I have a RB2011 v6.40.4.
this is configured with an internal DATA bridge (ports 3-10) and a WAN bridge (ports 1,2) (with IP DHCP client) with masquerade NAT onto the WAN bridge. ether 3 and 6 are set as master ports with ports 5,6 ->ether 3 and ports 7-10 ->ether 6
I have set up a Trafficflow monitor on the DATA bridge interface
I am seeing the WAN Address being shown as the destination address for inbound Internet traffic, this is SURELY wrong as it not only breaks the ability to identify the local destination of traffuic flows but also the DATA bridge should never see the NAT address as that is assigned to the WAN bridge - (un)NAT should occur on traffic ingress to the WAN.
Capturing using a netflow tester confirms that the traffic destination IP is being given as the WAN IP address:
ID:256 - 192.168.22.146:64368->23.1.106.65:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:49 1263
ID:256 - 23.1.106.65:443->10.7.9.249:64368 E:0 EE:0 P:6 IF/OF:27/12 09:08:49 5973
ID:256 - 192.168.22.146:49951->209.85.203.97:443 E:0 EE:0 P:17 IF/OF:12/27 09:08:51 4582
ID:256 - 209.85.203.97:443->10.7.9.249:49951 E:0 EE:0 P:17 IF/OF:27/12 09:08:51 29379
ID:256 - 192.168.22.146:64371->31.13.90.6:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:51 1654
ID:256 - 31.13.90.6:443->10.7.9.249:64371 E:0 EE:0 P:6 IF/OF:27/12 09:08:51 34428
ID:256 - 192.168.22.146:63978->52.97.131.178:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:51 80
ID:256 - 192.168.22.149:50571->209.85.203.94:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:51 82
ID:256 - 209.85.203.94:443->10.7.9.249:50571 E:0 EE:0 P:6 IF/OF:27/12 09:08:51 104
ID:256 - 192.168.22.149:50530->209.85.203.94:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:51 82
ID:256 - 209.85.203.94:443->10.7.9.249:50530 E:0 EE:0 P:6 IF/OF:27/12 09:08:51 104
ID:256 - 52.211.37.133:443->10.7.9.249:62212 E:0 EE:0 P:6 IF/OF:27/12 09:08:51 1090
ID:256 - 192.168.22.146:62212->52.211.37.133:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:51 3361
ID:256 - 192.168.22.148:50943->52.20.25.179:5222 E:0 EE:0 P:6 IF/OF:12/27 09:08:52 82
ID:256 - 52.20.25.179:5222->10.7.9.249:50943 E:0 EE:0 P:6 IF/OF:27/12 09:08:52 104
ID:256 - 52.97.131.82:443->10.7.9.249:52205 E:0 EE:0 P:6 IF/OF:27/12 09:08:53 250
ID:256 - 192.168.22.20:56913->52.179.13.204:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:55 268
ID:256 - 52.179.13.204:443->10.7.9.249:56913 E:0 EE:0 P:6 IF/OF:27/12 09:08:55 332
ID:256 - 40.100.173.2:443->10.7.9.249:51840 E:0 EE:0 P:6 IF/OF:27/12 09:08:57 250
ID:256 - 192.168.22.152:51840->40.100.173.2:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:57 80
ID:256 - 212.113.132.216:80->10.7.9.249:50589 E:0 EE:0 P:6 IF/OF:27/12 09:08:41 447
ID:256 - 212.113.132.216:80->10.7.9.249:50590 E:0 EE:0 P:6 IF/OF:27/12 09:08:41 499
ID:256 - 212.113.132.216:80->10.7.9.249:50586 E:0 EE:0 P:6 IF/OF:27/12 09:08:36 7792
ID:256 - 192.168.22.149:50589->212.113.132.216:80 E:0 EE:0 P:6 IF/OF:12/27 09:08:57 80
ID:256 - 192.168.22.149:50586->212.113.132.216:80 E:0 EE:0 P:6 IF/OF:12/27 09:08:58 80
ID:256 - 212.113.132.216:80->10.7.9.249:50591 E:0 EE:0 P:6 IF/OF:27/12 09:08:58 80
ID:256 - 212.113.132.216:80->10.7.9.249:50592 E:0 EE:0 P:6 IF/OF:27/12 09:08:41 527
ID:256 - 52.97.131.98:443->10.7.9.249:49839 E:0 EE:0 P:6 IF/OF:27/12 09:08:58 250
ID:256 - 192.168.22.149:50591->212.113.132.216:80 E:0 EE:0 P:6 IF/OF:12/27 09:08:41 824
ID:256 - 40.100.174.210:443->10.7.9.249:64030 E:0 EE:0 P:6 IF/OF:27/12 09:08:59 250
ID:256 - 192.168.22.146:64375->23.1.106.65:443 E:0 EE:0 P:6 IF/OF:12/27 09:08:59 1201
ID:256 - 23.1.106.65:443->10.7.9.249:64375 E:0 EE:0 P:6 IF/OF:27/12 09:08:59 5973