On my LAN interface I have a firewall rule that allows 'Access to Anything' . This allows any device on the LAN interface to connect to anything on the internet as well as all the internal VLANs.
The next rule on the LAN interface blocks everything. This rule is for debugging/logging purposes and should not normally be reached.
The issue is that the 'Access to Anything' rule is being bypassed occasionally which should not be possible.
I have no idea why this is happening and would appreciate some guidance.
See the attached screen shots:
* Log showing bypassing of the rule
* Overview of the firewalls rule
* Full details of the 'Access to Anything' rule that is occasionally failing.
Thanks.
Hi, try to search for "out of state packet" (or something like that iirc). most likely this is it..
The "default deny" rule (first in "automatic rules" for an interface, with option "last match" set) nowadays reads in the description:
Default deny / state violation rule
The second part most likely applies here...
Thank you both for the quick and helpful responses. :)