Out of state packets
-
I am having an issue with some traffic getting blocked due to packets with TCP flags, PA, RA, etc. I have read some posts here on the subject and tried their suggestions, conservative setting, setting different TCP flags in advanced settings but some packets are still getting blocked. The IPs & ports in the rules are set to pass. I think these packets are causing issues with some apps and am hoping to find how to allow these packets through. My rules are basically a white list. Individual rules of what can pass through followed by a rule blocking everything for specific machines on my internal network.
Any idea what I can do in a rule to stop these packets from being blocked?
-
Figure out why the state is being closed.
An established TCP state will not expire for 24 hours of ZERO traffic using the default firewall settings.
If the state is no longer there it is because either side has closed it.
More info here:
https://doc.pfsense.org/index.php/Why_do_my_logs_show_%22blocked%22_for_traffic_from_a_legitimate_connection
