I’m not sure where else to turn for help with this issue. I recently did a nearly fresh install of Garuda Linux, and it was working perfectly for about a week or so however, now every time I try to update, I receive errors when attempting to retrieve data from chaotic-aur.db and garuda.db and It gives me Error 1006 "The owner of this website (aur.chaotic.cx) has banned your IP " when trying to access the aur.chaotic.cx website.
I don’t know where to go for a private support channel I’d like to resolve this issue asap.
How long has this been going on? Is it just today? I know right now, chaotic-aur is running pipelines.
not sure if that has anything to do with it or not.
Could you please post your garuda-inxi ?
What was the reason for the “nearly fresh install”?
And Welcome to Garuda-Linux
Ankur
12 November 2024 15:29
3
A while ago chaotic aur was actually under attack
There seems to be an ongoing attack targeting our router. As effect, updating mirrors might currently be either slow or timing out.
The admins blocked all the offending IPs at that moment as a quick response
1 Like
Now things are getting interesting. The registration IP indeed matches one of the IP with the most requests, of the time our router got the insane amount of requests spams. And yes, we did block them to restore regular traffic.
Now my question is… is this a dedicated or shared IP?
4 Likes
The reason was to hop around, I wanted to try out another distro
System:
Kernel: 6.11.6-zen1-1-zen arch: x86_64 bits: 64 compiler: gcc v: 14.2.1
clocksource: tsc avail: hpet,acpi_pm
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen
root=UUID=19bed7bc-5177-4aaf-88bf-bf590925b48f rw rootflags=subvol=@
quiet loglevel=3 ibt=off
Desktop: Hyprland v: N/A dm: SDDM Distro: Garuda base: Arch Linux
Machine:
Type: Desktop Mobo: ASUSTeK model: ROG STRIX B450-F GAMING v: Rev 1.xx
serial: <filter> part-nu: SKU uuid: f1d19cb8-cf69-0404-b1de-40b076dc67ad
UEFI: American Megatrends v: 4901 date: 07/25/2022
CPU:
Info: model: AMD Ryzen 7 5800X socket: AM4 bits: 64 type: MT MCP
arch: Zen 3+ gen: 3 level: v3 note: check built: 2022
process: TSMC n6 (7nm) family: 0x19 (25) model-id: 0x21 (33) stepping: 0
microcode: 0xA201016
Topology: cpus: 1x dies: 1 clusters: 1 cores: 8 threads: 16 tpc: 2
smt: enabled cache: L1: 512 KiB desc: d-8x32 KiB; i-8x32 KiB L2: 4 MiB
desc: 8x512 KiB L3: 32 MiB desc: 1x32 MiB
Speed (MHz): avg: 3592 min/max: 550/4851 boost: enabled
base/boost: 3800/4850 scaling: driver: amd-pstate-epp
governor: performance volts: 1.1 V ext-clock: 100 MHz cores: 1: 3592
2: 3592 3: 3592 4: 3592 5: 3592 6: 3592 7: 3592 8: 3592 9: 3592 10: 3592
11: 3592 12: 3592 13: 3592 14: 3592 15: 3592 16: 3592 bogomips: 121361
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm
Vulnerabilities: <filter>
Graphics:
Device-1: NVIDIA GA104 [GeForce RTX 3060] vendor: Gigabyte driver: nvidia
v: 565.57.01 alternate: nouveau,nvidia_drm non-free: 550.xx+
status: current (as of 2024-09; EOL~2026-12-xx) arch: Ampere code: GAxxx
process: TSMC n7 (7nm) built: 2020-2023 pcie: gen: 1 speed: 2.5 GT/s
lanes: 8 link-max: gen: 4 speed: 16 GT/s lanes: 16 ports: active: none
off: HDMI-A-2 empty: DP-1,DP-2,HDMI-A-1 bus-ID: 08:00.0
chip-ID: 10de:2487 class-ID: 0300
Display: unspecified server: X.org v: 1.21.1.14 with: Xwayland v: 24.1.4
compositor: Hyprland driver: X: loaded: nvidia
unloaded: modesetting,nouveau alternate: fbdev,nv,vesa
gpu: nvidia,nvidia-nvswitch display-ID: :1
Monitor-1: HDMI-A-2 model: AOC 2460G4 serial: <filter> built: 2018
res: 1920x1080 dpi: 92 gamma: 1.2 size: 531x299mm (20.91x11.77")
diag: 609mm (24") ratio: 16:9 modes: max: 1920x1080 min: 640x480
API: Vulkan Message: No Vulkan data available.
