Logs show blocked, but it just works?

[SVMartin80]

I have two VLAN's, a management VLAN and a server VLAN.

My workstation is (when I need it) connected to the management VLAN. In the server VLAN there is a pihole running.

To allow the workstation to make changes to the Pihole configuration, I have added a firewall rule that allows the workstation to connect. This works nicely. The dashboard page in Pihole automatically updates some statistics. In the webbrowser developer tools, network tab, I see these calls. They are all fine, with a proper response and http response code 200.

Now, when I use the live log view in Opnsense, I see that there are many calls from my workstation to my pihole on port 80 which are blocked. When I close the pihole browser tab, these logs stop.

How is this possible?

This is a screenshot of my firewall rules for management interface: https://drive.google.com/file/d/1mbvVggCpaEkpiRHNbVVrzjiVOxcGSB0f/view?usp=drive_link

This is a screenshot of a log entry where the traffic is blocked: https://drive.google.com/file/d/1Lmjj9pWRG9hRLlQ8JMriudlDTZXvyhQg/view?usp=drive_link

For some reason it matches the default deny / state violation rule. But why doesn't it match the (quick) rule I created to allow this traffic? And why is (from a functional perspective) pihole webinterface still working fine?

[SVMartin80]

ok, think I got it.

Tried to reproduce again today. Initially it didn't occur, until I opened the web developer tools. Then, when I closed the web developer tools, it kept happening. Then I closed the tab and after about a minute no blocked events were logged anymore.

So I assume that my browser (Firefox 126 64-bit on Suse Tumbleweed) is doing 'something' to support web developer tools and this is not a regular issue (or a problem with my understanding of firewall rules/network configuration).