This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow certain traffic

Hello everybody,

I would like to ask you for help. The thing is that I wan't to allow certain services. These include Dropbox and Spotify.

I've allowed Dropbox and Spotify via Application Control (Web Protection > Application Control), but I am still seeying many red lines in the Firewall live log, where you can see the service (Dropbox or Spotify) and next to that you see that the packet has been dropped.

Since I've allowed them in Application Control, how could this happen?

Well, I hope somebody can explain to me what I'm doing wrong, and can give some advice, on how I can manage to do this in the most secure and efficient way.

Thanks a lot!

P.s. yes, I have disabled the IPS rules for Skype

This thread was automatically locked due to age.

Parents

0 Emile Belcourt over 8 years ago

Hi A.M.,

Just to clarify you have web filtering/firewall rules in place to allow HTTP/HTTPS traffic out to the internet?

Application control looks inside the packet at the application layer whereas the firewall is concerned with the network and transport layers. So therefore if you're not actually allowing out the initial connection then the application control will not fire because it happens after the firewall rejection.

Easiest way to test is create a Local Network > HTTP & HTTPS > Internet IPV4 Allow Firewall Rule and see if Skype/Dropbox kicks into life. This would be better served by creating web filtering rules in transparent mode if you are actively trying to block websites but be careful as you can quite easily block Skype & dropbox there too.

Hope that helps,

Emile
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Emile Belcourt over 8 years ago

Hi A.M.,

Just to clarify you have web filtering/firewall rules in place to allow HTTP/HTTPS traffic out to the internet?

Application control looks inside the packet at the application layer whereas the firewall is concerned with the network and transport layers. So therefore if you're not actually allowing out the initial connection then the application control will not fire because it happens after the firewall rejection.

Easiest way to test is create a Local Network > HTTP & HTTPS > Internet IPV4 Allow Firewall Rule and see if Skype/Dropbox kicks into life. This would be better served by creating web filtering rules in transparent mode if you are actively trying to block websites but be careful as you can quite easily block Skype & dropbox there too.

Hope that helps,

Emile
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 A.M. Heijboer over 8 years ago in reply to Emile Belcourt

Hello Emile, thank you for your help!

Yes I have; the clients are allowed to use all services

Internal (Network) > Any > Any

In addition I have disabled the following rules at the Advanced tab in IPS, accordingly to https://community.sophos.com/products/unified-threat-management/f/network-protection-firewall-nat-qos-ips/41225/list-of-ips-rules-with-reported-false-positives-conflicts

2180 (Enable bittorrent traffic)

2181 (Enable bittorrent traffic)

16281 (Enable bittorrent traffic)

16282 (Enable bittorrent traffic)

24397 (Enable Steam traffic)

6001 (Enable Skype traffic)

5998 (Enable Skype traffic)

5692 (Enable Skype traffic)

5693 (Enable Skype traffic)

5694 (Enable Skype traffic)

18608 (Disables Dropbox events)

18609 (Disables Dropbox events)

But still I’ve the feeling that I did something wrong. For example, when I download some Ubuntu torrents, it dous download them, but with trouble. It is slow and has trouble connecting to seeds/peers (while there are always many, many seeds availible).

I find this strange because I allowed it through the application manager, and on the firewall the PC is allowed to connect to the outside world on any protocol/port.

In the previous situation it worked flawlessly (simple firewall) but now not anymore. I haven’t ever have to use DNat to be able to download torrents, luckely, but I have the feeling that thats diferent this time. I have the idea that Sophos sees it as a DDos or something, cause really a lot of packets get dropped.

One other thing, it is like you have to wait until a connection gets accepted. For example, the whole time it isn’t downloading at all, and then suddenly it is downloading with 7 MB/s. It hasn’t been faster than this, while I’ve downloaded with 10 MB/s from Ubuntus servers in the past.

Thank you really a lot for your time and effort!

