From owner-freebsd-questions Sun Jul 27 07:01:15 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id HAA05964 for questions-outgoing; Sun, 27 Jul 1997 07:01:15 -0700 (PDT) Received: (from jmb@localhost) by hub.freebsd.org (8.8.5/8.8.5) id HAA05955; Sun, 27 Jul 1997 07:01:10 -0700 (PDT) From: "Jonathan M. Bresler" Message-Id: <199707271401.HAA05955@hub.freebsd.org> Subject: Re: Disallowing access to the internet using a gateway To: ljohnston@cyberworld.demon.co.uk (Lee Johnston) Date: Sun, 27 Jul 1997 07:01:09 -0700 (PDT) Cc: freebsd-questions@FreeBSD.ORG In-Reply-To: <33DB226F.41C67EA6@cyberworld.demon.co.uk> from "Lee Johnston" at Jul 27, 97 11:26:55 am X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-freebsd-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Lee Johnston wrote: > > +-------+ +--------+ +--------+ +--------+ > --PPP---|Gateway|-------|Client 1|------|Client 2|------|Client 3| > +-------+ +--------+ +--------+ +--------+ > > > All of the above compuuters naed Client are using the gateway. > > Is they a way to disallow one computer (Client 2) from using the gateway > to access the internet? > > I tried deleting the route to the computer I wanted to disable on the > gateway, but everytime the client computer wanted an IP address outside > of my network, the route was added again. yes this is a feature, the Gateway discovers other computers on the network...otherwise you would have to tell it about each on by hand ;( man ipfw(8). note: the default rule is to lock the Gateway. work at the console until your are SURE of what you're doing. jmb