Senhore e senhores da nossa comunidade open source....
montei um server squid autenticado para um cliente e estou com um problema que e
fazer o outlook baixar os email pelo pop3 e smtp..
não sei mais o que fazer...
Por favor ajuden...
abaixo script firewall
# Interfaces de Rede
ETHINT='eth1'
ETHEXT='eth2'
REDINT='10.0.0.0/255.0.0.0'
case "$1" in
start)
gprintf "Iniciando o serviço de %s: " "IPtables"
echo
echo 1 > /proc/sys/net/ipv4/ip_forward
### Nega trafego entrada, saida e forward ###
/sbin/iptables -t filter -P INPUT DROP
/sbin/iptables -t filter -P OUTPUT DROP
/sbin/iptables -t filter -P FORWARD DROP
### Nega portas eth externa ###
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 111 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 631 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 953 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 3128 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 10000 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 111 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 631 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 953 -j DROP
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p UDP --dport 10000 -j DROP
### Aceita entrada interface lo ###
/sbin/iptables -t filter -A INPUT -i lo -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o lo -j ACCEPT
### Aceita entrada ssh ###
### Descomente a linha abaixo para negar ###
#/usr/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 22 -j DROP
### Descomente a linha abaixo para liberar ssh ###
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p TCP --dport 22 -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHINT -p TCP --dport 22 -j ACCEPT
### Aceita entrada DNS ###
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p UDP --dport 53 -j ACCEPT
### Libera trafego ping rede externa ###
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p icmp --icmp-type echo-request -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHEXT -p icmp --icmp-type echo-reply -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-request -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-reply -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p icmp -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHINT -p icmp -j ACCEPT
### Libera trafego ping rede interna ###
/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-request -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHINT -p icmp --icmp-type echo-reply -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHINT -p icmp -j ACCEPT
### Regra de redirecionamento de porta 80/443 p/ 3128 (proxy) ###
/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p TCP --dport 3128 -j ACCEPT
/sbin/iptables -t nat -A PREROUTING -i $ETHINT -s $REDINT -p TCP --dport 80 -j REDIRECT --to-port 3128
###Entrada Pop3###
iptables -A FORWARD -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -p tcp --dport 110 -j ACCEPT
### DHCP ###
/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p TCP --dport 67 -j ACCEPT
/sbin/iptables -t filter -A INPUT -i $ETHINT -s $REDINT -p UDP --dport 67 -j ACCEPT
### Navegação Pagina ###
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 80 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 443 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 21 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 20 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP --dport 8080 -j ACCEPT
### FTP UNICAMP PARA ATUALIZAÇÃO ###
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP -d 143.106.10.150 --dport 21 -j ACCEPT
/sbin/iptables -t filter -A OUTPUT -o $ETHEXT -p TCP -d 143.106.10.150 --dport 1024:65535 -j ACCEPT
### Libera conexao entrada de conexões estabelecidas rede externa ###
## Entrada DNS ##
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p UDP --dport 53 -j ACCEPT
## Portas Altas TCP e UDP ##
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p TCP --dport 1024:65535 -j ACCEPT
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -i $ETHEXT -p UDP --dport 1024:65535 -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHEXT -p UDP --dport 1024:65535 -j ACCEPT
/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHEXT -p TCP --dport 1024:65535 -j ACCEPT
### Libera conexao de entrada de conexões estabelecidas rede interna ###
/sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -o $ETHINT -j ACCEPT
;;
stop)
gprintf "Parando o serviço de %s: " " IPtables"
echo
/sbin/iptables -F
/sbin/iptables -t nat -F
/sbin/iptables -t filter -P INPUT ACCEPT
/sbin/iptables -t filter -P OUTPUT ACCEPT
/sbin/iptables -t filter -P FORWARD ACCEPT
;;
*)
gprintf "Uso: iptables (start|stop)"
echo
;;
esac
exit 0