Actually, even with the setting I get those logs. Strange…
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2a06:98c1:50::ac40:219a port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2400:cb00:2049:1::a29f:408 port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2803:f800:50::6ca2:c19a port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2803:f800:50::6ca2:c19a port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2606:4700:58::adf5:3b9a port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2400:cb00:2049:1::a29f:209 port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2400:cb00:2049:1::a29f:937 port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2400:cb00:2049:1::a29f:30b port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2400:cb00:2049:1::a29f:837 port 53
Dec 17 13:52:30 turris unbound: [10796:0] error: udp connect failed: Permission denied for 2a06:98c1:50::ac40:219a port 53
No, because package Adguard Home is just available in OpenWrt snapshots and it is going to be part of OpenWrt 21.xx (for developers, there is a branch hbd). If you want to use Adguard Home on OpenWrt 19.07, you will need to compile the package yourself.
I guess it’s the firewall doing its job. My log is similar to yours with a lot of entries. They are packets rejected on the wan port by the pppoe-wan interface with origin “malicious IP address” to the destination “your IP address”. If you do a search, for example on ipinfo.io, you will see that the source addresses are rental servers or automatic port scanning service or similar.
This is a standard function of firewall - all unrecognized packets from the internet are either dropped or rejected.
Limited (to avoid flooding system log with attempts) number of packets are logged so you may know something happened
Routers usually either drop packets or reject them.
Rejections gives sender an information about packet being rejected, which is useful for example for connections that have been closed.
TOS uses DROP for packets from IPs blacklisted by sentinel, reject otherwise.
No. I didn’t know it. I’ll have a look and test it later…
OK, I read all documents and I’m sorry i’ll don’t follow it… even though I’m willing to experiment little bit, it seems too risky to me… there is too much risk of bricking my MOX I don’t have UPS, I don’t know where I could obtain needed USB TTL serial adapter in case I’d brick my MOX… it’s too complicated (even if I’m not, hopefuly, no noob or BFU), but my knovledge of UNIX/Linux is not sufficient for such a task…
Thus I’ll have to withstand “smaller” problems with unsuccesful reboots than to risk bricking my MOX and being not able to repair it…
Here goes another RC version of Turris OS 5.1.5 and hopefully the last one!
The difference is that we have the latest commit (for now) from packages feed and its branch openwrt-19.07. Commit hash: 7707d2d78c30fafbdf3723fd49557a145d41e8ea
So, Turris 1.x and Turris Omnia has available to install newer versions of these two packages: nextdns and haproxy. Turris MOX has just haproxy.