Issue with NAT Rule Description and "Default deny / state violation rule" Label

[oezay]

Hi everyone,

I have created a NAT rule, and it works as expected. However, in the live view, the allowed connections are displayed in green and marked as allowed, but they are labeled as "Default deny / state violation rule." Some connections are forwarded to the internal host but are still shown as blocked in the live log with the "Default deny / state violation rule" label.

I've noticed that if the initial incoming packets arrive on the primary WAN IP, the label remains blank. However, when packets come in on the virtual IP on the WAN interface, the "Default deny / state violation rule" label is applied.

Has anyone encountered this issue or know how to ensure that the correct description specified in the NAT rule is displayed in the live view? This behavior occurs both with associated rules and with explicitly created firewall rules.

Thank you for your support!
oezay

[guenti_r]

Sadly to say, i have the same issue but no solution.
The Firewall live view (Labels) are simply wrong displayed.

[siga75]

same issue here, from a port forward auto generated rule, see attachments

Type   opnsense   
Version   24.7.9_1   
Architecture   amd64   
Commit   b41ccdc9f   
Mirror   https://opnsense-mirror.hiho.ch/FreeBSD:14:amd64/24.7   
Repositories   OPNsense (Priority: 11)   
Updated on   Sat Nov 23 15:12:18 CET 2024   
Checked on   N/A

[Monviech (Cedrik)]

https://github.com/opnsense/src/issues/223

[siga75]

glad they working on it, well in my case it's not empty, but with a label of another rule, but it's almost sure the issue is the same, or related

thx

[guenti_r]

Just for the records:

https://forum.opnsense.org/index.php?topic=43625.msg217188#msg217188