underconstruction

underconstruction

underconstruction

underconstruction

underconstruction

underconstruction

underconstruction

underconstruction

underconstruction

Sunday, May 13, 2007

Firewalling mikrotik

/ ip firewall filter
add chain=input protocol=tcp dst-port=1337 action= add-src-to-address-list address-list=knock address-list-timeout=15s comment=”" disabled=no
add chain=input protocol=tcp dst-port=7331 src-address-list=knock action= add-src-to-address-list address-list=safe address-list-timeout=15m comment=”" disabled=no

/ ip firewall filter
add chain=input protocol=tcp dst-port=1337 action= add-src-to-address-list address-list=knock address-list-timeout=15s comment=”" disabled=no
add chain=input protocol=tcp dst-port=7331 src-address-list=knock action= add-src-to-address-list address-list=safe address-list-timeout=15m comment=”" disabled=no
add chain=input connection-state=established action=accept comment=”accept established connection packets” disabled=no
add chain=input connection-state=related action=accept comment=”accept related connection packets” disabled=no
add chain=input connection-state=invalid action=drop comment=”drop invalid packets” disabled=no

add chain=input protocol=tcp psd=21,3s,3,1 action=drop comment=”detect and drop port scan connections” disabled=no
add chain=input protocol=tcp connection-limit=3,32 src-address-list=black_list action=tarpit comment=”suppress DoS attack” disabled=no
add chain=input protocol=tcp connection-limit=10,32 action= add-src-to-address-list address-list=black_list address-list-timeout=1d comment=”detect DoS attack” disabled=no

add chain=input protocol=icmp action=jump jump-target=ICMP comment=”jump to chain ICMP” disabled=no
add chain=input action=jump jump-target=services comment=”jump to chain services” disabled=no

add chain=input dst-address-type=broadcast action=accept comment=”Allow Broadcast Traffic” disabled=no

add chain=input action=log log-prefix=”Filter:” comment=”" disabled=no

add chain=input src-address=63.219.6.0/24 action=accept comment=”Allow access to router from known network”
add chain=input src-address=192.168.168.0/24 action=accept
add chain=input src-address=192.168.60.0/26 action=accept
add chain=input action=drop comment=”drop everything else” disabled=no

add chain=ICMP protocol=icmp icmp-options=0:0-255 limit=5,5 action=accept comment=”0:0 and limit for 5pac/s” disabled=no
add chain=ICMP protocol=icmp icmp-options=3:3 limit=5,5 action=accept comment=”3:3 and limit for 5pac/s” disabled=no
add chain=ICMP protocol=icmp icmp-options=3:4 limit=5,5 action=accept comment=”3:4 and limit for 5pac/s” disabled=no
add chain=ICMP protocol=icmp icmp-options=8:0-255 limit=5,5 action=accept comment=”8:0 and limit for 5pac/s” disabled=no
add chain=ICMP protocol=icmp icmp-options=11:0-255 limit=5,5 action=accept comment=”11:0 and limit for 5pac/s” disabled=no
add chain=ICMP protocol=icmp action=drop comment=”Drop everything else” disabled=no

