TLDR: The major drawback you might notice when multiplexing multiple channels on top of TCP (if you do it right) is an increased latency because of head-of-line blocking between the channels. Corollary: If you don't care about latency you should be fine. On the other hand using a single TCP connection “means less competition with other flows and longer-lived connections, which in turn lead

connect() on a TCP socket is a blocking operation unless the socket descriptor is put into non-blocking mode. The OS takes care of the TCP handshake, when the handshake is finished, connect() returns. (that is, connect() does not block until the other end calls accept())

IP address blocking - Wikipedia IP address blocking is a configuration of a network service so that requests from hosts with certain IP addresses are rejected.. Unix-like operating systems commonly implement IP address blocking using a TCP wrapper, configured by host access control files /etc/hosts.deny and /etc/hosts.allow.. IP address blocking is commonly used to protect against brute force attacks.

In "TCP:S", the S is the TCP flag. It's a "syn" flag, which means it is trying to establish a connection. There is a link at the bottom of the firewall logs page which explains what the flags mean. Most likely, you do not have the correct firewall rule in place to allow that traffic. You need both a NAT Port Forward entry and a firewall rule.

