คู่มือติดตั้ง Smile Server (Maya) v1.2

A
Smile Server MaYa

TMSolution Chiangmai
Version 1.2 (2011)
LinuxThai.Org
ClearOS
ClearOS
PPPoE
WRT54GL Server
LightSquid Log File
Upgrade rewjang
uamallow
website.txt
Log File ?
Server ()
DynDNS ClearOS (Register ClearOS)
How to Remote SAM Server

How to Remote LightSquid
ip 10.0.1.2 - 10.0.1.10
24
IP 255 !!!
block web or download (credit Natcha)

Allowed MAC
BITTORRENT
Multi WAN System in ClearOS
1
5
13
17
20
22
29
30
31
33
34
37
44
45
46
47
49
50
51
52
53
54
Weight (Multi-WAN)
AP (Ruta)
60
restart server ip
61
Webmin Lightsquid
Hack
LightSquid
55
56
58
59
MySQL
62
Template
63
Clear Center
64
ClearOS
1. CD-Rom USB ( BIOS)
2. ClearOS Enter
3. (English)
4. (US)
5. CD-Rom Local CDROM USB FTP
6. Install
7. ClearOS
8. Server Gateway Mode

9. Network Ethernet
10. Network Dynamic IP (DHCP)
11. Nameserver IP
12. IP Address Server LAN IP
13. (Admin)
14. Partition Use default
15. Module Module
Graphical Console
DHCP and Local DNS Servers
DMS and 1-to-1 NAT Firewall
Bandwidth Manager
Intrusion Protection
Protocol Filter
** Module **
16. Module
Web Proxy
Content Filter
Web Server
Database Server / MySQL
** Module **
( )
17.
18. CD USB Reboot
ClearOS
1. ClearOS Reboot Login
root
2. Network > Incoming Standard Services SSH ADD
Client Notebook
1. External
2. SSH Server IP : 192.168.1.5
3. Windows > New File Transfers
10
4. MaYa /root
11
5. Config file
6.
mycorporation='Smile Network'
exinterface='eth0'
interface
mydhcpif='eth1'
interface Lan IP Chilli
myradiussecret='testing123'

myuamsecret='ht2eb8ej6s4et3rg1ulp'
mysqluser='root'
user mysql
mysqlpassword='123456'
password mysql
myradius_db='sam_db'
database mysql
12
7. ./config ./install reboot 1
13
PPPoE ( Lan eth )

(eth1) IP 10.0.1.X SSH
1. (eth1) ip server 10.0.1.X
2. ping 10.0.1.1
14
3. 10.0.1.1
15
4. ClearOS
5. Network > IP Setings
16
( )
17
WRT54GL Server
18
19
20
LightSquid Log File (
Korkai)
1. cc_report.tar (Link : http://www.mediafire.com/?n2pf1l9ge4ly059)

2. SSH File Transfer /root
3. tar zxvf cc_report.tar
4. cd cc_report.tar
5. ./setup
6. http://10.0.1.1/report/ ( IP )
http:// server/report
crontab update log
nano /etc/crontab
( copy paste SSH)
*/120 * * * * root /var/www/html/report/lightparser.pl ---> log 2
00 22 * * * root /usr/sbin/squid -k rotate ---> rotate log ( log )
. log squid log /var/log/squid/access.log
squid.conf
cache_access_log /var/log/squid/access.log

http://www.linuxthai.org/forum/index.php?topic=914.0
21
22
lightsquid (credit Korkai)

