iptables for bridge

I would like to filter some traffic on bridge br0, the traffic flows from eth0 to eth1.  If using bridge in not possible then i can do routing where all traffic is needed to flow from eth0 to eth1. Or i can put the box as gateway, but need no nat.

iptables -F
iptables -t nat -F
iptables -t mangle -F

# Set policies
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP

#Stateful
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

########################
#Limiting the incoming icmp ping request:
iptables -A INPUT -p icmp -m limit --limit 6/s --limit-burst 10 -j ACCEPT
iptables -A INPUT -p icmp -m limit --limit 3/s --limit-burst 5 -j LOG --log-prefix PING-DROP: --log-level 7
iptables -A INPUT -p icmp -j DROP

iptables -A OUTPUT -p icmp -j ACCEPT
########################
iptables -A FORWARD -p icmp --icmp-type echo-request -m length --length 92 -j DROP

# Local
iptables -A INPUT -i lo -j ACCEPT

#BLOCK SASSER
iptables -A FORWARD -p tcp -m tcp --dport 445 --tcp-flags SYN,RST,ACK SYN -j DROP
iptables -A INPUT -p tcp -m tcp --dport 445 --tcp-flags SYN,RST,ACK SYN -j DROP
iptables -A INPUT -p tcp -m tcp --dport 445 -j DROP
iptables -A FORWARD -p tcp -m tcp --dport 445 -j DROP
iptables -A FORWARD -p tcp -m tcp --sport 445 -j DROP

#NetBIOS
iptables -A FORWARD -p tcp -m tcp --dport 132:139 --tcp-flags SYN,RST,ACK SYN -j DROP
iptables -A FORWARD -p tcp -m tcp --sport 132:139 --tcp-flags SYN,RST,ACK SYN -j DROP
iptables -A FORWARD -p tcp -m tcp --dport 132:139 -j DROP
iptables -A FORWARD -p tcp -m tcp --sport 132:139 -j DROP

#ms-sql worm
iptables -A FORWARD -p udp --dport 1434 -j DROP
iptables -A FORWARD -p udp --sport 1434 -j DROP
iptables -A FORWARD -p udp --dport 1433 -j DROP
iptables -A FORWARD -p udp --sport 1433 -j DROP

# libpcap/tcpdump trojan
iptables -A FORWARD -p udp -m udp --sport 1963 -j DROP
iptables -A FORWARD -p tcp -m tcp --sport 1963 -j DROP

#BLOCK PRIVATE
iptables -I OUTPUT -d 224.0.0.0/4 -j REJECT
iptables -I OUTPUT -d 240.0.0.0/5 -j REJECT

iptables -I FORWARD -d 224.0.0.0/4 -j REJECT
iptables -I FORWARD -d 240.0.0.0/5 -j REJECT