Passar maquina fora do squid, Help!

1. Passar maquina fora do squid, Help!

fnxxr
(usa Ubuntu)

Enviado em 22/08/2019 - 17:33h

Boa Tarde Pessoal, estou tendo um problema no qual não consigo resolver, quero passar um ip especifico para navegar na internet fora do squid, porem isso nao funciona.

alguem pode me ajudar?

Ai vai o script do firewall

iptables_start(){
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t filter -F
iptables -t filter -X
iptables -t mangle -F
iptables -t mangle -X

modprobe ip_tables
modprobe iptable_nat
modprobe ip_conntrack

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
################################################################
#ATIVA REGRA SQUID

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128

echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo "1" < /proc/sys/net/ipv4/tcp_syncookies
echo "0" > /proc/sys/net/ipv4/conf/eth0/accept_source_route
echo "0" > /proc/sys/net/ipv4/conf/eth1/accept_source_route
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

#################################################################
#LIBERA ACESSO PARA REDE

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp --syn -s 192.168.0.0/255.255.255.0 -j ACCEPT

#################################################################
#Aqui poderão ser inseridas regras para bloqueios Ex: torrents, P2P,...
## Libera portas pop e smtp
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 110 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 111 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 113 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 143 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 465 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 587 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 993 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 995 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0 --dport 25 -j ACCEPT

## Bloqueia facebook e youtube https

#iptables -t filter -I FORWARD -p tcp --dport 443 -m string --algo bm --string "orkut.com" -j DROP
#iptables -t filter -I FORWARD -p tcp --sport 443 -m string --algo bm --string "orkut.com" -j DROP

#################################################################
#FINALIZA ARQUIVO
#################################################################

#################################################################
#REGRAS DE EXCESSÃ(ACESSO LIVRE DO FIREWALL) Permite aceeso sem passar pelas regras
#################################################################
iptables -t nat -I PREROUTING 1 -p tcp -s 192.168.0.100 --dport 1:65334 -j ACCEPT
#################################################################

echo 1 > /proc/sys/net/ipv4/ip_forward

}

iptables_stop(){
iptables -F
iptables -X
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
}

case "$1" in
"start")
iptables_start
;;
"stop")
iptables_stop
echo "O iptables esta sendo desativado"
sleep 2
echo "ok"
;;
"restart")
echo "O iptables esta sendo desativado"\e sleep 1
echo "ok"
iptables_stop; iptables_start
;;
*)
iptables -L -n
esac

0 0

Quote