Dropped Packet:
Some examples:
06:18:31 Default DROP TCP 205.234.170.163 : 38520
→ 67.108.100.105 : 80
[ACK FIN] len=52 ttl=54 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:15:17:8a:fb:75
10:34:26 Default DROP TCP 65.73.171.197 : 60921
→ 67.108.100.105 : 80
[ACK RST] len=40 ttl=116 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:15:17:8a:fb:75
12:32:06 Default DROP TCP 65.73.171.197 : 61352
→ 67.108.100.105 : 80
[ACK FIN] len=40 ttl=116 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:15:17:8a:fb:75
12:40:50 Default DROP TCP 170.122.200.58 : 58539
→ 67.108.100.105 : 80
[ACK FIN] len=52 ttl=52 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:15:17:8a:fb:75
NAT Rule:
Traffic Source: Any
Traffic Service: HTTP-HTTPS (predefined group)
Traffic Dest: Server-PUB (67.108.100.105)
DNAT
Dest: Server (10.1.1.182)
Web browsing traffic works fine, web page shows up, but I wouldn't expect to see ANY port 80 traffic in the packet filter log since its all specifically allowed.
What would be causing this?
This thread was automatically locked due to age.
