Date: Sat, 11 Dec 2004 11:31:27 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: David Banning <david@skytracker.ca> Cc: questions@freebsd.org Subject: Re: gateway_enable question Message-ID: <41BB2EEF.1000904@daleco.biz> In-Reply-To: <20041211054600.GB16388@skytracker.ca> References: <20041210013055.GA49697@skytracker.ca> <41B92C8C.8050407@yahoo.com> <20041210202014.GA12902@skytracker.ca> <41BA651B.1020905@daleco.biz> <20041211054600.GB16388@skytracker.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
David Banning wrote: >>>On the firewall it is difficult to block the win boxes because I -want- >>>each machine to be able to contact each other, but I don't want the >>>windows boxes to have internet connection. >>> >>> >>Now, that seems a little weird. Do you not have a hub or switch >>other than the BSD box on this network? Unless you're doing >>some strange routing or something, everybody on the wire >>ought to see everybody else regardless of the settings on the >>firewall (except they maybe won't see *it* ...) >> >> > >DSL Modem <> BSD Box <> HUB <> All win boxes > >Everyone does see each other. I just don't want the win boxes to >see the internet; but I -do- want them to continue to see each other. > > Giorgios' ipfw rules (last post in thread) take care of this well. I suppose I was just confused; even if you told the BSD box to block all traffic on the internal interface, the Winboxen would still be able to communicate. Probably I misread or misinterpreted your paragraph. Hope all's well now. Kevin Kinsey
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41BB2EEF.1000904>