[Bridge] 802.1Q tagging

["Kunszt Árpád" <kunszt@freemail.hu>]

	Hi!

I'm new on the list and I'm Hungarian so please forgive my terribly bad
English.
First greetings to all.
I want to create a Linux box which will be act as a rate limiter ( with
tc ) and an IP<->MAC checker ( now iptables on br0 ).
I have three interfaces. Two Gigabits ( eth1 and eth2 ) and 100Mbps (
eth0 ) for management. On the eth1 and eth2 there are approx 60 802.1Q
tagged VLANs so I don't want to create one bridge for every single VLAN.
I want to use one bridge. This is br0.
I set up iptables it's mainly stands lines like -A <chain> -m mac
--mac-source <...> -s <...> -j ACCEPT then DROP without -m mac stuff.
Then I set up tc on eth1 and eth2 using HTB, PRIO and SFQ. The
classifier was U32.
The bridge and the iptables worked ( the counters increased ) . I can
arping from a machine from the eth1 interface to another machine on the
eth2 interface. The tc didn't worked, the classifer didn't matched any
packet ( I used ip dst addr/32 ). I thought this is because the 4 byte
802.1Q header.
I tried to correct this but suddenly the bridge was stopped. ( There
wasn't outgoing traffic on one interface. Only one, the second was okay. )
I'm using Gentoo with 2.6.16-gentoo-r9 kernel.
Did I something wrong? Is this configuration/idea good? Or is there any
fundamental errors? Expected somebody this symptoms?
Any helps or ideas are welcome.
Thanks,

Arpad