xBotRaid Posted November 6, 2022 Share Posted November 6, 2022 Hello! Have been running Unraid for many years now. Haven't had an issue since. Changed some things recently, switched from SWAG w/ Authelia to Traefik w/ Authentik. Now just a few days ago (about a month after the switch) I wasn't able to access any of my services (except a few like, HOOBS and SABnzbd). Also the unraid console was not accessible anymore via the web. I tried connecting via SSH as well but no luck. So I restarted, and the issue was gone. After a few days it happened again. Was able to get some logs (I think around the time it happened). The logs are repeating (see snippet below). Now I am a bit scared since it could be a malicious attack. Does anyone know what this could be and what the best action is in this scenario? Is this normal? (syslog attached) Snippet of logs: Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth12f536f) entered disabled state Oct 29 22:42:42 RaidByte kernel: device veth12f536f left promiscuous mode Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth12f536f) entered disabled state Oct 29 22:42:42 RaidByte avahi-daemon[6274]: Withdrawing address record for fe80::ccb2:fff:fee0:8c6c on veth12f536f. Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth4476eb3) entered blocking state Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth4476eb3) entered disabled state Oct 29 22:42:42 RaidByte kernel: device veth4476eb3 entered promiscuous mode Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth4476eb3) entered blocking state Oct 29 22:42:42 RaidByte kernel: br-cfc1bfc30214: port 6(veth4476eb3) entered forwarding state Oct 29 22:42:42 RaidByte kernel: eth0: renamed from veth14953d6 Oct 29 22:42:42 RaidByte kernel: IPv6: ADDRCONF(NETDEV_CHANGE): veth4476eb3: link becomes ready Oct 29 22:42:44 RaidByte avahi-daemon[6274]: Joining mDNS multicast group on interface veth4476eb3.IPv6 with address fe80::c08d:9dff:fe83:4f91. Oct 29 22:42:44 RaidByte avahi-daemon[6274]: New relevant interface veth4476eb3.IPv6 for mDNS. Oct 29 22:42:44 RaidByte avahi-daemon[6274]: Registering new address record for fe80::c08d:9dff:fe83:4f91 on veth4476eb3.*. Oct 29 22:43:13 RaidByte kernel: veth13dc14e: renamed from eth0 Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethda2cfd0) entered disabled state Oct 29 22:43:13 RaidByte avahi-daemon[6274]: Interface vethda2cfd0.IPv6 no longer relevant for mDNS. Oct 29 22:43:13 RaidByte avahi-daemon[6274]: Leaving mDNS multicast group on interface vethda2cfd0.IPv6 with address fe80::f0f8:51ff:fefe:d0c5. Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethda2cfd0) entered disabled state Oct 29 22:43:13 RaidByte kernel: device vethda2cfd0 left promiscuous mode Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethda2cfd0) entered disabled state Oct 29 22:43:13 RaidByte avahi-daemon[6274]: Withdrawing address record for fe80::f0f8:51ff:fefe:d0c5 on vethda2cfd0. Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethc8db68e) entered blocking state Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethc8db68e) entered disabled state Oct 29 22:43:13 RaidByte kernel: device vethc8db68e entered promiscuous mode Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethc8db68e) entered blocking state Oct 29 22:43:13 RaidByte kernel: br-cfc1bfc30214: port 7(vethc8db68e) entered forwarding state Oct 29 22:43:14 RaidByte kernel: veth14953d6: renamed from eth0 Oct 29 22:43:14 RaidByte kernel: br-cfc1bfc30214: port 7(vethc8db68e) entered disabled state Oct 29 22:43:14 RaidByte kernel: br-cfc1bfc30214: port 6(veth4476eb3) entered disabled state syslog.1.txt Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.