LINUX
Setting Jaringan Di Linux
15-Nov-2008 00:07:29
kabel yang di pakai, utp dan konektor rj45
ketentuaan kabel yg digunakan
568A = ph,h,po,b,pb,o,pc,c
568b = po,o,ph,b,pb,h,pc,c
jika sesama media menggunakan crosover
jika berbada media mengunaka select
pin1 sebelah kiri
12345678
|--------|
|--------|
-- --
| |
# ifconfig eth0 up
# ifconfig eth0 down
nama service :
bind = buat DNS
iptables = buat firewall dan nat
sequid = buat proxy server
letak configurasi network di debian / ubuntu :
# vi /etc/network/interface
auto eth0
iface eth0 inet static
address 192.168.0.2
netmask 255.255.255.0
#gateway 192.168.0.1
network 192.168.0.0
boadcast 192.168.0.255
class ip addres
a = 0 -127
b = 128 - 191
c = 192 - 223
192.168.0.1/24 = prefix
255.255.255.0
11111111.11111111.11111111.00000000
SET IP ADDRES
set ip addres temporer/sementara
# ifconfig eth0 192.168.2.1 netmask 255.255.255.0 boadcast 192.168.2.255
lihat ip
# ifconfig
set ip addres permanen, edit file
# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static -> tipe ip statik / dhcp
BROADCAST=192.168.0.255
IPADDR=192.168.0.1
NETMASK=255.255.255.0
NETWORK=192.168.0.0
GATEWAY=192.168.0.1
ONBOOT=yes -> dinyalakan pada saat booting
melihat perubahan ip
# /etc/init.d/network restart atau # service network restart
hidupkan ip
ifup eth0
SET HOST NAME LOKAL
# vi /etc/sysconfig/network atau
# vi /etc/host
127.0.0.1 localhost.localdomain localhost
192.168.2.3 pc3
192.168.2.4 pc4
192.168.2.5 pc5
192.168.2.6 pc6
SUBNETING
tool subneting # ipcalc -mnb 192.168.2.1/28
contoh : 192.168.2.1/24 ==> - netmask class c / 255.255.255.0
| | - network 192.168.2.0
254 prefix - broadcast 192.168.2.255
- host 1 - 254
192.168.2.1/28 ==> - netmask 255.255.255.240
11111111.11111111.11111111.11110000
- network 192.168.2.0
- broadcast 192.168.2.15
RUMUS :
jumlah subnet : 2n - 2 = 2^4-2 = 14 subnet --> n = bit sisa 1111 /-15 subneting
jumlah host : 2n - 2 = 2^4-2 = 14 host --> n = bit host sisa 0000 /-15 host
==> net 1 - network 192.168.2.0
- broadcast 192.168.2.15
==> net 2 - network 192.168.2.16
- broadcast 192.168.2.31
==> net 3 - network 192.168.2.32
- broadcast 192.168.2.47
==> net 4 - network 192.168.2.48
- broadcast 192.168.2.63 dst......
KONFIGURASI ROUTER
di pc client :
a # ifconfig eth0 192.168.2.30 netmask 255.255.255.240 boadcast 192.168.2.31
b # ifconfig eth0 192.168.2.40 netmask 255.255.255.240 boadcast 192.168.2.47
b # ifconfig eth0 192.168.2.50 netmask 255.255.255.240 boadcast 192.168.2.63
nc 2.17
-------- -------- ------|PC| a 192.168.2.30
|router|=====|switch| ------|PC| b 192.168.2.40
-------- -------- ------|PC| c 192.168.2.50
nc 2.33
di server router
a # ifconfig eth0 192.168.2.17 netmask 255.255.255.240 broadcast 192.168.2.31
b # ifconfig eth1 192.168.2.33 netmask 255.255.255.240 broadcast 192.168.2.47
aktifkan ip_forword
# echo 1 > /proc/sys/net/apv4/ip_forword
| |
off 0 / 1 on
di client
tentukan routs gateway yg digunakan
-> temporer
a # route add default gw 192.168.2.17
b # route add default gw 192.168.2.33 --> liat table route = route -n
hapus -> route del defau.......
