... or why does the 'Default deny / state violation rule' strike if I have a custom rule(s) allowing everything in and out for a particular interface?
Basically my issue is that I want to pass traffic in/out on one particular interface entirely unfiltered. Hence I went ahead and added on 'IN' and one 'OUT' rule allowing everything quasi, see screenshot below.
However, for that interface I still keep seeing firewall log entries blocking traffic based on the 'Default deny / state violation' rule regularly.
Given that this particular interface is physically connected to a second router/firewall, I really, really do not want any filtering happening on the OPNsense box and was wondering HOW I can disable filtering (illegal state or not) completely and for good?
See screenshots at: https://imgur.com/a/PdBGxTG
Please draw a diagram of your network. The most common cause of unexpected "state violation" hits is asymmetric routing.
Also in most cases you never need an "out" rule.
You can change the state tracking behaviour in the advanced settings of the firewall rule. A single "pass in any" rule with state type "none" should be sufficient.
Cheers
Maurice
Quote from: Patrick M. Hausen on October 09, 2023, 12:02:37 AM
Please draw a diagram of your network. The most common cause of unexpected "state violation" hits is asymmetric routing.
Also in most cases you never need an "out" rule.
Sometimes I wonder if that selector needs a pop up warning and/or being placed behind the Advanced toggle. I see so many people misunderstanding it.