limiting internet access for 1 machine on lan

By Spike
Aug 26, 2005
Topic Status:
Not open for further replies.
  1. I'm busy configuring a fileserver at the moment using winxp pro. It's going to be connected to a lan through a wired connection to a Netgear DG834G router. I wish it to be accessable through the LAN, but I don't wish it to have internet access (with the exception of very few addresses, such as AVG update, spybot update, etc)

    This computer isn't going to be used as a workstation at all, and so if something goes wrong, such as the firewall crashing, it won't be noticed. For that reason, as well as blocking massive address ranges through the firewalls advanced rules, I wish also to block the same ranges from within windows. As I understand it, the HOSTS file only deals with outbound traffic, and so I would like to know if there is a foolproof way of blocking these ranges from within windows itself.

    Or have I got it all wrong? lol
  2. Nodsu

    Nodsu Newcomer, in training Posts: 9,431

    The right way to do it is to block the addresses from the router. Your router almost certainly has a packet filter in it. In there you specify "allow" rules for the server that let you access the specific IP addresses needed.

    The second correct place to do it is the packet filter (or advanced rules or whatever) part of your software firewall. Again, you only give it a few "allow" rules and then put a "deny all" rule in the end.
  3. Spike

    Spike Newcomer, in training Topic Starter Posts: 2,371

    Oh, half right then :D - Thanks for that Nosdu, much appreciated.

    I have another three machines on the router, and eac of them require internet access. I would assume that blocking these address ranges threough the routers firewall would block them for all machines. To block them for one single machine, where would I do it? (I know a little about routers, but I've not got a massive amount of experience with them.)
  4. Nodsu

    Nodsu Newcomer, in training Posts: 9,431

    How precise you can be with your filtering rules depends on the intelligence of your firewall. I checked the manual for Netgear DG834G and the packet filter in there is a decent one. Just see the manual under outbound rules.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.