Cisco – IP ACL for SPAN port on 3560

My scenario is that I have > 1g of traffic on a switch, but only a 1g monitor port. But the traffic I'm actually interested in is only about 10mbps, the rest can be ignored.

I have one 3560 switch, and I want to configure a SPAN port but also enable an IP ACL. I understand this is possible, at least on the 6500s, by configuring one session with a destination of an RSPAN VLAN, and another session (same switch) using that RSPAN VLAN as the source. Then apply an ACL to the RSPAN VLAN. This is described here: Using RSPAN with VACLs for Granular Traffic Analysis .

However, this doesn't seem to work on a 3560. I even removed the ACLs, and still no-go:

vlan 555
 remote-span
interface Vlan555
 no ip address
 shutdown
monitor session 50 source interface Fa0/24
monitor session 50 destination remote vlan 555
monitor session 51 destination interface Fa0/22
monitor session 51 source remote vlan 555

No traffic shows up. If I clear those monitor sessions and just do source fa0/24 dest fa0/22, then it works fine. (Ignore that I'm using FE here as a test.)

Any ideas? Other ways of getting an ACL into a SPAN without needing a second switch?

Update: Well according to this:

Can a RSPAN Source Session and the
Destination Session Exist on the Same
Catalyst Switch? No. RSPAN does not
work when the RSPAN source session and
the RSPAN destination session are on
the same switch.

That's a limitation on 4500 and 3750, so I guess that means 3560 too. Any other workarounds?

Update 2: I'm not quite sure what RSPAN actually does on the wire. I configured RSPAN, but instead of putting it on a trunk port to another switch, I put it onto a trunk port to my NIC. Traffic is replicated, but the RSPAN VLAN's ACL is not applied, even though the 3560 config document explicitly says it should work.