Boa noite.
Senhores estou com squid instalado e meu script de firewall.
e esse....
! /bin/sh
# description: Inicializacao do iptables
#
# chkconfig: 2345 80 30
# processname: iptables
# pidfile: /var/run/iptabless.pid
. /etc/rc.d/init.d/functions
. /etc/sysconfig/network
if [ ${NETWORKING} = "no" ]
then
exit 0
fi
# Interfaces de Rede
ETHINT='eth0'
ETHEXT='eth1'
REDINT='10.0.0.0/32'
case "$1" in
start)
gprintf "Iniciando o serviço de %s: " "IPtables"
echo
echo 1 > /proc/sys/net/ipv4/ip_forward
### Nega trafego entrada, saida e forward ###
/usr/sbin/iptables -t filter -P INPUT DROP
/usr/sbin/iptables -t filter -P OUTPUT DROP
/usr/sbin/iptables -t filter -P FORWARD DROP
### Nega portas eth externa ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 111 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 631 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 953 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 3128 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 10000 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 111 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 631 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 953 -j DROP
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 10000 -j DROP
### Aceita entrada interface lo ###
/usr/sbin/iptables -t filter -A INPUT -i lo -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT
### Aceita entrada ssh ###
### Descomente a linha abaixo para negar ###
#/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 22 -j DROP
### Descomente a linha abaixo para liberar ssh ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 22 -j ACCEPT
### Aceita entrada DNS ###
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p UDP --dport 53 -j ACCEPT
### Libera trafego ping rede externa ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p icmp --icmp-type echo-request -j ACCEPT
/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p icmp --icmp-type echo-reply -j ACCEPT
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-request -j ACCEPT
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-reply -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p icmp -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHINT -p icmp -j ACCEPT
### Libera trafego ping rede interna ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-request -j ACCEPT
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-reply -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHINT -p icmp -j ACCEPT
### Regra de redirecionamento de porta 80/443 p/ 3128 (proxy) ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p TCP --dport 3128 -j ACCEPT
/usr/sbin/iptables -t nat -A PREROUTING -i $ETHINT -s $REDINT -p TCP --dport 80 -j REDIRECT --to-port 3128
### DHCP ###
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p TCP --dport 67 -j ACCEPT
/usr/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p UDP --dport 67 -j ACCEPT
### Navegação Pagina ###
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 80 -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 443 -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 21 -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 20 -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 8080 -j ACCEPT
### FTP UNICAMP PARA ATUALIZAÇÃO ###
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP -d 143.106.10.150 --dport 21 -j ACCEPT
/usr/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP -d 143.106.10.150 --dport 1024:65535 -j ACCEPT
### Libera conexao entrada de conexões estabelecidas rede externa ###
## Entrada DNS ##
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p UDP --dport 53 -j ACCEPT
## Portas Altas TCP e UDP ##
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p TCP --dport 1024:65535 -j ACCEPT
/usr/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p UDP --dport 1024:65535 -j ACCEPT
/usr/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHEXT -p UDP --dport 1024:65535 -j ACCEPT
/usr/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHEXT -p TCP --dport 1024:65535 -j ACCEPT
### Libera conexao de entrada de conexões estabelecidas rede interna ###
/usr/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHINT -j ACCEPT
;;
stop)
gprintf "Parando o serviço de %s: " " IPtables"
echo
/usr/sbin/iptables -F
/usr/sbin/iptables -t nat -F
/usr/sbin/iptables -t filter -P INPUT ACCEPT
/usr/sbin/iptables -t filter -P OUTPUT ACCEPT
/usr/sbin/iptables -t filter -P FORWARD ACCEPT
;;
*)
gprintf "Uso: iptables (start|stop)"
echo
;;
esac
exit 0
Gatewai da minha rede e 10.0.0.5
Eth0: 10.0.0.200
eth1: 10.0.0.254
Por Favor alguem pode me dizer porque que meu server não esta rotiando.