(sorry for my bad English)
I have really strange system log
Log is full of this messages:
Sun Sep 6 09:23:01 2020 daemon.notice netifd: wan (30921): udhcpc: sending renew to (ip similar to mine)
Sun Sep 6 09:23:01 2020 daemon.notice netifd: wan (30921): udhcpc: lease of (my pc's ip) obtained, lease time 300
Sun Sep 6 09:25:31 2020 daemon.notice netifd: wan (30921): udhcpc: sending renew to (my pc's ip)
Sun Sep 6 09:25:32 2020 daemon.notice netifd: wan (30921): udhcpc: lease of (ip similar to mine) obtained, lease time 300
Sun Sep 6 09:28:02 2020 daemon.notice netifd: wan (30921): udhcpc: lease of (ip similar to mine)obtained, lease time 300
Sun Sep 6 09:30:32 2020 daemon.notice netifd: wan (30921): udhcpc: sending renew to (my pc's ip)
and sometimes this:
Sun Sep 6 09:50:49 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: auth.mail.ru
Sun Sep 6 09:50:49 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: touch.mail.ru
Sun Sep 6 09:51:11 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: e.mail. ru
Sun Sep 6 09:51:51 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: mail.ru
Sun Sep 6 09:51:51 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: calls.mail. ru
Sun Sep 6 09:53:31 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: dlink.mapsme.devmail. ru
Sun Sep 6 09:54:43 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected:S yxf6ba541f65084e688107879721631a65.oauth.yandex.ru
Sun Sep 6 09:54:43 2020 daemon.warn dnsmasq[3364]: possible DNS-rebind attack detected: passport.yandex. ru
Yesterday I blocked mail.ru and yandex ip's with dig + iptables, but due to router has only free 50 kb left, changes wasn't saved both in terminal and in 192.168.1.1 firewall custom rules
Also today luci accepted login from my pc while I was sleeping
Sun Sep 6 10:12:16 2020 daemon.err uhttpd[904]: luci: accepted login on / for root from 192.168.1.205
What should I do to fix all this