API: OpenGL Message: Unable to show GL data. glxinfo is missing.
Audio:
Device-1: NVIDIA GA104 High Definition Audio vendor: Gigabyte
driver: snd_hda_intel v: kernel pcie: gen: 3 speed: 8 GT/s lanes: 8
link-max: gen: 4 speed: 16 GT/s lanes: 16 bus-ID: 08:00.1
chip-ID: 10de:228b class-ID: 0403
Device-2: Advanced Micro Devices [AMD] Starship/Matisse HD Audio
vendor: ASUSTeK driver: snd_hda_intel v: kernel pcie: gen: 4
speed: 16 GT/s lanes: 16 bus-ID: 0b:00.4 chip-ID: 1022:1487
class-ID: 0403
Device-3: Razer USA Barracuda X driver: hid-generic,snd-usb-audio,usbhid
type: USB rev: 2.0 speed: 12 Mb/s lanes: 1 mode: 1.1 bus-ID: 3-3:8
chip-ID: 1532:054e class-ID: 0102 serial: <filter>
API: ALSA v: k6.11.6-zen1-1-zen status: kernel-api tools: N/A
Server-1: sndiod v: N/A status: off tools: aucat,midicat,sndioctl
Server-2: PipeWire v: 1.2.6 status: n/a (root, process) with:
1: pipewire-pulse status: active 2: wireplumber status: active
3: pipewire-alsa type: plugin 4: pw-jack type: plugin
tools: pactl,pw-cat,pw-cli,wpctl
Network:
Device-1: Intel I211 Gigabit Network vendor: ASUSTeK driver: igb v: kernel
pcie: gen: 1 speed: 2.5 GT/s lanes: 1 port: e000 bus-ID: 03:00.0
chip-ID: 8086:1539 class-ID: 0200
IF: enp3s0 state: up speed: 1000 Mbps duplex: full mac: <filter>
Info: services: NetworkManager, smbd, systemd-timesyncd
Drives:
Local Storage: total: 2.84 TiB used: 134.14 GiB (4.6%)
SMART Message: Required tool smartctl not installed. Check --recommends
ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Western Digital
model: WD BLACK SN850X 1000GB size: 931.51 GiB block-size: physical: 512 B
logical: 512 B speed: 63.2 Gb/s lanes: 4 tech: SSD serial: <filter>
fw-rev: 620311WD temp: 47.9 C scheme: GPT
ID-2: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM006-2DM164
size: 1.82 TiB block-size: physical: 4096 B logical: 512 B speed: 6.0 Gb/s
tech: HDD rpm: 7200 serial: <filter> fw-rev: CC26 scheme: MBR
ID-3: /dev/sdb maj-min: 8:16 vendor: Kingston model: SV300S37A120G
size: 111.79 GiB block-size: physical: 512 B logical: 512 B
speed: 6.0 Gb/s tech: SSD serial: <filter> fw-rev: BBF0 scheme: GPT
Partition:
ID-1: / raw-size: 931.22 GiB size: 931.22 GiB (100.00%)
used: 134.14 GiB (14.4%) fs: btrfs block-size: 4096 B dev: /dev/nvme0n1p2
maj-min: 259:2
ID-2: /boot/efi raw-size: 300 MiB size: 299.4 MiB (99.80%)
used: 588 KiB (0.2%) fs: vfat block-size: 512 B dev: /dev/nvme0n1p1
maj-min: 259:1
ID-3: /home raw-size: 931.22 GiB size: 931.22 GiB (100.00%)
used: 134.14 GiB (14.4%) fs: btrfs block-size: 4096 B dev: /dev/nvme0n1p2
maj-min: 259:2
ID-4: /var/log raw-size: 931.22 GiB size: 931.22 GiB (100.00%)
used: 134.14 GiB (14.4%) fs: btrfs block-size: 4096 B dev: /dev/nvme0n1p2
maj-min: 259:2
ID-5: /var/tmp raw-size: 931.22 GiB size: 931.22 GiB (100.00%)
used: 134.14 GiB (14.4%) fs: btrfs block-size: 4096 B dev: /dev/nvme0n1p2
maj-min: 259:2
Swap:
Kernel: swappiness: 133 (default 60) cache-pressure: 100 (default)
zswap: no
ID-1: swap-1 type: zram size: 62.72 GiB used: 0 KiB (0.0%) priority: 100
comp: zstd avail: lzo,lzo-rle,lz4,lz4hc,842 max-streams: 16
dev: /dev/zram0
Sensors:
System Temperatures: cpu: 67.0 C mobo: 52.0 C
Fan Speeds (rpm): cpu: 1344 case-1: 0 case-2: 1339 case-3: 1430
