{"id":20517034,"url":"https://github.com/hellbus1/jarkom_modul5_lapres_b04","last_synced_at":"2026-02-04T11:15:54.809Z","repository":{"id":68911747,"uuid":"324755140","full_name":"HellBus1/Jarkom_Modul5_Lapres_B04","owner":"HellBus1","description":null,"archived":false,"fork":false,"pushed_at":"2020-12-29T14:56:46.000Z","size":373,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-05T23:30:22.969Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HellBus1.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-27T12:18:06.000Z","updated_at":"2023-03-08T23:35:47.000Z","dependencies_parsed_at":null,"dependency_job_id":"e5561557-72e1-4769-ba70-64a4f74e0920","html_url":"https://github.com/HellBus1/Jarkom_Modul5_Lapres_B04","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/HellBus1/Jarkom_Modul5_Lapres_B04","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HellBus1%2FJarkom_Modul5_Lapres_B04","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HellBus1%2FJarkom_Modul5_Lapres_B04/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HellBus1%2FJarkom_Modul5_Lapres_B04/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HellBus1%2FJarkom_Modul5_Lapres_B04/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HellBus1","download_url":"https://codeload.github.com/HellBus1/Jarkom_Modul5_Lapres_B04/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HellBus1%2FJarkom_Modul5_Lapres_B04/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263999349,"owners_count":23542022,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-15T21:33:32.816Z","updated_at":"2026-02-04T11:15:54.757Z","avatar_url":"https://github.com/HellBus1.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Jarkom_Modul5_Lapres_B04\n\n- Syubban Fakhriya  05111840000042\n- Feraldy Nathanael 05111840000066\n\n### (A) Membuat topologi jaringan sesuai dengan rancangan yang telah diberikan\n\n```\numl_switch -unix switch1 \u003e /dev/null \u003c /dev/null \u0026\numl_switch -unix switch2 \u003e /dev/null \u003c /dev/null \u0026\numl_switch -unix switch3 \u003e /dev/null \u003c /dev/null \u0026\numl_switch -unix switch4 \u003e /dev/null \u003c /dev/null \u0026\numl_switch -unix switch5 \u003e /dev/null \u003c /dev/null \u0026\numl_switch -unix switch6 \u003e /dev/null \u003c /dev/null \u0026\n\n**Router**\n\nxterm -T SURABAYA -e linux ubd0=SURABAYA,jarkom umid=SURABAYA eth0=tuntap,,,10.151.74.21 eth1=daemon,,,switch3 eth2=daemon,,,switch5 mem=96M \u0026\nxterm -T BATU -e linux ubd0=BATU,jarkom umid=BATU eth0=daemon,,,switch3 eth1=daemon,,,switch4 eth2=daemon,,,switch2 mem=96M \u0026\nxterm -T KEDIRI -e linux ubd0=KEDIRI,jarkom umid=KEDIRI eth0=daemon,,,switch5 eth1=daemon,,,switch6 eth2=daemon,,,switch1 mem=96M \u0026\n\n**Server**\n\nxterm -T MALANG -e linux ubd0=MALANG,jarkom umid=MALANG eth0=daemon,,,switch2 mem=128M \u0026\nxterm -T MOJOKERTO -e linux ubd0=MOJOKERTO,jarkom umid=MOJOKERTO eth0=daemon,,,switch2 mem=128M \u0026\nxterm -T MADIUN -e linux ubd0=MADIUN,jarkom umid=MADIUN eth0=daemon,,,switch1 mem=128M \u0026\nxterm -T PROBOLINGGO -e linux ubd0=PROBOLINGGO,jarkom umid=PROBOLINGGO eth0=daemon,,,switch1 mem=128M \u0026\n\n\n# Klien\nxterm -T SIDOARJO -e linux ubd0=SIDOARJO,jarkom umid=SIDOARJO eth0=daemon,,,switch4 mem=96M \u0026\nxterm -T GRESIK -e linux ubd0=GRESIK,jarkom umid=GRESIK