При всём при этом интернет работает отправляя запросы пользователей на 3128 порт аутентифицируясь по логину и паролю тут всё нормально, а вот Outlook не могу никак прекрутить, я так понимаю нужно прописать правила перенаправляющие порты 25 и 110...
Вот мои конфиги по IPFW:
Код: Выделить всё
cat /etc/rc.conf
ifconfig_msk0="inet 195.158.31.6 netmask 255.255.255.252" -(Это IP - в инет)
ifconfig_rl0="inet 192.168.10.250 netmask 255.255.255.0" -(Это IP - в локалку)
firewall_enable="YES"
firewall_script="/usr/local/etc/rc.d/ipfw.sh"
firewall_type="SIMPLE"
natd_enable="YES"
natd_interface="msk0"
firewall_quiet="NO"
gateway_enable="YES"
Код: Выделить всё
cat /usr/local/etc/rc.d/ipfw.sh
#!/bin/sh
ipfw="/sbin/ipfw -q"
local="192.168.10.0/24"
net="195.158.31.6"
oif="rl0"
iif="msk0"
${ipfw} -f flush
${ipfw} add check-state
${ipfw} add 1 allow ip from any to any via lo0
${ipfw} add 2 allow tcp from any 22 to any
${ipfw} add 3 allow tcp from any to any 22
${ipfw} add 4 deny ip from any to 127.0.0.0/8
${ipfw} add 5 deny ip from 127.0.0.0/8 to any
${ipfw} add 6 deny ip from any to 10.0.0.0/8 in via ${iif}
${ipfw} add 7 deny ip from any to 172.16.0.0/12 in via ${iif}
${ipfw} add 8 deny ip from any to 192.168.0.0/16 in via ${iif}
${ipfw} add 9 deny ip from any to 0.0.0.0/8 in via ${iif}
${ipfw} add 10 deny ip from any to 169.254.0.0/16 in via ${iif}
${ipfw} add 11 deny ip from any to 240.0.0.0/4 in via ${iif}
${ipfw} add 12 deny icmp from any to any frag
${ipfw} add 13 deny log icmp from any to 255.255.255.255 in via ${iif}
${ipfw} add 14 deny log icmp from any to 255.255.255.255 out via ${iif}
${ipfw} add 15 fwd 127.0.0.1,3128 tcp from ${local} to any 80 via ${iif}
${ipfw} add 16 divert natd ip from ${local} to any out via ${iif}
${ipfw} add 17 divert natd ip from any to ${net} in via ${iif}
${ipfw} add 18 deny ip from 10.0.0.0/8 to any out via ${iif}
${ipfw} add 19 deny ip from 172.16.0.0/12 to any out via ${iif}
${ipfw} add 20 deny ip from 192.168.0.0/16 to any out via ${iif}
${ipfw} add 21 deny ip from 0.0.0.0/8 to any out via ${iif}
${ipfw} add 22 deny ip from 169.254.0.0/16 to any out via ${iif}
${ipfw} add 23 deny ip from 224.0.0.0/4 to any out via ${iif}
${ipfw} add 24 deny ip from 240.0.0.0/4 to any out via ${iif}
${ipfw} add 25 allow tcp from any to any established
${ipfw} add 26 allow ip from ${net} to any out xmit ${iif}
${ipfw} add 27 allow udp from any 53 to any via ${iif}
${ipfw} add 28 allow udp from any to any 53 via ${iif}
${ipfw} add 29 allow udp from any to any 123 via ${iif}
${ipfw} add 30 allow tcp from any to ${net} 21 via ${iif}
${ipfw} add 31 allow tcp from any to ${net} 49152-65535 via ${iif}
${ipfw} add 32 allow icmp from any to any icmptypes 0,8,11
${ipfw} add 33 allow tcp from any to ${net} 80 via ${iif}
${ipfw} add 34 allow tcp from any to ${net} 143 via ${iif}
${ipfw} add 35 allow tcp from any to ${net} 110 via ${iif}
${ipfw} add 36 allow tcp from any to any via ${oif}
${ipfw} add 37 allow udp from any to any via ${oif}
${ipfw} add 38 allow icmp from any to any via ${oif}
${ipfw} add 39 deny ip from any to any
${ipfw} add 40 allow tcp from any to ${net} 25 via ${iif}