Quote from: Patrick M. Hausen on May 09, 2026, 10:07:59 PMPerfectly possible, I run that at home. Open a ticket with Q-Feeds support to get a second API key for use in AGH.Did you have to pay for a second API key?
AGH does need an upstream server, though. So if you don't want to run Unbound as a recursive server, you need to cofigure your ISP, 1.1.1.1, or whatever you prefer. I use Unbound.
#!/usr/local/bin/bash
# --- PARAMETERS ---
INTERFACE="wg1"
PEER_IP="10.4.0.1"
THRESHOLD=300
DOWNTIME=360
WAIT_AFTER_UP=60
LATEST_HANDSHAKE=$(wg show "$INTERFACE" latest-handshakes | awk '{print $2}')
CURRENT_TIME=$(date +%s)
ELAPSED=$((CURRENT_TIME - LATEST_HANDSHAKE))
if [ "$ELAPSED" -gt "$THRESHOLD" ]; then
ifconfig "$INTERFACE" down
sleep "$DOWNTIME"
ifconfig "$INTERFACE" up
sleep "$WAIT_AFTER_UP"
traceroute -n "$PEER_IP"
else
exit 0
fisubstring(option[vendor-class-identifier].text,0,3)
Anyone who already solved this?Quote from: ajr on Today at 09:41:54 AMtcpdump does not show any packets on the WAN interface so I do not know the sender address.Any source address in packets stemming from 127.0.0.0/8 is translated to the CARP VIP on the WAN due to your rule. So it's obvious the you cannot see any IP of this subnet.^^
Quote from: Monviech (Cedrik) on Today at 09:49:52 AMPress "Inspect". It will show the full ruleset for an interface.