add chain=services src-address-list=127.0.0.1 dst-address=127.0.0.1 action=accept comment=”accept localhost” disabled=no
add chain=services protocol=udp dst-port=20561 action=accept comment=”allow MACwinbox ” disabled=no
add chain=services protocol=tcp dst-port=2000 action=accept comment=”Bandwidth server” disabled=yes
add chain=services protocol=udp dst-port=5678 action=accept comment=” MT Discovery Protocol” disabled=no
add chain=services protocol=tcp dst-port=161 action=accept comment=”allow SNMP” disabled=no
add chain=services protocol=tcp dst-port=179 action=accept comment=”Allow BGP” disabled=yes
add chain=services protocol=udp dst-port=5000-5100 action=accept comment=”allow BGP” disabled=yes
add chain=services protocol=udp dst-port=123 action=accept comment=”Allow NTP” disabled=yes
add chain=services protocol=tcp dst-port=1723 action=accept comment=”Allow PPTP” disabled=yes
add chain=services protocol=gre action=accept comment=”allow PPTP and EoIP” disabled=yes
add chain=services protocol=tcp dst-port=53 action=accept comment=”allow DNS request” disabled=no
add chain=services protocol=udp dst-port=53 action=accept comment=”Allow DNS request” disabled=no
add chain=services protocol=udp dst-port=1900 action=accept comment=”UPnP” disabled=yes
add chain=services protocol=tcp dst-port=2828 action=accept comment=”UPnP” disabled=yes
add chain=services protocol=udp dst-port=67-68 action=accept comment=”allow DHCP” disabled=yes
add chain=services protocol=tcp dst-port=8080 action=accept comment=”allow Web Proxy” disabled=yes
add chain=services protocol=ipencap action=accept comment=”allow IPIP” disabled=yes
add chain=services protocol=tcp dst-port=443 action=accept comment=”allow https for Hotspot” disabled=yes
add chain=services protocol=tcp dst-port=1080 action=accept comment=”allow Socks for Hotspot” disabled=yes
add chain=services protocol=udp dst-port=500 action=accept comment=”allow IPSec connections” disabled=yes
add chain=services protocol=ipsec-esp action=accept comment=”allow IPSec” disabled=yes
add chain=services protocol=ipsec-ah action=accept comment=”allow IPSec” disabled=yes
add chain=services protocol=udp dst-port=520-521 action=accept comment=”allow RIP” disabled=yes
add chain=services protocol=ospf action=accept comment=”allow OSPF” disabled=yes
add chain=services action=return comment=”" disabled=no

add chain=forward connection-state=established comment=”allow established connections”
add chain=forward connection-state=related comment=”allow related connections”
add chain=forward connection-state=invalid action=drop comment=”drop invalid connections”

add chain=virus protocol=tcp dst-port=135-139 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=135-139 action=drop comment=”Drop Messenger Worm”
add chain=virus protocol=tcp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=udp dst-port=445 action=drop comment=”Drop Blaster Worm”
add chain=virus protocol=tcp dst-port=593 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1024-1030 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1080 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=1214 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=1363 action=drop comment=”ndm requester”
add chain=virus protocol=tcp dst-port=1364 action=drop comment=”ndm server”
add chain=virus protocol=tcp dst-port=1368 action=drop comment=”screen cast”
add chain=virus protocol=tcp dst-port=1373 action=drop comment=”hromgrafx”
add chain=virus protocol=tcp dst-port=1377 action=drop comment=”cichlid”
add chain=virus protocol=tcp dst-port=1433-1434 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Bagle Virus”
add chain=virus protocol=tcp dst-port=2283 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=2535 action=drop comment=”Drop Beagle”
add chain=virus protocol=tcp dst-port=2745 action=drop comment=”Drop Beagle.C-K”
add chain=virus protocol=tcp dst-port=3127-3128 action=drop comment=”Drop MyDoom”
add chain=virus protocol=tcp dst-port=3410 action=drop comment=”Drop Backdoor OptixPro”
add chain=virus protocol=tcp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=udp dst-port=4444 action=drop comment=”Worm”
add chain=virus protocol=tcp dst-port=5554 action=drop comment=”Drop Sasser”
add chain=virus protocol=tcp dst-port=6881-6889 action=drop comment=”________”
add chain=virus protocol=tcp dst-port=8866 action=drop comment=”Drop Beagle.B”
add chain=virus protocol=tcp dst-port=9898 action=drop comment=”Drop Dabber.A-B”
add chain=virus protocol=tcp dst-port=10000 action=drop comment=”Drop Dumaru.Y”
add chain=virus protocol=tcp dst-port=10080 action=drop comment=”Drop MyDoom.B”
add chain=virus protocol=tcp dst-port=12345 action=drop comment=”Drop NetBus”
add chain=virus protocol=tcp dst-port=17300 action=drop comment=”Drop Kuang2″
add chain=virus protocol=tcp dst-port=27374 action=drop comment=”Drop SubSeven”
add chain=virus protocol=tcp dst-port=65506 action=drop comment=”Drop PhatBot, Agobot, Gaobot”

add chain=forward action=jump jump-target=virus comment=”jump to the virus chain”

add chain=forward protocol=icmp comment=”allow ping”
add chain=forward protocol=udp comment=”allow udp”
add chain=forward src-address=63.219.6.0/24 action=accept comment=”Allow access to internet from known network”
add chain=forward src-address=192.168.60.0/26 action=accept
add chain=forward src-address=192.168.168.0/24 action=accept
add chain=forward action=drop comment=”drop everything else”

