Problemas al configurar Squid
Estoy intentando configurar el squid para realizar cache transparente, pero no observo que el squid este cacheando Las paginas que consulto. Cuando indico desde el explorador localhost: 3128 me indica que el squid funciona. Pero en el Directorio /var/cache/squid no coloca la paginas. Se puede navegar sin ningún problema y el messeger funciona. Estoy utilizando SuSE 9.1 y les envió un resumen de los datos. Aprecio cualquier ayuda. # SQUID 2 # ------------------------------------------------- # Opciones de Red # ---------------------------------------------------------------------------- - http_port 3128 cache_mem 16 MB cache_dir ufs /var/cache/squid 1000 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log ftp_user Squid@ # Recomendación Minima acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl todalared src 192.168.0.0/255.255.255.0 # Reglas de control de acceso http_access allow localhost http_access allow todalared http_access deny all # Debe especificarse la IP de cualquier servidor Web en la red local # o bien el valor virtual httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on ie_refresh on 4.1 ifstatus - /sbin/ifconfig Salida a internet eth0 Link encap:Ethernet HWaddr 00:07:95:31:97:19 inet addr:10.168.0.109 Bcast:10.168.0.255 Mask:255.255.255.0 Salida a la red interna eth1 Link encap:Ethernet HWaddr 00:01:02:89:2D:C3 inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 4.3 route - /sbin/route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 10.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.168.0.2 0.0.0.0 UG 0 0 0 eth0 4.5 network-config - /etc/sysconfig/network/config DEFAULT_BROADCAST="+" GLOBAL_POST_UP_EXEC="yes" GLOBAL_PRE_DOWN_EXEC="yes" CHECK_DUPLICATE_IP="no" DEBUG="no" USE_SYSLOG="yes" MODIFY_RESOLV_CONF_DYNAMICALLY="yes" MODIFY_NAMED_CONF_DYNAMICALLY="no" CONNECTION_SHOW_WHEN_IFSTATUS="no" CONNECTION_CHECK_BEFORE_IFDOWN="no" CONNECTION_CLOSE_BEFORE_IFDOWN="no" CONNECTION_UMOUNT_NFS_BEFORE_IFDOWN="no" CONNECTION_SEND_KILL_SIGNAL="no" MANDATORY_DEVICES="" WAIT_FOR_INTERFACES="20" FIREWALL="yes" FAILURE_ACTION=off LINKLOCAL_INTERFACES="eth*[0-9]|tr*[0-9]|wlan[0-9]|ath[0-9]" 4.6 sysctl - /etc/sysconfig/sysctl IP_DYNIP="no" IP_TCP_SYNCOOKIES="yes" IP_FORWARD="yes" IPV6_FORWARD="no" IPV6_PRIVACY=no DISABLE_ECN="yes" ENABLE_SYSRQ="no" 4.7 resolv - /etc/resolv.conf search casa nameserver 200.44.32.12 nameserver 200.44.32.13 4.8 dhcp - /etc/sysconfig/network/dhcp DHCLIENT_BIN="" DHCLIENT_DEBUG="no" DHCLIENT_SET_HOSTNAME="yes" DHCLIENT_MODIFY_RESOLV_CONF="yes" DHCLIENT_SET_DEFAULT_ROUTE="yes" DHCLIENT_MODIFY_NTP_CONF="no" DHCLIENT_MODIFY_NIS_CONF="yes" DHCLIENT_SET_DOMAINNAME="yes" DHCLIENT_KEEP_SEARCHLIST="no" DHCLIENT_LEASE_TIME="" DHCLIENT_TIMEOUT="999999" DHCLIENT_REBOOT_TIMEOUT="" DHCLIENT_HOSTNAME_OPTION="AUTO" DHCLIENT_CLIENT_ID="" DHCLIENT_VENDOR_CLASS_ID="" DHCLIENT_RELEASE_BEFORE_QUIT="no" DHCLIENT_SCRIPT_EXE="" DHCLIENT_ADDITIONAL_OPTIONS="" DHCLIENT_SLEEP="0" DHCLIENT_WAIT_AT_BOOT="5" 4.9 proxy - /etc/sysconfig/proxy PROXY_ENABLED="yes" HTTP_PROXY="" FTP_PROXY="" GOPHER_PROXY="" NO_PROXY="localhost" 4.12 filter - /usr/sbin/iptables -nL Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT udp -- 0.0.0.0/0 255.255.255.255 state NEW,ESTABLISHED udp spt:68 dpt:67 DROP all -- 0.0.0.0/0 255.255.255.255 DROP all -- 0.0.0.0/0 10.168.0.255 input_ext all -- 0.0.0.0/0 0.0.0.0/0 input_int all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 10.168.0.109 LOG flags 6 level 4 prefix `SFW2-IN-ACC_DENIED_INT ' DROP all -- 0.0.0.0/0 10.168.0.109 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 forward_ext all -- 0.0.0.0/0 0.0.0.0/0 forward_int all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING ' DROP all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-FORWARD-ERROR ' Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 LOG flags 6 level 4 prefix `SFW2-OUT-TRACERT-ATTEMPT ' ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13 DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-OUTPUT-ERROR ' Chain forward_dmz (0 references) target prot opt source destination LOG all -- 0.0.0.0/0 192.168.0.1 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-CIRCUMV ' DROP all -- 0.0.0.0/0 192.168.0.1 LOG all -- 0.0.0.0/0 10.168.0.109 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-CIRCUMV ' DROP all -- 0.0.0.0/0 10.168.0.109 