Hi, Hernan ...

If the PC's are all connected together via a switch, then m0n0wall is kind
of out of the picture as far as PC's seeing each other (or not).  You would
need to replace your switch with a managed switch, capable of at least port
based VLANS.  This effectively puts each port on an isolated segment.  They
can still see 'out' (to the m0n0wall), but can no longer see each other.  If
you do end up having a few that need to see each other in the future, you
could put them on the same VLAN at the time.  Easy to configure ..
especially the port based VLANS.  We've used a (relatively) inexpensive
D-Link DES3226L for this.  I think they were around $300.  

As it looks like you are laid out now, the 'view-ability' is inherent in the
switch, before the packets reach the m0n0wall, so anything you do there
would have no effect.

Good luck,
Dennis

-----Original Message-----
From: Hernan González - Wizardes.com [mailto:hard dot wizard at gmail dot com] 
Sent: Thursday, May 26, 2005 8:31 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Browse neighbourghood

Hi everyone:
I have m0n0wall as firewall + NAT for a 12 PC network connected through a 
switch + AP
 Internet---m0n0wall-------switch----- PCs (192.168.1.X) + FreeBSD
|
 AP (192.168.1.X)
 But I need users not to see any other PC,on the network, the switch is a 
cheap 3Com switch, any idea?? thanks a lot