Recently my WLAN got a new citizen, a device running Android 8 (oreo). Ever since then I am seeing blocked packets show up in the firewall logs that belong to connections from the android to my proxy server (squid) running on port 3128. The dropped packets have flags F, P or R set:
Am I correct to assume that those packets belong to connections for which the state on the firewall has by then expired? What is the cause of such behaviour and what options are there to do something about it? Increase the timeout on the firewall? Client side config?
Code:
2020-10-12 12:37:22.254685 rule 7.air.25/0(match): block in on wlan0: 10.6.8.4.57909 > 10.6.6.1.3128: Flags [F.], seq 1862561702, ack 1974147104, win 693, options [nop,nop,TS val 35747 ecr 678972576], length 0
2020-10-12 12:37:22.408626 rule 7.air.25/0(match): block in on wlan0: 10.6.8.4.57908 > 10.6.6.1.3128: Flags [P.], seq 857158349:857158372, ack 4155482869, win 798, options [nop,nop,TS val 35765 ecr 2586556459], length 23
2020-10-12 13:33:49.365779 rule 7.air.25/0(match): block in on wlan0: 10.6.8.4.57915 > 10.6.6.1.3128: Flags [R.], seq 2103374456, ack 3754428267, win 4414, options [nop,nop,TS val 38675 ecr 3382496206], length 0