Hi there,
I would like to create a rule that detects if an ip attempts to make a connection to the firewall on a certain port, and add that IP into a block rule. Is this possible to do? Eg: Ip 1.1.1.1 connect to firewall on port 4000. Firewall sees this in logs and adds it into a block rule that denys any traffic for 1.1.1.1 which also now prevents that IP from connecting to any nat rules that are open for other services on the network.
Kind regards
P