I recently got the urge to do a security review of a network I manage with a Linksys Router. It was running the latest version of dd-wrt with a set of unmodified (as best I knew) firewall rules. I had a scare when the first thing I saw was:
root@DD-WRT:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT 0 -- u12-20.dsl.vianetworks.de anywhere ACCEPT 0 -- newmedia.bensheim.manet.de anywhere ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED --cut--
Apparently this is a known issue with the vpn version of dd-wrt v24 sp1. I could only find one reference to it on the internet here. The form thread explains a few ways to disable it and a fix has been checked into the main source tree. It was still a little unnerving considering this was the first thing I looked at!