vyos@VyOS# set firewall name incoming_traffic default-action drop
vyos@VyOS# set firewall name incoming_traffic enable-default-log
vyos@VyOS# set firewall name incoming_traffic rule 1 description incoming_established
vyos@VyOS# set firewall name incoming_traffic rule 1 action accept
vyos@VyOS# set firewall name incoming_traffic rule 1 state established enable
vyos@VyOS# set firewall name incoming_traffic rule 1 state related enable

vyos@VyOS# set firewall name incoming_traffic rule 5 description 'allow_isakmp'
vyos@VyOS# set firewall name incoming_traffic rule 5 action 'accept'
vyos@VyOS# set firewall name incoming_traffic rule 5 source address '1.1.1.10'
vyos@VyOS# set firewall name incoming_traffic rule 5 destination address '2.2.2.10'
vyos@VyOS# set firewall name incoming_traffic rule 5 destination port '500'
vyos@VyOS# set firewall name incoming_traffic rule 5 protocol 'udp'

vyos@VyOS# set firewall name incoming_traffic rule 10 description allow_ipsec
vyos@VyOS# set firewall name incoming_traffic rule 10 action accept
vyos@VyOS# set firewall name incoming_traffic rule 10 source address 1.1.1.10
vyos@VyOS# set firewall name incoming_traffic rule 10 destination address 2.2.2.10
vyos@VyOS# set firewall name incoming_traffic rule 10 protocol esp

vyos@VyOS# set interfaces ethernet eth0 firewall in name incoming_traffic
vyos@VyOS# set interfaces ethernet eth0 firewall local name incoming_traffic