NethServer Version: 7.9
I have a question to better understand the behavior. I have had Thread Shield disabled for a while and only now re-enabled.
A look at the log files shows me:
Oct 10 09:33:42 ns-srv01 kernel: Shorewall:blacklst:DROP:IN= OUT=eth0 SRC=184.108.40.206 DST=220.127.116.11 LEN=700 TOS=0x00 PREC=0x00 TTL=64 ID=38601 DF PROTO=TCP SPT=2202 DPT=37480 WINDOW=227 RES=0x00 ACK PSH URGP=0
In my understanding, my server (18.104.22.168) tries to connect 22.214.171.124 an port 2202.
I can’t understand why it does that, I don’t have a dedicated connection set up or can’t remember. The port is identical to my customized SSH port. Coincidence?
I also can’t understand why Thread Shield blocks outgoing connections from my server IP.
My thread shield configuration
Information about the DST-IP
|ISP|Hop Off A Cloud LLC|
| — | — |
|Usage Type|Data Center/Web Hosting/Transit|
Am I missing something that is actually obvious?
Best regards, Marko
Ps: on the Analysis site, I can see the opposite information.