Power: 12v: 10.14 5v: N/A 3.3v: N/A vbat: 3.18
Info:
Memory: total: 64 GiB available: 62.72 GiB used: 3.17 GiB (5.0%)
Processes: 373 Power: uptime: 2h 40m states: freeze,mem,disk
suspend: deep avail: s2idle wakeups: 0 hibernate: platform avail: shutdown,
reboot, suspend, test_resume image: 25.04 GiB services: upowerd
Init: systemd v: 256 default: graphical tool: systemctl
Packages: pm: pacman pkgs: 1299 libs: 382 tools: yay pm: flatpak pkgs: 0
Compilers: clang: 18.1.8 gcc: 14.2.1 alt: 13 Shell: garuda-inxi (sudo)
default: Elvish v: 0.21.0+archlinux1 running-in: kitty inxi: 3.3.36
Garuda (2.6.26-1):
System install date: 2024-11-03
Last full system update: 2024-11-10
Is partially upgraded: Yes
Relevant software: snapper NetworkManager dracut nvidia-dkms
Windows dual boot: Yes
Failed units:
1 Like
elite
12 November 2024 15:35
6
Are you like using a vpn? or something.
I think dedicated? I’m not sure sorry it’s just the IP i have from my ISP
It wouldn’t be the checkupdates command right?
I’ve got a script that gives me live package count that needs updating and it occurs quite frequently, i’ll stop that, it’s probably bad to do it that way
The thing is, since Sunday, we are getting an absurd number of requests from your IP. Valid HTTP requests, but at an absurd rate. This is all from your IP:
6 Likes
Yes, that’s right and that explains it . I read that and forgot to mention it here
1 Like
Any clue why almost 8 million requests in 72 hrs? If we only count the active hours, that’s more than 3700 per minute. Is that from a fresh installed Garuda with no changes made?
1 Like
I’ve stopped the script that’s checking for updates, I’ll avoid doing that so frequently! really sorry about that
1 Like
That’s insane, I could have misinterpreted how much time the poll rate is but that’s a really high number
It shouldn’t be very effective, but it seems like your ISP has an ASN direct to the CF node that is the closest to our Heroku node, and we had WAF off. I’ll be turning the block off.
I’m curious, nonetheless, is that a custom script? How is that script running without raising your CPU load to 99%?
1 Like
I’m not even sure it is the script anymore… here’s the script
//const pkgLabel = Variable('... 📦', {
// poll: [500, ['bash', '-c', 'checkupdates | wc -l'], out => (out != "0")? out + ' Updates 📦' : "Up to Date 📦"],
//});
filo
12 November 2024 16:17
17
Marlborow:
poll: [500
If this polling interval is in milliseconds, every 0.5 seconds would be really too much! This could be checked. It seems to be only a part of the script.
1 Like
elite
12 November 2024 16:27
18
I thought hyprland had a script built in that scans for updates? it was in way bar.
Ankur
12 November 2024 18:59
19
elite:
it was in way bar.
there is a waybar module which will check for update on start , but we have tested it , it doesn’t requests that frequent for checking update ,
and if it would have , then I would have been the first to already getting banned
2 Likes
elite
12 November 2024 19:13
20
That makes perfect sense. I was just thinking it could be a replacement to the script they wrote. Maybe up it to update every few hours. Or something. At least for their particular use case.
1 Like
Those attackers really need to bugger off. 
