I am using RH ESr4 configured as a bridge device with two Ethernet cards. Bridging and IPTABLES works well for filtering and blocking. No NAT is being used on this box. I'm not sure I understand the IPTABLES mangle interaction with NAT or forwarding. What I would like to do is the following: an unregistered user plugs their laptop into the Ethernet and their MAC address is not recognize by the IPTABLES filter rules, they try to open any default web page outside of the controlled area, the destination address: port 80, should be re-directed. Redirect them to a local web page clearly informing them what needs to be done in order to use their laptop on the local LANs and who to see. Is this possible? Thanks for any help, --marco
