The VPC network compares the packet against the active connections table to see whether this is an existing connection:

• If it is not an existing connection, the VPC network looks for a firewall rule to allow the connection.
• If there is no firewall rule, the VPC network drops the packet without informing the sender.