Category Archives: Networking
Konfigurasi ZTE D-SLAM
######################################################################
# Welcome to ZTE Full Service Access Platform
# Press Return to get started
# Copyright 2005-2009 , ZTE Co.,Ltd.
######################################################################
9806>ena
Please input password:xxxxxxx
9806# configure
9806(config)# add-vlan 10
9806(config)# add-vlan 100
9806(config)# vlan 10 5/1 tag
9806(config)# vlan 100 5/1 tag
9806(config)# vlan 100 1-4/1-24 untag
9806(config)# ip subnet 172.16.253.100 255.255.255.0 10
9806(config)# snmp-server host 172.16.253.104
9806(config)# ip route 0.0.0.0 0.0.0.0 172.16.253.106
9806(config)# adsl-Profile cahya
9806(config)# adsl-Profile cahya
AtucConfRateMode(1-fixed,2-adaptAtStartup,3-adaptAtRuntime):[2]
AtucConfRateChanRatio(0..100):[0]
AtucConfTargetSnrMgn(0..310(0.1dB)):[80]
AtucConfMaxSnrMgn(80..310(0.1dB)):[310]AtucConfMinSnrMgn(0..80(0.1dB)):[0]
AtucConfDownshiftSnrMgn(0..310):[0]
AtucConfUpshiftSnrMgn(0..310):[0]
AtucConfMinUpshiftTime(0..16383):[0]
AtucConfMinDownshiftTime(0..16383):[0]
AtucConfProfileLineType(1-fast-only,2-interleaved-only):[2]
AtucChanConfFastMaxTxRate(0..102400kbps):[1024]384
AtucChanConfFastMinTxRate(0..384kbps):[0]
AtucChanConfInterleaveMaxTxRate(0..102400kbps):[1024]384
AtucChanConfInterleaveMinTxRate(0..384kbps):[0]
AtucChanConfMaxInterleaveDelay(0..255ms):[16]
AturConfRateMode(1-fixed,2-adaptAtStartup,3-adaptAtRuntime):[2]AturConfRateChanRatio(0..100):[0]
AturConfTargetSnrMgn(0..310(0.1dB)):[80]
AturConfMaxSnrMgn(80..310(0.1dB)):[310]
AturConfMinSnrMgn(0..80(0.1dB)):[0]
AturConfRateMode(1-fixed,2-adaptAtStartup,3-adaptAtRuntime):[2]
AturConfRateChanRatio(0..100):[0]
AturConfTargetSnrMgn(0..310(0.1dB)):[80]
AturConfMaxSnrMgn(80..310(0.1dB)):[310]AturConfMinSnrMgn(0..80(0.1dB)):[0]
AturConfDownshiftSnrMgn(0..310(0.1dB)):[0]
AturConfUpshiftSnrMgn(0..310(0.1dB)):[0]
AturConfMinUpshiftTime(0..16383):[0]AturConfMinDownshiftTime(0..16383):[0]
AturChanConfFastMaxTxRate(0..10240kbps):[512]64
AturChanConfFastMinTxRate(0..512kbps):[0]64
AturChanConfInterleaveMaxTxRate(0..10240kbps):[512]64
AturChanConfInterleaveMinTxRate(0..64kbps):[0]
AturChanConfMaxInterleaveDelay(0..255ms):[16]
AtucDMTConfFreqBinsOperType(1-open,2-cancel):[2]
AturDMTConfFreqBinsOperType(1-open,2-cancel):[2]
.Press M or m key to modify, or the other key to complete?[C]
9806(config)# interface range adsl 3-4/1-24
9806(cfg-if-range-adsl)# pvid 100 pvc 1
9806(cfg-if-range-adsl)# adsl profile cahya
9806(cfg-if-range-adsl)# ppppoe-plus ena
9806(cfg-if-range-adsl)# exit
9806(config)# uplink-mode cascade 5/1 master-port
9806(config)# interface gigabit-ethernet 5/1
9806(cfg-if-ge-5/1) # duplex full
9806(cfg-if-ge-5/1) # auto-negotiate enable
9806(cfg-if-ge-5/1) # exit
9806(config)#mac-address-table aging-time 2
9806(config)#exit
9806#save
Drop IM Using L7 (Like Yahoo Messenger, MSN, etc)
Now we can STOP Instanse Messangers Using Layer-7 Filtering. You Require Mikrotik Router OS V3.x
In This Topic We will Try to STOP some known Messangers like MSN, Yahoo, etc.
