Menu
What's new
By:
Filters Better Search

Strange entries in my log

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

R

retzer

Occasional Visitor
Hello there, longtime listener, occasional caller. I have an AC68W (68U with a white case) running 386.5. I In researching a move to 5_2 I came across some strange entries in my log. Can you give me a clue as to what's going on here?

EXAMPLE:
Mar 27 13:04:19 kernel: *** ERROR: [send_redir_page:625] # redir_url=http://192.168.1.1:80/blocking.asp?cat_id=94&mac=52D72B244CB6&domain=feed-6009.coderformylife.info
Mar 27 14:10:23 kernel: *** ERROR: [send_redir_page:625] # redir_url=http://192.168.1.1:80/blocking.asp?cat_id=94&mac=D2290C28BB65&domain=click-on-this-now.online
Mar 27 14:11:25 kernel: *** ERROR: [send_redir_page:625] # redir_url=http://192.168.1.1:80/blocking.asp?cat_id=94&mac=D2290C28BB65&domain=special-offers.online

There are about a half-dozen URLs in the logs and all look sketchy. Several different MAC addresses are involved and they belong to variety of devices: Android phones, PCs, MacBook, iPhones. All of them seem to be functioning normally.
 
That appears to be AiProtection doing what you've asked it to. Those are all categorised as Dangerous/Scam.
 
Oh wow, thanks. I used to have a lot of notices in the AI Protection logs but that stopped some time ago after a firmware update, not sure why.
 
retzer said:
Oh wow, thanks. I used to have a lot of notices in the AI Protection logs but that stopped some time ago after a firmware update, not sure why.
Click to expand...
In my tests I did on 386.5alpha builds the log messages come from parental control filters, That is part of Trend Micro's stuff in the router.
Think something changed with the log level on Parental control part..
 
ColinTaylor said:
That appears to be AiProtection doing what you've asked it to. Those are all categorised as Dangerous/Scam.
Click to expand...
My logs contain similar messages but AiProtection is disabled.

The message comes from the kernel, but no further indication what sends it.
 
max0x7ba said:
My logs contain similar messages but AiProtection is disabled.

The message comes from the kernel, but no further indication what sends it.
Click to expand...
Asus also runs its own security daemon, may be related to that. If you aren't sure, do a hard factory reset and reconfigure by hand. If you have malware, that will remove it.
 
max0x7ba said:
The message comes from the kernel, but no further indication what sends it.
Click to expand...
No, the message comes from the firmware itself. It indicates a page was being blocked, either by AiProtection, or by Parental Control.
 
You must log in or register to reply here.

Similar threads

P
RT-AC86U running 386.7_2
Replies
6
Views
2K
polanskiman
P
T
RT-AX58U Auto Reboots (Next steps?)
Replies
4
Views
2K
NoTimeToDie
NoTimeToDie
SeCrEt BoY™
Is my network being hacked?
Replies
1
Views
12K
ColinTaylor
C
P
Issues with RT-AX92U running 388.2_2_0-gnuton1
Replies
6
Views
1K
tom.moughan
T
RocketJSquirrel
New log messages since updating to 386.1_2
Replies
3
Views
960
RocketJSquirrel
RocketJSquirrel
Similar threads
Thread starter Title Forum Replies Date
S Strange wired device? Asuswrt-Merlin 1
C Strange WAN connection issue Asuswrt-Merlin 9
R Some strange things in my log I'm hoping somone could take a look at Asuswrt-Merlin 6
E [HACKED?] SSH not working all of a sudden (and strange log lines) - RTAC87U Asuswrt-Merlin 17
RamGuy Strange packet loss with IPv6 going through my Asus RT-AX88U running 3004.388.4 Asuswrt-Merlin 7
S Strange issues with WireGuard client Asuswrt-Merlin 2
TheLyppardMan Strange things afoot! Asuswrt-Merlin 4
L merlin default iptables. why are there strange logdrops for specific pattens and ips? Asuswrt-Merlin 3
Volt To anyone who started seeing strange high CPU and memory usage - Merlin is not affected! Asuswrt-Merlin 12
U multiple entries using ‘arp-scan’ but not reflected in ‘arp’ command Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 741 (members: 28, guests: 713)
Top