Sorry if this is redundant, but my forum searches have left me scratching my head.
I have a Mikrotik in acting as a transparent shaper, that works fine.
Now I am adding a dst-nat rule to redirect web traffic to the internal cache.
I have several in house web servers (and a mail server with webmail running) that need to be excluded from any redirection. the rules are making me nuts. I have tried making a rule listing the server’s ip as “dst address” with the action “accept” but then nothing hits my redirection rule.
is the proper way to use the not (!) operator in front of the IP of the server i want excluded and then make the rule a action=redirect?
if someone could explain this it would be very helpfull.
[admin@rt-sisch3] > ip firewall dst-nat pr
Flags: X - disabled, I - invalid, D - dynamic
0 X in-interface=ether3-wan protocol=tcp action=redirect to-dst-address=192.168.254.10 to-dst-port=25