First you need to Configure Layer-7 protocols
/ip firewall layer7-protocol
add
name="Yahoo" regexp="^(ymsg|ypns|yhoo).?.?.?.?.?.?.?[lwt].*\xc0\x80" comments="Yahoo Messanger"
name="MSN" regexp="ver [0-9]+ msnp[1-9][0-9]? [\x09-\x0d -~]*cvr0\x0d\x0a$|usr 1 [!-~]+ [0-9. ]+\x0d\x0a$|ans 1 [!-~]+ [0-9. ]+\x0d\x0a$" comments="MSN Messanger"
name="MSN FT" regexp="^(ver [ -~]*msnftp\x0d\x0aver msnftp\x0d\x0ausr|method msnmsgr:)" comments="MSN File Transfer"
name="Skype" regexp="^..\x02............." comments="Skype"
name="Skype-to-Phone" regexp="^(\x01.?.?.?.?.?.?.?.?\x01|\x02.?.?.?.?.?.?.?.?\x02|\x03.?.?.?.?.?.?.?.?\x03|\x04.?.?.?.?.?.?.?.?\x04|\x05.?.?.?.?.?.?.?.?\x05|\x06.?.?.?.?.?.?.?.?\x06|\x07.?.?.?.?.?.?.?.?\x07|\x08.?.?.?.?.?.?.?.?\x08|\x09.?.?.?.?.?.?.?.?\x09|\x0a.?.?.?.?.?.?.?.?\x0a|\x0b.?.?.?.?.?.?.?.?\x0b|\x0c.?.?.?.?.?.?.?.?\x0c|\x0d.?.?.?.?.?.?.?.?\x0d|\x0e.?.?.?.?.?.?.?.?\x0e|\x0f.?.?.?.?.?.?.?.?\x0f|\x10.?.?.?.?.?.?.?.?\x10|\x11.?.?.?.?.?.?.?.?\x11|\x12.?.?.?.?.?.?.?.?\x12|\x13.?.?.?.?.?.?.?.?\x13|\x14.?.?.?.?.?.?.?.?\x14|\x15.?.?.?.?.?.?.?.?\x15|\x16.?.?.?.?.?.?.?.?\x16|\x17.?.?.?.?.?.?.?.?\x17|\x18.?.?.?.?.?.?.?.?\x18|\x19.?.?.?.?.?.?.?.?\x19|\x1a.?.?.?.?.?.?.?.?\x1a|\x1b.?.?.?.?.?.?.?.?\x1b|\x1c.?.?.?.?.?.?.?.?\x1c|\x1d.?.?.?.?.?.?.?.?\x1d|\x1e.?.?.?.?.?.?.?.?\x1e|\x1f.?.?.?.?.?.?.?.?\x1f|\x20.?.?.?.?.?.?.?.?\x20|\x21.?.?.?.?.?.?.?.?\x21|\x22.?.?.?.?.?.?.?.?\x22|\x23.?.?.?.?.?.?.?.?\x23|\$.?.?.?.?.?.?.?.?\$|\x25.?.?.?.?.?.?.?.?\x25|\x26.?.?.?.?.?.?.?.?\x26|\x27.?.?.?.?.?.?.?.?\x27|\(.?.?.?.?.?.?.?.?\(|\).?.?.?.?.?.?.?.?\)|\*.?.?.?.?.?.?.?.?\*|\+.?.?.?.?.?.?.?.?\+|\x2c.?.?.?.?.?.?.?.?\x2c|\x2d.?.?.?.?.?.?.?.?\x2d|\..?.?.?.?.?.?.?.?\.|\x2f.?.?.?.?.?.?.?.?\x2f|\x30.?.?.?.?.?.?.?.?\x30|\x31.?.?.?.?.?.?.?.?\x31|\x32.?.?.?.?.?.?.?.?\x32|\x33.?.?.?.?.?.?.?.?\x33|\x34.?.?.?.?.?.?.?.?\x34|\x35.?.?.?.?.?.?.?.?\x35|\x36.?.?.?.?.?.?.?.?\x36|\x37.?.?.?.?.?.?.?.?\x37|\x38.?.?.?.?.?.?.?.?\x38|\x39.?.?.?.?.?.?.?.?\x39|\x3a.?.?.?.?.?.?.?.?\x3a|\x3b.?.?.?.?.?.?.?.?\x3b|\x3c.?.?.?.?.?.?.?.?\x3c|\x3d.?.?.?.?.?.?.?.?\x3d|\x3e.?.?.?.?.?.?.?.?\x3e|\?.?.?.?.?.?.?.?.?\?|\x40.?.?.?.?.?.?.?.?\x40|\x41.?.?.?.?.?.?.?.?\x41|\x42.?.?.?.?.?.?.?.?\x42|\x43.?.?.?.?.?.?.?.?\x43|\x44.?.?.?.?.?.?.?.?\x44|\x45.?.?.?.?.?.?.?.?\x45|\x46.?.?.?.?.?.?.?.?\x46|\x47.?.?.?.?.?.?.?.?\x47|\x48.?.?.?.?.?.?.?.?\x48|\x49.?.?.?.?.?.?.?.?\x49|\x4a.?.?.?.?.?.?.?.?\x4a|\x4b.?.?.?.?.?.?.?.?\x4b|\x4c.?.?.?.?.?.?.?.?\x4c|\x4d.?.?.?.?.?.?.?.?\x4d|\x4e.?.?.?.?.?.?.?.?\x4e|\x4f.?.?.?.?.?.?.?.?\x4f|\x50.?.?.?.?.?.?.?.?\x50|\x51.?.?.?.?.?.?.?.?\x51|\x52.?.?.?.?.?.?.?.?\x52|\x53.?.?.?.?.?.?.?.?\x53|\x54.?.?.?.?.?.?.?.?\x54|\x55.?.?.?.?.?.?.?.?\x55|\x56.?.?.?.?.?.?.?.?\x56|\x57.?.?.?.?.?.?.?.?\x57|\x58.?.?.?.?.?.?.?.?\x58|\x59.?.?.?.?.?.?.?.?\x59|\x5a.?.?.?.?.?.?.?.?\x5a|\[.?.?.?.?.?.?.?.?\[|\\.?.?.?.?.?.?.?.?\\|\].?.?.?.?.?.?.?.?\]|\^.?.?.?.?.?.?.?.?\^|\x5f.?.?.?.?.?.?.?.?\x5f|\x60.?.?.?.?.?.?.?.?\x60|\x61.?.?.?.?.?.?.?.?\x61|\x62.?.?.?.?.?.?.?.?\x62|\x63.?.?.?.?.?.?.?.?\x63|\x64.?.?.?.?.?.?.?.?