QuFirewall help needed

QNap_NAS1 · August 29, 2025, 11:13am

I have QNAP TS-453E with latest firmware. All apps which are installed to QNAP came from QNAP Store. I have:

CAYIN
ClamAV
Container Station
Download Station
File Station
HBS3
IFTTT
Malware Remover
Media Streaming
Multimedia Console
Music Station
myQNAPcloud
myQNAPcloud Link
Network & Virtual Switch
Notification Center
Photo Station
Plex Media
Qboost
Qfilling
QNAP AI
Qsirch
Qsync
QTS SSL
QuFirewall
QuLog
QuMagie
Resource Monitor
Security Center
SMB Service
SSD Profiling
Video Station

There are no active downloads in Download Station. Also I have PiHole in containers station works under other IP address on that QNAP as a DNS server.

On router I noticed a lot of requests to some countries from QNAP which are prohibited in my network (russia). I can’t understand what exactly on QNAP generates these requests. QuFirewall doesn’t provide information, just amount of blocked events without any explanation what it was.
I configured Automatic Capture as enabled in QuFirewall, however I did not notice any issues here.

Is it possible to somehow make reports more valuable? I want to see service / port / IP information.
Is it possible to block country on QuFirewall itself?
Which app can generate requests to russia from what I mentioned above?

dolbyman · August 29, 2025, 1:39pm

Disable download station and check again (Could be torrent network traffic)

QNap_NAS1 · August 29, 2025, 3:46pm

This is exactly the case. I checked port and it also shows BitTorrent. So even, when I don’t have any active downloads or, even, any torrent files - Download Station continue sending some data to different peers. I have no idea why.

Is it possible to block specific country on QuFirewall itself?

dolbyman · August 29, 2025, 4:08pm

It’s DHT traffic.

Just remove download station and put your torrent downloading on a different device (or in a container)