pfSense

=========== STATES and RULES Before the Schedule Expired ============

--

lagg0 udp 128.RBX.GME.SVR:49473 <- 192.168.0.5:64913       MULTIPLE:MULTIPLE

   age 00:12:19, expires in 00:01:00, 14706:26910 pkts, 1655854:12549651 bytes, rule 98

   id: 020000005ea4ee13 creatorid: 1551d1e1

--

igb0 udp 47.SPC.MY.IP:51888 (192.168.0.5:64913) -> 128.RBX.GME.SVR:49473       MULTIPLE:MULTIPLE

   age 00:12:19, expires in 00:01:00, 14706:26910 pkts, 1655854:12549651 bytes, rule 64

   id: 020000005ea4ee14 creatorid: 1551d1e1

--

@98(1586552496) pass in quick on LOCAL_NETS route-to { (igb0 47.SPC.MY.GW), (igb0 47.SPC.MY.GW), (igb0 47.SPC.MY.GW), (igb0 47.SPC.MY.GW), (igb0 47.SPC.MY.GW) } round-robin inet from <_WEB_ACCS:17> to any flags S/SA keep state label "USER_RULE: Allow Internet by Schedule"

@64(1000008011) pass out route-to (igb0 47.SPC.MY.GW) inet from 47.SPC.MY.IP to ! 47.SPC.RNG.0/21 flags S/SA keep state allow-opts label "let out anything from firewall host itself" 

=========== STATES and RULES After the Schedule Expired =============

--

igb0 udp 47.SPC.MY.IP:51888 (192.168.0.5:64913) -> 128.RBX.GME.SVR:49473       MULTIPLE:MULTIPLE

   age 00:17:13, expires in 00:01:00, 31069:63644 pkts, 14203479:53418978 bytes, rule 64

   id: 020000005ea4ee14 creatorid: 1551d1e1

--

lagg0 udp 128.RBX.GME.SV2:49473 -> 192.168.0.5:64913       MULTIPLE:MULTIPLE

   age 00:01:22, expires in 00:01:00, 19410:10080 pkts, 15811058:4762508 bytes, rule 63

   id: 020000005ea4ee27 creatorid: 1551d1e1

--

@64(1000008011) pass out route-to (igb0 47.SPC.MY.GW) inet from 47.SPC.MY.IP to ! 47.SPC.RNG.0/21 flags S/SA keep state allow-opts label "let out anything from firewall host itself"

@63(1000007913) pass out inet all flags S/SA keep state allow-opts label "let out anything IPv4 from firewall host itself"