\x64|\x65.?.?.?.?.?.?.?.?\x65|\x66.?.?.?.?.?.?.?.?\x66|\x67.?.?.?.?.?.?.?.?\x67|\x68.?.?.?.?.?.?.?.?\x68|\x69.?.?.?.?.?.?.?.?\x69|\x6a.?.?.?.?.?.?.?.?\x6a|\x6b.?.?.?.?.?.?.?.?\x6b|\x6c.?.?.?.?.?.?.?.?\x6c|\x6d.?.?.?.?.?.?.?.?\x6d|\x6e.?.?.?.?.?.?.?.?\x6e|\x6f.?.?.?.?.?.?.?.?\x6f|\x70.?.?.?.?.?.?.?.?\x70|\x71.?.?.?.?.?.?.?.?\x71|\x72.?.?.?.?.?.?.?.?\x72|\x73.?.?.?.?.?.?.?.?\x73|\x74.?.?.?.?.?.?.?.?\x74|\x75.?.?.?.?.?.?.?.?\x75|\x76.?.?.?.?.?.?.?.?\x76|\x77.?.?.?.?.?.?.?.?\x77|\x78.?.?.?.?.?.?.?.?\x78|\x79.?.?.?.?.?.?.?.?\x79|\x7a.?.?.?.?.?.?.?.?\x7a|\{.?.?.?.?.?.?.?.?\{|\|.?.?.?.?.?.?.?.?\||\}.?.?.?.?.?.?.?.?\}|\x7e.?.?.?.?.?.?.?.?\x7e|\x7f.?.?.?.?.?.?.?.?\x7f|\x80.?.?.?.?.?.?.?.?\x80|\x81.?.?.?.?.?.?.?.?\x81|\x82.?.?.?.?.?.?.?.?\x82|\x83.?.?.?.?.?.?.?.?\x83|\x84.?.?.?.?.?.?.?.?\x84|\x85.?.?.?.?.?.?.?.?\x85|\x86.?.?.?.?.?.?.?.?\x86|\x87.?.?.?.?.?.?.?.?\x87|\x88.?.?.?.?.?.?.?.?\x88|\x89.?.?.?.?.?.?.?.?\x89|\x8a.?.?.?.?.?.?.?.?\x8a|\x8b.?.?.?.?.?.?.?.?\x8b|\x8c.?.?.?.?.?.?.?.?\x8c|\x8d.?.?.?.?.?.?.?.?\x8d|\x8e.?.?.?.?.?.?.?.?\x8e|\x8f.?.?.?.?.?.?.?.?\x8f|\x90.?.?.?.?.?.?.?.?\x90|\x91.?.?.?.?.?.?.?.?\x91|\x92.?.?.?.?.?.?.?.?\x92|\x93.?.?.?.?.?.?.?.?\x93|\x94.?.?.?.?.?.?.?.?\x94|\x95.?.?.?.?.?.?.?.?\x95|\x96.?.?.?.?.?.?.?.?\x96|\x97.?.?.?.?.?.?.?.?\x97|\x98.?.?.?.?.?.?.?.?\x98|\x99.?.?.?.?.?.?.?.?\x99|\x9a.?.?.?.?.?.?.?.?\x9a|\x9b.?.?.?.?.?.?.?.?\x9b|\x9c.?.?.?.?.?.?.?.?\x9c|\x9d.?.?.?.?.?.?.?.?\x9d|\x9e.?.?.?.?.?.?.?.?\x9e|\x9f.?.?.?.?.?.?.?.?\x9f|\xa0.?.?.?.?.?.?.?.?\xa0|\xa1.?.?.?.?.?.?.?.?\xa1|\xa2.?.?.?.?.?.?.?.?\xa2|\xa3.?.?.?.?.?.?.?.?\xa3|\xa4.?.?.?.?.?.?.?.?\xa4|\xa5.?.?.?.?.?.?.?.?\xa5|\xa6.?.?.?.?.?.?.?.?\xa6|\xa7.?.?.?.?.?.?.?.?\xa7|\xa8.?.?.?.?.?.?.?.?\xa8|\xa9.?.?.?.?.?.?.?.?\xa9|\xaa.?.?.?.?.?.?.?.?\xaa|\xab.?.?.?.?.?.?.?.?\xab|\xac.?.?.?.?.?.?.?.?\xac|\xad.?.?.?.?.?.?.?.?\xad|\xae.?.?.?.?.?.?.?.?\xae|\xaf.?.?.?.?.?.?.?.?\xaf|\xb0.?.?.?.?.?.?.?.?\xb0|\xb1.?.?.?.?.?.?.?.?\xb1|\xb2.?.?.?.?.?.?.?.?\xb2|\xb3.?.?.?.?.?.?.?.?\xb3|\xb4.?.?.?.?.?.?.?.?\xb4|\xb5.?.?.?.?.?.?.?.?\xb5|\xb6.?.?.?.?.?.?.?.?\xb6|\xb7.?.?.?.?.?.?.?.?\xb7|\xb8.?.?.?.?.?.?.?.?\xb8|\xb9.?.?.?.?.?.?.?.?\xb9|\xba.?.?.?.?.?.?.?.?\xba|\xbb.?.?.?.?.?.?.?.?\xbb|\xbc.?.?.?.?.?.?.?.?\xbc|\xbd.?.?.?.?.?.?.?.?\xbd|\xbe.?.?.?.?.?.?.?.?\xbe|\xbf.?.?.?.?.?.?.?.?\xbf|\xc0.?.?.?.?.?.?.?.?\xc0|\xc1.?.?.?.?.?.?.?.?\xc1|\xc2.?.?.?.?.?.?.?.?\xc2|\xc3.?.?.?.?.?.?.?.?\xc3|\xc4.?.?.?.?.?.?.?.?\xc4|\xc5.?.?.?.?.?.?.?.?\xc5|\xc6.?.?.?.?.?.?.?.?\xc6|\xc7.?.?.?.?.?.?.?.?\xc7|\xc8.?.?.?.?.?.?.?.?\xc8|\xc9.?.?.?.?.?.?.?.?\xc9|\xca.?.?.?.?.?.?.?.?\xca|\xcb.?.?.?.?.?.?.?.?\xcb|\xcc.?.?.?.?.?.?.?.?\xcc|\xcd.?.?.?.?.?.?.?.?\xcd|\xce.?.?.?.?.?.?.?.?\xce|\xcf.?.?.?.?.?.?.?.?\xcf|\xd0.?.?.?.?.?.?.?.?\xd0|\xd1.?.?.?.?.?.?.?.?\xd1|\xd2.?.?.?.?.?.?.?.?\xd2|\xd3.?.?.?.?.?.?.?.?\xd3|\xd4.?.?.?.?.?.?.?.?\xd4|\xd5.?.?.?.?.?.?.?.?\xd5|\xd6.?.?.?.?.?.?.?.?\xd6|\xd7.?.?.?.?.?.?.?.?\xd7|\xd8.?.?.?.?.?.?.?.?\xd8|\xd9.?.?.?.?.?.?.?.?\xd9|\xda.?.?.?.?.?.?.?.?\xda|\xdb.?.?.?.?.?.?.?.?