10 Dec
2008
10 Dec
'08
9:29 p.m.
Makes sense to me.
Yea, I just don't know technically speaking where the -m mac should appear, in the POSTROUTING line, or the first FORWARD line. Ultimately I would only masq'ing to be done for this one device on port 443.
Is the host that you are wanting to bypass your proxy on the same segment as the $LAN interface defined in your rulesets?
It is, how comes? I could filter by ip instead of mac but this is easier and although a non issue really, more secure.
Thanks! jlc