Attached the log from the firewall

Fullscreen packetfilter.log Download

2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="78.11.98.70" dstip="[myPublicIP]" proto="17" length="126" tos="0x00" prec="0x00" ttl="112" srcport="8025" dstport="12660" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="179.216.60.30" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="119" srcport="15697" dstport="12660" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="108.61.228.109" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="120" srcport="51895" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="73.147.22.18" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="118" srcport="53313" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="45.124.145.50" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="116" srcport="39315" dstport="12660" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="108.61.228.109" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="122" srcport="5396" dstport="12660" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="91.210.105.207" dstip="[myPublicIP]" proto="6" length="60" tos="0x00" prec="0x00" ttl="56" srcport="62899" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="167.63.4.162" dstip="[myPublicIP]" proto="6" length="60" tos="0x00" prec="0x00" ttl="118" srcport="62667" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="68.39.131.71" dstip="[myPublicIP]" proto="6" length="60" tos="0x00" prec="0x00" ttl="53" srcport="24766" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="120" srcport="53374" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="47599" dstport="12660" 
2016:10:03-18:56:25 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="151.213.144.26" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="115" srcport="59056" dstport="12660" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="190.138.179.34" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="111" srcport="61185" dstport="12660" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="62.211.70.61" dstip="[myPublicIP]" proto="17" length="58" tos="0x00" prec="0x00" ttl="51" srcport="51413" dstport="12660" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="5.58.43.126" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="121" srcport="62690" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="109.110.155.49" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="111" srcport="12540" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="109.110.155.49" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="111" srcport="24731" dstport="12660" 
2016:10:03-18:56:26 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="93.108.146.69" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="119" srcport="8099" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="93.108.146.69" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="119" srcport="18516" dstport="12660" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="118.34.163.220" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="114" srcport="53145" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="118.34.163.220" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="114" srcport="10367" dstport="12660" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="82.170.50.8" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="60" srcport="53568" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="69.50.175.207" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="114" srcport="2247" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="46.18.67.93" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="120" srcport="19903" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="46.18.67.93" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="14964" dstport="12660" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="201.211.93.29" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="118" srcport="51837" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:27 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="73.147.22.18" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="118" srcport="53313" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="201.211.93.29" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="118" srcport="55498" dstport="12660" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="213.22.86.126" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="117" srcport="50193" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="1.52.124.61" dstip="[myPublicIP]" proto="17" length="132" tos="0x00" prec="0x00" ttl="113" srcport="37160" dstport="12660" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="61.219.68.63" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="114" srcport="51788" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="1.52.124.61" dstip="[myPublicIP]" proto="17" length="132" tos="0x00" prec="0x00" ttl="113" srcport="37160" dstport="12660" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:06:66:31:9f:09" dstmac="00:15:5d:bc:01:24" srcip="192.168.188.24" dstip="255.255.255.255" proto="17" length="144" tos="0x00" prec="0x00" ttl="255" srcport="80" dstport="55555" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="120" srcport="53374" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="47599" dstport="12660" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="62.211.70.61" dstip="[myPublicIP]" proto="17" length="58" tos="0x00" prec="0x00" ttl="51" srcport="51413" dstport="12660" 
2016:10:03-18:56:28 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="5.58.43.126" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="121" srcport="62690" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:29 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="182.58.105.247" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="118" srcport="11989" dstport="12660" 
2016:10:03-18:56:29 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="95.174.99.93" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="116" srcport="59146" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:29 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.103.46.226" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="122" srcport="19617" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:29 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="110" srcport="57178" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:29 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="110" srcport="30484" dstport="12660" 
2016:10:03-18:56:30 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="69.50.175.207" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="114" srcport="2247" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:30 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="120" srcport="51904" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:30 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="37321" dstport="12660" 
2016:10:03-18:56:30 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="213.22.86.126" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="117" srcport="50193" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:31 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="167.63.4.162" dstip="[myPublicIP]" proto="6" length="56" tos="0x00" prec="0x00" ttl="118" srcport="62667" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:31 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="190.138.179.34" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="111" srcport="59235" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:31 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="190.138.179.34" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="111" srcport="61185" dstport="12660" 
