After setting up my firewall I noticed that the log is filling with dropped TCP packets that have ACK,FIN ACK,RST or RST flags.
It is dropping these packets both ways (in and out of my network).
This is my first time setting up a firewall and I would appreciate any input to improve the rules.
Here are my firewall filters:
0 ;;; Accept established and related forward
chain=forward action=accept connection-state=established,related
1 ;;; Accept new local to internet forward
chain=forward action=accept connection-state=new src-address-list=Local dst-address-list=!NotPublic in-interface=bridge-local out-interface=pppoe
2 ;;; Accept new dnsnated forward from internet
chain=forward action=accept connection-state=new connection-nat-state=dstnat src-address-list=!NotPublic dst-address-list=Local in-interface=pppoe out-interface=bridge-local
3 ;;; Accept new local to local forward
chain=forward action=accept connection-state=new src-address-list=Local dst-address-list=Local in-interface=bridge-local out-interface=bridge-local
4 ;;; Drop all forward
chain=forward action=drop log=yes log-prefix="Dropped"
5 ;;; Accept established and related input
chain=input action=accept connection-state=established,related
6 ;;; Accept new local input
chain=input action=accept connection-state=new in-interface=bridge-local
7 ;;; PPTP GRE
chain=input action=accept protocol=gre
8 ;;; PPTP Control
chain=input action=accept protocol=tcp dst-port=1723
9 ;;; L2TP
chain=input action=accept protocol=udp dst-port=500,1701,4500
10 ;;; Drop all input
chain=input action=drop log=yes log-prefix="Dropped"