Hello there, I'm trying to separate my ports into 2 VLAN that cannot route between em (one is my internal network and the other one is a free hospot connexion). They're actually separated like this : vlan1ports="2 1 8*" vlan2ports="0 8" vlan3ports="4 3 8" This part is working and the vlans are effectively on a different network (192.168.2.0/24 and 192.168.1.0/24) But i can't get the VLAN 1 and VLAN 2 not communicating between them, even if im setting iptables rules correctly. Here's what's in my firewall script init : iptables -I INPUT -i vlan3 -j ACCEPT; iptables -I FORWARD -i vlan3 -o vlan2 -m state --state NEW -j ACCEPT; iptables -I FORWARD -i vlan3 -o br0 -j DROP; is something that im not doing correctly ? oh btw im using the tomato2.6usb standard firmware. Thanks in advance !