Block Https, Http dan Ads dengan NxFilter combine Mikrotik
NxFilter adalah DNS server untuk filter internet berdasarkan Domain Name ada pun features nya sudah sangat lengkap dan di antaranya
– User and group based policy assignment
– Unlimited number of user and policy creation
– Local DNS cache to accelerate your internet speed
– Persistent DNS cache for preventing DNS outage
– Load-balancing and fail-safe with clustering
– Active Directory, eDirectory integration support
– Authoritative DNS server module included
– Remote user filtering by client software
– Application control by client software
– Chromebook agent support
– Bandwidth control
– Quota time
– Phishing protection
– Malware and botnet detection
– Safe-search enforcing on network level
– Dual policy for work-time and free-time
– Unlimited number of user and policy creation
– Local DNS cache to accelerate your internet speed
– Persistent DNS cache for preventing DNS outage
– Load-balancing and fail-safe with clustering
– Active Directory, eDirectory integration support
– Authoritative DNS server module included
– Remote user filtering by client software
– Application control by client software
– Chromebook agent support
– Bandwidth control
– Quota time
– Phishing protection
– Malware and botnet detection
– Safe-search enforcing on network level
– Dual policy for work-time and free-time
– IP based authentication
– Password based authentication
– LDAP authentication
– Single sign-on with Active Directory
– Blocking by domain category
– Unlimited custom categories
– Built-in GUI on an integrated webserver
– Dashboard and reporting
– Granular report on user level
– Runs everywhere including Windows, Linux, Mac OS
– Whitelist/blacklist based on domain and keyword
– DNS query log search with various conditions
– Internationalized domain name support
– Email alert for access violation
– Syslog exportation
– Filtering on HTTPS or SSL
Lebih Lengkap nya bisa baca di http://nxfilter.org/
1. Langsung saja download versi deb di http://nxfilter.org/p3/download/
karena di sini memakai debian 8 harus install
2. Install Java,
apt-get install openjdk-7-jre
3. Install sudo,
apt-get install sudo
3. Install NxFilter package,
dpkg -i nxfilter-xxxx.deb
4. Start service
systemctl start nxfilter.service
Trus buka http://iphost/admin
user standard nya admin dan passwd nya admin
Combine dengan Mikrotik
– Password based authentication
– LDAP authentication
– Single sign-on with Active Directory
– Blocking by domain category
– Unlimited custom categories
– Built-in GUI on an integrated webserver
– Dashboard and reporting
– Granular report on user level
– Runs everywhere including Windows, Linux, Mac OS
– Whitelist/blacklist based on domain and keyword
– DNS query log search with various conditions
– Internationalized domain name support
– Email alert for access violation
– Syslog exportation
– Filtering on HTTPS or SSL
Lebih Lengkap nya bisa baca di http://nxfilter.org/
1. Langsung saja download versi deb di http://nxfilter.org/p3/download/
karena di sini memakai debian 8 harus install
2. Install Java,
apt-get install openjdk-7-jre
3. Install sudo,
apt-get install sudo
3. Install NxFilter package,
dpkg -i nxfilter-xxxx.deb
4. Start service
systemctl start nxfilter.service
Trus buka http://iphost/admin
user standard nya admin dan passwd nya admin
Config>setup pastikan IP nya sama dengan IP host
Config>Admin Ganti passwd standart
Config>Allowed IP masukan IP client yang boleh mengkases DNS
Policy and Rule> Policy >pilih EDIT
Pastikan Filter enable
Pilih kategori filter nya
Untuk Testing arahkan IP DNS client ke ip NxFilter
Testing http://www.playboy.com/
Testing blok http://google.com/ hasil nya seperti yang diharapkan ter blok
Testing blok https://google.com/ hasil nya seperti yang diharapkan ter blok
Combine dengan Mikrotik
Trus bikin rule dnat redirect trafik dns di mikrotiknya yang intinya memaksa semua client memakai DNS yang sudah kita setup untuk filter, meski pun ip dns di sisi client di ganti semuanya sendiri pasti di redirect ke NxFilter sama si mikrotik
ip client 10.10.1.0/24
ip dns 10.10.0.26/24
/ip firewall nat
add chain=dstnat src-address=10.10.1.0/24 action=dst-nat to-addresses=10.10.0.26 to-ports=53 protocol=udp dst-port=53
add chain=dstnat src-address=10.10.1.0/24 action=dst-nat to-addresses=10.10.0.26 to-ports=53 protocol=tcp dst-port=53
add chain=dstnat src-address=10.10.1.0/24 action=dst-nat to-addresses=10.10.0.26 to-ports=53 protocol=udp dst-port=53
add chain=dstnat src-address=10.10.1.0/24 action=dst-nat to-addresses=10.10.0.26 to-ports=53 protocol=tcp dst-port=53
Ini hasil blok ADS bersih tanpa iklan
Ini hasil blok ADS bersih tanpa iklan
Dari dashboard bisa kita simpulkan kita bisa mengoptimalkan bandwidth dengan cara blok ads
Salam
Komentar
Posting Komentar