TUTORIAL UPK 2016 PAKET 1

tkj@smeknisy:~$ sudo su
[sudo] password for tkj:*****
root@smeknisy:/home/tkj#ifconfig -a
lihat nama interface untuk disetting ip
root@smeknisy:/home/tkj# pico /etc/network/interfaces
auto enp0s3
iface enp0s3 inet static
address 192.168.1.xxx
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
# dns-* options are implemented by the resolvconf package,
dns-nameservers 192.168.1.1 8.8.8.8 192.168.100.1
dns-search smeknisy.web.id
auto enp0s8
iface enp0s8 inet static
address 192.168.100.1
netmask 255.255.255.248
root@smeknisy:/home/tkj# service networking restart
root@smeknisy:/home/tkj# pico /etc/sysctl.conf
hilangkan tanda # pada
net.ipv4.ip_forward=1
root@smeknisy:/home/tkj# pico /etc/rc.local
tambahkan perintah/script berikut diatas exit 0
iptables -t nat -A POSTROUTING -j MASQUERADE -o enp0s3
iptables -A FORWARD -i enp0s8 -o enp0s3 -j ACCEPT
root@smeknisy:/home/tkj# pico /etc/apt/sources.list
setelah itu disable(tambahkan #)sebelum script/link security agar tidak lama dalam proses update
root@smeknisy:/home/tkj# apt-get update
root@smeknisy:/home/tkj# apt-get install openssh-server
root@smeknisy:/home/tkj# pico /etc/ssh/sshd_config
ganti Port 22 menjadi Port 1734
root@smeknisy:/home/tkj# service ssh restart
root@smeknisy:/home/tkj# apt-get install apache2
root@smeknisy:/home/tkj# apt-get install mysql-server
root@smeknisy:/home/tkj# apt-get install bind9
root@smeknisy:/home/tkj# pico /etc/bind/named.conf.default-zones
buat zona baru dibawah zona localhost
};
zone "smeknisy.web.id" {
type master;
file "/etc/bind/db.paijo";
};
root@smeknisy:/home/tkj# cp /etc/bind/db.local /etc/bind/db.paijo
root@smeknisy:/home/tkj# pico /etc/bind/db.paijo
ubah localhost menjadi smeknisy.web.id dan tambahkan subdomain paijo
;
; BIND data file for local loopback interface
;

$TTL
@

604800
IN

SOA

smeknisy.web.id. root.smeknisy.web.id. (
2
; Serial
604800
; Refresh
86400
; Retry
2419200
; Expire
604800 )
; Negative Cache TTL

;
@
@
@
www
paijo

IN
IN
IN
IN
IN

NS
A
AAAA
A
A

smeknisy.web.id.
192.168.100.1
::1
192.168.100.1
192.168.100.1

root@smeknisy:/home/tkj# mkdir /var/www/www-data

root@smeknisy:/home/tkj# chmod 777 -R /var/www/www-data
root@smeknisy:/home/tkj# cp /etc/apache2/sites-available/000default.conf /etc/apache2/sites-available/paijo.conf
root@smeknisy:/home/tkj# pico /etc/apache2/sites-available/paijo.conf
edit dan tambahkan
ServerName paijo.smeknisy.web.id
DocumentRoot /var/www/www-data/
root@smeknisy:/home/tkj# a2ensite paijo.conf
root@smeknisy:/home/tkj# mysql -u root -p
Enter password:***
mysql> CREATE USER 'paijo'@'localhost' IDENTIFIED BY 'password';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'PAIJO'@'localhost' IDENTIFIED BY
'password';
mysql> FLUSH PRIVELEGES;
mysql> exit
root@smeknisy:/home/tkj# mysql -u paijo -p
Enter password:********
mysql> CREATE DATABASE wordpress;
mysql> EXIT
root@smeknisy:/home/tkj# reboot
setelah itu upload cms wordpress dengan username debian anda menggunakan aplikasi winscp ke
directory /var/www/www-data/
buka browser ketik paijo.smeknisy.web.id
sesuaikan database, user, password yang anda buat tadi di mysql.
buat posting artikel,,, oke website siap digunakan ;)

setting ip client:

