{"id":60,"date":"2016-02-24T11:23:13","date_gmt":"2016-02-24T11:23:13","guid":{"rendered":"http:\/\/kloxo.web.id\/?p=60"},"modified":"2016-02-24T11:23:46","modified_gmt":"2016-02-24T11:23:46","slug":"mengatur-firewall-centos-6","status":"publish","type":"post","link":"https:\/\/kloxo.web.id\/?p=60","title":{"rendered":"Mengatur Firewall Centos 6"},"content":{"rendered":"<p>Defaultnya centos sudah membawa firewall ketika di install, seperti dinyatakan oleh wiki.centos.org : &#8220;CentOS has an extremely powerful firewall built in, commonly referred to as iptables, but more accurately is iptables\/netfilter&#8221;.<\/p>\n<p>Kita hanya perlu melakukan penyesuaian agar port2 yang diperlukan saja yang dapat diakses menuju server kita, untuk melakukan pengujian port bisa menggunakan :<\/p>\n<p>http:\/\/mxtoolbox.com\/PortScan.aspx<\/p>\n<p>Langkah-langkah penyesuaian konfigurasi iptables sebagai berikut :<\/p>\n<p>1. rpm -qa iptables    # memeriksa paket iptables apakah sudah terpasang?<br \/>\n2. iptables -L -n      # memeriksa apa saja list iptables yang sedang berjalan\/aktif<br \/>\n3. iptables -F; iptables -X; iptables -Z      # flush\/pembersihan terhadap isi rule iptables<\/p>\n<p>untuk memudahkan pengaturan rule iptables bisa dengan membuat sebuah file yang berisi aturan iptables dan menjalankannya ketika sistem boot :<\/p>\n<p>4. touch \/etc\/myfirewall.sh<br \/>\n5. nano \/etc\/firewall.sh   # kopi dan paste teks dibawah ke firewall.sh<\/p>\n<p>### awal file ###<\/p>\n<p>#!\/bin\/bash<br \/>\n iptables -F<br \/>\n#<br \/>\n# Allow SSH connections on tcp port 22 and port 80 (http)<br \/>\n# tambahkan baris untuk port yang diijinkan untuk diakses seperti contoh dibawah ini<br \/>\n# bila ssh dijalankan selain di port 22, sesuaikan dengan port yang digunakannya.<br \/>\n#<br \/>\n iptables -A INPUT -p tcp &#8211;dport 22 -j ACCEPT<br \/>\n iptables -A INPUT -p tcp &#8211;dport 80 -j ACCEPT<br \/>\n#<br \/>\n# Set default policies for INPUT, FORWARD and OUTPUT chains<br \/>\n#<br \/>\n iptables -P INPUT DROP<br \/>\n iptables -P FORWARD DROP<br \/>\n iptables -P OUTPUT ACCEPT<br \/>\n#<br \/>\n# Set access for localhost<br \/>\n#<br \/>\n iptables -A INPUT -i lo -j ACCEPT<br \/>\n#<br \/>\n# Accept packets belonging to established and related connections<br \/>\n#<br \/>\n iptables -A INPUT -m state &#8211;state ESTABLISHED,RELATED -j ACCEPT<br \/>\n#<br \/>\n# Save settings<br \/>\n#<br \/>\n \/sbin\/service iptables save<br \/>\n#<br \/>\n# List rules<br \/>\n#<br \/>\n iptables -L -v<\/p>\n<p>### akhir file ###<\/p>\n<p>6. chmod +x \/etc\/myfirewall.sh<br \/>\n7. \/etc\/.\/myfirewall.sh     # ujicoba menjalankan file secara manual<br \/>\n8. nano \/etc\/rc.local<\/p>\n<p>tambahkan autostart pada rc.local agar file myfirewall.sh dijalankan otomatis ketika sistem di reboot, menjadi :<\/p>\n<p>\/etc\/.\/myfirewall.sh<br \/>\ntouch \/var\/lock\/subsys\/local<\/p>\n<p>9. reboot server<br \/>\n10. iptables -L -v     # untuk mengecek kembali iptables\/firewall sudah dijalankan pada server<br \/>\n11. http:\/\/mxtoolbox.com\/PortScan.aspx  # cek kembali port yang open di server<\/p>\n<p>selamat mencoba&#8230;DWYOR!<\/p>\n<p>ref :<br \/>\n1. https:\/\/wiki.centos.org\/HowTos\/Network\/IPTables<br \/>\n2. https:\/\/www.vultr.com\/docs\/setup-iptables-firewall-on-centos-6<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Defaultnya centos sudah membawa firewall ketika di install, seperti dinyatakan oleh wiki.centos.org : &#8220;CentOS has an extremely powerful firewall built in, commonly referred to as iptables, but more accurately is iptables\/netfilter&#8221;. Kita hanya perlu melakukan penyesuaian agar port2 yang diperlukan saja yang dapat diakses menuju server kita, untuk melakukan pengujian port bisa menggunakan : http:\/\/mxtoolbox.com\/PortScan.aspx [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-60","post","type-post","status-publish","format-standard","hentry","category-linux-server"],"_links":{"self":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/60","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=60"}],"version-history":[{"count":3,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/60\/revisions"}],"predecessor-version":[{"id":63,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=\/wp\/v2\/posts\/60\/revisions\/63"}],"wp:attachment":[{"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=60"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=60"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kloxo.web.id\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=60"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}