Help with a logged packet
Beefing up my firewall after reading some articles, I placed a rule to log and drop any packet coming in on my external interface with my IP as a destination. I did not think anything would show up (at least not from the external world) but I got multiple packets logged from 184.108.40.206 and220.127.116.11 of the following form:
What I cannot figure out is how these packets were routed. I am behind a NAT and the private IP (my address) that was used as the destination should not be reachable. How would one craft a packet to do this? And should I be concerned?
Firewalled: 192.168.1.7 IN=wlan0 OUT= MAC=a0:88:b4:9e:68:58:00:21:29:a5:86:4d:08:00 SRC=18.104.22.168 DST=192.168.1.7 LEN=40 TOS=0x00 PREC=0x20 TTL=189 ID=65206 DF PROTO=TCP SPT=80 DPT=46521 WINDOW=0 RES=0x00 RST URGP=1
Also, the rule that drops packets with my IP as the destination comes after the rule allowing all established packets through