eth0=daemon,,,switch6 mem=96M \u0026\n```\n\n### (B) Melakukan subnetting dengan VLSM atau CIDR\n\n![cidr](asset/CIDR.PNG)\n\n![pembagian-ip](asset/PEMBAGIANIP.jpg)\n\n### (C) Melakukan routing\n\n```\nroute add -net 192.168.0.0 netmask 255.255.254.0 gw 192.168.2.2\nroute add -net 192.168.4.0 netmask 255.255.255.0 gw 192.168.5.2\nroute add -net 10.151.83.40 netmask 255.255.255.248 gw 192.168.5.2\n```\n\n### (D) Memberikan ip pada subnet **SIDOARJO** dan **GRESIK** secara dinamis menggunakan bantuan DHCP SERVER (selain itu menggunakan ip static)\n\n```\ndhcpd.conf pada Mojokerto\n\nsubnet 192.168.4.0 netmask 255.255.255.0 {\n    range 192.168.4.2 192.168.4.254;\n    option routers 192.168.4.1;\n    option broadcast-address 192.168.4.255;\n    option domain-name-servers 10.151.83.42;\n    default-lease-time 600;\n    max-lease-time 7200;\n}\n\nsubnet 192.168.0.0 netmask 255.255.255.0 {\n    range 192.168.0.2 192.168.0.254;\n    option routers 192.168.0.1;\n    option broadcast-address 192.168.0.255;\n    option domain-name-servers 10.151.83.42;\n    default-lease-time 600;\n    max-lease-time 7200;\n}\n\nsubnet 10.151.83.40 netmask 255.255.255.248 {\n\n}\n\n\n\n\n\n\n\n\n---------------------------------\nRelay\n\napt-get install isc-dhcp-relay pada Batu dan Kediri\n\n#bakal keluar installernya trus diisi\nIP MOJO, kosong, kosong\n\n```\n\n```\nrouter-------------\nSURABAYA\n\nauto eth0\niface eth0 inet static\naddress 10.151.74.22\nnetmask 255.255.255.252\ngateway 10.151.74.23\n\nauto eth1\niface eth1 inet static\naddress 192.168.5.1\nnetmask 255.255.255.252\n\nauto eth2\niface eth2 inet static\naddress 192.168.2.1\nnetmask 255.255.255.252\n\nBATU\n\nauto eth0\niface eth0 inet static\naddress 192.168.5.2\nnetmask 255.255.255.252\ngateway 192.168.5.1\n\n\nauto eth1\niface eth1 inet static\naddress 192.168.4.1\nnetmask 255.255.255.0\n\nauto eth2\niface eth2 inet static\naddress 10.151.83.41 (server malang)\nnetmask 255.255.255.248\n\nKEDIRI\n\nauto eth0\niface eth0 inet static\naddress 192.168.2.2\nnetmask 255.255.255.252\ngateway 192.168.2.1\n\nauto eth1\niface eth1 inet static\naddress 192.168.0.1\nnetmask 255.255.255.0\n\nauto eth2\niface eth2 inet static\naddress 192.168.1.1\nnetmask 255.255.255.248\n\n\n\n\nserver\n\nMALANG\nauto eth0\niface eth0 inet static\naddress 10.151.83.42 (ip malang tiap kelompok)\nnetmask 255.255.255.248\ngateway  10.151.83.43 (ip malang + 1)\n\nMOJOKERTO\n\nauto eth0\niface eth0 inet static\naddress 10.151.83.43 (ip mojokerto tiap kelompok)\nnetmask 255.255.255.248\ngateway 10.151.83.43 (gateway malang)\n\nMADIUN\nauto eth0\niface eth0 inet static\naddress 192.168.1.2\nnetmask 255.255.255.248\ngateway 192.168.1.1\n\nPROBOLINGGO\nauto eth0\niface eth0 inet static\naddress 192.168.1.3\nnetmask 255.255.255.248\ngateway 192.168.1.1\n```\n\n### (1) Mengkonfigurasi **SURABAYA** menggunakan iptables tanpa MASQUERADE\n\n```\niptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o eth0 -j SNAT --to-source 10.151.74.22\n```\n\n### (2) Mendrop semua akses SSH dari luar topologi pada server yang memiliki ip DMZ (DHCP dan DNS SERVER) pada **SURABAYA**\n\n```\niptables -A FORWARD -p tcp --dport 22 -d 10.151.83.40/29 -i eth0 -j DROP\n```\n\n### (3) Membatasi DHCP dan DNS server hanya boleh menerima maksimal 3 koneksi ICMP secara bersamaan yang berasal dari mana saja menggunakan **iptables pada masing-masing server**, selebihnya akan di drop.