Not an issue as those IPs aren’t bothering me but I’m wondering what are those incoming IPs on port 443 ?
What is the purpose of testing 443? is it a bot, is it a server measuring up time of my node?
Do you also have those type of IPs trying to reach your producer?
( use command netstat -tn 2>/dev/null )
Yes, port that I dont use are indeed all blocked.
Its trying to connect but status is TIME_WAIT.
I had the impression that a bot trying 443 is a king of ping to check if the server is alive?
I mean, does it happen on yours for instance, do you also see those type of bots?
Do you have any process running in the block producer machine that is using the port 443? you can run netstat -nap | grep 443 to see that, maybe you gonna need to run sudo apt install net-tools.
Don’t forget to block all ports to the external world in the block producer, only the relay should have access to the BP.
If the port is open to the internet, you can expect hits in your webserver scanning your application trying to find vulnerabilities.