Hello,
Can you try something like this & check?
set firewall family inet filter eveo_in term allow_srv01 from source-address 0.0.0.0/0
set firewall family inet filter eveo_in term allow_srv01 from destination-address 172.16.100.10/32
set firewall family inet filter eveo_in term allow_srv01 from protocol icmp
set firewall family inet filter eveo_in term allow_srv01 from protocol tcp
set firewall family inet filter eveo_in term allow_srv01 from destination-port 22
set firewall family inet filter eveo_in term allow_srv01 from destination-port 80
set firewall family inet filter eveo_in term allow_srv01 then count allow_srv01
set firewall family inet filter eveo_in term allow_srv01 then accept
set firewall family inet filter eveo_in term allow_tcp_established source-address 0.0.0.0/0
set firewall family inet filter eveo_in term allow_tcp_established destination-address 172.16.100.10/32
set firewall family inet filter eveo_in term allow_tcp_established from protocol tcp
set firewall family inet filter eveo_in term allow_tcp_established from protocol udp
set firewall family inet filter eveo_in term allow_tcp_established source-port 22
set firewall family inet filter eveo_in term allow_tcp_established source-port 80
set firewall family inet filter eveo_in term allow_tcp_established source-port 23
set firewall family inet filter eveo_in term allow_tcp_established source-port 53
set firewall family inet filter eveo_in term allow_tcp_established then count allow_tcp_established
set firewall family inet filter eveo_in term allow_tcp_established then accept
set firewall family inet filter eveo_in term Deny_Access from source-address 0.0.0.0/0
set firewall family inet filter eveo_in term Deny_Access from destination-address 172.16.100.10/32
set firewall family inet filter eveo_in term Deny_Access then count Deny_Access
set firewall family inet filter eveo_in term Deny_Access then discard
set firewall family inet filter eveo_in term Default then accept
Regards,
Rushi