pfSense Forum

pfSense English Support => General Questions => Topic started by: vmaxx on March 06, 2018, 01:01:26 pm

Title: Out of state packets
Post by: vmaxx on March 06, 2018, 01:01:26 pm
I am having an issue with some traffic getting blocked due to packets with TCP flags, PA, RA, etc. I have read some posts here on the subject and tried their suggestions, conservative setting, setting different TCP flags in advanced settings but some packets are still getting blocked. The IPs & ports in the rules are set to pass. I think these packets are causing issues with some apps and am hoping to find how to allow these packets through. My rules are basically a white list. Individual rules of what can pass through followed by a rule blocking everything for specific machines on my internal network.

Any idea what I can do in a rule to stop these packets from being blocked?
Title: Re: Out of state packets
Post by: Derelict on March 06, 2018, 01:06:08 pm
Figure out why the state is being closed.

An established TCP state will not expire for 24 hours of ZERO traffic using the default firewall settings.

If the state is no longer there it is because either side has closed it.

More info here: