Date: Wed, 29 May 2002 20:31:04 -0000 From: "Max" <max@ecotech.com.lr> To: "Chris Knipe" <savage@savage.za.org>, <freebsd-isp@freebsd.org> Subject: Re: Firewall Setup Message-ID: <001201c2074f$c3076dd0$04ef10ac@wireless> References: <Pine.BSF.4.21.0205291657050.295-100000@park.rambler.ru> <005201c20714$220071b0$04ef10ac@wireless> <009201c20736$1b604e80$0101a8c0@megalan.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Chris Knipe" <savage@savage.za.org> To: "Max" <max@ecotech.com.lr>; <freebsd-isp@freebsd.org> Sent: Wednesday, May 29, 2002 5:25 PM Subject: Re: Firewall Setup > > My network has other routers hardware and software. I want just few > machines > > to use this new router instead of the whole network so that even if a > client > > sets this > > router has his default gateway, he will not be able to access the > Internet! > > Isn't this more of a static-routing option rather than a firewall? A > firewall will block the packets, meaning that the clients which use the > "wrong" router, will have *no* internet access, rather than be directed > towards the right router. > > You can most probably redirect the packets from one firewall to another, but > that's limited to a per port basis. I think the simplest solution would > just be to re-route certain data from the "wrong" router, to the "right" > router > > route add <network> <mask> <gateway> if I'm not mistaken. > > So, if you have 10.0.0.0/255.0.0.0 and want 10.0.1.0/24 to be assigned to > router 1, on your 2, you'll add a static route for that network, routing it > back to router 1. > In my terms, here's what I am looking @ I have 172.16.239.0/24 and I would like only 172.16.239.104/29 to access this router In your terms, what would that look like? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001201c2074f$c3076dd0$04ef10ac>