Veja ebtables que controlam o encaminhamento para pontes Linux:
# forward tap0 broadcasts to tap2, do not forward to tap1
ebtables -A FORWARD -i tap0 -o tap2 -d ff:ff:ff:ff:ff:ff -j ACCEPT
ebtables -A FORWARD -i tap0 -o tap1 -d ff:ff:ff:ff:ff:ff -j DROP
# forward tap1 broadcasts to tap2, do not forward to tap0
ebtables -A FORWARD -i tap1 -o tap2 -d ff:ff:ff:ff:ff:ff -j ACCEPT
ebtables -A FORWARD -i tap1 -o tap0 -d ff:ff:ff:ff:ff:ff -j DROP
# forward tap2 broadcasts to tap0 and tap1
ebtables -A FORWARD -i tap2 -o tap0 -d ff:ff:ff:ff:ff:ff -j ACCEPT
ebtables -A FORWARD -i tap2 -o tap1 -d ff:ff:ff:ff:ff:ff -j ACCEPT