Tuesday, May 08, 2007

Ubutut

Mengingatkan diri sendiri dan yang baru aja maenan dengan Ubuntu-nya ini ada sedikit sharing pengalaman maenan linux.. terutama yang kesulitan update Ubuntu-nya karena bandwidth internasionalnya terbatas dan lokalnya sedikit gede :).. Repositori Lokal ini juga cuma copy paste hehehe… yang kebetulan peke ubuntu edgy 6.10 sihlakan ganti aja tulisan dapper di setiap barisnya… good luck.. kalo nggak mau susah ini udah gue bikinin filenya silahkan download khusus edgy, langsung copy aja di /etc/apt/ truzz update dech…

#sudo apt-update
#sudo apt-upgrade

Repositori Kambing (UI — Telkom, Indosat)

Informasi situs: http://kambing.vlsm.org

### sources.list.kambing
### Repository dengan menggunakan server mirror kambing.vlsm.org

## REPOSITORY UTAMA
deb http://kambing.vlsm.org/ubuntu dapper main restricted universe multiverse
deb-src http://kambing.vlsm.org/ubuntu/ dapper main restricted universe multiverse

## INI UNTUK MAJOR BUG FIX UPDATES
deb http://kambing.vlsm.org/ubuntu dapper-updates main restricted universe multiverse
deb-src http://kambing.vlsm.org/ubuntu dapper-updates main restricted universe multiverse

## INI UNTUK UBUNTU SECURITY UPDATES
deb http://kambing.vlsm.org/ubuntu dapper-security main restricted universe multiverse
deb-src http://kambing.vlsm.org/ubuntu dapper-security main restricted universe multiverse

Cara penggunaan:

wget http://arsip.ubuntu-id.org/berkas/sources.list.kambing
sudo mv /etc/apt/sources.list /etc/apt/sources.list.original
sudo cp sources.list.kambing /etc/apt/sources.list
sudo apt-get update

Repositori CBN Mirror

Informasi situs: http://mirror.cbn.net.id

### sources.list.cbn
### Repository dengan menggunakan server mirror cbn

## REPOSITORY UTAMA
deb http://ubuntu.cbn.net.id/Ubuntu dapper main restricted universe multiverse
deb-src http://ubuntu.cbn.net.id/Ubuntu dapper main restricted universe multiverse

## INI UNTUK MAJOR BUG FIX UPDATES
deb http://ubuntu.cbn.net.id/Ubuntu dapper-updates main restricted universe multiverse
deb-src http://ubuntu.cbn.net.id/Ubuntu dapper-updates main restricted universe multiverse

## INI UNTUK UBUNTU SECURITY UPDATES
deb http://ubuntu.cbn.net.id/Ubuntu dapper-security main restricted universe multiverse
deb-src http://ubuntu.cbn.net.id/Ubuntu dapper-security main restricted universe multiverse

Cara penggunaan:

wget http://arsip.ubuntu-id.org/berkas/sources.list.cbn
sudo mv /etc/apt/sources.list /etc/apt/sources.list.original
sudo cp sources.list.cbn /etc/apt/sources.list
sudo apt-get update

Repositori Komo (IIX)

Informasi situs: http://komo.vlsm.org

### sources.list.komo
### Repository dengan menggunakan server mirror komo.vlsm.org

## REPOSITORY UTAMA
deb http://komo.vlsm.org/ubuntu dapper main restricted universe multiverse
deb-src http://komo.vlsm.org/ubuntu/ dapper main restricted universe multiverse

## INI UNTUK MAJOR BUG FIX UPDATES
deb http://komo.vlsm.org/ubuntu dapper-updates main restricted universe multiverse
deb-src http://komo.vlsm.org/ubuntu dapper-updates main restricted universe multiverse

