I was informed by @davidep that the bridge is not needed and have removed the bridge from both my Test-NethSec boxes, a VM and a real box.
For one:
Just the presence of a Bridge on a 2-NIC firewall presents risks (Lockout and more!), especially if it is not used…
And it is completely against any “best practices” having network objects active, even when there is no use for it!
AFAIK, it is working.
But: I am using other firewalls productively, this box is only for testing. And the Test-LAN hardly has any hosts, therefore also hardly (any!) rules…
My 2 cents
Andy
Also referred to here by Izuku: