Can anyone explain what kind of attack this is? How could an attacker discover my router's local private DNS address given router's outbound traffic is NATed via a masquerade rule? My firewall is blocking this traffic, but I'm currious.
Drop_WAN_Input input: in:ether1 out:(unknown 0), src-mac xx:xx:xx:xx:xx:xx, proto TCP (SYN), 111.7.96.178:36152->10.0.0.1:53, NAT 111.7.96.178:36152->(xx.xxx.xxx.xxx:53->10.0.0.1:53), len 52
Thanks