I have a dual homed server in an install for someone who is very cost sensitive.

This server originally is being setup as an Asterisk server, but now the simplest

thing for me to do is also set it up to provide internet access for the small shop as well.

So it will have one external, WAN  facing nic that needs all incoming ports except UDP 5060 and

10000 -> 60000 blocked for all but two ips.

 

The internal, LAN facing  NIC will need all ports except voip/dns/http blocked to it, and need to

provide masquerading.

 

I have limited experience with iptables and would love some guidelines. Any pointers

would be greatly appreciated!

 

Thanks,
jlc