[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <lists at closeconsultants dot com>
 To:  "Robert Bialecki" <robert at mpiwifi dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Firewall Quiestion
 Date:  Wed, 26 Jan 2005 19:11:39 +0000 
OK - I am on a roll and will give Chris a rest for tonight :-)

On Wednesday 26 January 2005 18:43, Robert Bialecki wrote:
> Hi,
>
> What rule should I use to stop comunication between clients on lan?
> A client should only be able to go to the gateway (monowall) and not be
> able to comunicate on any port with any other client on lan.
>
You can't.  If all your clients are on the same LAN then they can chatter away 
to each other and there is not a damn thing m0n0wall can do about it.

In order to impose a security policy any firewall must be placed between the 
communicating systems to filter the traffic.

Peter

-- 
----------------------------------------------------------------------------
Peter Curran				  Leveraging Internet Technology
Close Consultants			       for Businesses
p: +44-1225-463700			 
f: +44-1225-463705			  
e: peter at closeconsultants dot com		  
sip: peter at closeconsultants dot com 


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.