I have a forward rule to drop invalid packets.
Problem I have is when this rule is enabled, it drops all packets from machines connected via OpenVPN on another server through a dnat rule. How can I enable this rule but prevent it from dropping “invalid” packets from my vpn network?
Change the in-interface. Either do NOT vpn interface, or do ONLY internet interface.