how come on a natted port 80 a blocked ip can still telnet in

Gerard64

Still there is a difference:

Wen i remove the port 80 from the http_https ports alias i get a different outcome a timeout.
Wen i add port 80 to the http_https ports alias i get a connection with telnet on port 80.

And in both these tests a different log entry.
The first a block on the public ip and the second on the local ip of the webserver.

Specially since somebody is hitting my pfsense box this way, for several days, with a lot of different ip addresses all day and night.

I don't know what his plan is but i am not comfortable with it.

KOM

I've explained everything already and I don't know what else to tell you.

Gerard64

Oke i understand.
Thank you a lot for helping and thinking with me.
I am not yet reassured but that's probably my stubborn brain i am sorry for that.

Good night sir.

Gertjan

@Gerard64 said in how come on a natted port 80 a blocked ip can still telnet in:

But i don't want to put that information out on a forum.

Here a my WAN rules :

Tell, me : am I at risk now ?

Btw : I was one NAT rule : the one that gives "Source" hosts access to my "diskstation".

edit : the NAT rule :