> > > > I am running Redhat Linux 9.0 machine for routing as well as > > > > iptables firewall for my network serving win 98 clients. For > > > > security reasons I do not want win 98 clinets to use pier to pier > > > > for transfering files/data among them. In this case win 98 clients > > > > do not need to talk to server. > > > > > > Is it possible to Jam pier to pier network ? so that copying of > > > > files from one win 98 client to other can be restricted. > > > > > > a firewall can only filter traffic that passes through it. if your > > > clients are all sitting on a LAN together, there is no way for an > > > upstream firewall to keep them from communicating with each other. > > > > Not quite true, sort of, but we're into Firewall / IPS ( Intrusion > > Prevention System ) territory here. "Snort" *might* be able to deny > > traffic on the network, failing that you're probably looking at > > commercial software. > > Could not one use a switch, VLAN and routing from one computer to > another through a the firewall...all it should need is an ip adsress in > a different subnet for each computer and a routing command...though > maybe this is an oversimplification. One baseline is that users should > be normal windows users (uhhh...lamers) not linuxers ;-) > > Sanjay. so, essentially, put every machine on its own dedicated subnet and have all traffic routed through the firewall? that sounds scalable... -j
