1. Linux IP Masquerade Onno W. Purbo onno@indo.net.id

2. Linux di COMDEX 2000

3. Referensi HOWTO IP-Masquerade

4. RFC 1597 – IP Private 10.x.x.x 172.16.x.x 192.168.x.x

5. Topologi Sederhana

6. Aktifkan IP Forwarding

7. Edit /proc/sys/net/ipv4/ip_forward [root@server /]# echo "1" > /proc/sys/net/ipv4/ip_forward Edit /etc/sysconfig/network FORWARD_IPV4=true

8. Check Modul [root@server /]# cd /lib/modules/2.2.5-15/ipv4/ [root@server ipv4]# ls ip_gre.o ip_masq_ftp.o ip_masq_portfw.o ip_masq_user.o rarp.o ip_masq_autofw.o ip_masq_irc.o ip_masq_quake.o ip_masq_vdolive.o ip_masq_cuseeme.o ip_masq_mfw.o ip_masq_raudio.o ipip.o

9. Panggil Modul [root@server ipv4]# modprobe -a *

10. Check Panggil Modul [root@server ipv4]# lsmod. ip_masq_vdolive 1072 0 (unused) ip_masq_user 2312 0 (unused) ip_masq_raudio 2736 0 (unused) ip_masq_quake 1092 0 (unused) ip_masq_portfw 2256 0 (unused) ip_masq_mfw 2880 0 (unused) ip_masq_irc 1520 0 (unused) ip_masq_ftp 2352 0 (unused) ip_masq_cuseeme 816 0 (unused) ip_masq_autofw 2208 0 (unused) ip_gre 6480 0 (unused)

11. Konfig IP Forward & Firewall ipchains -A forward -s yyy.yyy.yyy.yyy/x -j MASQ Perintah -Amenambahkan rule -Imenyisipkan (insert) rule firewall ke baris paling atas -Dmenghapus rule yg telah dibuat -ssource address -ddestination address MASQ Masquerading DENYMencegat

12. Contoh Masquerade ipchains -A forward -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASQ ipchains -I input -s 192.168.1.5/32 -d 0/0 -j DENY ipchains -I input -s 192.168.1.10/32 -d 0/0 -j DENY

13. Contoh Blokir IRC ipchains -I input -s 192.168.1.5/32 -d 0/0 6667 -j DENY -p tcp ipchains -D input -s 192.168.1.5/32 -d 0/0 6667 -j DENY -p tcp