r7800 - repeating syslog message dnsmasq[19634]: NOT DNS Hijack mode!!!

Mariachi

Occasional Visitor
Since today I have many of these messages in the syslog.

Mar 29 18:50:00 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:01 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:03 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:04 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:05 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:06 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:07 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!
Mar 29 18:50:08 192.168.179.3 dnsmasq[19634]: NOT DNS Hijack mode!!!


Message pop's up every second. No clue why.
Firmware = Voxel V1.0.2.74.4SF + Entware + Kamoj

Note that syslog is configured to log remotely:
[email protected]:/www$ ps | grep syslog
4725 root 376 S syslogd -L -m 0 -T GMT-1GMT,M3.5.0/2:00,M10.5.0/2:00


Seem to have two dns-hijack versions / configs running ;) but not sure which one is what / why? .

[email protected]:/etc/init.d$ ps | grep dns
4338 root 208 S aclhijackdns
4721 root 380 S /usr/sbin/ntgrddns -c /tmp/ntgrdns.conf
19634 guest 972 S /usr/sbin/dnsmasq --except-interface=lo -r /tmp/resol

29894 root 404 S /bin/sh -c /usr/sbin/dns-hijack
29895 root 452 S /bin/sh /usr/sbin/dns-hijack


[email protected]:/etc/init.d$ echo $PATH
/bin:/sbin:/usr/bin:/usr/sbin:/opt/bin:/opt/sbin


Below the config files;

[email protected]:/etc$ cat dnsmasq.conf
# Filter what we send upstream
domain-needed
bogus-priv
localise-queries
no-negcache
cache-size=4096

[email protected]::/etc$ cat dnsmasq-resolv.conf
# Filter what we send upstream
domain-needed
bogus-priv
localise-queries
no-negcache
cache-size=4096

[email protected]::/etc$ cat resolv.conf
nameserver 208.67.222.123
nameserver 208.67.220.222
nameserver 8.8.8.8

 

Mariachi

Occasional Visitor
Running processes:

[email protected]:/etc/init.d$ ps
PID Uid VmSize Stat Command
1 root 388 S init
2 root SW [kthreadd]
3 root SW [ksoftirqd/0]
4 root DW [kworker/0:0]
6 root SW [migration/0]
7 root SW [migration/1]
9 root SW [ksoftirqd/1]
10 root SW< [khelper]
111 root SW [irq/202-msmdata]
280 root SW [sync_supers]
282 root SW [bdi-default]
283 root SW< [crypto]
284 root SW< [kblockd]
289 root SW< [ata_sff]
293 root SW< [spi_qsd.5]
296 root SW [msm-spi-thread]
307 root SW [khubd]
399 root SW< [modem_notifier]
401 root SW< [smd_channel_clo]
402 root SW< [smsm_cb_wq]
427 root SW< [qmi]
456 root SW< [nmea]
458 root SW< [rpcrouter]
474 root SW [kswapd0]
519 root SW [fsnotify_mark]
548 root SW< [smux_notify_wq]
549 root SW< [smux_tx_wq]
550 root SW< [smux_rx_wq]
551 root SW< [smux_loopback_w]
567 root SW [scsi_eh_0]
582 root SW [mtdblock0]
587 root SW [mtdblock1]
592 root SW [mtdblock2]
597 root SW [mtdblock3]
602 root SW [mtdblock4]
605 root SW [kworker/1:1]
608 root SW [mtdblock5]
613 root SW [mtdblock6]
618 root SW [mtdblock7]
623 root SW [mtdblock8]
628 root SW [mtdblock9]
633 root SW [mtdblock10]
638 root SW [mtdblock11]
643 root SW [mtdblock12]
653 root SW [mtdblock13]
666 root SW [ubi_bgt0d]
673 root SW [mtdblock14]
682 root SW [mtdblock15]
691 root SW [mtdblock16]
700 root SW [mtdblock17]
709 root SW [mtdblock18]
718 root SW [mtdblock19]
766 root SW< [usbnet]
786 root SW< [iewq]
787 root DW [kinteractiveup]
796 root SW< [msm-cpufreq]
800 root SW< [rq_stats]
807 root SW< [deferwq]
1287 root SW [ubifs_bgt0_5]
1325 root 252 S init
1343 root 308 S klogd
1346 root 3188 S /bin/datalib
1373 root 240 S /sbin/watchdog -t 5 /dev/watchdog
1402 root SW< [cifsiod]
1419 root SW< [gmac_workqueue]
1425 root SW< [nss_freq_queue]
1426 root SW< [coredump_wait]
1456 root SW< [bond0]
1579 root SW [scsi_eh_1]
1580 root SW [usb-storage]
1604 root SW [kworker/0:2]
1610 root 540 S /sbin/hotplug2 --override --persistent --set-rules-file /etc/hotplug2.rules --set-coldplug-cm
1816 root 340 S /sbin/ubusd
1872 root 948 S /usr/sbin/haveged -w 1024 -d 32 -i 32 -v 1
2011 root SW< [ecm_nss_ipv4_wo]
2012 root SW< [ecm_nss_ipv6_wo]
2019 root 244 S /usr/bin/detcable 2
2462 root SW [kworker/1:2]
2522 root 376 S udhcpd /tmp/udhcpd.conf
3724 root DW [kworker/u:2]
3817 root SW [jbd2/sda1-8]
3818 root SW< [ext4-dio-unwrit]
4086 root 336 S /usr/sbin/net-scan
4090 root 288 S lld2d br0
4111 root SW [flush-8:0]
4318 root 312 S /usr/sbin/uhttpd -h /www -r R7800 -x /cgi-bin -t 40 -p 0.0.0.0:80 -C /etc/uhttpd.crt -K /etc/
4331 root 536 S /usr/sbin/uhttpd -h /www -r R7800 -x /cgi-bin -t 40 -p 0.0.0.0:80 -C /etc/uhttpd.crt -K /etc/
4333 root 392 S inetd
4338 root 208 S aclhijackdns
4438 root 304 S sleep 501
4559 root 232 S /usr/bin/hd-idle -i 1800
4721 root 380 S /usr/sbin/ntgrddns -c /tmp/ntgrdns.conf
4725 root 376 S syslogd -L -m 0 -T GMT-1GMT,M3.5.0/2:00,M10.5.0/2:00 -c 1151 -R 192.###.###.### (# = hidden)
4766 root 256 S potd
4768 root 180 S potval
4769 root 472 S /bin/sh /usr/sbin/netconn.sh
4830 root 352 S /sbin/traffic_meter
4873 root SW [ telnetDBGD ]
4874 root SW [ acktelnetDBGD ]
4875 root SW [checkSBusTimeou]
4877 root SW [NU TCP]
4878 root SW [NU UDP]
4879 root 420 S /sbin/KC_BONJOUR
4880 root 456 S /sbin/KC_PRINT
5048 root 468 S /bin/sh /sbin/check_status.sh
5201 root 276 S /usr/sbin/dropbear -p 192.###.###.###:### -a -s -P /var/run/dropbear.pid (# = hidden)
5387 root 560 S /bin/sh /usr/bin/addon_info_update.sh start_addon_functions
5388 root 560 S /bin/sh /usr/bin/addon_info_update.sh start_addon_functions
5389 root 536 S /bin/sh /usr/bin/addon_info_update.sh start_addon_functions
5390 root 448 S /bin/sh /usr/bin/addon_info_update.sh start_addon_functions
5923 root 1192 S /usr/sbin/smbd -D
6139 root 1572 S /usr/bin/transmission-daemon -g /tmp/transmission-gui
6265 root 1176 S hostapd -P /var/run/wifi-ath1.pid -B /var/run/hostapd-ath1.conf -e /var/run/entropy-ath1.bin
6267 root 312 S hostapd_cli -i ath1 -P /var/run/hostapd_cli-ath1.pid -a /lib/wifi/wps-hostapd-update-uci -p /
6438 root 916 S /usr/sbin/nmbd -D
6444 root 736 S /usr/bin/dbus-daemon --system
6458 root 1180 S hostapd -P /var/run/wifi-ath0.pid -B /var/run/hostapd-ath0.conf -e /var/run/entropy-ath0.bin
6460 root 312 S hostapd_cli -i ath0 -P /var/run/hostapd_cli-ath0.pid -a /lib/wifi/wps-hostapd-update-uci -p /
6481 root 1160 S avahi-daemon: running [R7800.local]
6556 root 596 S /usr/sbin/lbd -d -C /tmp/lbd.conf
6572 root SW [kworker/u:3]
6629 root 1552 S /usr/sbin/afpd -F /etc/netatalk/afpd.conf -P /var/run/afpd.pid -c 7
6631 root 456 S /bin/sh /usr/sbin/check_time_machine
6740 root 27012 S netdata
6748 root 2460 S snmpd -c /opt/etc/snmp/snmpd.conf
6769 root 1760 S /opt/bin/fping -N -l -Q 5 -p 400 -R -b 56 -i 1 -r 0 -t 5000 192.###.###.### 10.###.###.### 192.### (# = hidden)
6770 root 2152 S /opt/lib/netdata/plugins.d/apps.plugin 2
7698 root 308 S sleep 60
7984 root 304 S sleep 17
8069 root 304 S sleep 60
8117 root 304 S sleep 11
8172 root 304 S sleep 60
8285 root 304 S sleep 13
8304 root 304 S sleep 3
8328 root 404 S /bin/sh -c /usr/sbin/dns-hijack
8329 root 452 S /bin/sh /usr/sbin/dns-hijack
8332 root 304 S sleep 1
8333 root 408 R ps
10586 root 368 S /usr/sbin/aws-iot
10599 root 292 S /usr/sbin/icqm
12691 root SW [kworker/u:1]
14287 root DW [kworker/u:0]
15427 root 644 S /usr/sbin/dropbear -p 192.###.###.###:### -a -s -P /var/run/dropbear.pid (# = hidden)
15582 root 564 S -ash
18326 root 644 S /usr/sbin/dropbear -p 192.###.###.###:### -a -s -P /var/run/dropbear.pid (# = hidden)
19185 root 568 S -ash
19393 root 304 S udhcpc -b -i brwan -h r7800 -r 0.0.0.0 -N 83.82.246.142
19533 root 320 S /usr/sbin/ntpclient
19610 root 384 S /usr/sbin/crond -c /tmp/etc/crontabs -T GMT-1GMT,M3.5.0/2:00,M10.5.0/2:00
19634 guest 988 S /usr/sbin/dnsmasq --except-interface=lo -r /tmp/resolv.conf
20895 root 644 R /usr/sbin/dropbear -p 192.###.###.###:### -a -s -P /var/run/dropbear.pid (# = hidden)
21390 root 572 S -ash
22819 root 2028 S /usr/sbin/openvpn /tmp/openvpn/server_tap.conf
22820 root 2604 S /usr/sbin/openvpn /tmp/openvpn/server_tun.conf
24301 root 1664 S bash /opt/lib/netdata/plugins.d/tc-qos-helper.sh 2
28218 root SW [kworker/0:3]
29406 root SW [kworker/u:4]
30337 root 464 S /bin/sh /sbin/check_status.sh
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top