Shorewall rules for blocking intra-zone traffic

According to the manual of shorewall-rules, when all is used either in the SOURCE or DEST column intra-zone traffic is not affected. When all+ is used, intra-zone traffic is affected. Therefore, the following rule blocks access from IP 192.168.1.150 of loc zone to all other zones (including the network interface of the firewall running shorewall on the loc zone)
DROP    loc:192.168.1.150       all+