Thanks for the response lleachii
I've not noticed anything in particular yet.. just more curious as to why.
Completely agree, I wasn't suggesting to change it to accept, I understand the common concept of it, just wondering why it seems like I have legitimate replies that hit that drop rule.
Yes, I understand it would be, I was more suggesting it doesn't seem to be something like DOS traffic etc. that's input to WAN.
Thanks understood that, just doesn't answer why sites that should be ESTABLISHED are hitting back to the WAN port and getting dropped.