Greetings everyone. I am trying to figure out how one would set up an inline filtering appliance with an RB1200 in a somewhat unusual manner. This particular device has only one IP address assignable to it and has two physical ports (ingress / egress) which if I understand correctly means that it is internally bridging the two physical ports. My thoughts are:
1) utilize two ports on the RB1200 to cable the ingress and egress ports of the filter
2) mark specific traffic via mangle and routing rules to go through this device

If possible, I could then be selective on what traffic is diverted through it rather than physically placing / cabling it either before the router LAN port(s) or after the WAN port as it would normally be.

I have configured a setup prior to this using squid transparent proxy along with mangle/routing marks, but in that case I could assign different IP addresses / subnets to the interfaces whereas in this case I am stuck with the single bridged IP of the appliance.

Has anyone attempted such a setup or would anyone care to speculate on how I might be able to accomplish this? My thanks in advance to any replies.