Hi,
i am setting up transparent firewall, two interfaces in bridge. What is main differences between filtering with bridge filter and filtering with ip firewall?
When should i use which?
bridge firewall could be used if you want to filter something in layer2 (MAC), while most of the requirements are actually on layer 3 (IP), so enable “use-ip-firewall” on bridge and create IP filters there.
While bridge firewall is there and can be used, true use of it is actually very rare.
tnx!
A good real world example of using bridge filtering is using it to block IP multicast traffic from segments where it is not needed/wanted - e.g. the wireless side of a bridge. Since the IP multicast traffic uses a known range of MAC addresses it can actually be done at L2.