Is it possible to specify multiple MAC address to match a rule? Example, the rule I am using is: iptables -t nat -A PREROUTING -i eth0 -m mac --mac-source ! 00:00:00:00:00:00 -p tcp --dport 80 -j REDIRECT --to-port 8080 What I want to achieve is any client that is not in my list of MAC addresses should have their http traffic redirected. Any traffic from a client that is in the list of MAC addresses should be left alone. The rule above matches everything since 00:00:00:00:00:00 should not match any clients. What I want to do when I need to allow a new client through the firewall without being redirected, is flush the prerouting chain out and re-add the same rule, except with multiple MAC addresses. Any help is appreciated.
