I'm also having this problem. I have the "netfilter support for bridge" enabled in the kernel, but any rules that I set for the bridge only make the packets invisible to my kernel -- they're still passed through the bridge.
For example, if I block all traffic from 1.1.1.1 to 1.1.1.2 (which, of course, passes through the bridge), the packets are still passed through -- but when I run tcpdump on my bridge interface (br0), it doesn't pick them up. Any idea what might be wrong? -Mark > Have you compiled firewall (netfilter) support for bridge ? > You should enable "Prompt for developement code" (something like this) > in order to "netfilter support for bridge" (something also like this) > option appear to you. > > Hope it helps. > > bests regards > > -- > Lucas Brasilino > [EMAIL PROTECTED] > http://www.recife.pe.gov.br > Emprel - Empresa Municipal de Informatica (pt_BR) > Recife's IT City Hall Company (en_US) > Recife - Pernambuco - Brasil > Fone: +55-81-34167078 > > _______________________________________________ > Bridge mailing list > [EMAIL PROTECTED] > http://www.math.leidenuniv.nl/mailman/listinfo/bridge > _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