\xdb|\xdc.?.?.?.?.?.?.?.?\xdc|\xdd.?.?.?.?.?.?.?.?\xdd|\xde.?.?.?.?.?.?.?.?\xde|\xdf.?.?.?.?.?.?.?.?\xdf|\xe0.?.?.?.?.?.?.?.?\xe0|\xe1.?.?.?.?.?.?.?.?\xe1|\xe2.?.?.?.?.?.?.?.?\xe2|\xe3.?.?.?.?.?.?.?.?\xe3|\xe4.?.?.?.?.?.?.?.?\xe4|\xe5.?.?.?.?.?.?.?.?\xe5|\xe6.?.?.?.?.?.?.?.?\xe6|\xe7.?.?.?.?.?.?.?.?\xe7|\xe8.?.?.?.?.?.?.?.?\xe8|\xe9.?.?.?.?.?.?.?.?\xe9|\xea.?.?.?.?.?.?.?.?\xea|\xeb.?.?.?.?.?.?.?.?\xeb|\xec.?.?.?.?.?.?.?.?\xec|\xed.?.?.?.?.?.?.?.?\xed|\xee.?.?.?.?.?.?.?.?\xee|\xef.?.?.?.?.?.?.?.?\xef|\xf0.?.?.?.?.?.?.?.?\xf0|\xf1.?.?.?.?.?.?.?.?\xf1|\xf2.?.?.?.?.?.?.?.?\xf2|\xf3.?.?.?.?.?.?.?.?\xf3|\xf4.?.?.?.?.?.?.?.?\xf4|\xf5.?.?.?.?.?.?.?.?\xf5|\xf6.?.?.?.?.?.?.?.?\xf6|\xf7.?.?.?.?.?.?.?.?\xf7|\xf8.?.?.?.?.?.?.?.?\xf8|\xf9.?.?.?.?.?.?.?.?\xf9|\xfa.?.?.?.?.?.?.?.?\xfa|\xfb.?.?.?.?.?.?.?.?\xfb|\xfc.?.?.?.?.?.?.?.?\xfc|\xfd.?.?.?.?.?.?.?.?\xfd|\xfe.?.?.?.?.?.?.?.?\xfe|\xff.?.?.?.?.?.?.?.?\xff)" comments="Skype to Phone"
name="AIM" regexp="^(\*[\x01\x02].*\x03\x0b|\*\x01.?.?.?.?\x01)|flapon|toc_signon.*0x" comments="AIM Messanger"
name="ICQ" regexp="^(\*[\x01\x02].*\x03\x0b|\*\x01.?.?.?.?\x01)|flapon|toc_signon.*0x" comments="ICQ"
name="IRC" regexp="^(nick[\x09-\x0d -~]*user[\x09-\x0d -~]*:|user[\x09-\x0d -~]*:[\x02-\x0d -~]*nick[\x09-\x0d -~]*\x0d\x0a)" comments=IRC Chat"
Finally configure Layer-7 Filters
/ip firewall filter add chain=forward layer7-protocol="Yahoo" action=drop chain=forward layer7-protocol="MSN" action=drop chain=forward layer7-protocol="MSN FT" action=drop chain=forward layer7-protocol="Skype" action=drop chain=forward layer7-protocol="Skype-to-Phone" action=drop chain=forward layer7-protocol="AIM" action=drop chain=forward layer7-protocol="ICQ" action=drop chain=forward layer7-protocol="IRC" action=drop
RtRwNet = FreeBSD 5.1 + Chillispot + FreeRadius + TUN + PF + Dialup_admin + MySQL + Apache 2.0.4_mod_ssl
1. Latar belakang
Teorinya seh, yang namnya MAC Address itu sifatnya unik, artinya ya gak ada yang kembar, ndes. Mirip IMEI di ponsel (walaupun belakangan nge-”flash” ponsel dan mengganti IMEI juga guwampang buwanget). Dalam kenyataannya merubah MAC itu suwangat
muwdah swekale. Tool MAC Spoofing gratisan berserak kayak sampak di Bojong Gede. Di sisi lain pengusaha AP kelas ekonomi lemah kayak RtRwNet rata rata hanya mengandalkan MAC untuk filter ke Access Point nya. Siapapun bisa merubah MAC perangkat WiFi milik para “ndololit” agar bisa “allowed” connect ke AP yang nggak 100% free. Maka ada ide harus ada form user dan login sebelum bisa “kemana mana”. Walaupun MAC dah lewat tapi sebelum login, yah harus gigit jari dulu. Tulisan ini nanti akan membahas itu, cuk. Semua yang saya tulis ini adalah hasil kerja langsung team saya, bukan hasil terjemahkan buku “londo”, qe3. Servernyapun real team, server.dhegleng.or.id, yang sedang kamu akses ini, 
2. Install
Konfigurasi ini berjalan di atas server yang sudah ada Apache2_mod_ssl, atau OpenSSL. sudah ada DNS server, mail server, PHP dan persyaratan lainnya. Jadi ini tidak dibahas.
