Ed, Not sure it is the best way, but I would do it this way:
Add additional internal interface (192.168.2.0?) for his connection to your firewall. His device would plug in there. Add additional external IP for masq/nat for his network to your external interface. Another strategy would be for you to control his firewall device, and block any traffic from his network to yours, but allowing anything else. - Bob ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
