> Okay, using better search criteria I was able to find an article that
> showed the syntax that seems to work using ipt_physdev.
>
> iptables -A FORWARD -m physdev --physdev-in eth0 -j LOG
>
> This will do what I want it to for now.
This also what is in the man page (well, it is in mine) :
physdev
This module matches on the bridge port input and output devices
enslaved to a bridge device. This module is a part of the
infrastructure that enables a transparent bridging IP firewall
and is only useful for kernel ver-sions above version 2.5.44.
--physdev-in [!] name
You can only use --physdev[-in|...] with "-m physdev", just like you can
only use "--dports" with "-m mulitport" or "--limit" with "-m limit".
Gr,
Rob
