Date: 17-12-02 18:37
hrmm... white space is filtered...
ok..here is an explanation instead, using 1 system with 3 nics.
fxp0 = public subnet 22.214.171.124
dc0 = private subnet A 192.168.0.1
dc1 = private subnet B 10.1.1.1
nat fxp0 to dc0, then assign 192.168.0.0/24 to the systems that you want to have direct access to the net.
do not nat to dc1, give your gambling buddy address 10.1.1.2 and connect him to dc1 via crossover cable.
use squid on the server to allow him to surf safe sites, while you have free reign to do whatever you want via NAT.