prohibition in ipfw

[burkoff]

Hello, I have two LAN cards, rl0 and rl1, with different networks. What to do so they can not see each other? Here they are:

rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 00: e0:52:67:01: ed
	inet 192.168.100.200 netmask 0xffff0000 broadcast 192.168.255.255
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
	options=8<VLAN_MTU>
	ether 00: e0:52:69:01:69
	inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active

 

[SirDice]

Hello, I have two LAN cards, rl0 and rl1, with different networks. What to do so they can not see each other?

Can you explain this a bit more? What do you mean by "not see each other"?

 

[burkoff]

I want clients behind rl1 not in any way to reach customers around the rl0

 

[SirDice]

As long as routing is turned off this will be the case. If you do turn on routing you'll need to add some firewall rules.

I just noticed you have overlapping subnets. This is going to cause problems. 192.168/16 includes 192.168.0/24.