Topic: Limiting external interface

[Neririn]

I am looking to setup a SME 6 box as an internal webserver (intranet) and have it provide Gateway/firewall/dhcp for internal nodes.  

My desire is to limit EVERYTHING but SSH on the external interface (no FTP, no Web, DNS, nothing) but allow the webserver to run on the internal interface.  Is there anyway to limit which services are exposed to the external interface?

[MSmith]

Why not simply use the SME box in server-only mode and have a cheap DSL/cable router face the Internet?

[Neririn]

I guess my point was I would like to do it in one box if possible.  Judging from the lack of responses, I am suspecting it is either not possible, or no one knows how.

[Ed]

It pretty much is that way by default.

Except for the Web Server but it does not
hurt to have it there.  If you must, just
port forward 80 to a non existant IP.

What do you see external that you need removed?

Ed