2.1. Interface Card
Paling tidak harus ada minimum 2 NIC (Network Interface Card), 1 yang terhubung ke internet, 1 lagi terhubung ke jaringan lokal.
proxy# ifconfig
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 222.124.1.238 netmask 0xfffffff8 broadcast 222.124.1.239
inet6 fe80::2a0:24ff:feda:5a6d%xl0 prefixlen 64 scopeid 0×1
inet 203.130.193.46 netmask 0xfffffff8 broadcast 203.130.193.47
ether 00:a0:24:da:5a:6d
media: Ethernet 10baseT/UTP (10baseT/UTP <half-duplex>)
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=3<RXCSUM,TXCSUM>
inet 0.0.0.0 netmask 0xff000000 broadcast 0.255.255.255
inet6 fe80::201:2ff:fe60:1d35%xl1 prefixlen 64 scopeid 0×2
ether 00:01:02:60:1d:35
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0×4
inet 127.0.0.1 netmask 0xff000000
proxy#
Interface yang ke jaringan lokal tidak dikonfigurasi, tapi harus aktif.
2.2. Kernel dicompile ulang
Tak usah kawatir, ngompil kernel itu guwampang buwanget. Kernel harus support modul TUN/TAP dan Paket Filter di level kernel. yah ecek eceknya “virtual interface” lah. Soalnya klo gak pakai cara gini, wireless card kamu harus di tancap di server, selain reseh ya bayangain kalau AP nya muacem muacem jenis dan merk nya. Klo yang punya AP Lynksys masih beruntung karena ada modul OpenWRT.
Mari kompail kernelmu:
proxy# cd /usr/src/sys/i386/conf
proxy# cp GENERIC KERNEL_20070812
Lalu edit KERNEL_20070812, yakinkan baris baris ini ada:
device tun
device bpf (barkeley paket filter, di OpenBSD pf)
options IPFILTER
options IPFILTER_LOG
options RANDOM_IP_ID
options IPDIVERT
options PFIL_HOOKS
Klo sudah lakukan ini:
proxy# config KERNEL_20070812
akan nampak respon begini,
Don’t forget to do a ‘make depend’
Kernel build directory is ../../compile/KERNEL_20070812
proxy# cd ../../compile/KERNEL_20070812
proxy# make depend
proxy# make
proxy# make install
tambahkan baris baris ini di /etc/rc.conf
pf_enable=”Yes”
pf_logd=”Yes”
pf_conf=”/usr/local/etc/pf.conf”
proxy# reboot
Wis ndes, urusan kernel rampung. Login lagi ke server, lanjutkan pekerjaan.
Untuk lebih jelasnya isi kernel lihat di sini
proxy# uname -a
FreeBSD proxy.dhegleng.or.id 5.1-RELEASE FreeBSD 5.1-RELEASE #0: Sun Aug 12 23:14:29 WIT 2007 admin@proxy.dhegleng.or.id:/usr/src/sys/i386/compile/KERNEL_20070812 i386
Nah, loh. kernelmu dah ganti baru, jadi “KERNEL_20070812″
2.3. Install BSD Paket Filter
proxy# cd /usr/ports/security/pf
proxy# make install clean
proxy# /usr/local/etc/rc.d/pf.sh start
proxy# ifconfig
xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 222.124.1.238 netmask 0xfffffff8 broadcast 222.124.1.239
inet6 fe80::2a0:24ff:feda:5a6d%xl0 prefixlen 64 scopeid 0×1
inet 203.130.193.46 netmask 0xfffffff8 broadcast 203.130.193.47
ether 00:a0:24:da:5a:6d
media: Ethernet 10baseT/UTP (10baseT/UTP <half-duplex>)
xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=3<RXCSUM,TXCSUM>
inet 0.0.0.0 netmask 0xff000000 broadcast 0.255.255.255
inet6 fe80::201:2ff:fe60:1d35%xl1 prefixlen 64 scopeid 0×2
ether 00:01:02:60:1d:35
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0×4
inet 127.0.0.1 netmask 0xff000000
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 192.168.10.1 –> 192.168.10.1 netmask 0xffffff00
inet6 fe80::2a0:24ff:feda:5a6d%tun0 prefixlen 64 scopeid 0×5
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33208
pfsync0: flags=41<UP,RUNNING> mtu 1896
proxy#
Nah, modul kernel tun dan pf dah oeskeh, ndes.
Untuk lebih jelasnya /usr/local/etc/pf.conf bisa lihat di sini
Dan /usr/local/etc/rc.d/pf.sh bisa lihat di sini
2.4. Install Chillispot ((hot) Spot Lombok), qe3
proxy# cd /usr/ports/net-mgmt/chillispot
proxy# make install clean
Cek Apache mode ssl, cekMySQL, cek Free FreeRadius.
