Suddenly blocked within LAN by Default deny / state violation rule

[Combo]

• Here is a Mac OS X Server (really old, El Capitan 10.11.6, Server 5.2) with serveral services running (all the years)
• OPNsense 22.7.11 running unbound as DNS server
• Apple TimeCapsule running WiFi access
• iMac M1 OS X 12.6.3

Problem
OPNsense firewall is blocking traffic from iMac to Server over LAN/Ethernet suddenly. Not happening with connections from outside over WAN and connections over the local WiFi AP. AFP file sharing and VNC remote access are suffering. Calendar and addressbook services are not affected noticeably.

1st AFP and VNC connections establish fast. Browsing the servers directories is fast until the connection gets stucked and the iMac shows the rainbow spinning wheel. VNC is running well, looses connection and is reconnecting itself after some different length of timeout.

Looking the OPNsense firewall live log shows the same (see attachments): 1st connection, some time running well, then suddenly blocking by Default deny / state violation rule. Waiting some time could establish a reconnection if my iMac is not freezing himself meanwhile in the save-as dialog of an open document.

Until now
This setup has been running over years with the last changes to the firewall maybe 20 month back. Updating OPNsense and Mac OS regularly. Absolutely no troubles before the OPNsense last main update and before the iMac's Mac OS 12.5/6.

Any idea, where I have to start fixing? Thanks in advance.

[ttw1988]

I have same issue like you.
I set a rule to pass all TCP/UDP from LAN to DMZ
However, the firewall will block it (Show in attachment)

I tried to visit the website in DMZ from LAN with DMZ ip address
The webpage can be show but cannot post any file back to the website

[Demusman]

@combo The firewall wouldn't even see traffic on the same subnet. That would be layer 2 traffic only.
There's something you're not telling us about your setup. Post pics of your network layout.

@ttw1988 Post pics of your firewall rules from all interfaces.

[ttw1988]

Thx @Demusman
Here is the firewall rule
WAN:
https://ibb.co/zNrSZtR

LAN:
https://ibb.co/mzyLG69

DMZ:
https://ibb.co/Qm8N5bK

OpenVPN:
https://ibb.co/MhmvmvJ

Floating:
https://ibb.co/FKk8d62

P.S. May I know have a better way to export the rule as text format ?

[Demusman]

On the LAN interface, delete the Lan net to DMZ net rule. The default allow any already covers that.

What does "The webpage can be show but cannot post any file back to the website" mean?

Why have a DMZ if you're allowing it to everywhere?

[Combo]

@combo The firewall wouldn't even see traffic on the same subnet. That would be layer 2 traffic only.
There's something you're not telling us about your setup. Post pics of your network layout.

Thanks Demusman
Attached the network situation. All IPs manually an in Subnet 255.255.255.255. Router and DNS-Server 192.168.1.1.

All you see on this layout has been worked well many months. Regular updates on the iMac and OPNsense. I have the feeling that either the Mac OS 12.6.1 > 2 > 3 Update or the last few OPNsense updates are causing my problems. Updating OPNsense today onto 23.1_6 was not solving.

Again, if I switch the iMac onto WLAN via the Timecapsules AP there is all green in the firewall live log.

Thanks again for any help.
Christian