I am really baffled by this. I have a firewall rule that sometimes gets missed, screenshots attached. What am I missing? Why does it sometimes endup with the standard floating rule "Default deny / state violation rule"?
What does "standard Floating rule" mean?
What interface is that rule on?
You shouldn't be using floating rules unless you absolutely have to.
It's the top "Automatically generated rules", notice it's "last match".
It is what it says: State violation. No state, no traffic.
Do a package capture and watch your "Nest" at work. Most likely it tries to reuse the tcp connection that is already closed and then starts a fresh session (passed).
Indeed you are correct sir. Much appreciated.