Ok, tunggu sampai selesai compile dan install, ini ongtomatis. Port paket akan mengecek mesin, mana mana komponen yang belum ada akan diinstall langsung.
proxy# cp /usr/local/share/chillispot/hotspotlogin.cgi /usr/local/www/cgi-bin/
proxy# ee /usr/local/www/cgi-bin/hotspotlogin.cgi
edit semua text (text loh, bukan variable) yang berbung “Chillispot” ganti dengan “RtRwNet”. Bukan kurang ajar sama yang bikin Chillispot, tapi semata mata biar akrab dengan login RtRwNet, karena platformnya memang untuk tujuan itu.
proxy# chomd +x /usr/local/www/cgi-bin/hotspotlogin.cgi
maksudnya biar bisa dieksekusi (eih kek terpidana ajah ya)
proxy# cp /usr/local/share/chillispot/chilli.conf /usr/local/etc/chilli.conf
Siapkan dulu file file ini, nanti dibutuhkan freeradius (mungkin masih sodaranya Radius Prawiro kale), atau dalam ilmu kedokteran Os Radius itu sama dengan “tulang ibu jari”, ngaco, qe3
proxy# mkdir -p /usr/local/etc/raddb/
proxy# cp /usr/local/share/chillispot/dictionary.chillispot /usr/local/etc/raddb/
proxy# cp /usr/local/share/chillispot/freeradius.users /usr/local/etc/raddb/
kopi contoh pf.conf untuk konfigurasi chillispot, pf.conf bawaannya juga ada
proxy# cp /usr/local/share/chillispot/pf.conf.sample /usr/local/etc/pf.conf
proxy# ee /usr/local/etc/pf.conf
ganti interface nya:
int_if = “xl1″
ext_if = “xl0″
chilli_if = “tun0″
priv_nets = “{ 127.0.0.0/8, 192.168.10.0/24 }” # tergantung nektwork nggonmu, ndes.
2.5 Install FreeRadius
bikin user radius daemon:
proxy# pw adduser radiusd -d “/noexistent” -s “/bin/nologin”
install freeradius:
proxy# cd /usr/ports/net/freeradius
proxy# make install clean
bikin database freeradius di MySQL:
proxy# mysql -u root -p
> create database freeradius;
> grant all privileges on freeradius.* to ‘radiusd’@’localhost’ identified by ‘passwordmucuk’;
> flush privileges;
> quit;
bikin skema tabel di databases freeradius:
proxy# mysql -u radiusd -p < /usr/local/share/examples/freeradius/db_mysql.sql
klo error ya pakai root ajah ndes, bikinya kek gini:
proxy# mysql -u root -p < /usr/local/share/examples/freeradius/db_mysql.sql
tapi jangan lupa lagi:
proxy# mysql -u root -p
> grant all privileges on freeradius.* to ‘radiusd’@’localhost’
> flush privileges;
> quit;
Ok, kita lanjutkan:
proxy# cd /usr/local/etc/raddb
proxy# cp acct_users.sample acct_users
proxy# cp clients.conf.sample clients.conf
proxy# cp dictionary.sample dictionary
proxy# cp eap.conf.sample eap.conf
proxy# cp hints.sample hints
proxy# cp huntgroups.sample huntgroups
proxy# cp preproxy_users.sample preproxy_users
proxy# cp proxy.conf.sample proxy.conf
proxy# cp radiusd.conf.sample radiusd.conf
proxy# cp snmp.conf.sample snmp.conf
proxy# cp sql.conf.sample sql.conf
proxy# cp users.sample users
Dah, yok kita “setel-setel” sedikit biar klop:
proxy# ee dictionary
tambahkan dictionary.chillispot yang tadi dah dikopikan:
$INCLUDE dictionary.chillispot
jangan pakai TAB, pake spasi aja, klo pake TAB kadang gak mau, ndes. rewel pancen, qe3
proxy# ee /usr/local/etc/raddb/clients.conf
ganti
secret = s3cr3t
dengan
secret = <passwordmu dewekcuk>;
proxy# ee /usr/local/etc/raddb/radiusd.conf
ganti ‘user = nobody’ ke ‘user = radiusd’ , pastikan uncomment
ganti ‘group = nobody’ ke ‘group = radiusd’ , pastikan uncomment
ganti ‘proxy_requests = yes’ ke ‘proxy_requests = no’ dan pastikan uncomment
teruskan lagi, ndes. pastikan file file ini exist dan oke. koyoke makin seru neh.
proxy# mkdir -p mkdir /var/log/radacct
proxy# touch /var/log/radius.log
proxy# touch /var/log/radutmp
proxy# touch /var/log/radwtmp
proxy# chmod 700 /var/log/radacct
proxy# chmod 644 /var/log/radius.log
proxy# chmod 600 /var/log/radutmp
proxy# chmod 644 /var/log/radwtmp
proxy# chown radiusd:radiusd /var/log/radacct
proxy# chown radiusd:radiusd /var/log/radius.log
proxy# chown radiusd:radiusd /var/log/radutmp
proxy# chown radiusd:radiusd /var/log/radwtmp
Oke, bernafas dulu. Soale asma, jeh…
hosss hosss hosss, wes
lanjutkan lagi, ini agak panjang dan njilemt:
proxy# ee /usr/local/etc/raddb/sql.conf
di dalam “sql {”
server = “localhost”
login = “radiusd”
password = “password radiusd neng database mau cuk, yg ada ‘identfied by’ mau iku loh”
cari baris ini dan uncomment
#sql_user_name = “%{Stripped-User-Name:-%{User-Name:-DEFAULT}}”
cari baris ini dan comment:
sql_user_name = “%{User-Name}”
proxy# ee /usr/local/etc/raddb/radiusd.conf
cari baris di bawahnya “Authorize {”
uncomment:
#sql
cari baris di bawahnya “Authenticate {”
comment
unix
cari baris di bawanya “preacct {”
comment
files
cari baris di bawahnya “accounting {”
uncomment
#sql
cari baris di bawahnya “session {”
uncomment
#sql
comment
radutmp
wis simpan, esc – enter – enter
Kita bikin user pertama kali, cara manual untuk test, ndes
proxy# mysql -u radiusd -p