# cd /var/www/html/report
# ./check-setup.pl
# ./lightparser.pl
# /var/www/html/report/lightparser.pl
# echo '5 4 * * * root /var/www/html/report/lightparser.pl' >> /etc/crontab
cd /var/www/html/report
./check-setup.pl
./lightparser.pl
/var/www/html/report/lightparser.pl
echo '5 4 * * * root /var/www/html/report/lightparser.pl' >> /etc/crontab
lightsquid login
# htpasswd -c /var/www/html/report/passwords admin <= user admin
New password: ***** <=
Re-type new password: ***** <=
Adding password for user admin
.htaccess FPRIVATE "TYPE=PICT;ALT= "
# nano /var/www/html/report/.htaccess
AuthType Basic
AuthGroupFile /dev/null
AuthName "Squid Report"
AuthUserFile /var/www/html/report/passwords
require user admin ***** <= admin user
Options FollowSymLinks ExecCGI
DirectoryIndex index.cgi
23
Upgrade rewjang
1. http://www.mediafire.com/?nnpeu7su65fkfd0
2.
3. MySQL sam_db
4.
24
5. Save File
6.
25
7. radius-sam
26
8.
9.
changepass-yes.php
register-yes.php
changepass.php
register.php
/var/www/html/sam/admin/include backup
/var/www/html/sam/admin/
10.
27
11.
28
12.
29
30
uamallow
uamallowed (), chilli/subnet
uamallowed www.google.com,10.100.1.0/24

/etc/chilli.conf /etc/chilli/config
# HotSpot settings for simple Captive Portal
#
HS_NASID=nas01
HS_UAMSECRET=ht2eb8ej6s4et3rg1ulp
HS_RADIUS=127.0.0.1
HS_RADIUS2=127.0.0.1
HS_RADSECRET=testing123
HS_UAMALLOW=10.111.1.0/24,10.0.0.0/8
uamallowed (), chilli/subnet

uamallowed www.google.com,10.100.1.0/24
register-yes.php
http://www.upload-thai.com/download.php?id=7801d5a832a59f691a92d7d79bc09e22
changepass-yes.php
http://www.upload-thai.com/download.php?id=430def9f8d772936914cdd25d39c1339
/var/www/html/sam/admin register.php changepass.php
31
1. /var/www/html/sam/admin/manage_interface.php footers footer ( s )
2. Login
<ul><li> <a
href="admin/register.php">< /a></li><li>
</li><li> <a href="admin/changepass.php">
</a></li>
</ul>
Login ( ^_^ )
32
website.txt
Block Web & Download
# touch /etc/squid/filename.txt
# touch /etc/squid/website.txt
# chmod 777 /etc/squid/filename.txt
# chmod 777 /etc/squid/website.txt
# chown squid:squid /etc/squid/filename.txt
# chown squid:squid /etc/squid/website.txt
# ls -l /etc/squid/filename.txt
-rwxrwxrwx 1 squid squid 0 Sep 8 16:18 /etc/squid/filename <---
[root@hotspot1 ~]# ls -l /etc/squid/website.tx
-rwxrwxrwx 1 squid squid 47 Sep 8 16:21 /etc/squid/website.txt <---
33
Log File ?
#tail -f /var/log/squid/access.log
34
Server ()
Time Server UNIX Linux
ntp
http://www.ntp.org/downloads.html
wget
# wget http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2.0.tar.gz
tar-ball tar
# tar -xzvf ntp-4.2.0.tar.gz
ntp-4.2.0 compile shell script configure
# cd ntp-4.2.0
# ./configure
compile make
# make
make install
# make install
ntpdate
ntpdate Time Server Time Server
root ntpdate
clock.thaicert.nectec.or.th
# ntpdate clock.thaicert.nectec.or.th
10 Sep 15:16:14 ntpdate[2264]: step time server 203.185.132.187 offset 10.006533 sec
cron job
30 * * * * ntpdate clock.thaicert.nectec.or.th
cron job Time Sever clock.thaicert.nectec.or.th
daemon ntpd
ntpdate Server
daemon ntpd daemon
35
o
ntp.conf ( /etc/ntp.conf /usr/local/etc/ntp.conf)
restrict default kod nomodify notrap nopeer noquery

restrict 127.0.0.1
server clock.thaicert.org
server 0.asia.pool.ntp.org
restrict default kod nomodify notrap nopeer noquery
client (
manual ntpd)
restrict 127.0.0.1
Time Server
1 Server ( Public Time Server
http://www.pool.ntp.org/)
server
ntpd ntpdate Time Server ntp.conf client

Time Server
ntpd
# ntpd
Time Server Windows

Windows XP Service Pack 2 , Windows Vista Windows 2003 Server
Windows XP Service Pack 2
o
Double Click Task Bar Clock
36
Internet Time Tab check box Automatically synchronize with an Internet time server
Server clock.thaicert.org Update Now
OK
37
DynDNS ClearOS
38
https://tmserver.poweredbyclear.com:81/
24hr
39
https://secure.clearcenter.com
40
41
https://tmserver.poweredbyclear.com:81/ router
Forward Port NAT
Port : 82
42
Router server ( Forward Port )
....... ( Firefox IE)
1. I Understand the Risks

