Hello everyone,

I have the following rule:

/ip firewall filter
add action=drop chain=forward comment="Deny SFTP traffic to DESTSERVER" dst-address=172.26.0.2 dst-port=22 out-interface=LTE protocol=tcp

Also this router should exchange banking data with payment pos. Since i added this rule to block traffic through SSH on that destination IP address payments are not working properly and it happens random as hell.

I was wondering if in firewall rule "dst-port=22" will only block SSH connection for that IP_addr or will block for every other connection?
Any ideas?

Thank you!

It will block ssh, but as sftp runs over ssh session, it will also block sftp

Also this router should exchange banking data with payment pos. Since i added this rule to block traffic through SSH on that destination IP address payments are not working properly and it happens random as hell.
.

.
Check the counters when you're experiencing random application of the rule.The counters will tell you if it's the rule or something else.

Depends on what other rules are in effect, their order as well. This rule would block as it says - to this dst IP and this port.
Maybe your banking traffic depends in some step on SSH/port22 and is not always in effect.
Sometimes things are not that simple as one single TCP connection. As other said, look at rule's counter if it increments while banking payment is executing.