On September 10, 2003 12:02 pm, Kilson Arruda wrote:
See Ramin Dousti's correction to your notation.
next point -- exclusions require a separate user chain to stack
exclusions.
Create new chain, send all packets destined for the redirection port to
this chain,
then in this chain, RETURN the packets you DONT want redirected, and
at the end of this chain, redirect everything....
you can't stack exclusions since the first exclusion will grab the targets
of all successor exclusions.
> I have a Transparent Proxy like this
>
> $IPTABLES -t nat -A PREROUTING -p tcp
> --dport 80 ! -d $DIRECT_IP -m mac --mac-source $MAC -j REDIRECT --to-port
> 3128
>
> Question: can I use more then one "! -d", or multiple IPs to don't REDIRECT
> the port 80 for more then one IP?
> If yes, how can I do this?
>
> --
> Kilson Arruda
> Linux User # 228238
>
>
>
> ________________________________________________
> www.onwave.com.br - Internet e Conectividade
--
Alistair Tonner
nerdnet.ca
Senior Systems Analyst - RSS
Any sufficiently advanced technology will have the appearance of magic.
Lets get magical!
