VLAN firewall filter issue on EX switch

Hello Guys,

We have two EX4200 switches installed with virtual chassis and we are configuring it as a router / firewall filter but we are facing somes issues with firewall filter that it isn't working properly.

The EX is configured with one L3 interface to LAN network and one physical interface to outside network as the following layout:

Me:
192.168.0.xxx

EX:
ge-0/0/23 - Outside network - 192.168.0.251
LAN (L3 vlan interface) - 172.16.100.1
ae0 (LAG interface) - LAN as member

srv01:
bond0 - 172.16.100.10

We would like to filter just the input traffic from outside network: allowing any, dropping any for some destinations for allow after specific ports as needed, for example:

# Allow specific ports

set firewall family inet filter eveo_in term allow_srv01 from destination-address 172.16.100.10/32
set firewall family inet filter eveo_in term allow_srv01 from protocol icmp
set firewall family inet filter eveo_in term allow_srv01 from protocol tcp
set firewall family inet filter eveo_in term allow_srv01 from destination-port 22
set firewall family inet filter eveo_in term allow_srv01 from destination-port 80
set firewall family inet filter eveo_in term allow_srv01 then count allow_srv01
set firewall family inet filter eveo_in term allow_srv01 then accept

# Block any to specific IPs to allow specific ports after

set firewall family inet filter eveo_in term Deny_Access from destination-address 172.16.100.10/32
set firewall family inet filter eveo_in term Deny_Access then count Deny_Access
set firewall family inet filter eveo_in term Deny_Access then discard

# Default 

set firewall family inet filter eveo_in term Default then accept

So if I apply the input filter on outside interface, the access is done as it was allowed (but a little slow) and the output traffic also is being blocked. From the server with IP 172.16.100.10 I can't do: curl, telnet, dns resolver to external network. Only ping works and without filter everything works fine.

I tried apply the filter in differents directions input/output on the outside interface and on the LAN interface too, but the correct direction for this example should be input to outside interface and output to LAN interface, right ?

Any help would is greatly appreciated.

Thank you

Regards

Robson