random blocked packets

[mightyi]

I recently rebuilt my Opnsense firewall and split the network into multiple VLANs to isolate the security cameras/alarm, iot, streaming, management and internal traffic.  Because of the number of IoT devices and streaming devices, it's been a nightmare process, but finally have multicast and firewall rules in a good place.
BUT I keep seeing randomly blocked groups of traffic to open ports; these are mainly from the Ring alarm base unit (outbound, 443/tcp), plex servers (443/tcp) and Apple mobile devices (5223/tcp). These are all showing flags of RA/FPS/FA; they happen between 5 and 25 times at once, then stop again for a random time.
I've read these can be ignored, but i'd like to try and stop them if i can!
I've set the firewall to "conservative" mode, configured adaptive timeouts, increased the state table size, and even changed the individual rules to "sloppy State" and extended the timeout to 24 hours; but it still keeps randomly happening, and frankly driving me nuts!

i've got a single WAN/ISP port; and a single internal interface hosting the VLANs; these are both on an intel x550-T2 card with the WAN running at 2.5GB and the internal connected vias SFP to a unifi switch at 10GB.

Is there anything else I can tweak to avoid thid rtepeeated red traffic in my log!

[meyergru]

If these packets belong to HTTPS sessions, it might be that HTTP/3 is used, which can switch to UDP, in which case packets can be unexpected and get dismissed. Also, when HTTPS sessions time out, such out-of-state packet may occur and get logged. If they bother you, you can define an explicit rule and disable logging for it.