[CentOS-es] PROBLEMA CON PUERTOS POP (OUTLOOK)

Vie Dic 11 13:50:10 UTC 2009

Buenos días tengo una máquina centos con realizando funciones de proxy/muro de acceso a internet con las siguiente configuración de iptables y squid.
Una vez relaizado en el script de iptables, salvado  y ejecutado con start funciona perfectamente. Pero el problema que no entiendo es que cuando reinicio la máquina y ejecuto service squid start y service iptables start outlook express no me pasa es como si el puerto 110 se cerrase. Que hago mal?. Muchas gracias

iptables -F

iptables -X

iptables -Z

iptables -t nat -F

iptables -P INPUT ACCPET

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -t nat -P PREROUTING ACCEPT

iptables -t nat -P POSTROUTING ACCEPT

/sbin/iptables -A INPUT -i lo -j ACCEPT

iptables -A INPUT -s 192.168.0.0/24 -i eth1 -j  ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  80 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  443 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  993 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  995 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  110 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  465 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  25 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  53 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p udp -dport  53 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -p tcp -dport  1863 -j ACCEPT

iptables  -A FORWARD -s 192.168.0.0/24 -i eth1 -j DROP

iptables -t nat -A PREROUTING -s 192.168.0.0/24 -i eth1 -p tcp -dport 80 -j REDIRECT -to-port 3128

iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward

service iptables save

service iptables start
_________

visible_hostname squid
http_port 3128 transparent
http_port 8080 transparent
cache_mem 100 MB
cache_swap_low 80
cache_swap_high 100
maximum_object_size 20000 KB
cache_dir ufs /var/spool/squid 25000 16 256
cache_store_log none
half_closed_clients off
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
#acl todalared src 192.168.0.0/255.255.255.0
acl permitidos src "/etc/squid/permitidos"
acl reglas url_regex "/etc/squid/reglas"
acl horario time SMTWHFA 00:00-08:00
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443 563
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443 563
acl Safe_ports port 70
acl Safe_ports port 210
#acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
#logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
#logformat squidmime %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt [%>h] [%<h]
logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
#logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log squid
ie_refresh on
http_access allow manager localhost
http_access deny manager
#http_access allow todalared
http_access allow permitidos !reglas !horario
#http_access allow !reglas
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all

------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: http://lists.centos.org/pipermail/centos-es/attachments/20091211/19b5f100/attachment.html 