Hi, I have a transparent bridge in front of my network. Behind it are about 10 servers, all services from web to mail to ftp to MySQL. I am trying to implement a firewall on the bridge. The only problem is I cant get the firewall to pass the bridged packets unless I allow all bridged packets through. Now if I do that then there is no point in having a firewall there because all the packets are going to br bridged. What am I doing wrong? Here are the rules I have so far:
00500 allow udp from any 53 to any 1024-65535 bridged
00550 allow log udp from any to any 53 bridged
00557 allow log tcp from any 25,80,443 to any bridged
00578 allow log tcp from any to any 25,80,443 bridged
00579 allow log icmp from any to any bridged icmptypes 0,3,4,5,8,9,10,11,12,13,14,15,16,17,18
65534 deny log ip from any to any
These rules dont allow me to view a website or get mail from a server behind the bridge.
In the firewall log I get tons of these:
65534 Deny MAC in via dev0
All I would like to know how to do is pass the services through the bridge but block all other ports that I dont specifically open.
Any help is greatly appreciated.