Tom I have doing some further testing of exclusion and I believe I found another iptables bug.
If you have the time, could try a shorewall rule similar to the following: DNAT lan wan:1.2.3.4:2525 tcp 25 - !4.3.2.2 After issuing a shorewall start, /var/lib/shorewall/.iptables-restore-input should contain the correct rules in the nat and filter tables for the above rule. If you issue an iptables-save, it should show the nat table with the correct rule, but the entry in the filter table will be missing the "!". If you can recreate this bug, I will report it to the netfilter team. Steven. ------------------------------------------------------------------------------ _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
