Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Rule being ignored occasionally?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Rule being ignored occasionally? (Read 714 times)
Evert
Newbie
Posts: 42
Karma: 4
Rule being ignored occasionally?
«
on:
March 13, 2024, 09:36:16 am »
Hi all,
We have an interface named OFFICE where we allow anyone who is on the associated subnet (192.168.24.x) to connect to * on port 80 & 443 (TCP/UDP).
At the bottom of the rule list for this interface there's a rule blocking any traffic from OFFICE to !OFFICE.
When I enable logging on that last rule, I occasionally see requests from OFFICE to external hosts on 443/TCP (occasionally 80/TCP) being blocked.
Why would that traffic reach that rule, given that I allow all traffic on ports 80 and 443 higher up in the rule list?
Logged
--
Regards,
Evert
zan
Full Member
Posts: 175
Karma: 31
Re: Rule being ignored occasionally?
«
Reply #1 on:
March 13, 2024, 03:05:48 pm »
Most likely out-of-state traffic. What are the 'tcpflags' of blocked packets?
Logged
bazbaz
Jr. Member
Posts: 53
Karma: 2
Re: Rule being ignored occasionally?
«
Reply #2 on:
March 13, 2024, 03:55:43 pm »
I have a rule that ALLOWS traffic to 443, that has started to be blocked! Logs report that packet has been dropped cause "Default deny / state violation rule"
Is there some big problem?
Logged
Evert
Newbie
Posts: 42
Karma: 4
Re: Rule being ignored occasionally?
«
Reply #3 on:
March 14, 2024, 10:59:09 am »
Quote from: zan on March 13, 2024, 03:05:48 pm
Most likely out-of-state traffic. What are the 'tcpflags' of blocked packets?
PA, FPA, RA or A. It varies.
Logged
--
Regards,
Evert
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Rule being ignored occasionally?