I noticed recently that I could SSH from my home firewall to my LAN.
I figured I must have left a PF rule for that on, but when I checked, there was no such rule.
Furthermore, I've now found that I can make TCP connections to any address/any port from the firewall, including ports for which I have no services defined. [:(]
To rule out a bad PF, I've tried adding a PF rule at the top:
source External (Address), any, any, logdrop.
I've disabled my 1 SNAT rule, and double-checked all my DNATs.
But I can still make outgoing connections on random ports.
I can't figure this out; anyone have an idea?
I can give SSH access to Astaro personnel.
I'll attach my iptables output in a minute.
Thanks,
Barry
This thread was automatically locked due to age.
