In the logs I see an increasing amount of scans and attacks from virusses, worms and hackers. I've decided to diasable the ability to ping my server. I'm now able to ping myself (local to sme-server, or local to internet), but the server no longer replies to pings from the internet. To do this, I enabled the 'Stealth' option in the masq-configuration (using vi) and used the template mechanism, copied the file 40AllowICMPIn from /etc/e-smith/templates/etc/rc.d/init.d/masq to /etc/e-smith/templates-custom/etc/rc.d/init.d/masq and changed the following:

 # We want to be very selective on the ICMPs we accept to stop
 # route hijacking

 # allow only the local network to ping when stealth=yes
 my ($network, $broadcast) = esmith::util::computeNetworkAndBroadcast ($LocalIP, $LocalNetmask);

 $OUT .= " /sbin/ipchains --append icmpIn --proto icmp --icmp-type echo-request --source $network/$LocalNetmask --jump ACCEPT";

 my @OKicmpTypes = (
  ) );

 my %services = ( masq => $masq );
 my $stealth = db_get_prop(%services, 'masq', 'Stealth') || 'no';
 unless ($stealth eq 'yes')
  push @OKicmpTypes, "echo-request";
 foreach my $icmpType (@OKicmpTypes)
 $OUT .= <  /sbin/ipchains --append icmpIn --proto icmp --icmp-type $icmpType --jump ACCEPT

After this editing, expand the template:

/sbin/e-smith/expand-template /etc/rc.d/init.d/masq

restart masquerading:

/etc/rc.d/init.d/masq restart