@da_667 Yeah the SREs like this. One question though, to make sure I'm understanding the flow directions here. I'd use a rejectsrc action if I wanted an outbound request to be rejected? And a rejectdst for an inbound one? Trying to understand the circumstances where I'd want to send the message to the destination IP.