TP, Firewall, or _______?

Currently reading
TP, Firewall, or _______?

Jan Janowski

Jan Janowski

Trophy Media Resource Donator
1,318
262
NAS
DS 718+, 2x-DS 720+
Router
  1. RT2600ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
Been considering posting this for a while now.
RT2600ac, Latest firmware, with TP and firewall running.
When I go into TP/Statistics, I see probes from China. TP blocks them. Good.
When I go into Firewall, I see all probes from China IP are blocked, and hits indicating it happened, yet in TP it posts IP from China, that’s blocked. Confusing, but Good.
Questions:
Is TP Statistics showing what’s hitting router Before TP Does it’s work? OR, After TP does it’s work?? Does Statistics show TP being applied Before, or After Firewall? OR, is Firewall IP Region block being circumvented, say by impersonating an IP from a country whose region is NOT being blocked? And if that is true, then, why does TP indicate a China IP?

I’m just trying to determine what I’m observing.

Thanks for any clarifications!
 
Sort by date Sort by votes
In addition to the above.... At the bottom of Firewall list of rules is a rule that indicates if nothing in the above rules are matched, Deny ALL Access..... So I in affect have 2 rules in Firewall blocking China... so if someone circumvents one, the other should be active later down the list.... and that, too is getting "Hits"... Yet TP still shows a China "Event" that's blocked...
 
Upvote 0
Found communications from years ago, buried in printouts.
Different routes depending on inward or outward direction of packet.
Inbound appears to be TP then Firewall.
Outbound appears to be Firewall then TP.

Am I to assume that TP, Firewall and SA all react to different types of threats, and one could conceivably ‘get through’ one to be stopped by another??

Just trying to get my head around what I’m seeing — looking for confirmation or correction.

Again, looking forward to any corrections.
Thanks….
 
Upvote 0
Jan Janowski said:
Am I to assume that TP, Firewall and SA all react to different types of threats, and one could conceivably ‘get through’ one to be stopped by another??
Click to expand...
Yes.

As for the China scenario: FW works with packet header data not payload, so will block on that only. TP may consider payload data like XFF or any client env info.

I’m sure you were part of a thread at The Community that discussed which feature applied in what order. There was a flow diagram if I recall.
 
Upvote 0

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Similar threads

H
Cloudflare tunnel firewall rules
Hello! Yes I did indeed find the problem, there are some special firewall rules that you need to make for...
Replies
4
Views
895
huewho
H
R
  • Question
SRM Firewall Deny Hits
OOOps running SRM 1.3.1 Update 6
Replies
1
Views
933
rfasano
R
C
Failed to apply the firewall profile
You are right. I think I'm getting this error because I can't allow cloudflared.
Replies
2
Views
1,277
caglar
C
Jan Janowski
On one only 720+ (Redundant Synology Drive Entry in firewall)
All 3 NAS's are set that way.... FIREWALL AND NOTIFICATIONS ARE CHECKED I have in the past seen and...
Replies
2
Views
1,116
Jan Janowski
Jan Janowski
Nicolas FR
  • Question
Basic firewall rules for beginners
Generically you would. 1. Allow specific IPs/Ports from your local LAN 2. Allow specific IP/Port for VPN...
Replies
5
Views
5,330
Telos
Telos
N
Does Quick Connect bypass firewall settings?
QuickConnect Relay uses a client connection created from the NAS outbound to the Synology servers. This...
Replies
2
Views
3,720
fredbert
fredbert
N
Stubborn IP camera and firewall rules.
Morning lads I'm having some issues with with an IP camera I recently bought (Reolink e1 pro), I've...
Replies
0
Views
1,427
nobodyimportant
N

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Register

Trending threads

Back
Top