Problemas no redirecionamento de porta squid

Bom dia, estou precisando com urgência de uma ajuda.

É um seguinte:

Estou tentando fazer um redirecionameto da porta squid via NAT.

A minha rede interna é: 192.168.0.X, meu squid esta configurado para trabalhar na porta 3128.

Configuro nas estações para utilizarem o proxy para o endereço 192.168.0.1 porta 3128.

Minha interface local no firewall é eth1 192.168.0.1

Tenho as seguintes regras de Firewall:

#!/bin/sh
# Script Firewall
#
#
###################################################
# Definicoes Basicas
###################################################
IPTABLES="/sbin/iptables"

# HABILITANDO ROTEAMENTO
#
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_dynaddr

###################################################
# Limpeza geral
###################################################

$IPTABLES -F
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
$IPTABLES -F -t mangle
$IPTABLES -F -t nat
$IPTABLES -X

###################################################
#Setup de politicas
###################################################
$IPTABLES -P INPUT DROP
$IPTABLES -P OUTPUT DROP
$IPTABLES -P FORWARD DROP

$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

############################################################
# NAT - NETWORK ADRESS TRANSLATION
############################################################

$IPTABLES -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -t nat -A PREROUTING -p udp -i eth1 --dport 80 -j REDIRECT --to-port 3128

####
# Rede Invalida
####

$IPTABLES -A FORWARD -i eth0 -o eth1 -j ACCEPT
$IPTABLES -A FORWARD -i eth1 -o eth0 -j ACCEPT

####
# Loopback interface
####
$IPTABLES -A INPUT -i lo -j ACCEPT

############################################################
# Regras Finais (DROP C/ LOG)
############################################################
$IPTABLES -A INPUT -j dropwall
$IPTABLES -A FORWARD -j dropwall
$IPTABLES -A OUTPUT -j dropwall

**** Dessa forma não a meio de fazer as estações navegarem, a log do squid não registra nada.

O firewall me retorna essa log

Dec 19 09:44:41 fw kernel: Dropwall:IN=eth1 OUT= MAC=00:06:29:26:00:94:00:11:5b:d4:c6:75:08:00 SRC=192.168.0.11 DST=192.168.0.1 LEN=378 TOS=0x00 PREC=0x00 TTL=128 ID=31212 DF PROTO=TCP SPT=1257 DPT=3128 WINDOW=15753 RES=0x00 ACK PSH URGP=0

Se criou uma regra de firewall de forma: (Retirando os DROPs)

#!/bin/sh
# Script Firewall
#
#
###################################################
# Definicoes Basicas
###################################################
IPTABLES="/sbin/iptables"

# HABILITANDO ROTEAMENTO
#
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/ip_dynaddr

###################################################
# Limpeza geral
###################################################

$IPTABLES -F
$IPTABLES -F INPUT
$IPTABLES -F OUTPUT
$IPTABLES -F FORWARD
$IPTABLES -F -t mangle
$IPTABLES -F -t nat
$IPTABLES -X

$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

############################################################
# NAT - NETWORK ADRESS TRANSLATION
############################################################

$IPTABLES -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j REDIRECT --to-port 3128
$IPTABLES -t nat -A PREROUTING -p udp -i eth1 --dport 80 -j REDIRECT --to-port 3128

####
# Rede Invalida
####

$IPTABLES -A FORWARD -i eth0 -o eth1 -j ACCEPT
$IPTABLES -A FORWARD -i eth1 -o eth0 -j ACCEPT

####
# Loopback interface
####
$IPTABLES -A INPUT -i lo -j ACCEPT

Ai funciona, o que esta faltando tenho q criar mais alguma regra para porta 3128, como faço isso? em que ponto do script ela deve ser incluida...

Agradeço desde já.
WASLEY