Comment by irusensei

Can’t wrap my head around how their firewall rules work. Default rule and there is no way to change it.

And lately the interface has been so convoluted and nonsensical. DNS records sure now “policies”, you can only assign very essential rules like setting routing rules to known objects based on MAC address - the ui doesn’t allow you to pick an IP address.

I wanted to create a special routing rules to allow a container using macvlans to always leave through ISP2. Since this is a macvlan the interface MAC address was different every time the system started. Mind you “ip x.x.x.x goes through link 2” is one of those basic things firewalls and routers do since forever but if the object doesn’t exist on their automated inventory then forget it.