2016:10:03-18:56:31 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="95.174.99.93" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="116" srcport="59146" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:31 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.103.46.226" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="122" srcport="19617" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="109.110.155.49" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="111" srcport="12540" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="110" srcport="57178" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="109.110.155.49" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="111" srcport="24731" dstport="12660" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="110" srcport="30484" dstport="12660" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="82.170.50.8" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="60" srcport="53568" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="91.210.105.207" dstip="[myPublicIP]" proto="6" length="60" tos="0x00" prec="0x00" ttl="56" srcport="62899" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:33 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="46.18.67.93" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="120" srcport="19903" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="73.147.22.18" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="118" srcport="53313" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="46.18.67.93" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="14964" dstport="12660" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="121" srcport="51904" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="37321" dstport="12660" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="120" srcport="53374" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.102.56.216" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="47599" dstport="12660" 
2016:10:03-18:56:34 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="62.211.70.61" dstip="[myPublicIP]" proto="6" length="60" tos="0x00" prec="0x00" ttl="51" srcport="37069" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:35 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="5.58.43.126" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="121" srcport="62690" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:35 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="177.182.113.249" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="117" srcport="13468" dstport="12660" 
2016:10:03-18:56:35 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="177.182.113.249" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="117" srcport="60354" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:35 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="94.23.40.5" dstip="[myPublicIP]" proto="6" length="52" tos="0x02" prec="0x00" ttl="122" srcport="58363" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:36 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="69.50.175.207" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="114" srcport="2247" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:36 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="78.56.131.123" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="123" srcport="64367" dstport="12660" 
2016:10:03-18:56:36 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="129.56.254.176" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="116" srcport="53885" dstport="12660" 
2016:10:03-18:56:36 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="36.227.138.205" dstip="[myPublicIP]" proto="17" length="129" tos="0x00" prec="0x00" ttl="112" srcport="7854" dstport="12660" 
2016:10:03-18:56:36 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="213.22.86.126" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="117" srcport="50193" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="186.228.125.174" dstip="[myPublicIP]" proto="6" length="64" tos="0x00" prec="0x00" ttl="49" srcport="54777" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="186.228.125.174" dstip="[myPublicIP]" proto="17" length="58" tos="0x00" prec="0x00" ttl="49" srcport="13285" dstport="12660" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="117.192.0.124" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="112" srcport="25358" dstport="12660" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="117.192.0.124" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="119" srcport="52876" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="176.109.1.139" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="115" srcport="15282" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="186.137.175.161" dstip="[myPublicIP]" proto="6" length="52" tos="0x02" prec="0x00" ttl="112" srcport="64663" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="177.182.113.249" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="117" srcport="60354" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="00:06:66:31:9f:09" dstmac="00:15:5d:bc:01:24" srcip="192.168.188.24" dstip="255.255.255.255" proto="17" length="144" tos="0x00" prec="0x00" ttl="255" srcport="80" dstport="55555" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="177.182.113.249" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="117" srcport="13468" dstport="12660" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="95.174.99.93" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="116" srcport="59146" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:37 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="79.103.46.226" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="122" srcport="19617" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="94.23.40.5" dstip="[myPublicIP]" proto="6" length="52" tos="0x02" prec="0x00" ttl="122" srcport="58363" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="186.228.125.174" dstip="[myPublicIP]" proto="6" length="64" tos="0x00" prec="0x00" ttl="49" srcport="54777" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="110" srcport="57178" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="177.96.13.5" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="110" srcport="30484" dstport="12660" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="169.239.209.6" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="115" srcport="63633" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="200.6.238.149" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="109" srcport="17612" dstport="12660" 
2016:10:03-18:56:38 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x203c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="182.69.200.130" dstip="[myPublicIP]" proto="17" length="131" tos="0x00" prec="0x00" ttl="53" srcport="24266" dstport="12660" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="186.228.125.174" dstip="[myPublicIP]" proto="6" length="64" tos="0x00" prec="0x00" ttl="49" srcport="54777" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="6" length="48" tos="0x00" prec="0x00" ttl="120" srcport="51904" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="217.210.152.182" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="118" srcport="27300" dstport="12660" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="6c:9c:ed:15:11:8d" dstmac="[myPublicMAC]" srcip="217.210.152.182" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="118" srcport="62579" dstport="12660" tcpflags="SYN" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" mark="0x3c" app="60" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="190.157.41.85" dstip="[myPublicIP]" proto="17" length="48" tos="0x00" prec="0x00" ttl="120" srcport="37321" dstport="12660" 
2016:10:03-18:56:39 [mySophosserver] ulogd[4461]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth1" srcmac="a2:de:48:00:01:03" dstmac="[myPublicMAC]" srcip="117.192.0.124" dstip="[myPublicIP]" proto="6" length="52" tos="0x00" prec="0x00" ttl="119" srcport="52876" dstport="12660" tcpflags="SYN"

(link to log https://drive.google.com/file/d/0BwoVESK-l0ChZGltX1B2dF9PUW8/view?usp=sharing)

0 A.M. Heijboer over 8 years ago in reply to Emile Belcourt

Sorry, did't know that [ I P ] was becomming [IP]
Cancel
Vote Up 0 Vote Down

Cancel

Allow certain traffic

Submitted a Tech Support Case lately from the Support Portal?