starlog wrote:Andy,
Thanks, I believe I figured it out earlier, but wanted to make sure someone kept me honest.
[edit] + firewall { + family ethernet-switching { + filter BLOCK-25 { + term PORT-25-BLOCK { + from { + interface ge-3/0/0.0; + ether-type ipv4; + source-port smtp; + destination-port smtp; + ip-protocol tcp; + } + then discard; + } + } + } + }
That would drop all trafic entering the port on which it is applied. You need a secon term to accept all other traffic.
"Also note that the default action is to block, so be sure to add a final accept term to your filter or you will drop all traffic at the port."
e.g
set term allow-all then accept