Sat Jan 27, 2024 10:38 am
Thanks for the answer.
I know about this. Several years ago, I already set up the “Mangle Rules” and monitored the traffic; nothing unnecessary was included in the rules. I think it was ROS 6+. But now I couldn’t understand why I see packets that shouldn’t be there, for example packets where a host with a port in the 10000-2000 range accesses the DNS (53 UDP).
For example: In Torch I see Src.Port UDP:22345, Dst.Port:UDP:53. This falls into the rule shown above. Because "Reply Dst.Port" belongs to the range 10000-2000.
I observe this behavior not only with VoIP providers, but also with connections via VPN. (IPIP+IPSec).
There is only one solution, indicate addresses?