Are my firewall rules being applied?

We had someone configure Vyatta for us as a firewall. I can see the definition for the firewall rules in the config but I cannot see where they are actually being applied. I think they need to be applied to either the bond1 or the eth1 (external) interface?

Eg firewall rule:

firewall {
    name SERVICE-ALLOW {
        rule 15 {
            action accept
            destination {
                address 10.66.60.41
                port 2525,443,80
            }
            protocol tcp
        }

Interface config: (eth1)

    ethernet eth1 {
        bond-group bond1
        hw-id 00:25:90:74:ab:87
        speed auto
    }

And the bonding interface:

    bonding bond1 {
        address 119.x.y.z/29
        address 2401:xxx:yyy:zzz:0000:0000:0000:0003/64
        hash-policy layer3+4
        mode 802.3ad
        vif 2148 {
            address 119.xx.yy.zz/29
            address 119.xx.yy.zz/29
            address 119.xx.yy.zz/29
            address 119.xx.yy.zz/29
        }

I think what I need to do is something like this to actually apply the rules:

set interfaces ethernet eth1 firewall in name SERVICE-ALLOW

Can someone with some experience in vyatta please confirm this for me?

And also confirm if they should be applied to bond1 or eth1?

many thanks in anticipation,

Yes you’re right the firewall instance must be applied to the interface to be effective.

Logically it should be applied to interface bond1 , but I recommand you test the result.