zone LAN { default-action drop description "LAN Zone" from LOCAL { firewall { name LOCAL_LAN } } from WAN { firewall { name WAN_LAN } } interface eth0 } zone LOCAL { default-action drop description "LOCAL Zone" from LAN { firewall { name LAN_LOCAL } } from WAN { firewall { name WAN_LOCAL } } local-zone } zone WAN { default-action drop description "WAN Zone" from LAN { firewall { name LAN_WAN } } from LOCAL { firewall { name LOCAL_WAN } } interface eth1 }