Blog catatan oprekan

Tuesday, August 29, 2017

Squid tidak bisa mencatat ip user di bawah router

Bismillah ,..

kemarin kami mendapat problem seperti judul di atas, topologi nya adalah seperti gambar di atas, squid menggunakan mode transparent proxy dengan satu NIC dan trafik dari client di redirect oleh R1, jadi client di bawah R2 tidak terbaca di squid (ip client nya tidak terbaca , yang terbaca ip interface r2 yang menghadap ke r1) , R1 dan R2 adalah Mikrotik Router.

keadaan awal R2 menggunakan dynamic routing dengan NAT masquerade . setelah coba browsing menurut diskusi di link berikut https://forum.mikrotik.com/viewtopic.php?t=54936 , akhir nya kami coba rubah routing dari R1 ke R2 menggunakan static routing dengan menghilangkan NAT Masquerade di R2 , berikut tabel routing R1 dan R2.

Tabel routing R1

Selection_592

Tabel routing R2

Selection_591

hasil nya source ip dari client di R2 bisa terbaca di interface R1 yang mengarah ke R2

Selection_594

dan log squid pun terbaca , ip client di bawah R2

Screenshot from 2017-08-29 11-30-04

jadi inti nya pindah dari NAT Masquerade ke static routing ,

terimaksih semoga , bermanfaat

Monday, July 10, 2017

Install CBPolicyD di Zimbra 8.7

Bismillah ,...

Pertama pindah ke user zimbra

su zimbra

Aktivasi CBpolicyD

zimbra@mail:/root$ zmpro
zmprov zmprov.java zmproxyconf zmproxyctl 
zimbra@mail:/root$ zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicyd
zimbra@mail:/root$ zmprov mcf +zimbraMtaRestriction "check_policy_service inet:127.0.0.1:10031"

Aktivasi CBpolicyD Web UI

jalankan perintah di bawah ini sebagai root

root@mail:~# cd /opt/zimbra/
backup/ db/ jetty-distribution-9.3.5.v20151012/ redolog/ zimlets-deployed/
bin/ docs/ lib/ .saveconfig/ zmstat/
common/ extensions-extra/ libexec/ .ssh/ 
conf/ fbqueue/ log/ ssl/ 
contrib/ index/ logger/ store/ 
data/ jetty/ mailboxd/ zimlets/ 
root@mail:~# cd /opt/zimbra/data/httpd/htdocs/ && ln -s ../../../common/share/webui
root@mail:/opt/zimbra/data/httpd/htdocs#

Edit file " /opt/zimbra/cbpolicyd/share/webui/includes/config.php " rubah seperti berikut

<?php

# mysql:host=xx;dbname=yyy
#
# pgsql:host=xx;dbname=yyy
#
# sqlite:////full/unix/path/to/file.db?mode=0666
#
#$DB_DSN="sqlite:////tmp/cluebringer.sqlite";
#$DB_DSN="mysql:host=localhost;dbname=cluebringer";
$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";
$DB_USER="root";
#$DB_PASS="";
$DB_TABLE_PREFIX="";


#
# THE BELOW SECTION IS UNSUPPORTED AND MEANT FOR THE ORIGINAL SPONSOR OF V2
#

#$DB_POSTFIX_DSN="mysql:host=localhost;dbname=postfix";
#$DB_POSTFIX_USER="root";
#$DB_POSTFIX_PASS="";

?>

save dan exit , kemudian restart service zimbra dan service zimbra apache

root@mail:/opt/zimbra/data/httpd/htdocs# su zimbra
zimbra@mail:~/data/httpd/htdocs$ zmcontrol restart
Host mail.mail.com
 Stopping zmconfigd...Done.
 Stopping zimlet webapp...Done.
 Stopping zimbraAdmin webapp...Done.
 Stopping zimbra webapp...Done.
 Stopping service webapp...Done.
 Stopping stats...Done.
 Stopping mta...Done.
 Stopping spell...Done.
 Stopping snmp...Done.
 Stopping cbpolicyd...Done.
 Stopping archiving...Done.
 Stopping opendkim...Done.
 Stopping amavis...Done.
 Stopping antivirus...Done.
 Stopping antispam...Done.
 Stopping proxy...Done.
 Stopping memcached...Done.
 Stopping mailbox...Done.
 Stopping logger...Done.
 Stopping dnscache...Done.
 Stopping ldap...Done.
Host mail.mail.com
 Starting ldap...Done.
 Starting zmconfigd...Done.
 Starting logger...Done.
 Starting mailbox...Done.
 Starting memcached...Done.
 Starting proxy...Done.
 Starting amavis...Done.
 Starting antispam...Done.
 Starting antivirus...Done.
 Starting opendkim...Done.
 Starting cbpolicyd...Done.
 Starting snmp...Done.
 Starting spell...Done.
 Starting mta...Done.
 Starting stats...Done.
 Starting service webapp...Done.
 Starting zimbra webapp...Done.
 Starting zimbraAdmin webapp...Done.
 Starting zimlet webapp...Done.
zimbra@mail:~/data/httpd/htdocs$ zmapachectl restart
Stopping apache...done.
Starting apache...done.
zimbra@mail:~/data/httpd/htdocs$

