Use local-in policies to close open ports or restrict access
You can also use local-in policies to close open ports or otherwise restrict access to FortiOS.
Close ICMP ports
Use the following command to close all ICMP ports on the WAN1 interface. The following example blocks traffic that matches the ALL_ICMP firewall service.
config firewall local-in-policy
edit 1
set intf wan1
set srcaddr all
set dstaddr all
set action deny
set service ALL_ICMP
set schedule always
end
Close the BGP port
Use the following command to close the BGP port on the wan1 interface. The following example blocks traffic that matches the BGP firewall service.
config firewall local-in-policy
edit 1
set intf wan1
set srcaddr all
set dstaddr all
set action deny
set service BGP
set schedule always
end