starlog,
Hello! One configuration snippet in particular caught my attention. In your original request you asked to block traffic "from port 25 smtp". In the below configuration, you have a match condition of source-port 25 and destination-port 25.
+ term PORT-25-BLOCK {
+ from {
+ source-port smtp;
+ destination-port smtp;According to this article all conditions in the from stanza must be met to match and execute the then statement. If your intent is to block all traffic sourcing from port 25 then you should only use source-port smtp. If you are attempting to block communications destined to port 25 you should use destination-port smtp. If you want either or, try using the port match condition.
All in all, if your original ask is to block traffic from port 25, the below configuration should meet your needs.
set firewall family ethernet-switching filter BLOCK-25 term BLOCK-SMTP from source-port smtp set firewall family ethernet-switching filter BLOCK-25 term BLOCK-SMTP then discard set firewall family ethernet-switching filter BLOCK-25 term BLOCK-SMTP then log set firewall family ethernet-switching filter BLOCK-25 term PERMIT-ANY then accept
set interfaces ge-3/0/0.0 family ethernet-switching filter input BLOCK-25