[jauch888888]

Hi,

Do you know how to remove those in the syslog, I have many.
here some infos:

[ho1Aetoo]

This is the "stop DNS rebind" option in the dnsmasq options.

This blocks DNS responses in which private or strange IP addresses are returned.

For example, strange IP addresses are returned when you use DNS servers with blackhole filters.
Then for blocked DNS requests e.g. 0.0.0.0 is returned as IP address and then dnsmasq shows you such log entries

So there's nothing to remove.
You can of course deactivate "stop DNS rebind", but this also deactivates a security layer

[dale_gribble39]

Android devices and some apps tend to bind a DNS address to the device IP, which results in this. iPhones and iPads also have similar issues, as do other IoT devices. It's negligible and normal for this to appear in syslog. There are workarounds, but it's usually unnecessary unless functionality of something breaks.

[jauch888888]

thank you both of you.

[jauch888888]

[egc]

It looks like you are visiting websites which do the rebind attack.

Your dns settings have some conflicting settings.
e.g. all-servers vs strict-order and using dns via WG is not compatible with dnscrypt.

Maybe read up on the subject e.g. the VPN and DNS guide see the WG documentation which is a sticky in the Advanced Networking forum.

For secure DNS using smartDNS is often the easier/better choice

[jauch888888]

[Alozaros]

The log you showing says that someone on WAN side is trying your SSh (dropbear) and very likely
you misconfiguration it, as you left remote SSh enabled (may be you wanted this as you are using it..).....good bit is they didn't establish connection...as key didn't match..and this is the expected behavior...

To me its normal as do have those reports on my WAN ssh and i don't bother...but, it seams you need a lots of things to learn...and forum has it all, tons of knowledge, details, scenarios and ect.
Nobody will be able to pour all the knowledge with funnel in a one go, learning takes time, patience, reading and understanding the matter...

Before applying any settings, check what those are doing and spend some time for research...don't rush take your time...

DDWRT log has lot of diagnostic data and some normal and expected lines that may feel, that something is broken...me myself i do research too especially, when something new to me comes out...so, don't get scared of the log...more likely learn how to set up your device, as it should...

Good Luck !

[jauch888888]

[kernel-panic69]

"Limit **** access" on the firewall page opens up the ports. Of course it's going to show attempts to connect. That's how it works. Also, if you have ssh remote access enabled, there will be connection attempts shown, that's how it works. At least you are using key access and no matching keys are being used. And that is my cue to post and vacate.