Hi, >Using 2.6.35 kernel. >Should I use ebtables for this? iptables seem more flexible here. Iptables should work great. Try matching interface with physdev-in/physdev-out instead of -i/-o as described here: http://bwachter.lart.info/linux/bridges.html If it doesn't help try using ip address matching rules to narrow down the problem and see if you get any hits. I hope you're using kernel bridge for bridging. I don't think you'll be able to filter traffic bridged with userspace tools like vde. Best regards, Marek -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
