Wouldn't the following filter translate to: deny anyone from accessing the MT router itself on TCP port 22 who is
NOT on the address list TrustedIP?? It's not working and the MT wiki is not really helping too much or giving me enough information to Google what I need to address this.
ip firewall filter add chain=input action=drop protocol=tcp src-address-list=!TrustedIP dst-port=22
I know, I know - I could write this easier. I was using my input chain for testing. But I need to configure my forward chain to:
1) Permit TCP/UDP 1 -1023 to my devices from src-address-list=TrustedIP
2) Deny TCP/UDP 1 - 1023 from everyone else dst to my devices
3) Permit 80/443 from everyone to my webserver
4) Permit everything else.
Thanks!