auto dst-nat rule

befire · April 10, 2008, 6:38pm

hello everybody ,
i have MT3.7 sudenly i see in firewall nat some dst-nat rules that i didn’t created.
any help.
best regards

SurferTim · April 10, 2008, 9:29pm

Greetings!

That is a little vague. Some program setups add rules to /ip firewall nat. The hotspot install, for example, adds a srcnat rule if you select the default “masquerade network?” question. Set up any new services lately?

A dstnat rule would be like putting some device in the “DMZ”. Like a web server or email server that is on the local net that you want exposed to the internet. If you feel it would not compromise your security, can you show us the new rule?

Does your log show any hack attempts? And your password is longer than 8 characters and not in a dictionary, right?

EDIT: And not EVERYONE has a long password! I bet there are users out there right now reading this that have not even set the password yet.

gmsmstr · April 10, 2008, 9:36pm

Everyone has that long 8 char password!

Keep in mind that if you reset it or sometimes , some stock rules can come in if it was reset. Not saying it was, but the only way it could have new rules, would be if someone else got into it.

befire · April 11, 2008, 2:20pm

thank you for ur reply,

there is no hack attemp i’m totally secure the rules has the letter “D” in the beguining,all the rules are dst that redirect my pc’ip “192.168.0.5”(winxp professional) to my others network pcs’s ip, and the rules not shown any activities,just created. i tried to deleted and after a while they appear again.
best regards

gmsmstr · April 11, 2008, 2:28pm

Dynamic rules? you have hotspot turned on? These are rules that the system created cause you told it to enable something somewhere else. First thing that comes to mind is hotspot.

changeip · April 11, 2008, 4:05pm

actually it’s probably uPNP that got enabled.

befire · April 11, 2008, 5:11pm

yes i have UPNP enabled. 10x mate when i disabled the rules disappear but i need UPNP so there will not be any damage from these auto rules if i enabled ?
best regards

jcremin · April 11, 2008, 8:48pm

Well, UPNP can be very dangerous if you have any malicious software on your computer. I would only enable it if absolutely necessary. Otherwise just map the ports manually.

befire · April 12, 2008, 12:14pm

well i enabled to allow my customers show msn cams from eatchother without taking bandwidh from my internet.so should i stop the upnp ?
best regards

jcremin · April 29, 2008, 11:58pm

if it is working, you can probably leave it alone, but just be aware that upnp can be a security risk.