That traffic flows through the bridge (and probably, the switch embedded in the device), and does not reach the firewall; blocking that traffic is not trivial. Can you block the traffic on the 192.168.1.108 device? Can you use separate networks? Otherwise, you will have to use "ebtables".
3 Likes