Dear all, I configure my kvm vm like this: <interface type='bridge'> <mac address='52:54:00:dd:b2:c5'/> <source bridge='nw-vpc-1017'/> <target dev='if-57'/> <model type='virtio'/> <filterref filter='clean-traffic'> <parameter name='IP' value='10.0.0.1'/> </filterref> <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/> </interface> But when i start it and show the ebtables rules, nothing is applied [root@kvmhost ~]# ebtables -L Bridge table: filter Bridge chain: INPUT, entries: 0, policy: ACCEPT Bridge chain: FORWARD, entries: 0, policy: ACCEPT Bridge chain: OUTPUT, entries: 0, policy: ACCEPT Bridge chain: libvirt_qemu_FORWARD, entries: 0, policy: DROP Please show me what wrong i've done. Thanks so much! -- Nguyen Thinh