bend chen wrote: >hi,netfilter > > who can give me some examples from "iptables -m physdev"? > >thanks your help > > > > You need it to check the INPUT and OUTPUT Pyshical Interface for a BRIDGE you want to filter with Iptables. I mean, if you have an eth0 and eth1 bridged in a br0 interface all the packets coming and exiting to and from the bridge will result with IN-INTERFACE and OUT-INTERFACE as br0. If you need to filter the packets based on incoming and outcoming interfaces you need to use -m physdev iptables -A FORWARD -m physdev --physdev-in eth0 -j ACCEPT bye P.