\n\n```\niptables -A INPUT -p icmp -m connlimit --connlimit-above 3 --connlimit-mask 0 -j DROP\n```\n\n### (4) Akses dari subnet **SIDOARJO** ke **MALANG** hanya diperbolehkan pada pukul 07.00 - 17.00 dari senin - jumat\n\n```\niptables -A INPUT -s 192.168.4.0/24 -m time --timestart 07:00 --timestop 17:00 --weekdays Mon,Tue,Wed,Thu,Fri -j ACCEPT\niptables -A INPUT -s 192.168.0.0/24 -m time --timestart 17:00 --timestop 00:00 -j ACCEPT\niptables -A INPUT -s 192.168.0.0/24 -m time --timestart 00:00 --timestop 07:00 -j ACCEPT\niptables -A INPUT -s 192.168.4.0/24 -j REJECT\niptables -A INPUT -s 192.168.0.0/24 -j REJECT\n```\n\n### (5) Akses dari subnet **GRESIK** ke **MALANG** hanya diperbolehkan pada pukul 17.00 - 07.00 setiap hari\n\n```\niptables -A INPUT -s 192.168.4.0/24 -m time --timestart 07:00 --timestop 17:00 --weekdays Mon,Tue,Wed,Thu,Fri -j ACCEPT\niptables -A INPUT -s 192.168.0.0/24 -m time --timestart 17:00 --timestop 00:00 -j ACCEPT\niptables -A INPUT -s 192.168.0.0/24 -m time --timestart 00:00 --timestop 07:00 -j ACCEPT\niptables -A INPUT -s 192.168.4.0/24 -j REJECT\niptables -A INPUT -s 192.168.0.0/24 -j REJECT\n```\n\n### (6) **SURABAYA** disetting sehingga setiap request dari client yang mengakses **DNS Server** akan didistribusikan **secara bergantian** pada **PROBOLINGGO** port 80 dan **MADIUN** port 80\n\n```\niptables -A PREROUTING -t nat -p tcp -d 192.168.1.10 --dport 80 -m statistic --mode nth --every 2 --packet 0 -j DNAT --to-destination 192.168.1.2\niptables -A PREROUTING -t nat -p tcp -d 192.168.1.10 --dport 80 -j DNAT --to-destination 192.168.1.3\niptables -t nat -A POSTROUTING -p tcp --dport 80 -d 192.168.1.2 -j SNAT --to-source 192.168.1.10\niptables -t nat -A POSTROUTING -p tcp --dport 80 -d 192.168.1.3 -j SNAT --to-source 192.168.1.10\n```\n\n### (7) Semua paket yang didrop oeh firewall (dalam topologi) tercatat dalam log pada setiap UML yang memiliki aturan drop.\n\n```\n**di surabaya (menimpa no2):**\n\niptables -N LOGGING\niptables -A FORWARD -p tcp --dport 22 -d 10.151.83.40/29 -i eth0 -j LOGGING\niptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix \"PDROP: \" --log-level info\niptables -A LOGGING -j DROP\n\n**di malang mojo (menimpa no3):**\n\niptables -N LOGGING\niptables -A INPUT -p icmp -m connlimit --connlimit-above 3 --connlimit-mask 0 -j LOGGING\niptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix \"PDROP: \" --log-level info\niptables -A LOGGING -j DROP\n\n**atau coba ini**\n\niptables -N LOGGING\niptables -A FORWARD -p tcp --dport 22 -d 10.151.83.40/29 -i eth0 -j LOGGING\niptables -A LOGGING -j LOG --log-prefix \"PDROP: \" --log-level info\niptables -A LOGGING -j DROP\n\n**di malang mojo (gantiin nomer 3):**\n\niptables -N LOGGING\niptables -A INPUT -p icmp -m connlimit --connlimit-above 3 --connlimit-mask 0 -j LOGGING\n#iptables -A LOGGING -j LOG --log-prefix \"PDROP: \" --log-level info\n#iptables -A LOGGING -j DROP\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhellbus1%2Fjarkom_modul5_lapres_b04","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhellbus1%2Fjarkom_modul5_lapres_b04","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhellbus1%2Fjarkom_modul5_lapres_b04/lists"}