Almost. Your rule 2 is overriding the later port rules, and is effectively turning your firewall off. Need to tweak rule 2 just a bit
Just to keep in mind that all rules are written in the context of your machine: what’s coming into your machine from the outside, and what your machine is sending out to others. You may have some source and destinations reversed.
Your rules should look something like this.
rule 0 allow out protocol IP from zone[Intel Pro] to any
rule 1 allow in protocol ICMP from any to zone[Intel Pro] where icmp message is fragmentation needed
rule 2 allow in protocol ICMP from any to zone[Intel Pro] where icmp is time exceeded
rule 3 allow in protocol ICMP from any to zone[Intel Pro] where icmp is host unreachable
rule 4 allow in protocol ICMP from any to zone[Intel Pro] where icmp is port unreachable
rule 5 allow in protocol TCP/UDP from any to zone[Intel Pro] where destination port is 11880
rule 6 allow in protocol TCP/UDP from any to zone[Intel Pro] where destination port is 26454
rule 7 block&log in&out protocol IP from any to any
This new rule 0 is way too permissive, as it will let your machine send anything to anybody at any port. That’s not good security. But to get things working, it’ll do, and then tidy up the rules later.
A terminology note: saying “protocol IP” is the same as saying “protocol any”, as TCP, UDP, and ICMP are all IP protocols. So the new rule 0 is letting the ICMP traffic out. Letting the ICMP traffic out was missing from the rules you just posted.
Rule 1 to 4 will allow the most common ICMP traffic flow problem warnings come into your machine from where-ever. Rule 5 and 6 will let the traffic come in to whatever you have running that needs to have traffic on those ports, as evidenced by your earlier log. Rule 7 is the catch-all to block anything else.
That should get CFP out of the way for the most part of being a block on throughput. If things speed up, then it’s time to tighten up that new rule 0. So, put these new rules in place, watch your CFP logs, and see how things are running. If it’s not improved, or at least different somehow, then post your logs, and we’ll go from there.