Yes - the RESPONSE is on high ports - which your router would normally let in because they are in the state ESTABLISHED or RELATED (hole punching).
You can try blocking everything coming in on iptables - but you won't get any responses from anyone unless you let these packets in. Obviously your firewall was being too strict and disallowing them - and it kept trying on different ports. -- Next meeting: Blandford Forum, Wednesday 2011-03-02 20:00 Meets, Mailing list, IRC, LinkedIn, ... http://dorset.lug.org.uk/ How to Report Bugs Effectively: http://goo.gl/4Xue
