Tathagata Banerjee wrote:
i have installed opensuse 10 on the gateway of a medium-sized network. i want the gateway to be able to do packet forwarding and ip masquerading for only some hosts of the internal network (172.16.0.0/16). in other words, i want to share the internet connection with only those clients that i select. using acl-s in squid in not the answer, because i want to control *all* traffic, not only http or ftp. can this be done using free/opensource software? i am not an advanced net admin, so if the answer involves advanced topics, please try to provide some tutorial links too. thanks.
You could filter on IP address. Set up your DHCP server, so that it reserves specific addresses for those computers and block the rest. You could also give those computers a static alias address, which is permitted to pass through the firewall.