Hello,
I have various rules blocking websites in the firewall.
I need though traffic to be open for specific mac addresses.
I have tried all the usual things but does not seem to work.
Anyone can give a hand?
Thank you
Insert accepting rule according to the mac before drooping rules.
wont work unfortunately
If the rule is the very first one in the forwarding chain, matches src mac for the privileged host, and has action = accept, this will certainly allow all traffic from this host outbound.
If it doesn’t work it’s because of two possibilities:
- host is not on local LAN directly, but on other side of a router, so the packets don’t actually have its MAC address on them
- host’s packets are allowed, but the replies from the blocked hosts are being blocked before you realize they’re for the privileged host.
For testing, make the very first forwarding rule be “allow from privileged MAC” and the very second rule be “allow connection status=established” and the very third rule be “allow connection status=related”
If this does not work, then it’s not your forwarding filter rules to blame, or condition #1 above is true.