No announcement yet.

what does invalid_blocked indicate?

  • Filter
  • Time
  • Show
Clear All
new posts

  • what does invalid_blocked indicate?

    In the networking report I see a lot of invalid_blocked connections. Some seem to be from IoT devices using port 443 to hit some remote server (for instance, an Arlo hub and a Sonos speaker). In addition, I see that my WiFI router is failing to reach port 137 on the Untangle host due to invalid_blocked. I know I can bypass these things but not sure if I should since I'm not even sure why Untangle is blocking them. Where is invalid_blocked defined or how is it determined?

    Additionally, I see a lot of connections being blocked for the same reason trying to hit the WAN IP address on UDP port 6888. Presumably, this is some sort of attack which Untangle is blocking.

    Thanks for any clarity and recommendations.
    Last edited by gwar9999; 04-25-2023, 12:14 PM.

  • #2
    invalid_blocked means that the traffic was malformed, damaged, or otherwise unroutable at the time it arrived at NG Firewall. It's not being 'blocked' in the traditional sense; it's just being dropped because NG Firewall cannot route it for some reason. Unfortunately, we have no way to tell you what is wrong with the packet or why it was unroutable when it arrived.
    Græme Ravenscroft • Technical Marketing Engineer
    ('gram', like the unit of measurement)
    How can we make Arista ETM products better?


    • #3
      Thanks for the reply. Oh well, guess it doesn't really matter since, as far as I know, all of my IoT devices are behaving fine even if some of the traffic is getting dropped.