Layer 2 is the layer that deals with things like that.
However, the firewall (which operates mainly on layer 3) cannot do anything about this. If you don't want your clients to talk to each other, don't connect them to the same network.
On Mon, 2013-01-21 at 12:52 +0100, Daniel Weismüller wrote:
The reason why I ask is that I want to change an endian to an ipfire.
The firewall is used in a small restaurant. Green is the LAN used by the restaurant itself for internet, mail, etc.
Blue is for guests. Blue is an LAN-interface and a WLAN-Ap is directly connected. No use of hostapd.
Actually the guest will get the key and can use their wlan-clients (smartphones, netbooks, etc)
Because there is no one which is able to use the webif the mac-filter is off. And of course the clients in blue do not see each other.
So if I want to migrate to IPFire i must be able to switch the 2 things.
I hope this makes a little bit more understandable. What I need and why.