Hello,
I have a pretty simple setup.
- eth1 -> internet connection, has DHCP (net)
- eth2 -> local network (lan)
I plug eth1 into the a router/internet connection, plug a laptop or AP into eth2 and get connected.
I am automatically redirecting all traffic (using an ipset called cpwhitelistme) to a local page on a local server port 80 (captive portal):
Code:
#REDIRECT lan:!+cpwhitelistime 80,443 tcp 80,443
I am trying to exclude a certain URL (143.95.38.203) from that redirect and want that URL to always work. I tried:
Code:
ACCEPT all net:143.95.38.203 all
But it doesn't work.
Any idea how I can "whitelist" and NOT redirect that particular IP?
Here's my complete shorewall RULES file:
Code:
##################################################################
#ACTION SOURCE DEST PROTO DEST PORT
#
#SECTION ALL
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
# Don't allow connection pickup from the net
#
Invalid(DROP) net all
#
# Accept DNS connections from the firewall to the network
#
DNS(ACCEPT) $FW net
#
# Accept SSH connections from the local network for administration
#
SSH(ACCEPT) lan $FW
#
# Allow Ping from the local network
#
Ping(ACCEPT) lan $FW
#
# Drop Ping from the "bad" net zone.. and prevent your log from being flooded..
#
Ping(DROP) net $FW
ACCEPT $FW lan icmp
ACCEPT $FW net icmp
#
# CUSTOM config below
#
ACCEPT all net:143.95.38.203 all
#REDIRECT lan:!+cpwhitelistime 80,443 tcp 80,443
#REDIRECT lan 3128 tcp www
#
Thanks in advance!