Problemas al configurar Squid

10 Feb 2005

      Estoy intentando configurar el squid para realizar cache transparente, pero
no observo que el squid este cacheando
Las paginas que consulto. Cuando indico desde el explorador localhost: 3128
me indica que el squid funciona. Pero en el 
Directorio /var/cache/squid no coloca la paginas. Se puede navegar sin
ningún problema y el messeger funciona.

Estoy utilizando SuSE 9.1 y les envió un resumen de los datos. Aprecio
cualquier ayuda.

#	                     SQUID 2
#	-------------------------------------------------
# Opciones de Red
#
----------------------------------------------------------------------------
-
http_port 3128
cache_mem 16 MB
cache_dir ufs /var/cache/squid 1000 16 256
cache_access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
ftp_user Squid@

# RecomendaciÃ³n Minima
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl todalared src 192.168.0.0/255.255.255.0

# Reglas de control de acceso
http_access allow localhost
http_access allow todalared
http_access deny all

# Debe especificarse la IP de cualquier servidor Web en la red local
# o bien el valor virtual
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
ie_refresh on

4.1 ifstatus - /sbin/ifconfig

Salida a internet
eth0      Link encap:Ethernet  HWaddr 00:07:95:31:97:19  
          inet addr:10.168.0.109  Bcast:10.168.0.255  Mask:255.255.255.0

Salida a la red interna
eth1      Link encap:Ethernet  HWaddr 00:01:02:89:2D:C3  
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0

4.3 route - /sbin/route -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
10.168.0.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         10.168.0.2      0.0.0.0         UG    0      0        0 eth0

4.5 network-config - /etc/sysconfig/network/config

DEFAULT_BROADCAST="+"
GLOBAL_POST_UP_EXEC="yes"
GLOBAL_PRE_DOWN_EXEC="yes"
CHECK_DUPLICATE_IP="no"
DEBUG="no"
USE_SYSLOG="yes"
MODIFY_RESOLV_CONF_DYNAMICALLY="yes"
MODIFY_NAMED_CONF_DYNAMICALLY="no"
CONNECTION_SHOW_WHEN_IFSTATUS="no"
CONNECTION_CHECK_BEFORE_IFDOWN="no"
CONNECTION_CLOSE_BEFORE_IFDOWN="no"
CONNECTION_UMOUNT_NFS_BEFORE_IFDOWN="no"
CONNECTION_SEND_KILL_SIGNAL="no"
MANDATORY_DEVICES=""
WAIT_FOR_INTERFACES="20"
FIREWALL="yes"
FAILURE_ACTION=off
LINKLOCAL_INTERFACES="eth*[0-9]|tr*[0-9]|wlan[0-9]|ath[0-9]"

4.6 sysctl - /etc/sysconfig/sysctl

IP_DYNIP="no"
IP_TCP_SYNCOOKIES="yes"
IP_FORWARD="yes"
IPV6_FORWARD="no"
IPV6_PRIVACY=no
DISABLE_ECN="yes"
ENABLE_SYSRQ="no"

4.7 resolv - /etc/resolv.conf

search casa
nameserver 200.44.32.12
nameserver 200.44.32.13

4.8 dhcp - /etc/sysconfig/network/dhcp

DHCLIENT_BIN=""
DHCLIENT_DEBUG="no"
DHCLIENT_SET_HOSTNAME="yes"
DHCLIENT_MODIFY_RESOLV_CONF="yes"
DHCLIENT_SET_DEFAULT_ROUTE="yes"
DHCLIENT_MODIFY_NTP_CONF="no"
DHCLIENT_MODIFY_NIS_CONF="yes"
DHCLIENT_SET_DOMAINNAME="yes"
DHCLIENT_KEEP_SEARCHLIST="no"
DHCLIENT_LEASE_TIME=""
DHCLIENT_TIMEOUT="999999"
DHCLIENT_REBOOT_TIMEOUT=""
DHCLIENT_HOSTNAME_OPTION="AUTO"
DHCLIENT_CLIENT_ID=""
DHCLIENT_VENDOR_CLASS_ID=""
DHCLIENT_RELEASE_BEFORE_QUIT="no"
DHCLIENT_SCRIPT_EXE=""
DHCLIENT_ADDITIONAL_OPTIONS=""
DHCLIENT_SLEEP="0"
DHCLIENT_WAIT_AT_BOOT="5"

