Task, allow nodes to connect via WLAN but not talk to each other

Here's the situation,
I have a routing linux box with 3 NICS, 1 is for home LAN, 1 for internet,
and 1 for WLAN. I have reasonable networking knoweldge but this one baffles
me.
I need a way of allowing nodes to connect to the net via the WLAN, in itself
pretty easy task. The problem is i need each node only to be able to talk to
the net and not each other or the home lan interface. Preventing access to
the lan interface is simple but preventing each host from talking to each
other isn't as easy i don't think. If i want to assign IP's on the wan
interface with DHCP, would assisging a subnet of 255.255.255.255 work or
would that prevent communiation to the gateway ? That's about the only idea
i have so any suggestions most welcome!

Cheers,

--
Nathan D Higgins

Website: http://nathan.link9.net/
Email: nathan[at]link9[dot]net
Hosting: http://www.link9.net
WAP: http://wap.link9.net
[dot]NET: nathan[at]link9[dot]net

Nathan Higgins wrote:
> Here's the situation,
> I have a routing linux box with 3 NICS, 1 is for home LAN, 1 for internet,
> and 1 for WLAN. I have reasonable networking knoweldge but this one baffles
> me.
> I need a way of allowing nodes to connect to the net via the WLAN, in itself
> pretty easy task. The problem is i need each node only to be able to talk to
> the net and not each other or the home lan interface. Preventing access to
> the lan interface is simple but preventing each host from talking to each
> other isn't as easy i don't think. If i want to assign IP's on the wan
> interface with DHCP, would assisging a subnet of 255.255.255.255 work or
> would that prevent communiation to the gateway ? That's about the only idea
> i have so any suggestions most welcome!

I'm not too sure whether I am getting You correctly here, but:

_IF_ all WLAN clients _must_ use Your box as their one-and-only peer,
You can easily do what You proposed. - But, I dare doubt that this is
the case.

Anyway, if You assign a subnet of /32 (i. e. "host", or, "point-to-
point" if You don't take this phrase as a technical term here) to one
client, it won't affect the rest of Your routing idea... - Again, this
is from the routing point of view, and this is in no way suitable to
prevent clients from talking to each other! (<- My first exclamation
mark outside programming in months... - Cheers, Nathan, but this is to
represent a serious warning.)

If You use DHCP, You will only specify the networking parameters between
the client and Your router. Using a netmask of /32 will only, and only
prevent those nodes from communicating among each other _via_ Your box;
all else will be beyond Your control.


Bbrrzzbbzz... - That was a wireless strike... - Yours, Jack.

--
----------------------------------------------------------------------
My personal reading of the string "MicroSoft" expands to "NanoWeak"...

jack wrote:
> If You use DHCP, You will only specify the networking parameters
> between
> the client and Your router. Using a netmask of /32 will only, and only
> prevent those nodes from communicating among each other _via_ Your
> box;
> all else will be beyond Your control.

Just as i thought, the actual task is to provide my neighbours with internet
via WLAN, for security reasons i don't want them being able to access each
other's computers, I could place them on seperate subnets and use virtual
hosts on the WLAN interface. I think i will have to do this, i can't see any
other way.
Cheers for the advice

--
Nathan D Higgins

Website: http://nathan.link9.net/
Email: nathan[at]link9[dot]net
Hosting: http://www.link9.net
WAP: http://wap.link9.net
[dot]NET: nathan[at]link9[dot]net