-> permanen
# vi /etc/syscofig/network
# vi /etc/sysconfig/network-scrpt/ifcfg-eth0
GATEWAY = 192.168.2.17
# servica network restart
IP ALIAS
di computer server
# ifconfig eth0:0 192.168.2.49 netmask 255.255.255.240 broadcast 192.168.2.63
# ifconfig eth0:1 ....
# ifconfig eth1:0 ....
# ifconfig eth1:1 ....
di computer clien
# route add default gw 192.168.2.49
ssh
ssh 192.168.0.1 -D 22 / port
ssh 192.168.10.1 -l yudhie / nama user
Device Description Type
nVIDIA MCP2 - LAN Controller (PHY: Realtek RTL8201/L/BL) PCI
#nmap -sP 192.168.0.1-10
#nmap -sP -PT80 202.16.1.5 25, 110
#nmap -sS 202.16.1.5
#nmap 192.168.0.1
USER AND GROUP
USER -> useradd yudhie
passwd yudhie
userdel -r yudhie
GROUP ->useradd yudhie
groupadd mono
usermod -G yudhie mono
vi /etc/group
groupdel mono
---------------------------------------------------------------------------------------------------------------------------
ADMINISTRASI ACCOUNT USER
USER
tambah user
# adduser / # useradd ex: # adduser yudhie
password user
# passwd ex: # passwd yudhie
database user di simpan :
# vi /etc/passwd dan
# vi /etc/shadow
yudhie:x:1002:1002::/home/yudhie:bin/bash
yudhie : x :1002:1002 :: /home/yudhie:bin/bash
login_name:etc/shadow:UID:GID:komentar:home:sell
lihat user id #vi /etc/passwd
# grep /etc/passwd
# grep /etc/shadow
-> Manipulasi user
u/ menganti nama user
# usermod -l pramx yudhie
baru lama
u/mengganti user id(UID) user
# usermod -u 20000 yudhie
u/ mengganti group id(GID)
# usermod -g 10000 yudhie / syarat gid 10000 harus ada
u/memberi caoncat/komentar
# usermod -c "refleks" yudhie
u/memindah home dir
-buat dir baru = # mkdir /home/pramx
-ganti kepemilikan dir = # chmod pramx /home/pramx
# ls -l
-memindah home dir = # usermod -d /home/pramx pramx
u/mengganti sell yang digunakan
#usermod -s /bin/sh pramx
|daftar sell # vi /etc/sh
u/sevice sell
#usermod -s /bin/nologin aktive #usermod -s /bib/bash
GROUP
tambah group
# groupadd barux1
databases
# vi /etc/group
ganti nama group
# groupmod -n barux1 barux2
mengganti group id(GID)
# groupmod -g 10000 triad
-> daftarkan anggota user ke group
user lama
# usermod -g barux1 yudhie
# usermod -g barux1 pramx
group user
user baru
# adduser -g barux1 -u 20000 mono
group userbaru
# passwd mono
PENTING
yang di lihat adalah group id(GID)
-> lihat group mana
# vi /etc/group atau
# grep barux1 /etc/group
barux1:x:10000
lihat anggota barux1
# grep 10000 /etc/passwd
seleksi yang lebih akurat
# cut -f1,4 -d: /etc/passwd | grep `cat /etc/group| grep barux1| cut -f3 -d:`|cut -f1 -d:
|
nama_group
jadikan script
nama file grouup
# vi /bin/grouup atau # vi /user/share/grouup
isi file grouup :
cut -f1,4 -d: /etc/passwd | grep `cat /etc/group| grep $1| cut -f3 -d:`|cut -f1 -d:
# fc
:w /bin/grouup
:q
# chmod +x /bin/grouup
# grouup barux1
u/kepemilikan group
# chgrp barux1 /home/pramx
# ls -l /home
drwx rw- --- pramx barux1 ------ pramx
u/ubah hak akses
# chmod 750 /home/pramx
drwx r-x --- pramx barux1 ------ pramx
MANIPULASI PASSWD USER
lihat password
# vi /etc/shadow
ganti passwd
- root
# passwd
- user
# passwd
u/ melihat masa aktif passwd
# chage -l
u/ manipulasi masa aktif passwd
# chage
restore passwd
# chage -M 99999 -m '' -g -1 -E ''
untuk menghapus user
# userdel yudhie
# userdel -r yudhie
hapus group
# groupdel -> syarat tdk memiliki anggota
hak akses
# chgrp root -R /home/yudhie => pindah hak semua folder ke group nya root
# chmod 750 -R /home/yudhie => pindah hak semua folder ke chmod 750
# chown yudhie -R /home/yudhie => pindah hak semua folder ke user yudhie
--------------------------------------------------------------------------------------------------------------------------
instalasi eternetcard
# kudzu
melihat service semua daemon
# chkconfig --list | less
melihat service demon yang aktive
# chkconfig --list | grep on
ADMINISTRASI SERVICE
fungsi :
- server/client = aktivasi service
- remot login
server : komputer yg memberikan layanan
client : komputer yang memanfaatkan layanan server