2. Add Exception
3. Get Certificate
4. Confirm
43
................ T_T
ClearOS /sam/admin user

. DDNS Hacker
44
How to Remote SAM Server

remote smile port 443
https://no-ip/sam/admin
https://tmserver.poweredbyclear.com/sam/admin/
45
How to Remote LightSquid
https://tmserver.poweredbyclear.com/report
46
ip 10.0.1.2 - 10.0.1.10
chilli.conf /etc/
dynip 10.0.1.10/24:10.0.1.254/24
47
24
manage_group.php
264 - 297
<tr>
<td height="30" colspan="2" align="right" valign="top" bgcolor="<?= $bgcolor ?>">Login 1 : </td>
<td height="30" colspan="3" align="left" valign="top" bgcolor="<?= $bgcolor ?>"><select name="s_time2" id="s_time2" >
<option value="3600" <? if($attribute_v[1]=='3600'){echo"selected=\"Selected\"";}?>>1 </option>
<option value="0" <? if($attribute_v[1]=='0'){echo"selected=\"Selected\"";}?>></option>
</select></td>
</tr>
<tr>
<td height="30" colspan="2" align="right" valign="top" bgcolor="<?= $bgcolor ?>"> :</td>
<td height="30" colspan="3" align="left" valign="top" bgcolor="<?= $bgcolor ?>"><select name="d_time2" id="d_time2">
<option value="2592000" <? if($attribute_v[3]=='2592000'){echo"selected=\"Selected\"";}?>></option>
</select></td>
48
338 371
<tr>
<td height="30" colspan="2" align="right" valign="top" bgcolor="#F6F6B6">Login 1 : </td>
<td height="30" colspan="3" align="left" valign="top" bgcolor="#F6F6B6"><select name="s_time" id="s_time" >
<option value="3600">1 </option>
<option value="0"></option>
</select></td>
</tr>
<tr>
<td height="30" colspan="2" align="right" valign="top" bgcolor="#F6F6B6"> :</td>
<td height="30" colspan="3" align="left" valign="top" bgcolor="#F6F6B6"><select name="d_time" id="d_time">
<option value="2592000"></option>
</select></td>
371: </tr>
Download File /var/www/html/sam/admin

http://www.mediafire.com/?vf21cv3dlrps2j6
49
IP 255 !!!
: 255

1. 192.168.1.xxx 1 192.168.2.xxx 1
2. server
3. Authen

: subnet 192.168.2.xxx gw 192.168.1.1

mynet='192.168.0.0\/23'
myHS_NETWORK='192.168.0.0'
myHS_NETMASK='255.255.254.0'
myuamlisten='192.168.212.1'
50
block web or download (credit Natcha)

acl all src 0.0.0.0/0.0.0.0
acl 2blockweb url_regex -i "/etc/squid/website.txt"
acl 2download url_regex -i "/etc/squid/filename.txt"
http_access deny 2blockweb
http_access deny 2download
deny_info http://192.168.1.1/deny.html 2blockweb
deny_info http://192.168.1.1/deny.html 2download
web server clearos

service httpd 192.168.1.1 webserver
deny.html http://192.168.1.1/deny.html
free webhosting
url
51
Allowed MAC
/ chilli.conf
( /etc/chilli.conf /etc/chilli/config
12-24-21-04-B7-37 12242104B737
52
BITTORRENT
Bittorrent Server

copy Server
http://tdb.thaigqsoft.com//index.php
53
Multi WAN System in ClearOS
54
(Clear ram)
Crontab
59 * * * * root echo 3 > /proc/sys/vm/drop_caches
1 (59 )
55
Weight (Multi-WAN)
weight , weight ,
2 , weight
2 , LoadBalance , weight
2 ( A B )
weight A = 1, B = 1
A B C
( A ( ) B ()

weight A = 10, B = 1
A ( 10%, weight 10
10%) 10% connection
B
weight A = 10, B = 10
A, B
10% connection
10% connection B
weight A = 100, B = 1
A , A 100%, connection
B A 100%, connection A
:
weight = 1 , Balance
,
-
weight , A, B
2 2
. . B A
. , . . A,

