07:29:56 Default DROP TCP 222.93.240.134 : 4118 → [Our Public IP] : 80 [SYN] len=48 ttl=116 tos=0x00 srcmac=00:00:00:00:00:00 dstmac=00:08:02:a4:99:5f
I have a group "Chinese Hackers" that includes 222.93.240.0/22 and a PF rule 'Chinese Hackers → Any → Any : Drop'.
99% of such packets are indeed dropped by my rule. Any thoughts about how the packet above could have slithered past my PF rule before being default dropped?
Cheers - Bob
This thread was automatically locked due to age.
