here's a copy paste of an example:
If you have multiple IP addresses that you want to allow through the
firewall, you will need to go to Objects Setting then IP Objects,
click an index / link on there and add the IP address details (single
IP / subnet IP / range IP). You will need to do this for each IP
address that you want to allow if they are in separate IP ranges.
You can then add them to an IP Group under Objects Setting then IP
Group, select an index/link on there and add the IP Objects to the
group.
To configure the filter rules, go to the Firewall menu then Filter
Setup and on there go to #2 Default Data Filter and select the first
un-used filter rule:
Filter Rule #1:
Comment: Block SMTP
Direction: WAN to LAN
Source IP: leave this set to Any
Destination IP: leave this set to Any
Service Type: click Edit, select TCP, leave Source Port as 1-65535,
set Destination Port to 25-25, or create a Service Type
Object called SMTP with the same settings.
Action: Block if No Further Match
Filter Rule #2:
Comment: Allow SMTP
Direction: WAN to LAN
Source IP: click Edit and either specify the address you want to
allow, or set the Address Type to Group and Objects and select the IP
Group you created, then click OK.
Destination IP: leave this set to Any
Service Type: same as the previous rule
Action: Pass Immediately
That should then limit access to port 25 TCP to those IP addresses
only.
