Thu Jun 30, 2022 9:27 pm
I have a device that opens an IPv4 TCP connection to a specific port on the WAN. This device loses functionality when that connection goes away which happens when the TCP established timeout occurs. I want to bypass connection tracking for that device to that port. I created a Raw rule to set no-track on the prerouting chain based on destination port and source mac address. Turning on logging in key firewall rules, I have log entries indicating that the SYN packets were forwarded to the WAN interface, but I get no response. I cannot see any indication in firewall rule counters or log entries that a response is being blocked. Is there something else I need to do to get a response back to that device and establish the connection?