4.9 proxy - /etc/sysconfig/proxy

PROXY_ENABLED="yes"
HTTP_PROXY=""
FTP_PROXY=""
GOPHER_PROXY=""
NO_PROXY="localhost"

4.12 filter - /usr/sbin/iptables -nL

Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     udp  --  0.0.0.0/0            255.255.255.255     state
NEW,ESTABLISHED udp spt:68 dpt:67 
DROP       all  --  0.0.0.0/0            255.255.255.255     
DROP       all  --  0.0.0.0/0            10.168.0.255        
input_ext  all  --  0.0.0.0/0            0.0.0.0/0           
input_int  all  --  0.0.0.0/0            0.0.0.0/0           
LOG        all  --  0.0.0.0/0            10.168.0.109        LOG flags 6
level 4 prefix `SFW2-IN-ACC_DENIED_INT ' 
DROP       all  --  0.0.0.0/0            10.168.0.109        
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-IN-ILL-TARGET ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain FORWARD (policy DROP)
target     prot opt source               destination         
TCPMSS     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x06/0x02 TCPMSS clamp to PMTU 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
forward_ext  all  --  0.0.0.0/0            0.0.0.0/0           
forward_int  all  --  0.0.0.0/0            0.0.0.0/0           
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-FWD-ILL-ROUTING ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-FORWARD-ERROR ' 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 11
LOG flags 6 level 4 prefix `SFW2-OUT-TRACERT-ATTEMPT ' 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 11 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3
code 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3
code 4 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3
code 9 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3
code 10 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3
code 13 
DROP       icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 3 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-OUTPUT-ERROR ' 
Chain forward_dmz (0 references)
target     prot opt source               destination         
LOG        all  --  0.0.0.0/0            192.168.0.1         LOG flags 6
level 4 prefix `SFW2-FWDdmz-DROP-CIRCUMV ' 
DROP       all  --  0.0.0.0/0            192.168.0.1         
LOG        all  --  0.0.0.0/0            10.168.0.109        LOG flags 6
level 4 prefix `SFW2-FWDdmz-DROP-CIRCUMV ' 
DROP       all  --  0.0.0.0/0            10.168.0.109        
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED
icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain forward_ext (1 references)
target     prot opt source               destination         
LOG        all  --  0.0.0.0/0            192.168.0.1         LOG flags 6
level 4 prefix `SFW2-FWDext-DROP-CIRCUMV ' 
DROP       all  --  0.0.0.0/0            192.168.0.1         
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED
icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-FWDext-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain forward_int (1 references)
target     prot opt source               destination         
LOG        all  --  0.0.0.0/0            10.168.0.109        LOG flags 6
level 4 prefix `SFW2-FWDint-DROP-CIRCUMV ' 
DROP       all  --  0.0.0.0/0            10.168.0.109        
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state RELATED
icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-FWDint-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain input_dmz (0 references)
target     prot opt source               destination         
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 11 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 12 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 14 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 18 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 2 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' 
DROP       icmp --  0.0.0.0/0            0.0.0.0/0           
reject_func  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:113
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5801
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5801
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5901
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5901
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INdmz-ACC-HiTCP ' 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:22
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:67
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:67
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:68
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:111
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:111
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:177
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:5801
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:5901
state NEW 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
dpts:1024:65535 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-INdmz-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain input_ext (1 references)
target     prot opt source               destination         
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INext-ACC-SOURCEQUENCH ' 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 11 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 12 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 14 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 18 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 2 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' 
DROP       icmp --  0.0.0.0/0            0.0.0.0/0           
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:23
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-ACC-TCP ' 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED tcp dpt:23 
reject_func  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:113
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5801
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5801
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5901
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' 
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5901
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INext-ACC-HiTCP ' 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:22
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:67
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:67
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:68
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:111
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:111
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:177
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:5801
state NEW 
DROP       udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:5901
state NEW 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
dpts:1024:65535 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
ESTABLISHED udp dpts:61000:65095 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-INext-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain input_int (1 references)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 0 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 3 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 11 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 12 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 14 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED icmp type 18 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 2 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' 
DROP       icmp --  0.0.0.0/0            0.0.0.0/0           
reject_func  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:113
flags:0x16/0x02 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
`SFW2-INint-ACC-HiTCP ' 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED udp dpt:1025 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
NEW,RELATED,ESTABLISHED udp dpt:1026 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state
RELATED,ESTABLISHED 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp
dpts:1024:65535 
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           tcp
flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 4 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 5 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 LOG
flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 13
LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 17
LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           LOG flags 6
level 4 prefix `SFW2-INint-DROP-DEFLT ' 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT-INV ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           
Chain reject_func (3 references)
target     prot opt source               destination         
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           reject-with
tcp-reset 
REJECT     udp  --  0.0.0.0/0            0.0.0.0/0           reject-with
icmp-port-unreachable 
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with
icmp-proto-unreachable 

