Hello,
I have applied below rules on dummy interface, suppose it should deny all SSH to dum1, but I still able access. I have to apply this rules to my eth0(WAN), then it can block SSH access. It seems dummy interface just didn’t support firewall rules?
Is there any way to restrict access to the management dummy interface? I know that I can apply rules on the incoming interface, but the problem is my interface has over 10Gbps, I am afraid appling firewall rules may bring additional CPU overhead.
set firewall name ACL-MGMT-PUB rule 999 action 'drop'
set firewall name ACL-MGMT-PUB rule 999 destination port '22'
set firewall name ACL-MGMT-PUB rule 999 protocol 'tcp'
set interfaces dummy dum1 firewall local name 'ACL-MGMT-PUB'