Using the rule below i see unexpected behavior in the logs. The log excerpt shows three allowed connections. Each of these connections is to a country that is blocked. They do not show a destination port. and they appear to always be destination port 443. Since this is a drop rule, w/o exceptions. I wouldn't think there would be any allowed.
This thread was automatically locked due to age.
