Ok so as you have it now only devices in your local home network can access the nas with no restrictions. You’re allowing everything for your local subnet, which is good. with rule 1 you allow management, smb, ws discovery, etc. it’s everything because it’s a trusted network.
Now do you need to access your nas from outside of your network (when you’re away from home)? If so what do you need access to? And where do you need access from? Create another rule and position it as number 2. This rule should have a source ip of where you’re going to be accessing it from, such as your home country.