I am monitoring my traffic and noticed several TCP (ACK, PSH) connection attempts on my router's input chain, which gets dropped by my firewall.
The log looks like that:
Dropping input: src-mac 9c:80:df:a0:8a:dd, proto TCP (ACK,PSH), 22.214.171.124:443 (google ip) ->192.168.1.2:40382 (my router IP), len 115
Obviously this is dropped because my last rule on my input chain is to drop packets.
I do not understand the TCP protocol well enough, so sorry if this is a bit naive, but why is the request directed to my router?
I have various devices that uses google services and probably third party software as well, but it is very confusing to me, why the packet is actually sent to the router and not nat'ed to a device in my network (which would be the forward chain, right?).
I have not yet noticed a degraded experience with my devices regarding google products. Software updates, push notifications etc all seem to work correctly.