The Bridged Protocols section allows the user to specify, allow and log the Ethernet protocols that can be allowed to bypass all firewall filtering between bridged interfaces. TCP/IP packets will still pass between these bridged interfaces according to normal firewall rules on the ports specified in a bridging Pass Through filter.
Protocol type designations are generally unpublished. To see a collection of known Ethernet protocol types, go to IANAís website at http://www.iana.org/assignments/ethernet-numbers.
To locate a type designation for a protocol you need to bridge, configure the bridged interface for your operational network. Packets that attempt to pass between the bridged networks are, by default, denied (blocked) but not logged until they have been defined in Bridged Protocols. In order to log non-TCP/IP Ethernet packets, enable logging for DENY UNEXPECTED PACKETS in Filters/Preferences. This will generate log messages containing the protocol types of the IP packets. The packet protocol type is logged with a ì0xî prefix that identifies the characters as being in hexadecimal format.
Enter the hexadecimal number with its prefix into the TYPE field. Decimal format numbers can also be entered; they will be displayed in hexadecimal.
To continue to deny a specific protocol but not log it, enter the protocol type number and select the ENABLE checkbox. To deny a protocol and log the denials, select both the ENABLE and LOG checkboxes. To allow a protocol and not log it, select the ENABLE and ALLOW checkboxes.
¨ Caution
There is no firewall filtering of the protocol types that have been allowed in Bridged Protocols.