56
Webmin Lightsquid
1. Download Webmin http://www.webmin.com/download.html

2. SSH server tar zxvf webmin-1.520.tar
3.
( )
[root@one util]# tar zxvf webmin-0.990.tar.gz
file setup
[root@one util]# cd webmin-0.990
[root@one webmin-0.990]# ./setup.sh <---
***********************************************************************
*
Welcome to the Webmin setup script, version 0.990
*
***********************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.
Installing Webmin in /util/webmin-0.990 ...<--- Enter
***********************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.
Config file directory [/etc/webmin]:<--- Enter
Log file directory [/var/webmin]:<--- Enter
***********************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.
Full path to perl (default /usr/bin/perl):<--- Enter
Testing Perl ...
Perl seems to be installed ok
***********************************************************************
Operating system name: Redhat Linux
Operating system version: 7.3
***********************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
- What port to run the web server on. There must not be another
web server already using this port.
- The login name required to access the web server.
- The password required to access the web server.
- The hostname of this system that the web server should use.
- If the webserver should use SSL (if your system supports it).
- Whether to start webmin at boot time.
57
Web server port (default 10000):<--- Enter

Login name (default admin):<--- Enter
Login password:<--- Enter
Password again:<--- Enter
Web server host name (default one.abcdef.com):<--- Enter
The Perl SSLeay library is not installed. SSL not available.
Start Webmin at boot time (y/n): y <--- y
***********************************************************************
Creating web server config files..
..done
Creating access control file..
Inserting path to perl into scripts..
..done
Creating start and stop scripts..
..done
Copying config files..
..done
Configuring Webmin to start at boot time..
Created init script /etc/rc.d/init.d/webmin
..done
Creating uninstall script /etc/webmin/uninstall.sh ..
..done
Changing ownership and permissions ..
..done
Attempting to start Webmin mini web server..
Starting Webmin server in /tmp/webmin-0.990
..done
***********************************************************************
Webmin has been installed and started successfully. Use your web
browser to go to
http://one.abcdef.com:10000/
[root@one webmin-0.990]#
webmin https://ip_server:10000

58
Hack
sam
sam/admin/include
/sam/ /sam/admin/include
59
LightSquid
cd /var/www/html/lightsquid
cd /var/www/html/report ( 31/1/54 )
chmod +x *.cgi
chown -R apache:apache *
/etc/init.d/httpd restart
./check-setup.pl
./lightparser.pl
/var/www/html/report/lightparser.pl
echo '10 * * * * /var/www/html/report/lightparser.pl' >> /etc/crontab
( 31/1/54 )
Error crontap lightparser.pl
!!
/var/www/html/report/lightparser.pl crontap

60
AP (Ruta)
allow mac
HS_MACALLOW=""
/etc/chilli.conf /etc/chilli/config
nano /etc/chilli.conf
# HS_MACAUTH=on
HS_MACAUTH=on
# HS_MACAUTHDENY=on
HS_MACAUTHDENY=on
#HS_MACAUTHMODE=local
HS_MACAUTHMODE=local
# HS_MACALLOW="...."
HS_MACALLOW="0016d3f61353" MAC
/etc/init.d/chilli restart
AP ,
nano/etc/chilli.conf
HS_MACAUTH=on
HS_MACAUTHDENY=on
HS_MACAUTHMODE=local
HS_MACALLOW=0016d3f61353,0015d3f631555,abcda1c5a3aa
61
62
Protocal Filter
TMSolution ChiangMai
module
Protocal Filter
https://10.0.1.1:81
Gateway Protocal Filter
All Groups Peer to Peer
Block Bittorrent block Block All
Status : Stop Running
Bittorrent
Report -> Protocal Filter Bittorrent
:
Bittorent BitComet
Utorrent 1-100KB/s ( 80Mbps 10MB/s
1 - 100 KB/s )
63
restart server ip
crontab
# nano /etc/crontab
webmin
@daily root /sbin/shutdown -r now >>restart
64
MySQL
login
1. Stop service MySQL
[root@khonkaensoft]#sudo /etc/init.d/mysql stop # for ubuntu or debian base
2. Start MySQL save mode.
[root@khonkaensoft]# mysqld_safe skip-grant-tables &
3. Login MySQL root
[root@khonkaensoft]# mysql -u root
4. Update root
mysql> use mysql;
mysql> update user set password=PASSWORD(NEW PASSWORD) where
user=root;
mysql> flush privileges;
mysql> quit;
5. Restart the MySQL service & try to login using the new password.
[kk-soft@khonkaensoft]# sudo /etc/init.d/mysql stop
[kk-soft@khonkaensoft]# sudo /etc/init.d/mysql start
MySQL
[root@khonkaensoft]# mysql -u root -p
==========================================================
MySQL on ubuntu
[kk-soft@khonkaensoft]# sudo /etc/init.d/mysql reset-password
[kk-soft@khonkaensoft]# mysql -u root -p

