I'm sure this is a very stupid question, but I have to ask. While monitoring firewall traffic today, I noticed some traffic coming in from my WAN interface, from an IP in a private range (10.x). I have a port forwarding dnat rule and the rule apparently allowed this spoofed IP to come in to that port forward. Shouldn't the utm automatically block invalid packets? Do I have something misconfigured?
↧