> Anton Glinkov wrote: > >> On Mon, July 19, 2004 15:25, Ed Wildgoose said: >> >>> >>>>the bridge thing is not possible.. the network is too big.. 300 >>>>machines.. >>>>with over 30 switches (only one of them is manageable) :( >>>>Basically I want to deny ethertype 0800 (IPv4) packets for that LAN. >>>>The only solution I thought of was to have a linux machine in this LAN >>>>that has all the possible IP addresses set on its interface. >>>> >>>> >>> >>>Look, we can't help you until you explain the problem >>> >>>WHY is it not possible to have a bridge? This only requires two network >>>cards? >> >> >> I want to block the traffic between _ANY_ 2 of the machines in the >> network. > > How about giving them a netmask of /32 instead of /24 (or whatever you > have) so that they only see themselves in the same network and then > giving them a static route to the default gw (since it is outside of the > /32). > > Then you can block all inter-client traffic at that single default > gateway (or one hop "in front" of it, seen from the clients) > I don't have access to those machines :-) they use internet via different ehternet protocol (PPPoE) _______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
