). The anti-Arab terrorist network, composed of "highly educated responsible men, some of whom were ranking army officers and all of whom were heads of large families," belonged to Gush Emunim, whose orthodox leaders, similar to the founders of the group, asserted a "biblically based Jewish claim to Judea and Samaria." Thus, while publicly preaching "peaceful and productive coexistence with the Arabs"(30), they endorse and sponsor terrorist activity in private in the name of God and Greater Israel. Gush Emunim's ideology, a toxic mix of Zionism and Messianic Judaism, is cleverly exported to the Christian world with a cunning message: "the advent of the Messiah would be delayed if the land were returned to non-Jews"(31). On a more mundane level, the campaign to undermine the suffering of the Palestinians continued with greater intensity (How American News Media Works (Analysis Report) (Part 1); How American News Media Works (Analysis Report) (Part 2); How American News Media Works (Analysis Report) (Part 3)), presenting Israel as a victim of constant terrorist attacks that affect the daily lives of its inhabitants and her economy (Israeli Propaganda to milk US Taxpayers).

In 1996 the Third International Christian Zionist Congress, held in Jerusalem, affirmed the belief of many, stating: "According to God's distribution of nations, the Land of Israel has been given to the Jewish People by God as an everlasting possession by an eternal covenant. The Jewish People have the absolute right to possess and dwell in the Land, including Judea, Samaria, Gaza and the Golan"(32). The new Middle East map with expandable Israeli boarders has been part of a Zionist scheme that allows the creation of Greater Israel at the expense of neighbouring Arab countries. Israel's intentions of fully controlling the West Bank and the Gaza strip are known. So is its intention of permanently keeping the Golan Heights of Syria and the southern Lebanon. What is not well known is Israel's appetite to expand to Iraq, most notably to parts of Iraq that have a large number of Kurdish Jews(33). The method is the same as before: buy land, relocate thousands of Jewish Kurds and outnumber the local population. As always, religion serves to legitimize this illegal venture. By showing particular interest in ancient cities mentioned in the Bible – Nahum in relation to al-Qush, Jonah in relation to Mosul, Daniel in relation to Kirkuk, Ezekiel in relation to al-Kifi near Najaf, Ezra in relation to al-Uzayr near Basra – Israel intends to claim Iraq's Shi'a-dominated territories as part of Greater Israel(34). No biblical scholar will take this claim seriously for the simple reason that these biblical prophets are not historical figures. For one thing, their lives, as described in the Bible, stretch for several hundreds of years. The book of Daniel is a classic example. A Maccabean production of later times, the writer of this text claims to have served such kings as Nebuchadnezzar (ca 634-562 BCE) (Dan 1:1-4:37), Belshazzar (555-538 BCE) (Dan 5:1-31), Darius (550-486 BCE) (Dan 6:1-28) and Cyrus (599 or 576-530 BCE) (Dan 6:28), while describing the events tied to the desecration of the Temple of Jerusalem in 168 BCE. Similarly, the principal character of Jonah is an obscure Galilean prophet, who presumably counseled Jeroboam II (788-747 BCE) (2Kings 14:25). In the book of Jonah this prophet, a simpleton who can't even decide whether he was swallowed by a male or a female fish (Hebrew is a genders-specific language), is asked to go to Nineveh, the capital of Assyria and proclaim against it. The problem is that Nineveh did not become the Assyrian capital until the reign of Sennacherib (ca. 704-681). Perhaps, these scholarly questions don't bear any significance for the Christian Zionists, who take the biblical narratives literally, as the word of God, or for the former CIA chief William Casey, who didn't know the difference between the right-wing Opus Dei and the Muslim Brotherhood.

The ultimate aim of the Zionists, as always, is the same: depopulate the area, colonize it and get their dirty hands on the rich natural resources of the region. The official story in the Western Media is all about "Muslim Terrorists." No one knows the truth about the fact that Mossad is heavily involved in many insurgencies. No one knows that the Israeli and the Christian Zionist mercenaries stage terrorist attacks against indigenous populations in Iraq with an explicit goal: to depopulate the area and make room for Israeli expansionism(35). As usual, the attacks by the Israelis and their allies are reported as being the work of Al Qaeda or other Islamic Jihadists(36). In reality, with its voracious appetite for more land grabs, Israel is the most dangerous state in the world today. But because of the Zionist-controlled Western Media, the truth is well hidden and the tragedy of Palestine now repeats in Iraq – all in the name of Greater Israel.

