I'm trying to understand what this mean "Inbound traffic will be restricted to the service and forwarding rules configured below.” when configuring firewall rules on an MX device? Does this mean that rules are automatically created when an inbound session is created? The service section in Firewall doesn't seem easy to configure or add something besides Ping which is already there. Additionally, if I configured something in the forwarding section (i.e. port forwarding), does this only take effect during an inbound session?
Meraki has a unique way of doing firewall rules compared to a traditional firewall. Here is an example. If you were trying to prevent a network server at 220.127.116.11 from being able to ping anything in your environment. On a traditional firewall you could prevent incoming icmp from 18.104.22.168. On the MX you'd instead create an outgoing rule to prevent ICMP to 22.214.171.124. It accomplishes the same thing of ultimately blocking the incoming traffic but it does it via blocking the response. It took me a while to wrap my head around this difference since I was used to traditional Cisco ACLs and Sonicwalls.