I am in the middle of configuring my new 380 and I have just done inbound port forwarding for all of my internet servers and services. I am now confused at the firewall tables as they appear to be a similar set of rules (public ip/private ip/port, allow or deny). I have specific public ip addresses that static nat to an internal ip address and I allow only certain tcp ports to each of these static translations. I am sure there is something that I am overlooking and perhaps I need to setup both inbound forwarding and firewall with a deny rule for all other traffic inbound, or is the inbound port forwarding going to only allow the traffic from public ip-private ip/tcp port .
I just thought of something. Perhaps I should inbound port forward all ports from a public ip address to a static ip address, then use the firewall section to restrict only the necessary TCP ports on that translation? Thanks for listening to me mumble and thanks for your help.