## INI UNTUK UBUNTU SECURITY UPDATES
deb http://komo.vlsm.org/ubuntu dapper-security main restricted universe multiverse
deb-src http://komo.vlsm.org/ubuntu dapper-security main restricted universe multiverse

Cara penggunaan:

wget http://arsip.ubuntu-id.org/berkas/sources.list.komo
sudo mv /etc/apt/sources.list /etc/apt/sources.list.original
sudo cp sources.list.komo /etc/apt/sources.list
sudo apt-get update

queing dengan mikrotik

/queue simple
add name="pc 1 " dst-address=192.168.1.151/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 2 " dst-address=192.168.1.152/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 3 " dst-address=192.168.1.153/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 4 " dst-address=192.168.1.154/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 5 " dst-address=192.168.1.155/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 6 " dst-address=192.168.1.156/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 7 " dst-address=192.168.1.157/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 8 " dst-address=192.168.1.158/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 9 " dst-address=192.168.1.159/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 10 " dst-address=192.168.1.160/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 11 " dst-address=192.168.1.161/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 12 " dst-address=192.168.1.162/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 13 " dst-address=192.168.1.163/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 14 " dst-address=192.168.1.164/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 15 " dst-address=192.168.1.165/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 16 " dst-address=192.168.1.166/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 17 " dst-address=192.168.1.167/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 18 " dst-address=192.168.1.168/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 19 " dst-address=192.168.1.169/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 20 " dst-address=192.168.1.170/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 21 " dst-address=192.168.1.171/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 22 " dst-address=192.168.1.172/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 23 " dst-address=192.168.1.173/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 24 " dst-address=192.168.1.174/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 25 " dst-address=192.168.1.175/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 26 " dst-address=192.168.1.176/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 27 " dst-address=192.168.1.177/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 28 " dst-address=192.168.1.178/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 29 " dst-address=192.168.1.179/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 30 " dst-address=192.168.1.180/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 31 " dst-address=192.168.1.181/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 32 " dst-address=192.168.1.182/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 33 " dst-address=192.168.1.183/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 34 " dst-address=192.168.1.184/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 35 " dst-address=192.168.1.185/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 36 " dst-address=192.168.1.186/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 37 " dst-address=192.168.1.187/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 38 " dst-address=192.168.1.188/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 39 " dst-address=192.168.1.189/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 40 " dst-address=192.168.1.190/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 41 " dst-address=192.168.1.191/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 42 " dst-address=192.168.1.192/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 43 " dst-address=192.168.1.193/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 44 " dst-address=192.168.1.194/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 45 " dst-address=192.168.1.195/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 46 " dst-address=192.168.1.196/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 47 " dst-address=192.168.1.197/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 48 " dst-address=192.168.1.198/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 49 " dst-address=192.168.1.199/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default
add name="pc 50 " dst-address=192.168.1.200/32 interface=all parent=none priority=8 queue=default/default limit-at=200000/200000 max-limit=200000/200000 total-queue=default

Create dota dengan mikrotik

pub ip : 122.144.6.66
local ip : 192.168.0.101 - dst..

