Hi I wanted to make a white list using the settings below. <SNIP> iptables -N wanout iptables -I FORWARD -i `nvram get lan_ifname` -j wanout iptables -I wanout -m mac --mac-source 01:26:f7:46:71:4b -j ACCEPT iptables -I wanout -m mac --mac-source d2:37:b5:f2:39:f3 -j ACCEPT iptables -I wanout -d gamepedia.com -j ACCEPT iptables -I wanout -d toysrus.com -j ACCEPT iptables -A wanout -j REJECT --reject-with icmp-proto-unreachable </SNIP> So the boxes with the MACs specified are exempt from blocking. The domains "gamepedia.com" and "toysrus.com" are accesible to all. But the problem is that those domains pulls stuff in from other domains using <iframe> or something, which makes the IPTable block the loading of the website to complete. How do I deal with that in the best way? I don't want to look up everything they pull in and white list that as well. Also it might change. Isn't there a way to say "accept all from this domain, even unrelated stuff"? Kind regards. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
