Date: Wed, 29 May 2002 19:25:46 +0200 From: "Chris Knipe" <savage@savage.za.org> To: "Max" <max@ecotech.com.lr>, <freebsd-isp@freebsd.org> Subject: Re: Firewall Setup Message-ID: <009201c20736$1b604e80$0101a8c0@megalan.co.za> References: <Pine.BSF.4.21.0205291657050.295-100000@park.rambler.ru> <005201c20714$220071b0$04ef10ac@wireless>
next in thread | previous in thread | raw e-mail | index | archive | help
> My network has other routers hardware and software. I want just few machines > to use this new router instead of the whole network so that even if a client > sets this > router has his default gateway, he will not be able to access the Internet! Isn't this more of a static-routing option rather than a firewall? A firewall will block the packets, meaning that the clients which use the "wrong" router, will have *no* internet access, rather than be directed towards the right router. You can most probably redirect the packets from one firewall to another, but that's limited to a per port basis. I think the simplest solution would just be to re-route certain data from the "wrong" router, to the "right" router route add <network> <mask> <gateway> if I'm not mistaken. So, if you have 10.0.0.0/255.0.0.0 and want 10.0.1.0/24 to be assigned to router 1, on your 2, you'll add a static route for that network, routing it back to router 1. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009201c20736$1b604e80$0101a8c0>