service: layanan yang si berikan server
daemon : user layanan : fungsi membuka port
u/ melihat layanan(service) apasaja dari server (port scaning)
- pada protokol tcp |- pada protokol udp -> dhcp
# nmap localhost |# nmap -sU localhost
atau |atau
# nmap 192.168.0.1 |# nmap -sU 192.168.0.1
contoh :
poort/protokol stat service | daemon
--------------------------------------------------------------------------------------------
21/tcp open ftp | wuftpd / usftpd / proftpd
22/tcp open ssh | sshd
80/tcp open http | httpd / apache / apache2
53/tcp open named | named
110/tcp open pop3 |
Service Ada 2 jenis
1. stand alond
2. understand (colective service) --> dari dibawah xined based service, tulisan agak menjorok ke dalam
aktivasi service -> ada 2 sifat => a. temporer - langsung
- sementara --> -sistem v
- hanya untuk stand alond -sistem bsd
b. permanaen - berlaku selamanya manual
- u/semua jenis service --> tool
- u/stand alon service bisa di sesuaikn runlevel
a. Temporer
lokasi daemon - # /etc/init.d
contoh :
service "http" / "apache2"
u/ aktivasi awal
sys v = # service httpd start
sys bsd = # /etc/init.d/httpd start
u/ aktivasi ulang(restart)
sys v = # service httpd restart
sys bsd = # /etc/init.d/httpd restart
u/ aktivasi stop
sys v = # service httpd stop
sys bsd = # /etc/init.d/httpd stop
AKTIVASI SERVICE PERMANAEN
-melihat status service pada run level 3
# chkconfig --list | grep 3
-lihat file demon pada runlevel 3
# cd /etc/rc.d
# ls
rc0.d rc1.d rc3.d dll
-file tempat service sebenarnya
# cd /etc/init.d/
-lihat file link
# cd rc2.d
#ls -l
-Untuk mengaktifkan manual -> stand alon = /etc/init.d
# cd /etc/rc2.d
# mv K55ssh S65ssh
atau
# mv S65ssh K55ssh
- menggunakan tool
menyalakan run level 3
# chkconfig --level 3 sshd on
run level 3,5
# chkconfig --level 35 sshd on
semua runlevel
# chkconfig --level sshd on
matikan run level 3
# chkconfig --level 3 sshd off dll
u/service under xinet
lokasi service under xined / permanan terus
# cd /etc/xinetd.d
# ls
aktfasi, tidak ada sistem temporer
tool
# chkconfig telnet no
atau
# chkconfig telnet off
manual
# vi /etc/xinetd.d/telnet
disable = no/yes no = aktive
yes= non aktive
service telnet port 23
# chkconfig telnet on
# telnet 192.168.0.1
ftp server port 21 khusus ikon client
# ftp 192.168.0.1
tool : wuftpd (redhat 7.2)
vsftpd (redhat 8 >=)
# service vsftpd start
# /etc/init.d/profftpd start
--------------------------|-------------------------------------------------------
| #SERVER | #LOKAL |
| ftp> ls | ftp> !ls |
| > (upload) > put mput |
| > (donload) > get mget |
| > cd | > lcd |
| > pwd | > !pwd |
--------------------------|-------------------------------------------------------
service ssh port 22
# ssh 192.168.0.1 -D 22
# ssh 192.168.0.1 -l yudhie
nyalakan service ssh
tempoter
# service sshd start atau # /etc/init.d/sshd start
permanan
# chkconfig --level 3 sshd on atau # cd /etc/rc3.d/ mv S55sshd K65sshd
-> cofy file/dir slm ssh
upload
1. file
# scp 192.168.0.1:/root
# scp yahya@192.168.0.1:/home/yahya
2. dir
# scp -r 192.168.0.1:/root
download
1. file
# scp 192.168.0.1:/root/nama_file /root
# scp yahya@192.168.0.1:/home/yahya/nama_file /root
2. dir
# scp -r 192.168.0.1:/root/nama_dir /root
---------------------------------------------------------------------------------------------------------------------------
CONFIGURASI DHCP SERVER
2jenis ip = static : -permanen
-konfigurasi ip manual
dhcp : -random
-konfigurasi dari server, setingan tetap(fived-addres) -> mac addres
komputer server
-> langkah 1 instalasi dhcp
# rpm -ivh dhcp..... rpm
cek dhcp/ fersi dhcp
# rpm -qa | grep dhcp
-> langkah 2 configurasi dhcp server,
(configurasi random)
# vi /etc/dhcp.conf -> jika tidak ada buat sendiri
ddns-update-style ad-hoc; #-> jika versi 3
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.20 192.168.0.100;
option routers 192.168.0.1;
}
# service dhcpd start atau # /etc/init.d/dhcpd start
komputer client
