SME server resources
I have used my own iptables script for a long time, because I did not have the time to dissect sme5/6/7 and see if all iptables scripts were to my standards. Today I know they almost are. What my script does more elaborately is
- Log: it logs all traffic from the sme server to the internet, and all traffic from my internal lan to the internet. Well to be exact, it logs the tcp syns and udp, minus dns and ntp.
- It logs different places in the chains with different words so I can easily egrep on important things.
- Block. It blocks all udp from my internal lan to internet, except ntp and dns.
In the past years I used this script: iptables5script. It is a good and pretty safe script, but you need to hack your way through it if you want to adjust stuff.
Just recently I have re-written this iptables4sme7 script with more documentation and better chain namegiving. Still the same script though.
I am working on a script with some more variables, so it is more easily adjustable. I want to combine that with traffic shaping classes, using marks.