Got any Chinese alibaba mystery hardware on your network? Generally those cdn’s are content delivery networks, pushing data from the edge, locally, at high speed.
I’ve been seeing weird stuff in my logs too, but I have some junk that should probably live on a vlan like a vesync air purifier that phones home and crap like that.
Your answers confirm my surprise as I did not expect to see such things emanatingfrom TrueNAS itself. Been using it since FreeNAS 9.3 and there’s nothing else I would want to use.
Good to hear that those running software similar to pfBlockerNG are not seeing such logs and that these attempted connections will be from something else running on the TrueNAS host.
I am running a few Docker containers:
dockge (with the usual *arr stack for “all those Linux ISOs” )
dozzle
emby
freshrss
glances
immich
it-tools
nginx-proxy-manager
open-speed-test
scrutiny
syncthing
All Docker containers share the same IP (apart from Nginx) and are accessible via an individual hostname thanks to HAProxy (I am a software developer but shamefully, a bit of a networking n00b). No ports open to the outside world.
No mystery Chinese hardware. I know it’s all the rage at the moment but I have been disinclined to follow along with the trend.
2x 2019 MacBook Pros
A QNAP TVS-h1688X which is running TrueNAS CE 24.10.2.2 (maybe that counts as mystery hardware)
“My first ZFS server”: a 2014 homebuilt 4U 24-bay chassis built around a Supermicro X9SRH-7F motherboard) but that’s mostly powered off
Dell PowerEdge R210 II with an Intel NIC running pfSense
Samsung SGS9+
Cisco SG300 switches
No IoT
Thanks all for the responses. I’ll doo some sleuthing to track these connections down to an individual Docker container or something else, and then report back.