kemudian coba akses CBpolicyD Web UI nya di http://ipserver:7780/webui/index.php

Screenshot from 2017-07-10 14-47-29

Sumber :

https://imanudin.net/2016/03/11/zimbra-tips-how-to-enable-spf-checking-for-incoming-connection/

https://imanudin.com/2014/10/16/tips-mengaktifkan-cbpolicyd-pada-zimbra-8-5/

Wednesday, June 7, 2017

Cara ganti password di zimbra web mail

Pilih tab preferences

Selection_576

pilih change password

Selection_577

Masukan password lama , dan masukan passowrd di kolom no 2 (minimal 6 karakter dengan kombinasi hruf besar , kecil dan angka) dan konfirmasi password baru di kolom no 3 , kemudian change password

Selection_578

Thursday, April 20, 2017

Blok email dengan attachment file .exe di zimbra

Untuk mengurangi kemungkinan email virus , atau email phishing maka kita bisa melakukan filtering file attachment email yang di kirim di zimbra , dan langkah nya cukup mudah login ke zimbra administrator pilih

Configure ->Global setting-> attachment

Selection_533

tambahkan ekstensi file yang akan di blok , kemudian save dan tes,

Screenshot from 2017-03-27 11-41-02

sekian , semoga bermanfaat :)

Friday, March 24, 2017

Aktifasi SNMP di switch HP 1620-8G

Bismillah ..

jika kita pernah mencoba memonitoring perangkat switch hp dengan protokol SNMP dan mendapat pesan error no respon , misal di kasus saya saya menggunakan nagios pesan error nya seperti ini ,

[03-09-2017 14:31:04] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Memory Usage;UNKNOWN;notify-service-by-email;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:31:04] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Memory Usage;UNKNOWN;notify-service-by-telegram;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:30:44] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Usage;UNKNOWN;notify-service-by-email;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:30:44] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Usage;UNKNOWN;notify-service-by-telegram;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:28:24] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Temp;UNKNOWN;notify-service-by-email;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:28:24] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Temp;UNKNOWN;notify-service-by-telegram;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:28:24] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Uptime;UNKNOWN;notify-service-by-email;External command error: Timeout: No Response from 192.168.0.45:161.
[03-09-2017 14:28:24] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Uptime;UNKNOWN;notify-service-by-telegram;External command error: Timeout: No Response from 192.168.0.45:161.

Mungkin coba bisa di cek di switch nya , di kasus saya SNMP dari switch hp 1620-8g nya belum di aktifkan , nah untuk mengaktifkan nya bisa ke menu DEVICE ---> SNMP

enable versi SNMP yang anda gunakan , klik apply .. kemudia setting comunity nya kemudian jangan lupa save configurasi nya, agar tidak hilang ketika switch nya ngrestart

berikut perubahan log di nagios saya ,..

[03-09-2017 14:38:28] SERVICE ALERT: Switch-Manageable-adduha;CPU Temp;OK;HARD;3;SNMP OK - Temperature is 55 °C
[03-09-2017 14:35:58] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Memory Usage;OK;notify-service-by-email;SNMP OK - Memory Usage is 38 %
[03-09-2017 14:35:58] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Memory Usage;OK;notify-service-by-telegram;SNMP OK - Memory Usage is 38 %
[03-09-2017 14:35:58] SERVICE ALERT: Switch-Manageable-BIT;Memory Usage;OK;HARD;3;SNMP OK - Memory Usage is 38 %
[03-09-2017 14:35:38] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Usage;OK;notify-service-by-email;SNMP OK - CPU usage is 2 %
[03-09-2017 14:35:38] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Usage;OK;notify-service-by-telegram;SNMP OK - CPU usage is 2 %
[03-09-2017 14:35:38] SERVICE ALERT: Switch-Manageable-BIT;CPU Usage;OK;HARD;3;SNMP OK - CPU usage is 2 %
[03-09-2017 14:35:08] SERVICE ALERT: sim;Total Processes;CRITICAL;HARD;4;PROCS CRITICAL: 201 processes
[03-09-2017 14:33:28] SERVICE ALERT: Switch-Manageable-adduha;CPU Temp;WARNING;HARD;3;SNMP WARNING - Temperature is *56* °C
[03-09-2017 14:33:18] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Temp;OK;notify-service-by-email;SNMP OK - Temperature is 0 °C
[03-09-2017 14:33:18] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;CPU Temp;OK;notify-service-by-telegram;SNMP OK - Temperature is 0 °C
[03-09-2017 14:33:18] SERVICE ALERT: Switch-Manageable-BIT;CPU Temp;OK;HARD;3;SNMP OK - Temperature is 0 °C
[03-09-2017 14:33:18] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Uptime;OK;notify-service-by-email;SNMP OK - Timeticks: (1830060) 5:05:00.60
[03-09-2017 14:33:18] SERVICE NOTIFICATION: nagiosadmin;Switch-Manageable-BIT;Uptime;OK;notify-service-by-telegram;SNMP OK - Timeticks: (1830060) 5:05:00.60
[03-09-2017 14:33:18] SERVICE ALERT: Switch-Manageable-BIT;Uptime;OK;HARD;3;SNMP OK - Timeticks: (1830060) 5:05:00.60
[03-09-2017 14:32:58] SERVICE ALERT: mail.alshifacharity;Total Processes;OK;SOFT;2;PROCS OK: 227 processes

semoga bermanfaat :)

