Join Log in
Score:0
MrPeanut avatar Ubuntu

Why do I have dropped incoming packets from various IPs?

cn flag
MrPeanut

I have an Ubuntu VM serving as a WireGuard peer. My network only has my WireGuard port forwarded to my VM (51820 to 192.168.1.2). I think my iptables (below) are set up to only allow (1) SSH from my LAN (2) connections to my WireGuard port (3) SSH from my WG peer (4) related/established traffic and (5) loopback traffic.

However, I still seem to be dropping incoming connections to non-WireGuard ports, like so:

Feb 14 03:42:08 wireguard kernel: [672816.748776] DROPPED IN=ens3 OUT= MAC=b0:a4:66:b9:e6:0b:1b:73:02:d8:fa:6f:08:00 SRC=90.114.208.130 DST=192.168.1.2 LEN=40 TOS=0x00 PREC=0x00 TTL=50 ID=44010 DF PROTO=TCP SPT=443 DPT=34548 WINDOW=0 RES=0x00 RST URGP=0

MAC and SRC were randomized; however, the first part of the MAC is my VM's ens3 interface MAC address. The second part is close to the MAC of my router (last character is different).

Question: How can there even be an incoming connection request to ports other than 51820 when my router only has one port open and forwarded? Wouldn't the router simply drop those packets since the ports (e.g. 34548) aren't open?

iptables (for reference):

Chain INPUT (policy DROP 310 packets, 24890 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1     3155  218K ACCEPT     tcp  --  ens3   *       192.168.1.0/24       0.0.0.0/0            tcp dpt:22 ctstate NEW,ESTABLISHED
2        0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:51820
3        0     0 ACCEPT     tcp  --  wg0    *       10.6.0.2             0.0.0.0/0            tcp dpt:22 ctstate NEW,ESTABLISHED
4     175K  398M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
5      266 19635 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
6      310 24890 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0            LOG flags 0 level 4 prefix "DROPPED "

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 WG_wg0     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 23M packets, 32G bytes)
num   pkts bytes target     prot opt in     out     source               destination

Chain WG_wg0 (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 ACCEPT     all  --  *      wg0     0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
2        0     0 ACCEPT     all  --  wg0    *       10.6.0.2             0.0.0.0/0
3        0     0 DROP       all  --  wg0    *       0.0.0.0/0            0.0.0.0/0
4        0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0
80
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.