mysql> insert into radcheck (Username, Attribute, Value) VALUES (’jancuk’, ‘Password’, ‘jancuk12345′);
Query OK, 1 row affected (0.00 sec)
mysql> select * from radcheck;
+—-+———–+———–+—–+——————-+
| id | UserName | Attribute | op | Value |
+—-+———–+———–+—–+——————-+
| 1 | jancuk | Password | == | jancuk12345 |
+—-+———–+———–+—–+——————-+
1 row in set (0.00 sec)
mysql> insert into usergroup (UserName, GroupName, Priority) VALUES (’jancuk’, ‘RtRwNet’, 1);
Query OK, 1 row affected (0.00 sec)
mysql> select * from usergroup;
+———-+————+———-+
| UserName | GroupName | priority |
+———-+————+———-+
| jancuk | RtRwNet | 1 |
+———-+————+———-+
1 row in set (0.01 sec)
mysql> insert into radgroupcheck (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘Auth-Type’, ‘Local’);
Query OK, 1 row affected (0.00 sec)
mysql> select * from radgroupcheck;
+—-+———–+———–+—-+——-+
| id | GroupName | Attribute | op | Value |
+—-+———–+———–+—-+——-+
| 1 | RtRwNet | Auth-Type | == | Local |
+—-+———–+———–+—-+——-+
1 row in set (0.00 sec)
mysql> insert into radreply (UserName, Attribute, Value) VALUES (’jancuk’, ‘Class’, ‘0708765432′);
Query OK, 1 row affected (0.01 sec)
mysql> select * from radreply;
+—-+———-+———–+—-+————+
| id | UserName | Attribute | op | Value |
+—-+———-+———–+—-+————+
| 1 | jancuk | Class | = | 0708765432 |
+—-+———-+———–+—-+————+
1 row in set (0.00 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘Session-Timeout’, ‘43200′);
Query OK, 1 row affected (0.00 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘Idle-Timeout’, ‘600′);
Query OK, 1 row affected (0.00 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘Acct-Interim-Interval’, ‘60′);
Query OK, 1 row affected (0.01 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘WISPr-Redirection-URL’, ‘http://wlan.dhegleng.or.id’);
Query OK, 1 row affected (0.00 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘WISPr-Bandwidth-Max-Up’, ‘128000′);
Query OK, 1 row affected (0.01 sec)
mysql> insert into radgroupreply (GroupName, Attribute, Value) VALUES (’RtRwNet’, ‘WISPr-Bandwidth-Max-Down’, ‘512000′);
Query OK, 1 row affected (0.01 sec)
mysql> select * from radgroupreply;
+—-+———–+————————–+—-+————————–+
| id | GroupName | Attribute | op | Value |
+—-+———–+————————–+—-+————————–+
| 1 | RtRwNet | Session-Timeout | = | 43200 |
| 2 | RtRwNet | Idle-Timeout | = | 600 |
| 3 | RtRwNet | Acct-Interim-Interval | = | 60 |
| 4 | RtRwNet | WISPr-Redirection-URL | = | http://wlan.dhegleng.or.id |
| 5 | RtRwNet | WISPr-Bandwidth-Max-Up | = | 128000 |
| 6 | RtRwNet | WISPr-Bandwidth-Max-Down | = | 512000 |
+—-+———–+————————–+—-+————————–+
6 rows in set (0.00 sec)
Oke kita test cu, jo lali radisud nya di running dulu:
Test:
/usr/local/bin/radtest jancuk jancuk12345 localhost 1812 <passwordmucuksu>
Sending Access-Request of id 250 to 127.0.0.1 port 1812
User-Name = “jancuk”
User-Password = “jancuk12345″
NAS-IP-Address = 255.255.255.255
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=250,
length=106
Class = 0×30373032333435363738
Session-Timeout = 3600
Idle-Timeout = 600
Acct-Interim-Interval = 60
WISPr-Redirection-URL = “http://wlan.dhegleng.or.id”
WISPr-Bandwidth-Max-Up = 128000
WISPr-Bandwidth-Max-Down = 512000
Dah oke freeradiusmu, nanti dilanjutkan adderuser nya via dialup_admin.
2.6. DialupAdmin
Dialup-admin adalah interface berbasis php (php3), yang memang khusus untuk mengontrol freeradius. Sudah cukup lama memang, tapi masih handal. Belakangan penggantinya PHPMyPrepaid, sama juga untuk freeradius, namun lebih lengkap, sekaligus lebih bikin paniang kapalo. Yok mulai lagi,
Download dialup_admin di http://sourceforge.net/project/showfiles.php?group_id=24332
proxy# mv dialup_admin-1.62.tar.gz /usr/local
proxy# cd /usr/local
proxy# tar zxvf dialup_admin-1.62.tar.gz
proxy# mv dialup_admin-1.62 dialup_admin
proxy# mkdir -p /usr/local/www/dialup_admin
proxy# ln -s /usr/local/dialup_admin/htdocs /usr/local/www/dialup_admin/htdocs
terus edit httpd.conf mu
proxy# ee /usr/local/etc/apache2/httpd.conf
yakinkan baris baris ini ada:
LoadModule php4_module libexec/libphp4.so
AddModule mod_php4.c
AddType application/x-httpd-php .php
AddType application/x-httpd-php .php3
dan yakinkan baris baris ini ada juga
<directory>
Options Indexes
AllowOverride AuthConfig
<directory>
proxy# ee /usr/local/dialup_admin/.htaccess
isinya:
AuthUserFile /usr/local/dialup_admin/htdocs/.htpasswd
AuthGroupFile /dev/null
AuthName “Restricted Area”
AuthType Basic
<limit GET POST>
require valid-user
</limit>
proxy# cd /usr/local/dialup_admin/htdocs/
proxy# htpasswd -c .htpasswd admim passwordmuck
kemudian edit configurasi admin.conf
proxy# ee /usr/local/dialup_admin/conf/admin.conf
sesuaikan dengan parameter parameter lainnya, lebih gambangnya lihat ini saja sama persis kecuali password ip dan nama domain.
