From owner-freebsd-questions@FreeBSD.ORG  Fri Dec 10 04:26:56 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E8D0C16A4CE
	for <questions@freebsd.org>; Fri, 10 Dec 2004 04:26:56 +0000 (GMT)
Received: from 216-15-88-200.c3-0.crm-ubr1.crm.ny.cable.rcn.com
	(extacy.homeip.net [67.62.48.56])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E570D43D2D
	for <questions@freebsd.org>; Fri, 10 Dec 2004 04:26:54 +0000 (GMT)
	(envelope-from Niy@extacy.homeip.net)
Received: (qmail 7867 invoked by uid 1003); 10 Dec 2004 04:31:28 -0000
Received: from Niy@extacy.homeip.net by Extacy.Homeip.net by uid 89 with
	qmail-scanner-1.22  (clamscan: 0.65.  Clear:RC:1(192.168.0.10):. 
	Processed in 1.065826 secs); 10 Dec 2004 04:31:28 -0000
Received: from unknown (HELO ?192.168.0.10?)
	(Niy@extacy.homeip.net@192.168.0.10)
	by extacy.homeip.net with (DHE-RSA-AES256-SHA encrypted) SMTP;
	10 Dec 2004 04:31:26 -0000
Message-ID: <41B925E3.4030206@extacy.homeip.net>
Date: Thu, 09 Dec 2004 23:28:19 -0500
From: Tim <Niy@extacy.homeip.net>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.3) Gecko/20041109
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: David Banning <david+dated+1103074257.8419db@skytracker.ca>
References: <20041210013055.GA49697@skytracker.ca>
In-Reply-To: <20041210013055.GA49697@skytracker.ca>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
cc: questions@freebsd.org
Subject: Re: gateway_enable question
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Dec 2004 04:26:57 -0000

David Banning wrote:

>I have a few win boxes which use my FreeBSD box as a gateway to 
>the net. I am wondering how I can keep a network connection 
>between all the computers, allowing the FreeBSD box to 
>still be connected to the net, but disallow all win boxes from 
>connecting to the net? 
>
>My thought was to disable the gateway configuration set in rc.conf.
>How do I disable the gateway option without rebooting?
>
>
>  
>

Another option: Try tweaking your firewall rule set to deny all traffic 
from the card facing the inside lan? For example, using ipfw:

#>ipfw add <open rule number> deny ip from any to any via <dev facing lan

Check out the man for your firewall for more info. Just a thought, might 
work for ya.