Yes, I can confirm there are no untrust to untrust policies.
The untrust interface has one VIP port enabled. You mentioned previously however, that with the reject policy this should not apply. I will remove it.
As for internal attack, all possible computers were off at this time. Only one phone with access to WLAN had this access. WLAN access is restricted to selected mac devices as well. So very much unlikely, I would say.
This was the second time such an incident occurs, I ignored the first one, but now I am worried, especially since I have been using these firewalls elsewhere.
Regards