OK i've only started noticing this last few days, so i was wondering if someone can explain why this is happening, rather more than how to fix this.
Im getting massive destination drops on my External (Address) Object (internet) from ports 51413 UDP/TCP. (about 60,000-70,000 a day)
Now these are the ports i use for for port forwarding a transmission client behind the astaro. The rule is setup correctly, and it seems to be forwarded correctly aswell (can reach the box from the web using that port). But where is all this extra traffic coming from? and why is it being blocked?
Heres the Nat Rule:
Traffic Source: Any
Traffic Server: TransPF(51413 TCP/UDP)
Traffic Dest: External (address)
Nat mode: DNAT
dest: filesrv1 object
dest service: TransPF
Log: off
firewall: off
And the Firewall rule:
Source: Any
Service: TransPF
Dest: Filesrv1 obj
action: allow
time: always
log: off
i've got a webui portfowarded using this same scheme, on the same machine, yet none of this mass packets dropped. ideas?
EDIT: Attach Screenshot of lastnights report. (top10 drop host/service)
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