/ip firewall add
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6001 action=dst-nat to-addresses=192.168.0.101 to-ports=6001
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6002 action=dst-nat to-addresses=192.168.0.102 to-ports=6002
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6003 action=dst-nat to-addresses=192.168.0.103 to-ports=6003
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6004 action=dst-nat to-addresses=192.168.0.104 to-ports=6004
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6005 action=dst-nat to-addresses=192.168.0.105 to-ports=6005
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6006 action=dst-nat to-addresses=192.168.0.106 to-ports=6006
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6007 action=dst-nat to-addresses=192.168.0.107 to-ports=6007
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6008 action=dst-nat to-addresses=192.168.0.108 to-ports=608
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6009 action=dst-nat to-addresses=192.168.0.109 to-ports=609
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6010 action=dst-nat to-addresses=192.168.0.110 to-ports=6010
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6011 action=dst-nat to-addresses=192.168.0.111 to-ports=6011
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6012 action=dst-nat to-addresses=192.168.0.112 to-ports=6012
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6013 action=dst-nat to-addresses=192.168.0.113 to-ports=6013
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6014 action=dst-nat to-addresses=192.168.0.114 to-ports=6014
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6015 action=dst-nat to-addresses=192.168.0.115 to-ports=6015
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6016 action=dst-nat to-addresses=192.168.0.116 to-ports=6016
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6017 action=dst-nat to-addresses=192.168.0.117 to-ports=6017
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6018 action=dst-nat to-addresses=192.168.0.118 to-ports=6018
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6019 action=dst-nat to-addresses=192.168.0.119 to-ports=6019
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6020 action=dst-nat to-addresses=192.168.0.120 to-ports=6020
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6021 action=dst-nat to-addresses=192.168.0.121 to-ports=6021
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6022 action=dst-nat to-addresses=192.168.0.122 to-ports=6022
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6023 action=dst-nat to-addresses=192.168.0.123 to-ports=6023
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6024 action=dst-nat to-addresses=192.168.0.124 to-ports=6024
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6025 action=dst-nat to-addresses=192.168.0.125 to-ports=6025
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6026 action=dst-nat to-addresses=192.168.0.126 to-ports=6026
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6027 action=dst-nat to-addresses=192.168.0.127 to-ports=6027
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6028 action=dst-nat to-addresses=192.168.0.128 to-ports=6028
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6029 action=dst-nat to-addresses=192.168.0.129 to-ports=6029
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6030 action=dst-nat to-addresses=192.168.0.130 to-ports=6030
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6031 action=dst-nat to-addresses=192.168.0.131 to-ports=6031
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6032 action=dst-nat to-addresses=192.168.0.132 to-ports=6032
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6033action=dst-nat to-addresses=192.168.0.133 to-ports=6033
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6034 action=dst-nat to-addresses=192.168.0.134 to-ports=6034
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6035 action=dst-nat to-addresses=192.168.0.135 to-ports=6035
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6036 action=dst-nat to-addresses=192.168.0.136 to-ports=6036
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6037 action=dst-nat to-addresses=192.168.0.137 to-ports=6037
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6038 action=dst-nat to-addresses=192.168.0.138 to-ports=6038
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6039 action=dst-nat to-addresses=192.168.0.139 to-ports=6039
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6040 action=dst-nat to-addresses=192.168.0.140 to-ports=6040
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6041 action=dst-nat to-addresses=192.168.0.141 to-ports=6041
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6042 action=dst-nat to-addresses=192.168.0.142 to-ports=6042
aadd chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6043 action=dst-nat to-addresses=192.168.0.143 to-ports=6043
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6044 action=dst-nat to-addresses=192.168.0.144 to-ports=6044
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6045 action=dst-nat to-addresses=192.168.0.145 to-ports=6045
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6046 action=dst-nat to-addresses=192.168.0.146 to-ports=6046
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6047 action=dst-nat to-addresses=192.168.0.147 to-ports=6047
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6048 action=dst-nat to-addresses=192.168.0.148 to-ports=6048
add chain=dstnat dst-address=122.144.6.66 protocol=tcp src-port=6049 action=dst-nat to-addresses=192.168.0.149 to-ports=6049

Friday, May 04, 2007

Upgrade PHP4 ke PHP 5 di CentOS 4

Cara upgrade ke PHP5 + mysql5 di CentOS 4.

Siapkan bumbunya ( source )

wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-pear-1.4.9-1.2.centos.noarch.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-xmlrpc-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-xml-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-mysql-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-mbstring-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-ldap-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-gd-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-devel-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-mcrypt-5.1.6-1.el4.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-ncurses-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/php-pdo-5.1.6-1.2.1.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/mysqlclient14-4.1.22-1.el4s1.1.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/mysql-server-5.0.22-1.centos.1.i386.rpm