# vi /etc/sysconfig/networking-script/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
BROADCAST=192.168.0.255
IPADDR=192.168.0.5
NETMASK=255.255.255.0
NETWORK=192.168.0.0
ONBOOT=yes
# service network restart
(configurasi fived-addres)
sesuai mac addres pada ethernet card/ nic client
mengetahui mac addres client
# ping -b 192.168.0.255 arti nya broad cast
merekam arp nic
# arp > hasil simpan di dalam file hasil
#cat hasil
lihat mac addres local manual
# ifconfig
tambahkan pada file
# vi /etc/dhcpd.conf
ddns-update-style ad-hoc;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.20 192.168.0.100;
option routers 192.168.0.1;
option domain-name-servers 192.168.0.1; -> agar bisa conect internet, no ip DNS
}
host pc01 {
hardware ethernet 00:0C:29:C1:00:BB; -> MAC addres nic client
fixed-addres 192.168.0.50; -> terserah kita
}
file :
# vi /etc/dhcp.conf
file databases :
# vi /var/lib/dhcp/dhcpd.leases
-------------------------------------------------------------
# file dhcpd.conf
shared-network router_redhat{
ddns-update-style ad-hoc;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.4 192.168.0.50;
option routers 192.168.0.1;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.4 192.168.1.50;
option routers 192.168.1.1;
}
}
--------------------------------------------------------------
# file inti dhcpd.conf
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.4 192.168.0.50;
}
cara ke 2
Shared-network server_ubuntu{
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.4 192.168.0.50;
option routers 192.168.0.1;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.4 192.168.1.50;
option routers 192.168.1.1;
}
}
---------------------------------------------------------------------------------------------------------------------------
CONFIGURASI NFS
pastikan paket portmaper
# rpm -qa | grep portmap
- instal NFS
# rpm -qa | hrep nfs
# rpm -ivh nfs.....rpm
komputer SERVER
1. buat dir yudhie, mono
# mkdir yudhie
# mkdir mono
2. export dir
# vi /etc/export
/home/yudhie *(rw)
/home/mono *(ro)
3. aktifasi service
# service nfs start / # /etc/init.d/nfs start
komputer client
u/ melihat dir yang di share server
# showmount -e 192.168.0.1
u/ menggunakan di server mounting : temporer dan permanen
-temporer
# mkdir /mnt/yudhie
# mount -t nfs 192.168.0.1:/home/yudhie /mnt/yudhie
-permanen
# vi /etc/fstab
tambahkan baris
192.168.0.1:/home/yudhie /mnt/yudhie auto noauto 0 0
default
# mount /mnt/radit
firewal
lihat service virewal yang hidup
# ipchains -L
matikan sementara
# ipchains -F
-----------------------------------------------------------------------------
- NFS pada server
login : root
berdaserkan nama user di dlm server yg ingin di ser
keterangan : (rw) = rite write, (ro) = rite only
edit file :
# vi /etc/export
artinya user lain dapat membuat/menghapus/mengcopy folder di dalam /home/yudhie
/home/yudhie 192.168.0.2(rw) 192.168.1.2(rw) 192.168.2.2(rw) 192.168.3.2(rw)
| | | |
nama_user_di_server nama2_client_yg_ingin_di_share
artinya user lain hanya bisa membaca/m'copy folder di dlm /usr/share/doc
/usr/share/doc 192.168.0.2(ro) 192.168.1.2(ro) 192.168.2.2(ro) 192.168.3.2(ro)
# /etc/init.d/portmap start
# /etc/init.d/nfs start
- NFS pada komputer client
# mkdir /mnt/data
mounting dir pada komputer server
# mount 192.168.0.1:/home/yudhie /mnt/data/
melakukan unmount pda komputer tujuan
# umount /mnt/data
--------------------------------------------------------------------------------------------------------------------------
CONFIGURASI SAMBA port 139
tool : samba, samba coomon
samba client
cek instalasi :
# rpm -qa | grep samba
file konfigurasi di
# vi /etc/samba/smb.conf
[global]
workgroup = MSHOME
netbios name = yudhie
security = share
tambah baris baru
[home_data]
path = /home/yudhie
brouseable = yes - read/baca
writeable = yes
guest ok = yes
printable = no
[data_yudhie]
path = /media/data
brouseable = yes
writeable = no
guest ok = yes
printable = no
aktivasi
# service smb restart
sesuaikan hak akses
# chmod 777 /home/yudhie
# chmod 755 /media/data
user samba di linux
