I have built myself a SOHO network with two firewalls. I have a cable modem feeding WAN1 of a HotBrick 800/2
From there, I have a CAT-5 cable going from LAN1 of that 800/2 going to WAN1 of a HotBrick LB-2
I have configured both firewalls to filter out 130.126.0.0-130.126.255.255. I have even filtered ports 1:65535 (all of them) on the outer (800/2) firewall!
Here is my concern.I have downloaded and installed Analog-X's packet monitor
TTL Protocol Checksum SourceIP SourcePort TargetIP TargetPort
113 6 9B94 130.126.138.240 56193 192.168.0.101 1074113 6 9C07 130.126.138.240 56193
192.168.0.101 1074113 6 950C 130.126.138.240 56193
192.168.0.101 1074113 6 9507 130.126.138.240 56193
192.168.0.101 1074How is this possible? As I understand it, with the packet monitor running on a local computer, it monitors the IP address of the NIC card on that computer.and it sits behind two firewalls! Why does it see packets coming from an IP address that I am specifically blocking? Am I doing something wrong? How can I fix this?
Thanx