Hasil:

oke sudah selesai,,, mudah kan,,,,

link menuju pembahasan dan jawaban soal ukk yang lain:

TUTORIAL PAKET 3 UPK SMK 2016

[admin@MikroTik] >> system identity set name=topaqwerty
[admin@topaqwerty] >> password
old-password:
new-password: *****
confirm-new-password: *****
[admin@topaqwerty] >> interface set ether1 name=internet
[admin@topaqwerty] >> interface set ether2 name=lan
[admin@topaqwerty] >> interface set ether3 name=wlan
[admin@topaqwerty] >> ip address add address=192.168.1.xxx/24
interface=internet
[admin@topaqwerty] >> ip address add address=192.168.100.1/24 interface=lan
[admin@topaqwerty] >> ip address add address=192.168.200.1/24
interface=wlan
[admin@topaqwerty] >> ip route add gateway=192.168.1.1
[admin@topaqwerty] >> ip dns set servers=192.168.1.1,8.8.8.8
[admin@topaqwerty] >> ip firewall nat add chain=srcnat action=masquerade
out-interface=internet
[admin@topaqwerty] > ip hotspot setup
Select interface to run HotSpot on
hotspot interface: wlan
Set HotSpot address for interface
local address of network: 192.168.200.1/24
masquerade network: yes
Set pool for HotSpot addresses
address pool of network: 192.168.200.2-192.168.200.100
Select hotspot SSL certificate
select certificate: none
Select SMTP server
ip address of smtp server: 0.0.0.0
Setup DNS configuration
dns servers: 192.168.1.1,8.8.8.8
DNS name of local hotspot server
dns name: smeknisy.sch.id
name of local hotspot user:admin
user password for the user: *****
[admin@topaqwerty] > ip hotspot user profile add name=siswa addresspool=hs-pool-3 rate-limit=256/256 shared-users=1
[admin@topaqwerty] > ip hotspot user profile add name=guru address-pool=hspool-3 rate-limit=1024/1024 shared-users=1

[admin@topaqwerty] > ip hotspot user add name=siswa password=siswa

profile=siswa
[admin@topaqwerty] > ip hotspot user add name=guru password=guru
profile=guru
[admin@topaqwerty] > ip hotspot walled-garden ip add action=accept
disabled=no dst-host=www.bsnp-indonesia.org
[admin@topaqwerty] > ip firewall layer7-protocol add name="youtube"
regexp="^.+(youtube).*"
[admin@topaqwerty] > ip firewall filter add chain=forward srcaddress=192.168.100.0/24 layer7-protocol=youtube action=drop

SETELAH ITU EDIT FILE login.html dan edit sesuai ketentuan soal,,, bisa menggunakan ftp dengan
cara ftp://smeknisy.sch.id
Atau bisa lewat winbox... files /hotspot/login.html,,,
copy edit dan replace!! ;)