References:
(1), (2), (3) http://www.jpost.com/Israel/Article.aspx?id=167656
(4) http://theisraelinitiative.blogspot.com/2010/02/lobby-for-greater-israel.html

(5), (6) http://www.israelinitiative.com/rewr-true/language-en_us/Introduction.aspx
(7) http://theisraelinitiative.blogspot.com/2010/02/lobby-for-greater-israel.html
(8) http://www.inthesetimes.com/article/4755/israels_gadfly/
(9) http://www.israelinitiative.com/rewr-true/language-en_us/Introduction.aspx
(10), (11) http://newsgroups.derkeiler.com/
(12) http://www.al-awda.org/quotes.html

(13) http://www.inthesetimes.com/article/4755/israels_gadfly/
(14) http://newsgroups.derkeiler.com/
(15), (16), (17) http://www.mfa.gov.il/MFA/Peace+Process/Guide+to+the+Peace+Process/Declaration+of+Establishment+of+State+of+Israel.htm
(18) http://www.israelinitiative.com/rewr-true/language-en_us/Introduction.aspx
(19) http://www.youtube.com/watch?v=Y4c7S99Qzvk
(20), (21) http://www.israelinitiative.com/rewr-true/language-en_us/Principle-4/PrinciplesSub.aspx

(22) http://www.mfa.gov.il/MFA/Peace%20Process/Guide%20to%20the%20Peace%20Process/The%20Balfour%20Declaration
(23), (24) http://www.mfa.gov.il/MFA/Peace+Process/Guide+to+the+Peace+Process/Declaration+of+Establishment+of+State+of+Israel.htm
(25) http://www.globalsecurity.org/military/world/israel/greater-israel.htm
(26) http://weekly.ahram.org.eg/2009/961/focus.htm
(27) http://www.britannica.com/EBchecked/topic/755673/Gush-Emunim
(28) http://weekly.ahram.org.eg/2009/961/focus.htm

(29), (30) http://members.tripod.com/alabasters_archive/zionist_fundamentalism.html
(31) http://www.globalsecurity.org/military/world/israel/greater-israel.htm
(32) http://www.christianzionism.org/BibleSays/Sizer04.pdf
(33), (34), (35), (36) http://onlinejournal.com/artman/publish/article_4301.shtml

* Anait Brutian (B. Mus. with Honours in Theory, McGill University; M. A. in Music Theory, McGill University) is a student in the Faculty of Religious Studies at McGill. Her previous research includes a self-published book entitled: Reconciling Geometry, Rhetoric and Harmony: A Fresh Look at C. P. E. Bach. She is currently working on another book on mathematical paradigms in literature (Old and New Testaments), art, architecture, and music. She can be contacted at anaitbrutian@videotron.ca

Ditulis dalam Dakwah. Leave a Comment »

NTLM Active Directory – Squid

Ubuntu 9.10 – Samba 3.4.x – Krb5 1.23
Windows Server 2003 Active Directory (AD)

Tujuannya adalah agar user login ke active directory windows, dapat langsung menggunakan internet dengan cara user men-setup browser agar diarahkan ke port squid.

Yang pasti harus install ubuntunya dulu. Selanjutnya bisa diinstall paket berikut :

  1. # apt-get install squid
  2. # apt-get install samba winbind
  3. # apt-get install krb5-doc krb5-config krb5-user libkrb53 libkdb5-4 libkadm5srv6 libkadm5clnt6 libgssrpc4
    Ketika installasi Kerberos, ubuntu akan meminta nama realm. Masukan dengan nama domain lengkap dari AD nya. Contoh : NAMADOMAIN.LOCAL

Setelah semua paket terinstall, selanjutnya adalah konfigurasinya

  • # pico /etc/squid/squid.conf
    Tambahkan :

    auth_param ntlm program /usr/bin/ntlm_auth –helper-protocol=squid-2.5-ntlmssp
    auth_param ntlm children 10
    #auth_param ntlm max_challenge_reuses 0
    #auth_param ntlm max_challenge_lifetime 2 minutes
    #auth_param ntlm use_ntlm_negotiate off
    auth_param basic program /usr/bin/ntlm_auth –helper-protocol=squid-2.5-basic
    auth_param basic children 5
    auth_param basic realm Domain Proxy Server
    auth_param basic credentialsttl 2 hours
    auth_param basic casesensitive off
    authenticate_cache_garbage_interval 10 seconds

    # Credentials past their TTL are removed from memory
    authenticate_ttl 0 seconds

    Untuk pengertian protocol ntlm dan basic bisa dicari digoogle.
    Selanjutnya tambahkan pada bagian acl :

    acl AuthorizedUsers proxy_auth REQUIRED

    Lalu pada bagian http_access :

    http_access allow all AuthorizedUsers

  • # pico /etc/samba/smb.conf
    Tambahkan :

    netbios name = NAMAKOMPUTERSAMBA
    workgroup = NAMADOMAIN
    realm = NAMADOMAIN.LOCAL
    security = ADS
    password server = serverdomaincontrollernya.namadomain.local
    winbind enum users = yes
    winbind uid = 10000-20000
    winbind gid = 10000-20000
    winbind use default domain = yes

  • ntpdate serverdomaincontrollernya.namadomain.local
    Berfungsi untuk mensinkronkan waktu antara komputer samba dengan serverdomaincontroller.
  • # kinit administrator
    Administrator disini adalah user yang akan berguna untuk mendaftarkan komputer samba ke dalam AD. Apabila ketika masukan passwordnya tidak ada masalah, maka bisa lanjut. Apabila ada masalah, bisa coba reconfigure krb5 nya dengan menggunakan perintah dpkg-reconfigure krb5-config lalu masukan nama domain yang sesuai. Apabila tidak bisa juga, bisa langsung edit file /etc/krb5.conf dan coba dimainkan satu persatu.

