Access lists are implemented after TCP/IP Stack and before DOS policy sensor on NP Processors(not NP Lite)
Configuration can be performed from the CLI:# config firewall aclThis will block the traffic coming from port1 and source address 'MyPc' to destination 'all'.
edit 1
set status enable
set comments ''
set interface "port1"
set srcaddr "MyPc"
set dstaddr "all"
set service "ALL_ICMP"
next
All other traffic is allowed.
Check the dropped packets with the command:# diag firewall acl counterPacket Flow: https://docs.fortinet.com/document/fortigate/6.0.0/parallel-path-processing-life-of-a-packet/881625...
CLI Reference: https://docs.fortinet.com/document/fortigate/6.0.0/cli-reference/929257/firewall-acl-acl6
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.