Access lists are implemented after TCP/IP Stack and before DOS policy sensor on NP Processors(not NP Lite)
Configuration can be performed from the CLI:# config firewall aclThis will block the traffic coming from port1 and source address 'MyPc' to destination 'all'.
edit 1
set status enable
set comments ''
set interface "port1"
set srcaddr "MyPc"
set dstaddr "all"
set service "ALL_ICMP"
next
All other traffic is allowed.
Check the dropped packets with the command:# diag firewall acl counterPacket Flow: https://docs.fortinet.com/document/fortigate/6.0.0/parallel-path-processing-life-of-a-packet/881625...
CLI Reference: https://docs.fortinet.com/document/fortigate/6.0.0/cli-reference/929257/firewall-acl-acl6