I've opened some ports for bittorrent: 6881:7881 to be precise.
I have a DNAT on my WAN interface for those ports on TCP/UDP that forwards them to the pc in question.
I also have an exception that will alow the PC to connect to any port on the internet if it comes from the previously mentioned range (So 2 Different Service Objects)
This seems to work fine... however a lot of packets are dropped with a RST state, It seems harmless, but it's still annoying to see your log file up.
I also notice a lot of drops of ACK PSH FIN's on ActiveSync connections.
They remain open for a very long time. This could possibly be related.
Below is a small snipet that shows one from activesync and the others from torrents.
I probably made an error somewhere, but I'm not sure were since everything seems to work. ActiveSync randomy goes broken for a few minutes until a new connection is made, this is also annoying but not to bad.
17:16:11 Default DROP TCP
91.121.217.18 : 443
→
91.176.70.98 : 60122
[ACK PSH FIN] len=803 ttl=64 tos=0x00 srcmac=0:50:56:8:6b:a3
17:16:17 Default DROP TCP
82.192.84.140 : 64628
→
188.165.142.66 : 7502
[RST] len=40 ttl=57 tos=0x00 srcmac=ec:30:91:e0[:D]f:80 dstmac=0:50:56:2:27:f3
17:16:19 Default DROP TCP
46.59.99.187 : 51413
→
188.165.142.66 : 7507
[RST] len=40 ttl=56 tos=0x00 srcmac=ec:30:91:e0[:D]f:80 dstmac=0:50:56:2:27:f3
17:16:19 Default DROP TCP
91.121.177.126 : 54377
→
188.165.142.66 : 7511
[RST] len=40 ttl=60 tos=0x00 srcmac=ec:30:91:e0[:D]f:80 dstmac=0:50:56:2:27:f3
17:16:21 Default DROP TCP
72.211.230.125 : 51308
→
188.165.142.66 : 7508
[RST] len=40 ttl=52 tos=0x00 srcmac=ec:30:91:e0[:D]f:80 dstmac=0:50:56:2:27:f3
17:16:23 Default DROP TCP
24.11.81.54 : 50010
→
188.165.142.66 : 7519
[RST] len=40 ttl=51 tos=0x00 srcmac=ec:30:91:e0[:D]f:80 dstmac=0:50:56:2:27:f3
