Hi, i currently have a CCR2116 and CRS326 setup with a few vlans and firewall rules.
The vlans are setup via a bridge with hardware offloading enabled.
Firewall rules between different vlans work as expected due to hitting the router however i’m having trouble applying firewall rules to hosts on the same vlan on the switch. WIth hardware offloading enabled, any firewall rules or bridge filters are completely ignored. I turned hw offload off for two ports, and the bridge filters then worked.
I’m guessing the traffic never hits the cpu (as expected). Is there any way to apply firewall or filters with hw offload enabled?
Trying to avoid port isolation/forwarding override or applying UFW to every host.