Hi - first love the YouTube channel, very educational.
I am fairly new to PFSense, in the process of setting up a FW that provides VPN service for the entire family, as well as a DMZ where I host a server running a number of services including mail and XMPP.
Got the firewall rules and NAT working - using random high ports for SMPT and IMAP clients for forwarding these to port 25 and 143.
But - I must have enabled something odd - when checking the WAN FW rules today, a number of rules had been added, basically opening ports 25 and 143, forwarding these to … 25 and 143. The rules were created by ‘NAT Port forward’ .
Any clue on why these rules appeared in my firewall ? I do not wish to have low ports that frequently gets scanned and attacked open on my FW.
… one thought - I believe I switched from ‘Manual Outbound NAT’ to ‘Automatic outbound NAT’ - and back yesterday - would this generate rules on the WAN Interface ?
bt.w. Have Suricate enabled with blocking on the WAN interface - and found lots of block today- possibly related to the opened low ports.