Create image raspbian-wheezy ke SD- card di linux terimnal

Masukan Sd-card ke laptop, kemudian buka terimnal

root@bit-X200CA:~# df -h
Filesystem Size Used Avail Use% Mounted on
udev 1,9G 0 1,9G 0% /dev
tmpfs 384M 6,3M 378M 2% /run
/dev/sda3 92G 67G 21G 77% /
tmpfs 1,9G 362M 1,6G 19% /dev/shm
tmpfs 5,0M 4,0K 5,0M 1% /run/lock
tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup
tmpfs 384M 80K 384M 1% /run/user/1000
/dev/sda4 266G 207G 60G 78% /media/bit/2503-8D66
/dev/sdb1 7,6G 94M 7,5G 2% /media/bit/8765-4321

SD-card saya ada di /dev/sdb1 (SD-card 8 Gb) kemudian unmount


root@bit-X200CA:~# umount /dev/sdb1

cek kembali


root@bit-X200CA:~# df -h
Filesystem Size Used Avail Use% Mounted on
udev 1,9G 0 1,9G 0% /dev
tmpfs 384M 6,3M 378M 2% /run
/dev/sda3 92G 67G 21G 77% /
tmpfs 1,9G 362M 1,6G 19% /dev/shm
tmpfs 5,0M 4,0K 5,0M 1% /run/lock
tmpfs 1,9G 0 1,9G 0% /sys/fs/cgroup
tmpfs 384M 80K 384M 1% /run/user/1000
/dev/sda4 266G 207G 60G 78% /media/bit/2503-8D66

ekstrak image raspbian wheezy dengan pernintah dd ,


root@bit-X200CA:~# dd bs=4M if=/media/bit/2503-8D66/4.\ private/iso/2012-10-28-wheezy-raspbian.img of=/dev/sdb
462+1 records in
462+1 records out
1939865600 bytes (1,9 GB, 1,8 GiB) copied, 164,107 s, 11,8 MB/s

sedikit pejelasan tentang perintah " dd " di linux ,Perintah dd (Disk Definition) berasal dari Jb Control Language IBM, dan bisa digunakan untuk menduplikat harddisk, membackup data harddisk, merestore data harddisk, menyalin data, membuat bootable flashdisk, memburning file .iso ke dvd dan masih ada banyak lagi kegunaannya. Perintah ini dianggap penting oleh Sysadmin, karena bermanfaat untuk mengatur data-data di harddisk misal

# dd if=~/sdadata.img of=/dev/sda

ket:
if : lokasi file image
of : lokasi yang akan dikembalikan atau ditimpa dengan file image tersebut
langkah ini bisa juga digunakan untuk me-restore partisi

terakhir lepas SD-card kemudian masukan ke raspberry pi nya , kemudian coba di boot..

semoga bermanfaat :)

referensi :

https://www.raspberrypi.org/documentation/installation/installing-images/linux.md

http://www.sibro21.org/2016/03/arti-perintah-dd-di-terminal-linux.html

failed to open '/dev/sdb': Read-only file system , adapter problem

Pernah mengalami kasus error " Read-only file system " , saya mengalami nya ketika melakukan proses instalasi raspbian- wheezy ke sd-card yang menggunakan converter/adapter yaitu ketika akan melakukan copy image ke sdcard seperti berikut,

root@bit-X200CA:/media/bit/2503-8D66/4. private/iso# dd bs=4M if=2012-10-28-wheezy-raspbian.img of=/dev/sdb
dd: failed to open '/dev/sdb': Read-only file system
root@bit-X200CA:/media/bit/2503-8D66/4. private/iso#

saran saya sebelum melihat lebih jauh ke konfigurasi fstab dan format sebagai nya , cek adapter sd-card nya , karena setelah saya muter-muter cek konfigurasi , mount umount , fsck ternyata problem nya ada di konverter / adapter nya, (adapter nya ter lock) seperti gambar berikut,

pastikan posisi nya tidak terl lock , gambar yang di bulat merah posisi nya tidak di bawah, dan betul setelah di coba

root@bit-X200CA:~# dd bs=4M if=/media/bit/2503-8D66/4.\ private/iso/2012-10-28-wheezy-raspbian.img of=/dev/sdb
462+1 records in
462+1 records out
1939865600 bytes (1,9 GB, 1,8 GiB) copied, 164,107 s, 11,8 MB/s
root@bit-X200CA:~#

alhamdulillah bisa :) , semoga bermanfaat, selamat mencoba

Laman

Tuesday, August 29, 2017

Monday, July 10, 2017

Wednesday, June 7, 2017

Thursday, April 20, 2017

Friday, March 24, 2017