>Makes sense to me. Yea, I just don't know technically speaking where the -m mac should appear, in the POSTROUTING line, or the first FORWARD line. Ultimately I would only masq'ing to be done for this one device on port 443.
>Is the host that you are wanting to bypass your proxy on the same segment as >the $LAN interface defined in your rulesets? It is, how comes? I could filter by ip instead of mac but this is easier and although a non issue really, more secure. Thanks! jlc _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
