Hello all,
after successfully instaling SME server and gateway. I am quite pleased about the possibilities it provides "out of the box".
The only problem I still have and could not solve so far even after reading the HowTo's and this forum up and down is how to completely block Internet access for some IP's of the local network.
With my present server, I have the following configuration:
private IP XX.XX.XX.1 to 32 static addresses with full access to server and Internet via NAT
private IP XX-XX.XX.33 to 64 static addresses with full access only to the server (Internet fully blocked)
private IP XX.XX.XX.65 to 80 addresses via DHCP with full access to server and Internet via NAT
In effect, this boils down to the question how to block masq for the private IP's XX.XX.XX.33 to 64.
I fully understand that this should be done in /etc/e-smith/templates-custom ofter copying masq thereto, but the missing
information is to what fragment in masq any changes have to be made for this purpose (and what changes).
There must be a fragment which presently NATs all local addresses to the external IP, but so far, I could not identify it.
Blocking the Internet access via the proxy is no solution since some of the websites I need block traffic from and to proxies, so that I am again stuck to a solution via IPTABLES.
Any help or proposals would be highly appreciated since I have have to admit that I still have some problems with templates and fragments.
Regards,
compucat
1 Replies
1175 Views