4.13 SuSEfirewall2 - /etc/sysconfig/SuSEfirewall2

FW_QUICKMODE="no"
FW_DEV_EXT="eth0"
FW_DEV_INT="eth1"
FW_DEV_DMZ=""
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="0/0"
FW_PROTECT_FROM_INTERNAL="no"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="telnet"
FW_SERVICES_EXT_UDP=""
FW_SERVICES_EXT_IP=""
FW_SERVICES_EXT_RPC=""
FW_SERVICES_DMZ_TCP=""
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_DMZ_RPC=""
FW_SERVICES_INT_TCP=""
FW_SERVICES_INT_UDP=""
FW_SERVICES_INT_IP=""
FW_SERVICES_INT_RPC=""
FW_SERVICES_QUICK_TCP=""
FW_SERVICES_QUICK_UDP=""
FW_SERVICES_QUICK_IP=""
FW_TRUSTED_NETS=""
FW_ALLOW_INCOMING_HIGHPORTS_TCP="no"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS"
FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_DNS="no"
FW_SERVICE_DHCLIENT="no"
FW_SERVICE_DHCPD="no"
FW_SERVICE_SQUID="no"
FW_SERVICE_SAMBA="no"
FW_FORWARD=""
FW_FORWARD_MASQ=""
FW_REDIRECT="192.168.0.0/24,0/0,TCP,80,3128 192.168.0.0/24,0/0,TCP,443,3128
192.168.0.0/24,0/0,TCP,21,3128"
FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG=""
FW_KERNEL_SECURITY="yes"
FW_ANTISPOOF="no"
FW_STOP_KEEP_ROUTING_STATE="no"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"
FW_ALLOW_FW_TRACEROUTE="yes"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_ALLOW_FW_BROADCAST="int"
FW_IGNORE_FW_BROADCAST="no"
FW_ALLOW_CLASS_ROUTING="no"
FW_CUSTOMRULES=""
FW_REJECT="no"
FW_HTB_TUNE_DEV=""
FW_IPv6=""
FW_IPv6_REJECT_OUTGOING="yes"
FW_IPSEC_TRUST="no"
FW_IPSEC_MARK=""

4.14 Personal-Firewall - /etc/sysconfig/personal-firewall

REJECT_ALL_INCOMING_CONNECTIONS=""

4.15 ipv4 ip_forward - /proc/sys/net/ipv4/ip_forward

1

Problemas al configurar Squid

Robert Palencia