lol - almost everything in the system logs look suspicious . But I don’t see any evidence of malicious events there.
Because the Openwrt OS is open source and needs to accommodate so many different hardware platforms, there is often many log entries that are a result of the system working it’s way through what is in yours. Also, many times people don’t have IPv6 enabled, so the system works through all that.
To me, this just looks like your router is setting up your ports and enabling nat.
Why do you think this log-snippet looks suspicious? It shows the standard startup and configuration of the router's Ethernet and wireless interfaces. There's no indication of unauthorized access, malicious activity, or unusual traffic patterns in this snippet.
Yup, for me, this log looks like a normal OpenWrt log as well. Nothing special.
Those logs are not really for end users, too much spam-y things in there.
When I saw this I change the admin password at 192.168.8.1, just to be sure. And then tried to log in through the app one time but got ”Too many failed log in attempts wait 506 seconds”
Did the app make the log in attempts with the old password after I changed it?
That stinks! How did they get in? Most modern routers are relatively secure unless you have weak passwords or open ports.
I always set very complex passwords out of habit and keep my guest interface disabled unless I have company. And I have transitioned to WireGuard vpn rather than opening ports for services.
Change your Wi-Fi password and the password for the web interface.
Disable guest Wi-Fi (if not needed).
Always use complex passwords.
Ensure nobody has physical access to your network.
If you are really worried about network activity, install something like NetAlertX on a Raspberry Pi (a Raspberry Pi Zero 2 W for around 20 bucks with an additional network adapter is sufficient for home network use).
It will help you with:
Detection of unknown devices on the network.
Monitoring of port changes.
Real-time notifications of unusual network activity.