how can i disable nat for one specific user on the network?
for example my hotspot network is 192.168.5.0/24
well i have user 192.168.5.15 who i need to disable masquerading for because i am creating a mangle rule to mark routing for and pass it elsewhere.
the problem is the main masquerading rule is not letting him and is masquerading .15 also.
please help!
You should add a accept rule in the srcnat chain above the masquerade one .
Something like this :
ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=accept src-address=192.168.5.15/32 out-interface=ether1-gateway
1 ;;; default configuration
chain=srcnat action=masquerade out-interface=ether1-gateway
i assume /32 makes it only one pc?
do i really need to put /32? cant it just be 192.168.5.15 ?
In main masquerade rule add:
src-address=!192.168.5.15
HTH,
whats the ! do i never quite understood that?
‘!’ means ‘is not’ 
In Winbox:
HTH,