ram and cpu seem ok:
View attachment 12353
You have *plenty* of RAM left..
Slu ratio still looking high after 22 hours
https://prnt.sc/issyui
I suggest going back to v2.0.1 and establish a baseline from your normal browsing activities first..
ram and cpu seem ok:
View attachment 12353
Slu ratio still looking high after 22 hours
https://prnt.sc/issyui
Slick. I didn't realize there were these things you could do on the fly with a URI, without ssl into the router.Mini How-To
1. temporarily turn on logging LEVEL to 4 (by using URI '/log=4'
2. watch your /tmp/syslog.log. You'll see which URL(s) go crazy.
3. reset logging LEVEL back to 1 (with URI '/log=1')
Slick. I didn't realize there were these things you could do on the fly with a URI, without ssl into the router.
I did find the blocked domain this way-- cdn-gl.imrworldwide.com. I can't find this in the web page source though, but it looks to be the A.C Neilsen cloud tracking.
That was two years ago. Those memory cells died long ago.2016-3-13 v35.HZ12.Kh
Out of curiosity, would this be an error in the coding of the website? I let that tab sit open for a half hour or so and its crossed 500,000 attempts. This is quite unusual for blocking, particularly if it is for AC Nielsen, which offers the ability to opt out of their tracking.What happened should be that one or more domains commonly exist in people's block list upsets fivethirtyeight.com. The website simply goes crazy and in desperate attempt to retrieve what it wants.
Without any domains blocked, the website doesn't look that crazy. Since in this case repeated attempts not hurting people's browsing experience, just let it be, rather than spending time to figure out and whitelist the 'wrongly blocked' domain(s).
Out of curiosity, would this be an error in the coding of the website? I let that tab sit open for a half hour or so and its crossed 500,000 attempts. This is quite unusual for blocking, particularly if it is for AC Nielsen, which offers the ability to opt out of their tracking.
My slu is crazy too. My network is one Linux desktop, one chromebook, three Android phones (all with Pixelserv CA imported and shown as trusted). AC86U, Entware is aarch64. Uptime just over 24 hours
pixelserv-tls 2.1.0-rc.1 (compiled: Mar 17 2018 21:02:52 flags: tfo) options: 192.168.1.2
87295 uts, 1 log, 1 kcc, 33 kmx, 1.10 kvg, 25 krq, 24245 req, 946 avg, 29645 rmx, 42 tav, 2533 tmx, 319 slh, 26 slm, 0 sle, 5073 slc, 18100 slu, 100 sct, 23084 sch, 207 scm, 182 scp, 0 sst, 91 ssh, 5039 ssm, 0 ssp, 173 nfe, 4 gif, 42 ico, 102 txt, 0 jpg, 8 png, 0 swf, 39 sta, 4 stt, 37 ufe, 0 opt, 63 pst, 0 hed, 99 rdr, 0 nou, 0 pth, 0 204, 38 bad, 271 tmo, 5240 cls, 0 cly, 0 clt, 0 err
Mar 18 19:07:46 Asu pixelserv-tls[16931]: client 172.31.0.2 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 19:41:40 Asu pixelserv-tls[16931]: client 192.168.1.3 ssl error:140760FC:lib(20):func(118):reason(252)
sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/install-beta.sh)"
Reinstalled and added -l 2 via AB-Solution. Got my hawkeye on!I just uploaded a rebuilt of 2.1.0-rc.1. It includes one debug trace on LEVEL 2. It looks like these in /tmp/syslog.log:
Code:Mar 18 19:07:46 Asu pixelserv-tls[16931]: client 172.31.0.2 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 19:41:40 Asu pixelserv-tls[16931]: client 192.168.1.3 ssl error:140760FC:lib(20):func(118):reason(252)
They will tell why slu is increment. So if you want to investigate slu issue, pls run pixelserv-tls with option '-l 2' to get the traces when they happen. You can install this beta by the same one-liner script.
Note that apart from the above difference the binaries are same as before. Also same version string but different compile time.Code:sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/install-beta.sh)"
Mar 18 10:22:03 pixelserv-tls[19030]: Listening on :192.168.2.2:80
Mar 18 10:22:08 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:22:16 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:22:29 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:22:31 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:22:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:23:38 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:23:58 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:24:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Got two hits. This is my Pixel 2 XL android 8.1 Oreo, totally stock, March security update and Pixelserv CA cert installed and trusted.
Mar 18 10:26:46 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:27:39 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048)
Mar 18 10:28:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
removed cert and reboot (no cert)
Mar 18 10:35:53 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:35:56 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:35:58 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:36:02 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
new cert and reboot
Mar 18 10:41:38 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:41:49 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:41:52 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 10:42:00 pixelserv-tls[2014]: client 192.168.1.6 ssl error:14094416:lib(20):func(148):reason(1046)
Nexus 7
Mar 18 10:45:00 pixelserv-tls[2014]: client 192.168.1.7 ssl error:14094416:lib(20):func(148):reason(1046)
Mar 18 14:46:27 pixelserv-tls[2014]: client 192.168.1.5 ssl error:1408A0E3:lib(20):func(138):reason(227)
I got this:
Code:Mar 18 10:22:03 pixelserv-tls[19030]: Listening on :192.168.2.2:80 Mar 18 10:22:08 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:22:16 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:22:29 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:22:31 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:22:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:23:38 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:23:58 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046) Mar 18 10:24:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Interestingly this is an android phone with cert installed.
Another one:
Code:Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:27 pixelserv-tls[19030]: client 192.168.2.20 ssl error:14094418:lib(20):func(148):reason(1048) Mar 18 10:28:57 pixelserv-tls[19030]: client 192.168.2.13 ssl error:14094416:lib(20):func(148):reason(1046)
Iphone with cert installed.
$ grep pixelserv-tls /tmp/syslog.log|grep 'ssl error'|grep -c 'reason(1046)'
admin@RT-AC68U-DF28:/tmp/home/root# grep pixelserv-tls /tmp/syslog.log|grep 'ssl error'|grep -c 'reason(1046)'
142
admin@RT-AC68U-DF28:/tmp/home/root# grep pixelserv-tls /tmp/syslog.log|grep 'ssl error'|grep -c 'reason(1048)'
48
Thread starter | Title | Forum | Replies | Date |
---|---|---|---|---|
C | Diversion Pixelserv replacement | Asuswrt-Merlin AddOns | 2 | |
L | Is Diversion better than NextDNS, PiHole or AdGuard Home? | Asuswrt-Merlin AddOns | 10 |
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!