    Fungsi dari kinit adalah untuk mentest authentikasi tanpa harus mendaftarkan komputer samba ke AD

  • # net ads join -U administrator
    Masukan passwordnya, apabila berhasil maka komputer samba sudah terdaftar pada serverdomaincontroller.
    Apabila terdapat pesan “DNS update failed!”, maka tidak ada masalah karena pesan ini muncul ketika serverdomaincontroller tidak mengaktifkan fungsi dynamic dns server. Untuk mengakalinya yaitu dengan memasukan di /etc/hosts pada komputer sama dengan masukan berikut :

    192.168.xx.xx namakomputersamba.namadomain.local namakomputersamba

  • # wbinfo -t
    Berfungsi untuk melihat trust antara komputer samba dengan serverdomaincontroller
  • # wbinfo -u
    Berfungsi untuk melihat user yang berada di serverdomaincontroller
  • # /etc/rc.d/squid restart && /etc/rc.d/samba restart && /etc/rc.d/winbind restart
    Restart semua service
  • # gpasswd -a proxy winbindd_priv
    Memasukan user proxy ke dalam group winbindd_priv. User proxy disesuaikan dengan cache_effective_user pada /etc/squid/squid.conf
  • # /usr/bin/ntlm_auth –helper-protocol=squid-2.5-basic
    NAMADOMAIN\administrator passwordadministrator
    OK

    Berfungsi untuk mencoba authentikasi basic ke AD berupa plain text. Formatnya yaitu ketik NAMADOMAIN\administrator passwordadministrator, apabila ditekan enter dan proses berhasil maka akan muncul pesan OK bukan ERR

  • Selanjutnya tinggal konfigurasikan agar client mengarahkan koneksi internetnya ke komputer samba dengan port squid nya.

Silahkan dicoba, mumpung masih hangat …

Referensi :
http://wiki.squid-cache.org/ConfigExamples/Authenticate/WindowsActiveDirectory
http://techtoy-blog.blogspot.com/2008/06/configuring-squid-server-to.html
http://techmiso.com/1934/howto-install-squid-web-proxy-server-with-active-directory-authentication/

Ditulis dalam Tutorial. 2 Comments »

Installasi Cacti 0.8.7e pada FreeBSD 8.0 Release

Asumsi Apache22, Mysql5, PHP5, Net-SNMP dah terinstall. Untuk rrd nya akan terinstall secara otomatis ketika installasi cacti. Selanjutnya adalah untuk installasi cacti dan cacti-spine

  • Installasi cacti dan cacti-spine
    # pkg_add -r cacti cacti-spine
  • Konfigurasi apache22
    Tambahkan baris berikut di /usr/local/etc/apache22/httpd.conf atau di default httpd-vhosts.conf nya.

    AllowOverride None
    Order Allow,deny
    Allow from all

    Alias /cacti /usr/local/share/cacti/

  • Konfigurasi file /etc/crontab
    Pastikan bahwa perubahan crontab yaitu berupa file, yang diubah dengan cara mengubah file /etc/crontab bukan melalui crontab -e

    */5 * * * * cacti /usr/local/bin/php /usr/local/share/cacti/poller.php > /dev/null 2>/usr/local/share/cacti/log/poller-error.log

  • Setup database untuk cactinya
    Klo mysqlnya dipassword, maka tambahkan aja -p
    #mysqladmin –user=root create cacti
    #echo “GRANT ALL ON cacti.* TO cacti@localhost IDENTIFIED BY ‘cactipasswd’; FLUSH PRIVILEGES;” | mysql -u root
    #mysql -u root cacti < /usr/local/share/cacti/cacti.sql
  • Konfigurasi file config.php pada cacti
    ee /usr/local/share/cacti/include/config.php

    $database_type = “mysql”;
    $database_default = “cacti”;
    $database_hostname = “localhost”;
    $database_username = “cacti”;
    $database_password = “cactipasswd”;
    $database_port = “3306”;

OK .. Selesai, selanjutnya untuk mengakses cactinya bisa langsung ke http://webserver_freebsd_apache2/cacti

Referensi :
http://forums.freebsd.org/showthread.php?t=182

Ditulis dalam Tutorial. 1 Comment »