From owner-freebsd-questions@freebsd.org  Mon Aug 20 11:00:02 2018
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 08822108C8B9
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon, 20 Aug 2018 11:00:02 +0000 (UTC)
 (envelope-from 4250.10.questions=freebsd.org@email-od.com)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 5C9D2873AB
 for <freebsd-questions@freebsd.org>; Mon, 20 Aug 2018 11:00:01 +0000 (UTC)
 (envelope-from 4250.10.questions=freebsd.org@email-od.com)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 21D3B108C8B8; Mon, 20 Aug 2018 11:00:01 +0000 (UTC)
Delivered-To: questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 10BA9108C8B6
 for <questions@mailman.ysv.freebsd.org>; Mon, 20 Aug 2018 11:00:01 +0000 (UTC)
 (envelope-from 4250.10.questions=freebsd.org@email-od.com)
Received: from s1-b0c6.socketlabs.email-od.com
 (s1-b0c6.socketlabs.email-od.com [142.0.176.198])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 85637873A1
 for <questions@freebsd.org>; Mon, 20 Aug 2018 11:00:00 +0000 (UTC)
 (envelope-from 4250.10.questions=freebsd.org@email-od.com)
DKIM-Signature: v=1; a=rsa-sha256; d=email-od.com;i=@email-od.com;s=dkim;
 c=relaxed/relaxed; q=dns/txt; t=1534762800; x=1537354800;
 h=content-transfer-encoding:content-type:mime-version:references:in-reply-to:message-id:subject:cc:to:from:date:x-thread-info;
 bh=Q/0axx6VJ1Yz6cUOnbOpOB6IYQ+CFIxJok7BR7jEGCQ=;
 b=vgvlfRets7U3TxfeoSgHbvjuiRHe/gR6zddHvEimvs4r41wk8Io/mHlOA34SI7MU2X1jkm4gRrTqcjrJCaAexwJpSn+KTf1bzPnolac7WCrMeu+t0hTU5WLKhzxF5LWSu2yFnd5odMeOOx6gJUPu+j3Pqxqed2zOQvvcl8SgAGU=
X-Thread-Info: NDI1MC4xMi4xOTkwMDAwMDA0ZmY3NzAucXVlc3Rpb25zPWZyZWVic2Qub3Jn
Received: from r2.h.in.socketlabs.com (r2.h.in.socketlabs.com [142.0.180.12])
 by mxsg2.email-od.com
 with ESMTP(version=Tls12 cipher=Aes256 bits=256);
 Mon, 20 Aug 2018 06:59:50 -0400
Received: from smtp.lan.sohara.org (EMTPY [89.127.62.20]) by
 r2.h.in.socketlabs.com
 with ESMTP(version=Tls12 cipher=Aes256 bits=256);
 Mon, 20 Aug 2018 06:59:48 -0400
Received: from [192.168.63.1] (helo=steve.lan.sohara.org)
 by smtp.lan.sohara.org with smtp (Exim 4.91 (FreeBSD))
 (envelope-from <steve@sohara.org>)
 id 1frhuV-0009su-75; Mon, 20 Aug 2018 10:59:47 +0000
Date: Mon, 20 Aug 2018 11:59:46 +0100
From: Steve O'Hara-Smith <steve@sohara.org>
To: Polytropon <freebsd@edvax.de>
Cc: Arturo Rafael =?UTF-8?B?UmFtw61yZXogQnJpY2XDsW8=?=
 <harturo_ramirez@hotmail.com>, "questions@FreeBSD.org"
 <questions@freebsd.org>
Subject: Re: I beg your response ... / Ruego su respuesta...
Message-Id: <20180820115946.90c2f5adad5e5181f02b788e@sohara.org>
In-Reply-To: <20180820104418.20cd6909.freebsd@edvax.de>
References: <BN6PR01MB245119DF1451C1312D2150578D330@BN6PR01MB2451.prod.exchangelabs.com>
 <BN6PR01MB24511CEC66A1068DC9B4FF2A8D330@BN6PR01MB2451.prod.exchangelabs.com>
 <20180819205328.eb81c27b.freebsd@edvax.de>
 <BN6PR01MB2451FBD3E8B944E47F208D8E8D330@BN6PR01MB2451.prod.exchangelabs.com>
 <20180820104418.20cd6909.freebsd@edvax.de>
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.32; amd64-portbld-freebsd11.1)
X-Clacks-Overhead: "GNU Terry Pratchett"
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Aug 2018 11:00:02 -0000

On Mon, 20 Aug 2018 10:44:18 +0200
Polytropon <freebsd@edvax.de> wrote:

> Re-including list, hope that's okay.
> 
> On Sun, 19 Aug 2018 20:49:19 +0000, Arturo Rafael Ramírez Briceño wrote:
> > In the context of "preventing the nodes of the same lan from being
> > seen" is to say that files, printers, and other resources can not
> > be shared on the network; but nevertheless, through the server, each
> > node can access the internet. If possible, how can I do it?
> 
> This doesn't really look like a task for a firewall, but

	This can be achieved with the combination of a router and a managed
switch. Assign each node its own VLAN and set the switch up so that each
node's port is on the node's VLAN untagged and the routers port is on all
the VLANS tagged.

	The router provides routes between the internet and the VLANs but
not between the VLANs and enforces this with firewall rules.

	Essentially this is like having a router with a lot of ports and
one node on each port (which is another solution).

	If your nodes are on a wireless LAN then the AP can probably
isolate them from each other for you.

> instead I'd suggest to take a close look at resource
> management at the individual nodes. Simply don't enable

	This is good advice and simpler - if you want enforced isolation it
is more complex.

-- 
Steve O'Hara-Smith <steve@sohara.org>