2.7. Contoh konfigurasi sudah jalan lainnya
/usr/local/etc/rc.d/radiusd.sh
/usr/local/etc/rc.d/chillispot.sh
/etc/rc.conf
/usr/local/etc/php/extensions.ini
/usr/local/dialup_admin/conf/username.mappings
/usr/local/dialup_admin/conf/user_edit.attrs
Wis, ndes. tetap pada moto: Mudeng yo sokor gak mudeng yo kokor2
Selanjutnya adder user tinggal main di dialup_admin http://222.124.1.238/ (tentu saja ip nya diganti IP mu, ndes)
Delok screenshotnya lengkap di sini.
Screenshoot di bawah ini, lebih spesifik:
liat group RtRwNet via dial-up admin
user dah ditambahkan via dial-up admin:
siapa yang lagi online, liat di dial-up admin:
property user jancuk via dial-up admin:
setup di client, ongtomatis:
ketika pertama kali komputermu konek ke ajringan RtRWNet:
access statistik via dial-up admin:
siapa siapa konek via AP airPOINT-PROTOTAL (801.11b saja, AP kuno, yg terjauh terbagus pakai kaleng susu 2 km, yg dekat dekat pada bandel pakai lapi buil-in di bawah seng)
kutipan di http://www.dhegleng.or.id
China Search engine
Website ini merupakan salahsatu website search engine yang memunyai kemampuan yang cukup handal.
Didalam aplikasi ini mampu mendownload mp3, program, doc, dan lain2 sesuai dengan kebutuhan anda
anda bisa kunjungi situsnya di
Softros LAN Messenger Full untuk komunikasi tanpa internet
Software ini sangat bermanfaat bagi lingkungan office yang menggunakan LAN sebagai salah satu komunikasi data internal, keuntungan dari software ini kita bisa saling bekomunikasi dengan komputer rekan ita yang terhubung ke jaringan LAN dan sangat mirip seperti yahoo messenger, namun software ini tidak memerlukan server sebagai penghubung komunikasi
untuk download bisa di dalukan di sini
http://rapidshare.com/files/94824001/Softros_LAN_Messenger.rar.html
Setting Modem Nokia CDMA
Instalasi Kabel Data DKU-5 dan Modem Nokia 2115i/2116
- Masukkan CD Instalasi DKU-5 dari Nokia (jangan hubungkan ponsel dengan USB komputer terlebih dahulu)
- Pilih Instalasi Driver DKU-5, tunggu hingga proses instalasi selesai
- Hubungkan kabel data DKU-5 pada port USB
- Saat ada pesan “found new hardware” dan ditanyakan drivernya, pilih detect automatically (CD DKU-5 tetap harus berada di CD ROM)
- Kabel DKU-5 telah terinstall di PC Anda
- Install driver modem Nokia
Instalasi Driver Modem Nokia 2115i/2116
Download file Modem Driver untuk Nokia 2115i/2116 (nmpCDMA2000_1x.inf).
- Pilih Program > Control Panel > Phone and Modem Options
- Untuk instalasi modem yang pertama kali akan muncul window Location Information (isi data2 yang diminta sesuai lokasi anda, cukup isi Area code)
- Pilih tab Modems, klik Add…
- Check “Dont’ detect my modem;…”
- Pilih “Have Disk…”
- Saat ditanyakan, cari lokasi dimana Anda menyimpan file nmpCDMA2000_1x.inf yang telah Anda download, klik OK
- Pilih “Nokia CDMA2000 1x 3G Packet Data Modem”
- Pilih Port yang paling besar (jangan pilih all ports)
- Modem Nokia telah terinstall di PC Anda
- Buat Koneksi Internet baru dengan memilih Nokia 3G packet data sebagai modem
Cara Membuat Koneksi Internet Baru
- Pilih Program > All Programs > Accessories > Communications > Network Connections
- Pilih File > New Connections
- Klik Next, pilih “Connect to the Internet”
- Pilih “Set up My Connection manually”
- Pilih “Connect using a dial-up modem”
- Pilih handset yang ingin Anda gunakan sebagai modem (Nokia)
- Masukkan nama provider CDMA (Mobile-8/StarOne/Esia) sebagai nama ISP Anda
- Masukkan #777 sebagai nomor dial up ISP
- Pilih Anyone’s use… untuk koneksi ini
- Starone > username: starone password: indosat,
Mobile-8 > username: m8 password: m8,
Esia > username: esia password: esia,
Flexi > username: telkomnet@flexi password: telkom - Check “Add Shortcut”, klik “Finish”
- Connect ke Internet menggunakan koneksi Mobile-8/StarOne/Esia yang telah Anda buat
Port Forwarding di Modem Aztech DSL605EU
- Buka halaman browse, bisa Internet Explore atau Mozilla. Lalu ketik 192.168.1.1 tekan enter.
- Pada tampilan halaman log in modem isikan Username dan Password anda. Default Username dan Password admin. Klik log in.
- Klik Menu Advance Menu pilih Aplikasi -> Port Forwarding.
- Check Allow Incoming Ping
- Jika Lan IP komputer anda belum ada klik New IP untuk membuat rule baru untuk IP anda.
- Select available rule dan tentukan rule mana yang akan anda pilih dengan menekan tombol add.
- Jika rule yang anda inginkan belum ada, anda bisa buat rule baru di User Category.
- Klik User di Category dan klik New. Di Halaman Rule Management Isikan Rule Name, Protocol, Port Start, Port End dan Port Map lalu klik submit.
- Dan klik save untuk menyimpan rule anda
Semoga membantu teman-teman yang kesulitan dalam pengaturan Port Forwarding. Untuk lebih jelasnya mungkin bisa japri ke saya.
My Life. My Adventure 