TUTORIAL PAKET 2 UPK 2016

[admin@MikroTik] >> system identity set name=topaqwerty
[admin@topaqwerty] >> password
old-password:
new-password: *****
confirm-new-password: *****
[admin@topaqwerty] >> interface set ether2 name=internet
[admin@topaqwerty] >> interface set ether3 name=lan
[admin@topaqwerty] >> interface set wlan1 name=wlan
[admin@topaqwerty] >> ip address add address=192.168.1.xxx/24
interface=internet
[admin@topaqwerty] >> ip address add address=192.168.100.1/24 interface=lan
[admin@topaqwerty] >> ip address add address=192.168.200.1/24
interface=wlan
[admin@topaqwerty] >> ip route add gateway=192.168.1.1
[admin@topaqwerty] >> ip dns set servers=192.168.1.1,8.8.8.8
[admin@topaqwerty] >> ip firewall nat add chain=srcnat action=masquerade
out-interface=internet src-address=192.168.100.0/24
[admin@topaqwerty] >> ip firewall nat add chain=srcnat action=masquerade
out-interface=internet src-address=192.168.200.0/24
[admin@topaqwerty] >> ip dhcp-server setup
Select interface to run DHCP server on
dhcp server interface: lan
Select network for DHCP addresses
dhcp address space: 192.168.100.0/24
Select gateway for given network
gateway for dhcp network: 192.168.100.1
Select pool of ip addresses given out by DHCP server
addresses to give out: 192.168.100.2-192.168.100.100
Select DNS servers
dns servers: 192.168.1.1,8.8.8.8
Select lease time
lease time: 10m
[admin@MikroTik] >> ip dhcp-server setup
Select interface to run DHCP server on
dhcp server interface: wlan
Select network for DHCP addresses
dhcp address space: 192.168.200.0/24
Select gateway for given network

gateway for dhcp network: 192.168.200.1

Select pool of ip addresses given out by DHCP server
addresses to give out: 192.168.200.2-192.168.200.100
Select DNS servers
dns servers: 192.168.1.1,8.8.8.8
Select lease time
lease time: 10m
[admin@topaqwerty] >> ip proxy
[admin@topaqwerty] /ip proxy>> set enabled=yes
[admin@topaqwerty] /ip proxy>> set max-cache-size=unlimited
[admin@topaqwerty] /ip proxy>> set cache-on-disk=yes
[admin@topaqwerty] /ip proxy>> set cacheadministrator=topaqwerty@smkn1sidayu.sch.id
[admin@topaqwerty] /ip proxy>> access add dst-host=www.linux.or.id
action=deny
[admin@topaqwerty] /ip proxy>> access add path=*.mp3* action=deny
[admin@topaqwerty] /ip proxy>> access add path=*.mkv* action=deny
[admin@topaqwerty] /ip proxy>> /
[admin@topaqwerty] >> ip firewall nat add chain=dstnat protocol=tcp dstport=80 action=redirect to-ports=8080 in-interface=wlan
[admin@topaqwerty] >> ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0
chain=dstnat action=redirect to-ports=8080 protocol=tcp in-interf
dst-port=80 log=no log-prefix=""
1

chain=srcnat action=masquerade src-address=192.168.100.0/24

out-interface=internet log=no log-prefix=""

chain=srcnat action=masquerade src-address=192.168.200.0/24

out-interface=internet log=no log-prefix=""

[admin@topaqwerty] >> system scheduler add name=internet-nyala startdate=Jan/01/2001 start-time=07:00:01 interval=1d on-event="/ip firewall nat
enable numbers=2"
[admin@topaqwerty] >> system scheduler add name=internet-padam startdate=Jan/01/2001 start-time=19:00:01 interval=1d on-event="/ip firewall nat
disable numbers=2"
[admin@topaqwerty] >> interface wireless enable wlan
[admin@topaqwerty] >> interface wireless security-profiles add name=kunci
wpa-pre-shared-key=123456789
[admin@topaqwerty] >> interface wireless set mode=ap-bridge
ssid=topaqwerty@proxy security-profile=kunci enable=yes numbers=0
untuk yang saya kasih warna merah harus sesuai nomer,, oke!!!!

hasil:

Dhcp server pada hotspot dan lan sukses, sehingga client tidak usah setting ipaddress secara manual

Client yang terhubung lewat kabel tidak keblokir dan bisa akses internet selama 24jam nonstop
CLIENT YANG TERHUBUNG PADA WIRELLES MAKA:
Jam 19.00 internet padam
Jam 7.00 internet nyala
Tidak bisa akses(block) www.linux.or.id
Tidak bisa download dengan ekstensi .mp3 & .mkv
link menuju pembahasan ukk yang lain: