!!!!!!Finally!!!!!! after further digging I have closed port 3128.
I have a Cobalt Qube 3 (Sun). I disabled web caching and that eliminated port 80 to being redirected to port 3128.
The standard Linux ipchains utility intercepts HTTP requests and redirects the requests to the squid program. Non-HTTP traffic is routed through the server appliance normally, without redirection.
Disabling the web caching service disabled the ipchains utility to redirect web traffic and disabled squid to cache the web traffic.
By default, port 3128 is open facing both the LAN and the Internet. Now my firewall is working correctly.