Hello,
I have an RB433 running v5.20 and I have it setup as follows:
eth1 - static IP WAN Connection
eth2, eth3 and wlan1 are in a bridge and setup for hotspot - dhcp server enabled on bridge
Everything is working but, I have a lot of logs from the firewall of the following:
firewall,info input: in:ether1 out:(none), src-mac 00:02:5d:1c:64:4e, pro
to TCP (ACK,FIN), 74.125.142.188:5228->64.9.40.xxx:33250, len 52
There are several lines of this log and this happens on different ports. I just want to be sure I am reading this correctly. The TCP address 74.125.142.188:5228 is trying to gain access to the ip address 64.9.40.xxx. This 64.9.40.xxx address is the eth1 on the the RB433 and there are about 80 stations(users) behind it, could this be a virus or hacker attempt? Should I just block this ip address completely? Thanks for your thoughts on this.