[ previous ] [ next ] [ threads ]
 
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Firewall Quiestion
 Date:  Wed, 26 Jan 2005 15:01:31 -0500
Robert Bialecki wrote:
> What about if monowall LAN is as wireless AP then you should be able
> to control traffic using monowall`s firewall ?
> 
> 
> ----- Original Message -----
> From: "Peter Curran" <lists at closeconsultants dot com>
> To: "Robert Bialecki" <robert at mpiwifi dot com>; <m0n0wall at lists dot m0n0 dot ch>
> Sent: Wednesday, January 26, 2005 12:11 PM
> Subject: Re: [m0n0wall] Firewall Quiestion
> 
> 
>> OK - I am on a roll and will give Chris a rest for tonight :-)
>> 
>> On Wednesday 26 January 2005 18:43, Robert Bialecki wrote:
>>> Hi,
>>> 
>>> What rule should I use to stop comunication between clients on
lan?
>>> A client should only be able to go to the gateway (monowall) and
>>> not be able to comunicate on any port with any other client on
lan.
>>> 
>> You can't.  If all your clients are on the same LAN then they can
>> chatter away to each other and there is not a damn thing m0n0wall
>> can do about it. 
>> 
>> In order to impose a security policy any firewall must be placed
>> between the communicating systems to filter the traffic.
>> 
>> Peter

If this is your config:

   (Internet)
       |
      WAN   
   (m0n0wall)
      LAN
       |
     (APs)
     //|\\
Wireless Clients

How would the m0n0wall affect traffic between Clients? The traffic
exists before the m0n0wall.

_________________________________
James W. McKeand