I want to block only one machine from having any access to the internet and I dont want the net to have any access to that machine. I have a Linksys WRT54G router. I still have to have internal network access to this machine as it is going to be used as a file server. If I block the mac address of this one machine on the router will this be enough? I dont want to run any virus sofware, on this machine either. I also dont want to bother with updates etc. Thanks, Glenn

Many routers have rules that can block by mac, ip address, time and more. There are other ways too. Nat it to localhost maybe.

Hi there, I'm not entirely sure if blocking the MAC or IP address is the best solution - it depends on how far the blocking goes really!! It depends on whether your router will block all traffic to/from a specific MAC or IP address - remember you still want to use this machine as a file server, and the router *may* block local traffic if configured this way. If your router's firewall does totally isolate the file server machine when this is set, then you do have another option, this is to remove the "Default Gateway" IP address ( usually the LAN IP address of the router ) on the file server machine. This will stop the TCP/IP stack on the file server box from sending any packets to any destinations that it does not know about. Remember to code static routes on the file server machine for any additional subnets that it should know about. Hope this helps, let us know how you get on. Cheers, Lofty.

Hi again, Further to my update above - I noticed you mentioned not running any antivirus software on the file server - this is not a good idea. Even if you manage to isolate that particular machine from the internet, another machine on your home LAN ( who can access the internet ) could pass a virus onto the file server. Don't run any machine ( especially a file server ) without antivirus software - it's just not worth taking the risk. Good luck! Cheers, Lofty.

Thanks for your reply. Does it not matter that all of the other machines will have anti virus software on them?

Hi again, It's good to hear that the other machines on your home LAN have anti-virus software on them, so this should minimise your changes of getting your file server infected, however, you can't afford to be too careful. Perhaps I'm over cautious, but nothing connects to my home LAN unless I know it has anti-virus and firewall software running on it! Cheers, Lofty.

Good Point. Cheap insurance I guess. Thanks,