Problem:  I have a firewall that needs ASAP replacing, its running 
SunScreen EFS.  I'm coming from a network that has had two functions.

1. Class C routeable space that runs all of our production vehicles, 
accessed through group'd restrictions.
2. Non-Routeable Nat'd User Space, with rules also applied.

I know the non-routeable space is an easy one, thats what most of these 
canned firewalls do best.  However, how do we handle the class C now? 
In m0n0wall is this what is considered a static route?

I also have seen that no (free) firewall solution is grouping 
servers/rules together. Can someone tuck that into a drawer for future 
ideas? (ie group all production ip's together and then make a rule for 
that group to say allow http/insert allowance/rejections here)

I've got m0n0 up and running but I can't just experiment on this while 
the day is running so I've got it hooked up to a hub of its own and am 
configuring from a laptop.  I don't feel like I've got the complete grok 
and any assistance that can be thrown on this would be apprecaited.

Thanks for the clue,

-a