Hello, could you please help with a clarification?
Some machines have got a Blizzard Game (i.e. “Starcraft”) installed and activated. It appeared that, since when I closed the outgoing firewall rules according to your latter Wiki posts, there is a regular bunch of drops on IP port 1119/TCP OUTGOING on interface RED.
When defining any outgoing rule which circumvents this problem, it appears the messages are gone.
However, I wonder why this happens from GREEN to RED; I believe that should be DNAT, not OUTGOING, isn’t that right?
p.s. Could that be that the Blizzard sofware nats itself through the worksations and ends up in the firewall somehow?