Thank you for the suggestion, but what about rule number 6? If I understand correctly, the system reads rules from the top to bottom. If I set it up like this:
1 ETH01 * DROP all opt — in ETH01 out * 0.0.0.0/0 -> 0.0.0.0/0 yes
2 ETH01 * ACCEPT all opt — in ETH01 out * 220.127.116.11 -> 0.0.0.0/0 yes
I think it will never reach the second rule. Am I correct?
Maybe I have to use that Accept rule as number one and Drop as number two?