> I'm also having this problem. I have the "netfilter support for bridge"
> enabled in the kernel, but any rules that I set for the bridge only make
> the packets invisible to my kernel -- they're still passed through the
> bridge.
>
> For example, if I block all traffic from 1.1.1.1 to 1.1.1.2 (which, of
> course, passes through the bridge), the packets are still passed through
> -- but when I run tcpdump on my bridge interface (br0), it doesn't pick
> them up.
>
> Any idea what might be wrong?
>
Hi!
Well... BRIDGE-STP-HOWTO says to create a chains with
the bridge's name. I've done it with iptables but it doesn't work.
So, I created rules using FORWARD chain.. And it worked!!!
Looks like bridge code is using this chain.... Please try this issue.
I think Lennert Buytenhenk can answer it....
bests regards
--
Lucas Brasilino
[EMAIL PROTECTED]
http://www.recife.pe.gov.br
Emprel - Empresa Municipal de Informatica (pt_BR)
Recife's IT City Hall Company (en_US)
Recife - Pernambuco - Brasil
Fone: +55-81-34167078
_______________________________________________
Bridge mailing list
[EMAIL PROTECTED]
http://www.math.leidenuniv.nl/mailman/listinfo/bridge
