Yes, earlier there was a DDOS attack and customer tried blocking the traffic from Brazil using country code "BR" but it did not work so he added manual rules to block the traffic.
Later, we suspected an issue with IpToCountry mapping and so updated the IpToCountry.csv file and then removed all the manual entries and it almost worked fine. But still observing some 443 traffic from Brazil accepted by Implied rules.
I believe fwaccel rule should block all the traffic coming from Brazil but it is still allowed by Implied rules.
Is there any suggestion ?
Appreciate your help !