On 9/13/06, Martin Toft <[EMAIL PROTECTED]> wrote: > > Joco Salvatti wrote: > > Hi all, > > > > I use transparent proxy, but I have some machines that should access > > some subnets without proxy, in order to gain access to some > > applications. When I allow the straight connection to these subnets > > only the first subnet in the list has effect. The connection to other > > subnets continue to pass through proxy. I've already searched on the > > Internet, but all I've noticed was a lot of people claiming to have > > the same problems, but no solution. Has anyone here in this list a tip > > about how to solve this issue? > > > > nonat = "{ 200.201.174.0/24, 200.252.141.0/24 }" > > rdr on $int_if inet proto tcp from $int_if:network to ! $nonat port > > www -> $loop_if port 3128 > > > > Thanks. > > Your list expands it another way than you think :) > > Try to use a table: > > table <nonat> const { 200.201.174.0/24 200.252.141.0/24 } > rdr on $int_if inet proto tcp from $int_if:network to ! <nonat> port www > -> $loop_if port 3128 > > --Martin
is table work with NAT ? in NAT, I use "no rdr" before your "rdr" rule nonat="{ 200.201.174.0/24 200.252.141.0/24 }" no rdr on $int_if from $int_if:network to to $nonat rdr on $int_if .....