Virtual firewall link to USG/Zywall/VPN
Had this idea for some time but didn't think it could work for devices going by a bridge until I worked out how that could be done.
So let start with the setup LAN1 to OPT with no LAN1toOPT firewall rule but has LAN1toZyWALL allowed only.
So heres the idea a software firewall by Zyxel on windows 10 that links to the USG/Zywall/VPN device on a custom protocol (not TCP or UDP) when you start a APP like Microsoft Edge you get a prompt do you want to allow this with a user name password set by USG/Zywall/VPN (admin not allowed user type must be user) and you can click to deny, always allow or ask each time the software firewall then sends to the USG/Zywall/VPN to allow/deny the traffic for protocol, IP and port (destination and source).
The software firewall has the option to set the IP of the USG/Zywall/VPN to override default gateway IP and interface (DMZ) traffic will be sent on and seen by USG/Zywall/VPN like a bridge DMZ to WAN1.