Tuesday, May 13, 2008

What is Linux ?

Linux is an open source program that is free under the GNU license, 32-64 bit operating system, which is a derivative of Unix and can be run on many different hardware platforms from Intel (x86), to the RISC processor. Linux open-source programs as the free one that makes Linux is popular because it's free. With the GNU license (GNU Not Unix) you can get the program, complete with source code (source code). Not only that, you are given the right to copy as much as you want, or even change the code sumbernya.Dan that all legal under license. Although free, the GNU license to allow the parties want to attract cost for multiplication and delivery program. Full license from the GNU, you can read in Appendix III. GNU license translation into Bahasa Indonesia, the book is still done.

Note:

Literature about the complete GNU you can read in their web sites, namely http://www.gnu.org.

Thus, it can be said that you can get Linux, without having to pay at all. If you must pay each time you install the software on another computer, then with Linux you can install anywhere without having to pay license.

Freedom of the most important of Linux, especially for a programmer and network administrator, is the freedom to obtain the source code (source code) and the freedom to change it. This is for the several important issues. First, security, the second dynamics.

If commercial software does not allow you to know the code sumbenya then you will never know whether the programs that you buy from them is safe or not (often called security by obscurity). Your life in the hands of the vendor. And if there is a notice about the bug from commercial software is often already too late. With Linux, you can examine the source code directly, along with other Linux users. The development of Linux users as a community that is open, make the bug will be known quickly, and as soon as is also the programmer will improve the program. You also determine that the code of the match in accordance with the hardware and basic software to be implemented. Like a car, you can modify they can, even though the engine, to obtain the desired form.

Openness source code also allows the operating system grew rapidly. If a program with the system closed and only developed by a particular vendor, at most about a thousand to five thousand people. Meanwhile, Linux, the openness with the source code, developed by volunteers all over the world. The bug is known more quickly and penambalnya program (patch) more quickly available. Approach to the development of this operating system called Bazaar. Kebalikannya system Chatedraal very closed and only centered on one or two developers only.

In addition, Linux provides a programming language for free, complete with kompilernya, and the program pembantunya. Some of them are:

* THERE
* BASIC
* C
* C + +
* Expect
* FORTRAN
* GTK, to create GUI applications on Linux
* Pascal
* Phyton
* Shell Scripts
* TCL
* Perl (The Practical extraction and Report Language), often used to create CGI scripts on the web.

source: http://sdn.vlsm.org/share/ServerLinux/node11.html

Posted by Admin at 6:24 AM 0 comments

Labels:

Install the application squid

The steps that I do:

1. Install the application squid
2. Edit the configuration file squid
3. Create a directory and files to blacklist blacklists manually
4. Create a directory and file for error messages in english
5. Check the firewall configuration is applied in the proxy
6. Run Services
7. Test configuration in the proxy and client

Squid configuration file: / etc / squid / squid.conf (my version)

# Squid 2.6.STABLE12
# Author by http://fxekobudi.net

OPTION # NETWORK
# --------------------------
http_port 3128
icp_port 0

OPTION # size of the cache
# --------------------------
cache_mem 256 MB
cache_swap_low 94
cache_swap_high 96
maximum_object_size 16,384 KB
minimum_object_size 4 KB
maximum_object_size_in_memory 2048 KB
fqdncache_size 1024
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF

LOG # DIRECTORY and cache
# --------------------------
cache_dir aufs / var / spool / squid 9000 16 256
access_log / var / log / squid / squid access.log
cache_log / var / log / squid / cache.log
cache_store_log none

Tuning # Proxy Cache
# --------------------------
refresh_pattern ^ ftp:1440 20% 10,080
refresh_pattern ^ gopher: 1440 0% 1440
refresh_pattern. 0 20% 4320
negative_ttl 1 hour

