>You need to bypass before the earliest point your TPROXY rules are >configured. >For the Bridging setup that would be ebtables, before the BROUTE DROP >rule(s). >For the Router setup than means iptables, before the DIVERT chain. Hi Thanks Amos for your reply. I going to try this setup in ebtables rules: ################################### #!/bin/bash #ebtables -t broute -A BYPASS -i eth1 -p ipv4 --ip-proto -d xxx.xxx.xxx.xxx -j ACCEPT #ebtables -t broute -A BYPASS -i eth0 -p ipv4 --ip-proto -s xxx.xxx.xxx.xxx -j ACCEPT ebtables -t broute -A BROUTING -i eth1 -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP ebtables -t broute -A BROUTING -i eth0 -p ipv4 --ip-proto tcp --ip-sport 80 -j redirect --redirect-target DROP cd /proc/sys/net/bridge/ for i in * do echo 0 > $i done unset i #################################### xxx.xxx.xxx.xxx is the destination ip. The comment lines are the bypass rules. This should works ? regards roberto
