yeah known issue once i tryed to search for explanation , but this are windows AD(lsass) and you should create exclusions for them, and then everything should be fine but don't disable completly this rule
i hope that this helps
I would be cautious, because lsass.exe is a favourite place to hide under by trojans. Not suggesting you have this, but once you allow IRC port for lsass.exe, all the files that it loaded underneath might be able to use the same port under the name of lsass.
Please obtain information if dns.exe and lsass.exe really wants to use the ports in question and whether these ports cannot be changed to a value which does not conflict with this rule.
Basiclly you should ask Microsoft why lsass and dns are using these ports, And information about how to change these ports or something like that.
On my site they are excluded from Irc port blocking and i don't have any problems.