Olá galera eu estou precisando deu uma ajuda de vc´s eu montei um firewall e liberei as portas de POP SMPT mais o outlook do cliente não recebe e nem envia email isso pode se oque .#!/bin/sh
# Interfaces
IF_LOC='lo'
IF_EXT='eth0'
IF_INT='eth1'
#IP das interfaces
IP_EXT='10.1.1.100'
IP_INT='192.168.3.245'
#IP das redes
NET_EXT='10.1.1.0/24'
NET_INT='192.168.3.0/24'
#Criar funcao
inicializa() {
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -F
iptables -F -t nat
iptables -F -t mangle
#apaga cadeias (chains) personalizadas
#-X (Apaga cadeias)
iptables -X
iptables -X -t nat
iptables -X -t mangle
#Zerar contadores
#-Z (apaga contadores)
iptables -Z
iptables -Z -t nat
iptables -Z -t mangle
#Libera o Loopback
iptables -A INPUT -i $IF_LOC -j ACCEPT
#####################################################
# DO FIREWALL
#Libera alguns servicos hospedados no Firewall
iptables -A INPUT -p tcp -m multiport --dport 22,25,110,3128 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#####################################################
#libera saida da rede interna
iptables -A FORWARD -i $IF_INT -s $NET_INT -j ACCEPT
#Libera retorno para rede interna
iptables -A FORWARD -o $IF_INT -d $NET_INT -m state --state
RELATED,ESTABLISHED -j ACCEPT
#Forca o proxy transparente
iptables -t nat -A PREROUTING -i $IF_INT -p tcp --dport 80 -j REDIRECT
--to-port 3128
#Faz a troca de IP invalido pelo IP valido (NAT)
iptables -t nat -A POSTROUTING -o $IF_EXT -j MASQUERADE
#liberar o repasse de pacotes (obrigatorio)
sysctl -q -w net.ipv4.ip_forward=1
}
#Libera o Firewall (habilita todas as portas)
libera() {
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -F -t nat
iptables -F -t mangle
iptables -X
iptables -X -t nat
iptables -X -t mangle
iptables -Z
iptables -Z -t nat
iptables -Z -t mangle
}
case "$1" in
start)
echo 'inicia firewall'
inicializa
;;
stop)
echo 'Para firewall'
libera
;;
*)
echo "uso: $0 start/stop"
esac