Quote from: meyergru on July 14, 2026, 09:43:14 AM1. There are chip revisions (e.g., the latest ones have a smaller structure width and consume less power). You can see that via " pciconf -lv | grep -B3 igc", look at the "rev" value (mine is 0x04 on my current china box, I have others with 0x03).
[5872] igc1: link state changed to DOWN
[5876] igc1: link state changed to UP
[5876] igc1: link state changed to DOWN
[5880] igc1: link state changed to UP
[5996] igc1: link state changed to DOWN
[5999] igc1: link state changed to UP
[6042] igc1: link state changed to DOWN
[6046] igc1: link state changed to UP
[6047] igc1: link state changed to DOWN
[6048] wg1: loop detected
[6048] wg1: loop detected



Quote from: meyergru on July 12, 2026, 10:16:22 AMThe rules look "O.K." now. I told you to first check if your rules cause the problems in my first answer, for somehow I guessed that you redirected "all" port 53 traffic, creating an endless loop like explained here.
What can you learn of this? Your rule of thumb should be: If you experience problems, show your rules, because often times, they are the cause of it. See also the "READ THIS FIRST" article in the tutorial section.
That being said, your current rules alone will not help you with either DoT or DoH, which are the default in many browsers now.
There is a discussion about this also in the tutorial section.
Basically, you can block port 853 for DoT, but you need a blocklist for known DoH services because you cannot block port 443.
Also, there are a few more kinks in your rules, because they apply to IPv6 as well, see this.
On a side note: I have given up on the "block any other DNS than my own" game, because you cannot win it.