I’ve got RB1200 and my port’s config is:
-ether1 - LAN (192.168.0.x)
-ether2 - WAN (static IP)
-ether3 - mail server (static IP)
ether2 and ether3 are bridged (bridge1). Masquerade traffic goes through bridge1. “Use IP Firewall” in Bridge options is disabled, so traffic to/from ether3 is not filtered by firewall’s rules. I’d like to filter this traffic, but I’m not sure if enabling “Use IP Firewall” in Bridge options is everything I need. I assume that enabling this option can cause NAT’ing the bridge1 traffic. Should I use some additional rules to exclude bridge1 traffic from being NAT’ed?