I got a problem now which my target is limit the host which specified IP can access to other places.
My iptables rules in below:
-A INPUT --in-interface swp3 -s 192.168.100.4/32 -d 0.0.0.0/0 -j ACCEPT
-A INPUT --in-interface swp3 -j DROP
PC with IP 192.168.100.4 is connected direct to swp3. Once other IP which not same then DROP it.
However, it did not work now. Any have idea?
Below is switch config for reference.
bridge-ports swp1 swp2 swp3 swp4
bridge-vids 1 400