On Fri, Oct 30, 2009 at 3:51 PM, Caitlin Bestler
[off-list ref] wrote:

Yes, it is legitimate for a Bridge to see two different 10.*.*.*
networks on different VLANs.
A Bridge can even see that same MAC address being used by two
different end stations
on different VLANs (especially if the global bit is not set).

What is not legitimate is presenting both of those 10.*.*.* networks
for local delivery.

I did not mean this case.

If you are only bridging the frames then there are no connections to
track, only frames.

This is more like what I was trying to do with the device, but with
stateful firewall functionality
for which I was using iptables/netfilter.

Thanks