Enter Update password
mysql> use mysql;

mysql> update user set password=PASSWORD(NEW PASSWORD) where
user=root;
mysql> flush privileges;
mysql> quit;
65
Template
folder templates
css
images
css
manage_interface.php
38 }
37 if($bg=="temp14") {return "<img src=\"templates/temp14/images/login.png\" width=\"120\"
height=\"80\">";}
38 if($bg=="") {return "<img src=\"templates/
/images/login.png\" width=\"120\" height=\"80\">";}
39 }
54 }
53 if($bg=="temp14") {return "<img src=\"templates/temp14/images/popup.png\" width=\"120\"
height=\"80\">";}
54 if($bg=="") {return "<img src=\"templates/
/images/popup.png\" width=\"120\" height=\"80\">";}
55 }
100 </select></td>
<option value="" <? if($inf->getTemplate()=='

'){echo"selected=\"Selected\"";}?>> </option>
66
Clear Center
server Register ClearOS
Login https://secure.clearcenter.com/portal/index.jsp
67
68
69
70
71
ClearOS ( )
https://10.0.1.1:81/admin/index.php
user : root / pass :
MySQL
https://10.0.1.1:81/mysql/
user : root / pass : 123456
password root
sudo passwd root
reboot server
............
PPPoE External (
Switch Hub )
MaYa Server

คู่มือติดตั้ง Smile Server (Maya) v1.2

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

คู่มือติดตั้ง Smile Server (Maya) v1.2

Enviado por

Direitos autorais:

Formatos disponíveis

A

Smile Server MaYa

How to Remote SAM Server

block web or download (credit Natcha)

8. Server Gateway Mode

10. Network Dynamic IP (DHCP)

14. Partition Use default

15. Module Module

18. CD USB Reboot

2. Network > Incoming Standard Services SSH ADD

2. SSH Server IP : 192.168.1.5

3. Windows > New File Transfers

7. ./config ./install reboot 1

PPPoE ( Lan eth )

5. Network > IP Setings

LightSquid Log File (

1. cc_report.tar (Link : http://www.mediafire.com/?n2pf1l9ge4ly059)

lightsquid (credit Korkai)

uamallowed (), chilli/subnet

/var/www/html/sam/admin register.php changepass.php

1. /var/www/html/sam/admin/manage_interface.php footers footer ( s )

ntp.conf ( /etc/ntp.conf /usr/local/etc/ntp.conf)

restrict default kod nomodify notrap nopeer noquery

restrict default kod nomodify notrap nopeer noquery

ntpd ntpdate Time Server ntp.conf client

Time Server Windows

Double Click Task Bar Clock

Forward Port NAT

....... ( Firefox IE)

1. I Understand the Risks

ClearOS /sam/admin user

How to Remote SAM Server

How to Remote LightSquid

Download File /var/www/html/sam/admin

: subnet 192.168.2.xxx gw 192.168.1.1

block web or download (credit Natcha)

web server clearos

Multi WAN System in ClearOS

Web server port (default 10000):<--- Enter

[kk-soft@khonkaensoft]# mysql -u root -p

mysql> use mysql;

<option value="" <? if($inf->getTemplate()=='

Você também pode gostar