Feb 8 14:47:55 localhost kernel: IN=eth0 OUT= SRC=220.127.116.11 DST=192.168.x.x LEN=455 TOS=0x00 PREC=0x00 TTL=49 ID=33745 DF PROTO=TCP SPT=80 DPT=58709 WINDOW=54 RES=0x00 ACK PSH URGP=0
The Source is Ask.com, the DST is my webserver, but take a look at the Ports. SRC port 80? DPT 58709? Anyone else see anything like this? This is being denied at my firewall because of my ESTABLISHED,RELATED line. So, the connection was not made from here. It's initiated from the outside.
What's going on over there at Ask.com?