On December 23, 2003 05:23 am, Peter Serwe wrote: > Okay, > > Basically, since FreeBSD is (in my mind anyway) > the ultimate leatherman of the OS world, and God's > own gift to networking and network services in general > I decided to try to do a 3 nic ipfw/natd setup. > > I've done 2 nic ipfw/natd a couple of times, straight > ipfw public-->public ipfw a couple of times, I'm fairly > comfortable with it.. > > After searching around, I found a message from > Gilson (de?)Paiva referencing some stuff Barney Wolff > told him that basically straightened it out. > > Here's what I'm trying to accomplish: > > I have 2 internal networks that I'll term > private_private (192.168.1.0/24) > and public_private (192.168.2.0/24). > > The total number of clients between both > networks probably could never exceed 100, > and probably won't ever exceed 50. > > I have one public ip address. > > I need both networks to be able to surf, > but I _never_ want ANY traffic to be able > to go in between except from someone having > direct access to the router.
Why not just add soem simple firewall rules such as: ipfw add deny ip from private_private to public_private ipfw add deny ip from public_private to private_private before you do your divert rule ? -- Darcy Buskermolen Wavefire Technologies Corp. ph: 250.717.0200 fx: 250.763.1759 http://www.wavefire.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
