Time periods and established connections

Question

What is the expected behavior for an existing connection when the firewall rule that created the connection becomes no longer in its allowed time period? 
 So my time period is 6am-9pm, and a 100Gbyte download is started at 8:55pm. Should that connection be terminated once 9pm happens, or does XG allow existing connections to continue uninterrupted? 
 This is what i'm seeing, but i'm concerned that the connection is being allowed by my default rule. Even though my default rule has all applications and web categories blocked, i'm still seeing a small number of connections succeed on the default rule for no obvious reason, eg " settings.data.microsoft.com/ " is allowed, while " HK2SCH130021135.wns.windows.com/ " is blocked, even though both have the same category and both should be blocked. 
 I'm also seeing allow's for the rule with the time period on it, even though it's now well and truly outside the time period, so maybe time periods don't work as expected? 
 Any confirmation on the expected behavior of the time periods and established connections would be appreciated. 
 Thanks 
 James

sachingurung · Answer

All, 
 I recreated this with my local XG, I see that the connection is dropped when the schedule firewall is out of allowed time period. The XG drops the connection and puts the connection in TIME_WAIT state. Here is a glimpse of connections for the established connection. 
 console> system diagnostics utilities connections v4 show src_ip 192.168.3.3 dest_ip 202.149.208.91 proto=tcp proto-no=6 timeout=4 state=TIME_WAIT orig-src=192.168.3.3 orig-dst=202.149.208.91 orig-sport=52422 orig-dport=80 packets=30891 bytes=1236239 reply-src=192.168.3.1 reply-dst=192.168.3.3 reply-sport=3128 reply-dport=52422 packets=79004 bytes=118444558 [ASSURED] mark=0x8001 use=2 id=2933291936 masterid=0 fwid=2 policytype=1 user=0 luserid=0 usergp=0 webfltid=2 hotspotid=0 hotspotuserid=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icapid=0 appfltid=0 appid=6 catid=20 appcatid=3 ips=1 ips_nfqueue=0 ips_maxsesbytes=1 inmark=0x0 brdevinindex=0 devinindex=5 devoutindex=0 devin=Port1 devout= inzone=1 outzone=2 bwid=0 upclass=0:0 dnclass=0:0 sslvpnid=0 snatid=1 cluster_node=0 gwoff=0 ctflags=0x4200840a mmflags=0x200 dropfix=0 src_mac=00:00:00:00:00:00 dst_mac=00:00:00:00:00:00 vlan_id=0 diffserv=0 current_state[0]=14 current_state[1]=14 proto=tcp proto-no=6 timeout=10709 state=ESTABLISHED orig-src=192.168.3.3 orig-dst=202.149.208.91 orig-sport=51568 orig-dport=80 packets=54 bytes=2483 reply-src=192.168.3.1 reply-dst=192.168.3.3 reply-sport=3128 reply-dport=51568 packets=204 bytes=282648 [ASSURED] mark=0x8001 use=1 id=3041706400 masterid=0 fwid=1 policytype=1 user=0 luserid=0 usergp=0 webfltid=1 hotspotid=0 hotspotuserid=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icapid=0 appfltid=1 appid=6 catid=20 appcatid=3 ips=1 ips_nfqueue=0 ips_maxsesbytes=1 inmark=0x0 brdevinindex=0 devinindex=5 devoutindex=0 devin=Port1 devout= inzone=1 outzone=2 bwid=0 upclass=0:0 dnclass=0:0 sslvpnid=0 snatid=1 cluster_node=0 gwoff=0 ctflags=0x4200840a mmflags=0x200 dropfix=0 src_mac=00:00:00:00:00:00 dst_mac=00:00:00:00:00:00 vlan_id=0 diffserv=0 current_state[0]=13 current_state[1]=13 proto=tcp proto-no=6 timeout=10695 state=ESTABLISHED orig-src=192.168.3.3 orig-dst=202.149.208.91 orig-sport=51553 orig-dport=80 packets=66 bytes=3132 reply-src=192.168.3.1 reply-dst=192.168.3.3 reply-sport=3128 reply-dport=51553 packets=212 bytes=293188 [ASSURED] mark=0x8001 use=1 id=939286528 masterid=0 fwid=1 policytype=1 user=0 luserid=0 usergp=0 webfltid=1 hotspotid=0 hotspotuserid=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icapid=0 appfltid=1 appid=6 catid=20 appcatid=3 ips=1 ips_nfqueue=0 ips_maxsesbytes=1 inmark=0x0 brdevinindex=0 devinindex=5 devoutindex=0 devin=Port1 devout= inzone=1 outzone=2 bwid=0 upclass=0:0 dnclass=0:0 sslvpnid=0 snatid=1 cluster_node=0 gwoff=0 ctflags=0x4200840a mmflags=0x200 dropfix=0 src_mac=00:00:00:00:00:00 dst_mac=00:00:00:00:00:00 vlan_id=0 diffserv=0 current_state[0]=13 current_state[1]=13 proto=tcp proto-no=6 timeout=3 state=TIME_WAIT orig-src=192.168.3.3 orig-dst=202.149.208.91 orig-sport=52642 orig-dport=80 packets=5 bytes=224 reply-src=192.168.3.1 reply-dst=192.168.3.3 reply-sport=3128 reply-dport=52642 packets=2 bytes=92 [ASSURED] mark=0x8001 use=1 id=2918468448 masterid=0 fwid=2 policytype=1 user=0 luserid=0 usergp=0 webfltid=2 hotspotid=0 hotspotuserid=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icapid=0 appfltid=0 appid=0 catid=0 appcatid=0 ips=0 ips_nfqueue=0 ips_maxsesbytes=1 inmark=0x0 brdevinindex=0 devinindex=5 devoutindex=0 devin=Port1 devout= inzone=1 outzone=2 bwid=0 upclass=0:0 dnclass=0:0 sslvpnid=0 snatid=0 cluster_node=0 gwoff=0 ctflags=0x2008000 mmflags=0x200 dropfix=0 src_mac=00:00:00:00:00:00 dst_mac=00:00:00:00:00:00 vlan_id=0 diffserv=0 current_state[0]=14 current_state[1]=14 
 Look at my configuration and verify that the time setting are up2date. 
 
 Thanks