remove php4 dan konco2nya
# yum remove php

install php-pear-1.4.9-1.2.centos.noarch terlebih dahulu , lalu baru php-5.1.6-1.2.1.centos, kemudian ikuti dengan package lain.
rpm -i --force --nodeps php-pear-5.0.4-3.centos4.i386.rpm
#rpm -i php-pear-1.4.9-1.2.centos.noarch.rpm php-5.1.6-1.2.1.centos.i386.rpm
#rpm -i php-devel-5.1.6-1.2.1.centos.i386.rpm php-gd-5.1.6-1.2.1.centos.i386.rpm php-ldap-5.1.6-1.2.1.centos.i386.rpm php-mbstring-5.1.6-1.2.1.centos.i386.rpm php-xml-5.1.6-1.2.1.centos.i386.rpm php-xmlrpc-5.1.6-1.2.1.centos.i386.rpm


wget http://rpm.pbone.net/index.php3/stat/3/srodzaj/2/search/libmcrypt-2.5.7-4.el4.centos.src.rpm
wget http://centos.arcticnetwork.ca/4/centosplus/i386/RPMS/php-mysql-5.1.6-1.2.1.centos.i386.rpm

restart apache
# apachectl restart

Sure enough, it restarted without a hitch, and phpinfo() now reports PHP Version 5.0.4. Woo-hoo!

From there, I just did installed all of the rest of the packages with rpm -i. After everything, I tried phpinfo() again and it picked up all of the modules perfectly.

YMMV. Happy upgrading,

###############################################################

cara masukin module mod_layout.so
ambil sourcenya di

wget http://download.tangent.org/mod_layout-4.1.tar.gz

tapi lu gak boleh lupa , harus install httpd yang ada binary apxs nya, klo gak ntar sia sia semua.
Caranya gampang "Install the "httpd-devel" RPM with yum. It has the apxs binary."

#yum install httpd-devel
ntar itu install semua dependencynya

baru lu masuk ke folder mod_layout-4.1 , lalu edit file Makefile , ganti apxs dan apachectl ke :
APXS=/usr/sbin/apxs
APACHECTL=/usr/sbin/apachectl

terus ketik make ketik make install
#make
#make install

Nah baru masukin "LoadModule layout_module modules/mod_layout.so" di httpd.conf , kalo misalnya gak ada biasanya otomatis
keisi di httpd.conf spt ini :
LoadModule layout_module /usr/lib/httpd/modules/mod_layout.so
LoadModule php5_module /usr/lib/httpd/modules/libphp5.so
AddType application/x-httpd-php .php .phtml

vi /etc/ld.so.conf
Masukan


load lib linuxnya dengan :
/sbin/ldconfig

restart apache --> /usr/sbin/apachectl restart atau service apache restart

done selesai.

Kalo masih bingung jgn lupa tanya om google hehe
Jgn lupa test : phpinfo.php

echo "

PHP INFO

";
phpinfo();
?>


Indoagmers - saturday 12:29 am 5/5/2007
Sial bisa juga akhirnya udah seharian otak atik.. centos


iseng ah paste link kali aja ada guna:
#GD boutel
http://www.alt-php-faq.org/local/68/#id68

yum --enablerepo=centosplus install php-mcrypt
http://www.musc.edu/webserver/mod_layout.html#_1_1
http://parallel.hpc.unsw.edu.au/~ag/p-mcrypt00.html

#package
http://mirror.centos.org/centos/4/centosplus/i386/RPMS/
http://isoredirect.centos.org/centos/4.4/centosplus/x86_64/RPMS/
http://tangent.org/index.pl?node_id=362

# HTTPD :
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/httpd-2.0.59-1.el4s1.5.el4.centos.i386.rpm
wget http://mirror.centos.org/centos/4/centosplus/i386/RPMS/httpd-devel-2.0.59-1.el4s1.5.el4.centos.i386.rpm



# Membuat Backup MYSQL Automatic
http://sanyasyari.com/2006/10/03/membuat-backup-mysql-automatic/#more-197

http://www.mydigitallife.info/2006/06/06/change-and-reset-mysql-root-password/

#mysql bajingan di centos

http://www.howtoforge.com/perfect_setup_centos_4.3_p4


# rpm -i php-mysql-5.1.6-1.2.1.centos.i386.rpm php-pdo-5.1.6-1.2.1.centos.i386.rpm

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More