# Times
# --------------------------
half_closed_clients off
# -------------
# Block forbidden sites (blacklists) manually
# -------------
acl noblacklist dstdomain "/ etc / squid / blacklists / no-blacklist.txt"
acl katablacklist url_regex-i "/ etc / squid / blacklists / word-blacklist.txt"
acl domainblacklist dstdomain "/ etc / squid / blacklists / domain-blacklist.txt"
acl ipblacklist etc. "/ etc / squid / blacklists / ip-blacklist.txt"

acl tdkbebasdownload time, 08:00-13:00

# ACCESS CONTROL
# --------------------------
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost etc. 127.0.0.0 / 8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # WAIS
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http:
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
# -------------
Listing # IP address
# -------------
acl lab1 src 192.168.254.1-192.168.254.40/255.255.255.255
acl staff-it src 192.168.254.41-192.168.254.42/255.255.255.255
acl lab2 src 192.168.254.43-192.168.254.44/255.255.255.255
acl ruang1 src 192.168.1.1-192.168.1.8/255.255.255.255
acl ruang2 src 192.168.1.11-192.168.1.17/255.255.255.255

# -------------
# Block forbidden sites manually
# -------------
http_access allow noblacklist
http_access deny katablacklist
http_access deny domainblacklist
http_access deny ipblacklist

http_access allow manager localhost
http_access deny manager
# -------------
Rule # I apply
# -------------
http_access allow lab1
http_access allow staff-it
http_access allow lab2
http_access allow ruang1
http_access allow ruang2

acl magic_words2 url_regex-i ftp. exe. mp3. vqf. tar.gz. gz. tar.bz2 suffix. bz2. rpm. zip. rar. avi. mpeg. mpe. mpg. qt. ram. rm. raw. wav. iso

# Cancel the download if the file is bigger than 2 MB = 2000 × 1024 bytes = 2048000 bytes
reply_body_max_size 2048000 allow magic_words2 tdkbebasdownload

http_access deny! Safe_ports
http_access deny CONNECT! SSL_ports
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access allow all

# Parameters ADMINISTRATOR
# --------------------------
cache_mgr fxekobudi@gmail.com
cache_effective_user squid
cache_effective_group squid
visible_hostname proxy.fxekobudi.local

# ERROR MESSAGE IN ENGLISH
# --------------------------
error_directory / usr / share / squid / errors / English

So that the blacklists that can be used manually, make the directory containing the files mentioned in the manual blacklists:
# Mkdir / etc / squid / blacklist
# Cd / etc / squid / blacklist /
# Vim no-blacklist.txt
# Vim word-blacklist.txt
# Vim domain-blacklist.txt
# Vim ip-blacklist.txt
Minimal included one item for each file, because if not, then when we see the error log squid shortly after the service starts, there will be an error not find the item in the file ...

In addition, I also include a configuration error message to the squid proxy in the form of english, so that users in the work place more easily understand my intent ... The idea of this error message and then when I became an inspiration to configure redirect SquidGuard to lead to a file that would make the the root directory of the web server.
To do so, just stay copykan Error messages in English to the location of the error message in Indonesian.

# Cp / usr / share / squid / errors / English / usr / share / squid / errors / English

Sure translate the file-file ...

Solutions to run, just use the command:

# / Sbin / service squid start

Oh yes, you also need to add in the firewall configuration using Iptable that the client is allowed access to the Internet through a proxy, the client requests to the proxy with the IP address listed is allowed through the port 3128 (or 8080) depending on the configuration that you use ... so I remember the first time try, internet connection in the proxy server packing a road, but the shuttlecock clientnya everybody can access, so I actually had a client has not been allowed access to the IP address and the proxy portnya ... Boo. To be able to access the proxy, rule iptable it to / etc / sysconfig / iptables should include this rule: (I use the default firewall configuration Fedora Core)
A-RH-Firewall-1-INPUT-m state-state NEW tcp-m-p tcp-dport 3128-j ACCEPT

To apply the IP forwarding, I edit the file / etc / sysctl.conf and give value 1 (enable) to direktive:
net.ipv4.ip_forward = 0 become net.ipv4.ip_forward = 1

Posted by Admin at 6:13 AM 0 comments

Labels:

Subscribe to: Posts (Atom)
www.klinik-printer.com