Traffic blocked by "Default deny / state violation rule"

Started by dsduarte, November 07, 2023, 04:35:44 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 07, 2023, 04:35:44 AM
Hi guys...

I found some traffic been blocked on my OPNSense Firewall but I'm not sure why...
On the attached picture there is an example...
There is a LAN IP trying to reach an IP on the Internet and also there is traffic between IP's on the same subnet..
There is no rule on LAN or WAN to reject this traffic so I think by the label its due to some "state violation rule".
Can you help me to find out why these traffic is been blocked?


Thanks!

November 07, 2023, 06:28:39 AM #1 Last Edit: November 07, 2023, 08:52:00 AM by zan
Most likely out-of-state packets.
Check the blocked packets "tcpflags", if they are RA, FA, PA etc you can safely ignore those.
November 07, 2023, 08:36:58 AM #2
I have found PA and FA.... Tks!!!

Now I need to research what that means!   :-X
Print
Go Up Pages1
User actions