So, normaly it could not be, because my traffic from win maschine is routing through a VPN and all other traffic is blocked. But in the connection overview from Ipfire I see 3 established connections with leasetime over 100h on Port 443.
windowsmaschine->WANIP —> MS-Server 443
Normal all connections from system should go over IPfire Squid Proxy or were blocked with winfirewall, but never direct connection, over eth0.
windowsmaschine->IPfire —>WANIP
and
WANIP ---->> TargetIP
I tried FW rules to stop this, I bull the cable for 2 minutes, but this 3 connections are not stopable.
Is Ipfire gui playing tricks with me?
I downloaded wirkshark on win maschine, listen on eth0, but nothing, I found nothing related to this 3 connections.
btw wireshark is stunning me, it scans every single package, i never saw this little 64KB packages so big, holy shit what a mass of data.