Ive been trying to use ACL firewall in this manner:
1. allow est/rel on all interfaces (but it seems as if i gotta specify this over and over for EACH ruleset)
2. allow in-interface=.. out-interface=.. (allow forward cross subnet ; ive NO IDEA how to do this in edgeos.. this was so easily done in mikrotik)
3. allow out-interface=wan (allow internet for everything)
4. action=drop chain=forward (we drop everything else)
if somebody knows how to do so, please guide. problem is probably taht there's no way to specify in and out interface. please shed some light on this.
at the moment im trying a very simplified zone firewall setup to see if its still slow.