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDdmz-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain forward_ext (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 192.168.0.1 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-CIRCUMV ' DROP all -- 0.0.0.0/0 192.168.0.1 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDext-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain forward_int (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 10.168.0.109 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-CIRCUMV ' DROP all -- 0.0.0.0/0 10.168.0.109 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_dmz (0 references) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5801 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5801 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-ACC-HiTCP ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:177 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5801 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:1024:65535 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_ext (1 references) target prot opt source destination LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INext-ACC-SOURCEQUENCH ' ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INext-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-ACC-TCP ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:23 reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5801 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5801 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-ACC-HiTCP ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:111 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:177 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5801 state NEW DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901 state NEW ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:1024:65535 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED udp dpts:61000:65095 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain input_int (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix `SFW2-INint-DROP-ICMP-CRIT ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 reject_func tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INint-ACC-HiTCP ' ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp dpt:1025 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED udp dpt:1026 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:1024:65535 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG udp -- 0.0.0.0/0 0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT ' LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT-INV ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain reject_func (3 references) target prot opt source destination REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset REJECT udp -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable 4.13 SuSEfirewall2 - /etc/sysconfig/SuSEfirewall2 FW_QUICKMODE="no" FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_DEV_DMZ="" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_DEV="$FW_DEV_EXT" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="no" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="telnet" FW_SERVICES_EXT_UDP="" FW_SERVICES_EXT_IP="" FW_SERVICES_EXT_RPC="" FW_SERVICES_DMZ_TCP="" FW_SERVICES_DMZ_UDP="" FW_SERVICES_DMZ_IP="" FW_SERVICES_DMZ_RPC="" FW_SERVICES_INT_TCP="" FW_SERVICES_INT_UDP="" FW_SERVICES_INT_IP="" FW_SERVICES_INT_RPC="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="no" FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS" FW_SERVICE_AUTODETECT="yes" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ="" FW_REDIRECT="192.168.0.0/24,0/0,TCP,80,3128 192.168.0.0/24,0/0,TCP,443,3128 192.168.0.0/24,0/0,TCP,21,3128" FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="no" FW_LOG_ACCEPT_CRIT="yes" FW_LOG_ACCEPT_ALL="no" FW_LOG="" FW_KERNEL_SECURITY="yes" FW_ANTISPOOF="no" FW_STOP_KEEP_ROUTING_STATE="no" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="no" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="int" FW_IGNORE_FW_BROADCAST="no" FW_ALLOW_CLASS_ROUTING="no" FW_CUSTOMRULES="" FW_REJECT="no" FW_HTB_TUNE_DEV="" FW_IPv6="" FW_IPv6_REJECT_OUTGOING="yes" FW_IPSEC_TRUST="no" FW_IPSEC_MARK="" 4.14 Personal-Firewall - /etc/sysconfig/personal-firewall REJECT_ALL_INCOMING_CONNECTIONS="" 4.15 ipv4 ip_forward - /proc/sys/net/ipv4/ip_forward 1
participants (1)
-
Robert Palencia