Galera,
Minhas estações com WinXP acessam internet e msn na boa, mas naum funciona o Outlook Express.
Estou postando meu script do squid para vcs verem se existe rrros:
http_port 8080
icp_port 0
cache_mem 100 MB
maximum_object_size 4096 KB
cache_dir ufs /cache 7000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log none
emulate_httpd_log off
connect_timeout 120 seconds
acl logname proxy_auth REQUIRED
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 444 447 563 7443
# acl Safe_ports port 80 21 443 444 447 563 70 210 7443 1024-65535
acl CONNECT method CONNECT
acl download urlpath_regex .exe$ .zip$ .arj$ .tar.gz$ .tgz$ .rpm$ .mp3$
acl proibido url_regex "/etc/squid/proibido"
acl aceito url_regex "/etc/squid/aceito"
acl all src 192.168.0.0/255.255.255.0
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow all !proibido
http_access allow !aceito
icp_access allow all
miss_access allow all
cache_mgr root@localhost
cache_effective_user squid
cache_effective_group squid
visible_hostname localhost
store_avg_object_size 4 KB
E o meu firewall está assim:
#!/bin/sh
#### CONFIGURAÇÔES DO IPTABLES FIREWALL ####
# REDIRECIONAMENTO LIGADO (Forwarding ON) #
echo 1 > /proc/sys/net/ipv4/ip_forward
log file = /var/log/firewall/%U.log
LAN_IP_NET='192.168.0.1/24'
LAN_NIC='eth1'
WAN_NIC='eth0'
# DHCP
WAN_IP='ifconfig eth0 | grep inet | cut -d : -f 2 | cut -d ' ' -f 1'
# CARREGANDO MODULOS #
modprobe ip_nat_ftp
modprobe iptable_nat
modprobe ip_conntrack_ftp
# LIMPANDO (FLUSH)
iptables -t nat -F POSTROUTING
iptables -t nat -F PREROUTING
iptables -t nat -F OUTPUT
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
# LIBERAR O TRAFEGO DE REDE PARA O ROTEADOR
iptables -A INPUT -i lo -j ACCEPT
# LIGANDO MASQUERADE E REDIRECIONAMENTO (NAT - ON)
iptables -t nat -A POSTROUTING -s $IPTB_LAN_IP_NET -j MASQUERADE
iptables -A FORWARD -j ACCEPT -i $IPTB_LAN_NIC -s $IPTB_LAN_IP_NET
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#### BLOQUEIO DE ICMP - DESLIGADO (OFF) ####
#### LIBERAR PORTAS ABERTAS NO ROTEADOR ####
# Portas abertas no roteador para Servidores/Servicos - LIGADO
iptables -A INPUT -j ACCEPT -p tcp --dport 21
iptables -A INPUT -j ACCEPT -p tcp --dport 22
iptables -A INPUT -j ACCEPT -p tcp --dport 25
iptables -A INPUT -j ACCEPT -p tcp --dport 80
iptables -A INPUT -j ACCEPT -p tcp --dport 110
#### REDIRECIONAMENTO DE PORTAS PARA O SERVIDOR ####
# Portas Abertas para a REDE - LIGADO
iptables -A FORWARD -j ACCEPT -p tcp --dport 21
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j DNAT --to :21
iptables -A FORWARD -j ACCEPT -p tcp --dport 22
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j DNAT --to :22
iptables -A FORWARD -j ACCEPT -p tcp --dport 25
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25 -j DNAT --to :25
iptables -A FORWARD -j ACCEPT -p tcp --dport 80
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to :80
iptables -A FORWARD -j ACCEPT -p tcp --dport 110
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j DNAT --to :110
#### PORTAS FECHADAS ####
iptables -A INPUT -p tcp -s 0/0 --dport 3128 -j DROP
Alguém puder ajudar eu agadeço.
Valew!!!