Using reForis, I recently added the Data Collection package in its default configuration (everything but SSH Honeypot). I see many new firewall rules and lots of logging of rejected wan packet in my kernel log.
I am also seeing a new, unpleasant behavior: 3 minute lock-ups. The Omnia will not even respond to ping from the lan. Sometimes they can be spaced 5 or 10 minutes apart. Other times I can go a full day with out an outage. But ultimately they always return.
I assume that this is some Omnia/OpenWrt defensive maneuver. Can anyone tell me what it is and how to track down the triggering culprit? Is there a way to reduce the time constant?
The new firewall rules are created by the dynamic firewall which is a part of the Sentinel (see https://docs.turris.cz/basics/apps/sentinel/). These rules are intended to block IP addresses collected by Turris routers worldwide and considered as attackers. If you don’t want to use this feature you can remove the Dynamic Firewall package.
The 3-minute lock-ups may be caused by shortages of memory or another resource. Unavailability by ping is probably a sign that the Linux kernel does some low-level waits, e.g. for releasing of some physical memory. Please send us the diagnostics data to tech.support@turris.cz. See https://docs.turris.cz/basics/support/ for more information.
@ljelinek Thanks for replying. Ultimately I discovered that the issue was a Luxul managed switch provided by my A/V contractor. I had never paid attention to it. Turns out that somehow its loop detection feature got turn on, along with a 180 second port shutdown. Once I turned it off (and rearranged some cabling) all has returned to normal. Again, thanks for you reply.