I’ve been running Zeroshell in our laboratory to control internet access with great success! HTTP proxy is working fine to block sites like Facebook.
I now would like to add a few computers to the network and allow them only LAN access to the storage unit. These are computers attached to lab equipment (like DNA sequencers, microscopes, etc). It is very important that they remain free of viruses, so I would like to block all access to the internet and other computers from the LAN (except the storage unit).
I tried searching for the best way to do this, but couldn’t find much information. I think the basic idea is to allow only DNS, DHCP and 445/TCP access to the IP from the storage unit to the IPs belonging to the computers.