[iptables-br] Problema com POP/SMTP

juliasoaresandrade2003 Wed, 19 Nov 2008 06:17:01 -0800

Sei que o tópico ja foi discutido aqui mas estou com problemas pra
configura o Firewall aqui da minha empresa. Como é meu primeiro
firewall que monto acredito que estou fazendo algo errado, por isso
peço a ajuda de todos.


Nao estou conseguindo enviar nem receber email´s atraves do Outlook.
Ja fiz de tudo pra dar certo e nada. 
Segue o meu script pra vcs darem uma olhada no que esta errado.

Desde ja agradeço a atenção de todos

#!/bin/bash

echo
echo "=========================================="
echo "| :: SETTING IPTABLES'S CONFIGURATION :: |"
echo "=========================================="

### Limpando as regras ###
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
echo "Cleaning all rules .................[ OK ]"

# Definindo a Politica Default das Cadeias
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
echo "Setting default rules ..............[ OK ]"

### Desabilitar o trafego IP entre as placas de rede ###
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "Setting ip_forward: OFF ............[ OK ]"

# Configurando a Protecao anti-spoofing
for spoofing in /proc/sys/net/ipv4/conf/*/rp_filter; do
        echo "1" > $spoofing
done
echo "Setting anti-spoofing protection ...[ OK ]"

echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo "Setting anti-redirects .............[ OK ]"

echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
echo "Setting anti-source_route ..........[ OK ]"

echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
echo "Setting anti-bugus_response ........[ OK ]"

echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo "Setting anti-synflood protection ...[ OK ]"

### Carregando os modulos do iptables ###
modprobe ip_tables
modprobe iptable_filter
modprobe iptable_mangle
modprobe iptable_nat
modprobe ipt_MASQUERADE
echo "Loading iptables's modules .........[ OK ]"

# Cadeia de Entrada (INPUT)
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

iptables -A INPUT -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT
echo "Setting rules for INPUT ............[ OK ]"

# Cadeia de Reenvio (FORWARD).
iptables -t nat -F POSTROUTING
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
echo "Activating IP Mask .................[ OK ]"

iptables -A FORWARD -i eth0 -p tcp --dport 3128 -j ACCEPT
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT
--to-port 3128

iptables -A FORWARD -p tcp --dport 25 -j ACCEPT
iptables -A FORWARD -p tcp --dport 110 -j ACCEPT
iptables -A FORWARD -p tcp -s 192.168.0.0/255.255.255.0 --dport 25 -j
ACCEPT 
iptables -A FORWARD -p tcp -s 192.168.0.0/255.255.255.0 --dport 110 -j
ACCEPT 


# #####Redireconamento de portas#####
iptables -t nat -A PREROUTING -d 192.168.0.0/24 -p tcp --dport 3389 -j
DNAT --to 192.168.0.201:3389

iptables -A FORWARD -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT
echo "Setting rules for FORWARD ..........[ OK ]"

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "Setting ip_forward: ON .............[ OK ]"
echo "Finished!! Firewall: OK! ...........[ OK ]"
echo "=========================================="
echo

[iptables-br] Problema com POP/SMTP

Responder a