Thanks dpurgert,
I would like to block traffic going out on guest_vlan, except for traffic over http/s 80/443. I don't seem to be able to make that happen. Is that possible to by default deny all traffic, except for some specific ports, such as 80, 443, 587, 993?
When I set the default-action to deny, when i specifically create a rule to allow port 80, it is still blocked. When I create an additonal rule that allows all traffic, then all traffic is allowed again.
I'm doing this over the gui, but I should think that wouldn't make a difference.. Should this be possible?
