I want to make a bridging firewall with fedora core 3.

I of course am going to use 2 nics. And a beefy PC with 2 gigabit cards
over the pci slots :-(.

I just want to allow through arp and IP(tcp and udp) traffic filter out
multicast and any other protocols snap, ipx, Spanning tree.

ifconfig br0
#note here I have an ip for this nic so i can ssh to the linux box.
ifconfig eth1
ifconfig eth0:1
#Add any ip tables that I want to pre-route for destination redirection.

#Here is the question. How do I drop any other protocol other than arp and
ebtables -t broute ????????
#How do I drop vlan tagged traffic?

thanks in advance.