[CentOS] restrict network access

Fri Oct 19 10:50:30 UTC 2007
Arne Pelka <lists at arnepelka.de>

Hi,

I have two pc using centos 4, these machines need only access to the  
(big, class b) local network. Because of security reasons the network  
access should be restricted to this local network - mainly the users  
of these pc should not be able to access webpages outside of the local  
network. My problem is, that I have no own centos repository and  
therefore these two pc need access to the centos mirrors to get updates.
What would be the best way to restrict the network access to the local  
network and allow the access to some external addresses (a centos  
mirror and maybe some other servers/websites).
I was thinking about iptables but I'm not very experienced in this  
questions - maybe there is an easier way. The configuration with  
iptables seems to be very complex, I was skimming through some  
tutorials and the man pages.

In thanks and with best reagrds,
Arne