Been messing around with freeswan and their is a need to for excluding from nat the ipsec tunnel traffic. Does anyone know of a good link that shows multiple exclusions of IP addresses that should be excluded from Nat in the POSTROUTING chain? This excludes the 10.123,123.0/30, but what if I want to also exclude 192.168.123.0/29? -A POSTROUTING -o eth0 -d ! 10.123,123.0/30 -j MASQUERADE Any insight would be greatly appreciated. Thanks, Ted