u/ melihat file share server
# smbclient -L 192.168.0.2
- mengakses dir server
1. u/ langsung akses
# smbclient //192.168.0.2/data_yudhie
smb:\>
2. munting temporer :
# mkdir /mnt/samba
# smbmount //192.168.0.2/data_yudhie /mnt/samba
buat permanen :
# vim /etc/fstab
//192.168.0.2/data_yudhie /mnt/samba auto noauto 0 0
smb
# mount /mnt/samba
samba pasword yang pake password
smbmount //192.168.0.2/data_yudhie /mnt/samba -o username=yudhie
password : yudhie
kalo di windows di kasih back slash
\\192.168.0.2
masukan username dan password
------------------------------------------------------------------------------------------
# workgroup yang di gunakan
workgroup = MSHOME
# host yang di share ke komputer server, alamat networknya
hosts allow = 192.168.0. 127. pada ubuntu ->
interfaces = 192.168.0.0/24 127.0.0.0/8
# file lok samba
log file = /var/log/samba/%m.log
max log size = 1000
# security level user
security = user
# enkripsi passwd jika terkoneksi windws
encrypt passwords = yes
# letak file passwd samba
smb passwd file = /etc/samba/smbpasswd
# sinkronisasi perubahan passwd samba
unix password sync = Yes
# soket yang di gunakan samba
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
#============================ Share Definitions ==============================
-> petunjuk
nama folder link
[program]
tempat folder yang ingin di share, tempat tujuan
path = /media/sda8
bisa siakses oleh user siapasaja, yes/no
public = yes
bisa bikin folder/hapus folder, yes/no
writable = yes
printable = no
# share home
[homes]
comment = Home Directories
path = /home/yudhie
public = yes
writable = yes
printable = no
# share program pada hardisk
[program]
comment = Program Directories
path = /media/sda8
public = yes
writable = no
printable = no
[doc]
comment = Linux docomentation
path = /usr/doc
public = yes
writable = no
printable = no
PENGATURAN USER & PASSWD PADA SAMBA
->megetahui perintah apa saja pada passwd samba
# smbpasswd -i
smbpasswd [options] [username] [password]
->adduser samba
# smbpasswd -a root
New SMB password:
Retype new SMB password:
->enbelkan user samba
# smbpasswd -e root
nyalakan service samba
# /etc/init.d/smb start
ubuntu
# /etc/init.d/samba start
--------------------------------------------------------------------------------------------------------------------------
PENJADWALAN PROSES
tool : at, batch
contoh :
# at now +2 minutes
at > shutdown -h now
at > cntrl D
--------------------------------------------------------------------------------------------------------------------------
CONOVIGURASI PC KLONING WINDOWS 2003 SERVER
komputer server
- bikin user
1. klick start - administratife tool - computer management
2. klick local user and group - klickuser - pada kolom kanan - new user create
- copy file ke share folder
3. klick start - klick kanan - explorer - local disk (c) - WINNT - sistem 32 - client - tsclient - win 32
4. pada wint32 tadi - folder 32 tadi di copy ke -> klick network pleace - entri content - new network - workgroup -
klick kan pada komputer user yang dituju dan pastekan di sana
- seting remot desktop di komp server
5. klick start - my komputer - klick kanan - propertis - klick remote - centang semua = remot asistan, & remote sedktop -
klick select remote user - add - advance - klick find now - klickan user uang dituju - ok - ok
komputer client
- linux
1. klick aplication - internet - terminal server client :
- computer :
- protool : RDPv5
- username :
- windows
1. start - allprogram - remote desktop - option :
- computer :
- username :
atau
- start - allptogram - acedoris - comunication - remote desktop conection
| Reply Comment |
| |
| |
RIZA
( 10-Jan-2009 19:19:29 )
ehm arti scipt vsftpd.conf dunk
kirim ke riza_gemilang@yahoo.co.id
Ok
salam perjuangan Linux |
| |
psycho_cybre
( 14-Jan-2009 14:44:04 )
Yupz tetep berkreasi.... |
| |
anggi
( 09-Aug-2009 03:43:23 )
yap sama, kirm arti source'nya dong auadikku@gmail.com. tnk's |
|
| |
|
| |
Index : LINUX