Yet another big difference is the last rule which drops all new connection attempts within the WAN port to our LAN community (Until DstNat is employed). With no this rule, if an attacker is aware of or guesses your local subnet, he/she can establish connections directly to nearby hosts and https://wbofficial.com
