Firewall Rule using ports fails

[LisaMT]

I have a early general firewall rule that allows LAN traffic to ports in an alias 'safe ports' (80 443)

The last firewall rule deny traffic to anywhere.  "Block LAN Traffic"

Lan is subnet 192.168.10.0/24

In the logs I'm seeing the following getting blocked on the last rule like this:

LAN In 2025-12-12T12:00:39-07:00 TCP 192.168.10.63:40982   34.160.212.185:443   block   Block LAN Traffic

The earlier rule should have passed this.

Not sure why?

[Patrick M. Hausen]

Please show both rules in their entirety.

[LisaMT]

IPv4 TCP/UDP   LAN net   *   *   SafePorts    *   *      Allow Safe Ports (80, 443)      
           
IPv4 TCP/UDP   TVs    *   *   TVPorts    *   *      Allow TV's to their ports(Bunch of ports) Including 80 and 443      
              
IPv4 *   *   *   *   *   *   *      Block LAN Traffic      

TV's are on .63-.65

I added the t65tv temporarly to allow to anywhere.  I'll check the logs and see if it shows.


LANIn2025-12-12T17:35:30-07:00TCP192.168.10.63:5512963.34.182.173:443 blockBlock LAN Traffic
LANIn2025-12-12T17:35:30-07:00TCP192.168.10.63:5512963.34.182.173:443 blockBlock LAN Traffic
LANIn2025-12-12T17:27:34-07:00TCP192.168.10.63:3911434.160.212.185:443 blockBlock LAN Traffic
LANIn2025-12-12T17:27:34-07:00TCP192.168.10.63:3911434.160.212.185:443 blockBlock LAN Traffic
LANIn2025-12-12T16:57:35-07:00TCP192.168.10.63:57909174.129.18.38:443 blockBlock LAN Traffic

[pfry]

Looks OK offhand. Unless someone else has a better idea, look at the live view again and hit the "i" to the right - I'd look initially at TCP flags (if the value is not "S", it's a session issue). I'd also activate logging for the pass rules so you can see them as well - seeing only blocks can be misleading. Personal preference, of course.

[LisaMT]

Thanks, I'll look at that.