Le ecureuil

With which client do you observe this error? Built-in Windows Explorer?

It's so-called CORS-preflight request, and is already fixed in version 4.3.

> components list draft > components commit This bunch of commands does exactly the same that you described.

Wrong size of the drive is the Windows' problem, we can't fix it. But of course, for the file with the size of 100 Mb everything should be ok. Do you encounter issues with the files of that size? Log entries seem to be unrelated.

Thank you for the report, will be fixed in the next 4.3 release.

Please attach the self-test file from your device.

You can put it of the USB flash drive, and then issue in the commandline > copy USBDRIVE:/image.bin ndm:firmware

Just wait for 4.3.A.10 (it will be available today in a couple of hours) and then go to command line via telnet, type in > components list draft > components commit and you will install the update. I suppose the problem with the System Settings page is already resolved in this release.

Maybe because NextDNS blocks some requests to adware or tracking domains? You can see in extended logs in you profile at NextDNS's site which requests were blocked.

opkg dns-override just releases the local resolver from the port 53 (because a user may want to bind their special service to the port 53). No, it's not a docker, just a group of subprocesses (with optional chroot). Connections to the outside are allowed by default (as, for example, for the download station). Connections from the internal network are allowed by default too (as, for example, for the web-interface server).

Installing or removing a component can only be done through reboot with the reflashing of the new repacked version of the software. So it's impossible to install/remove a component without a reboot.

Can you please try the cable with another gigabit device?

It has already fixed, please try the new release of 4.3 from the coming friday.

Вы лично DoH/3 пробовали в draft 4.2? Все хорошо работало?

1 - создаете этот интерфейс командой, вешаете на него IP-адрес, делаете его global (или нет), настраиваете маршрутизацию и firewall - вобщем все, что можно делать с интерфейсом наподобие wireguard. 2 - настраиваете IPsec site-to-site, и в нем привязываете этот интерфейс. Теперь в это соедиение идет не вообще весь трафик по политике, а только тот, что в интерфейс должен уйти. И наоборот - трафик удаленной стороны появляется не из "ниоткуда", а выходит из этого интерфейса. Также в такой конструкции можно сделать селекторы 0.0.0.0/0 (как в wireguard указывается allowed-ips 0.0.0.0/0), и дальше уже трафик полностью управляется роутингом и фаерволом.