Synology File System Check

Synology File System Check

How to run a Synology File System Check on a ext4 file system?

Synology File System Check

DSM used:  DSM 6.2

When checking the log files on a ext4 file system under /var/log I discovered the log file fsck. It appears that every time the system is started the following command is run for Synology File System Check:  /sbin/e2fsck -pvf. From the GUI on my Synology NAS it is not possible to start a Synology File System Check on a ext4 file system.

-p Automatic repair (no questions)

-n Open the filesystem read-only, and assume an answer of 'no' to all questions. Allows e2fsck to be used non-interactively. This option may not be specified at the same time as the -p or -y options.

-v Be verbose

-f Force checking even if filesystem is marked clean

How to run the Synology File System Check on a ext4 manually?

Running this commands are at your own risk. Always make sure you have a good backup as there are risks off data loss.

turn on telnet and don't forget to turn it off again. It is a security issue, passwords go unencrypted over the line. In control panel under Terminal & SNMP you can turn telnet on. You need a telnet program on your computer to connect to the Synology NAS. Don't use SSH because when running the below commands you will loose connection.

df -h and search for volume needed. For example volume1: /dev/vg1000/lv

syno_poweroff_task -d or umount /volume1, if this doesn't work try umount /volume1 -f -k (-k is for killing processes accessing the file)

(syno_poweroff_task) -d debug mode. This command is for killing all processes.

vgchange -ay

-a (--available) for activate or deactivate -y|--yes ]

commands to check the file system:

e2fsck -nvf -C 0 /dev/vg1000/lv (-n option see above)

fsck.ext4 -pvf -C 0 /dev/vg1000/lv or e2fsck -pvf -C 0 /dev/vg1000/lv (-p option see above)

-C 0

-C fdThis option causes e2fsck to write completion information to the specified file descriptor so that the progress of the filesystem check can be monitored. This option is typically used by programs which are running e2fsck. If the file descriptor number is negative, then absolute value of the file descriptor will be used, and the progress information will be suppressed initially. It can later be enabled by sending the e2fsck process a SIGUSR1 signal. If the file descriptor specified is 0, e2fsck will print a completion bar as it goes about its business. This requires that e2fsck is running on a video console or terminal.

After completion run:  reboot

Do you want Diktio Solutions to help you. Click Here to contact Diktio Solutions.

Synology SMB connection with shared folder

Synology SMB Connections

Synology NAS DSM 6.1 with Active Directory (AD) installed on the NAS. Users in AD and Synology NAS users. On the NAS is SMB v1 disabled 

Connect from Ubuntu 16.04 LTS (Latest Stable Version) Gnome desktop 

from the terminal: 

as root:

sudo su -

mount -t cifs //<ip address or DNS name Synology NAS>/<Share> /mnt (or other mount point) -o username=<AD user or NAS user>,vers=<2.1 or 3.0> 

To start within Gnome GUI from terminal:

as root:


or as user: 

sudo mount -t cifs //<ip address or DNS name Synology NAS>/<Share> /mnt (or other mount point) -o username=<AD user or NAS user>,vers=<2.1 or 3.0> 

To start within Gnome GUI from terminal:

sudo nautilus

Connect from Centos 7

from the terminal: 

as root:

sudo su - or su - 

mount -t cifs //<ip address or DNS name Synology NAS>/share -o,user=<AD user or NAS user,domain=<AD netbios domain or other name for NAS users>,vers=<2.1 or 3.0> /mnt (or other mount point)

To start within Gnome GUI from terminal:

as root:


or as user: 

sudo mount -t cifs //<ip address or DNS name Synology NAS>/share -o,user=<AD user or NAS user,domain=<AD netbios domain or other name for NAS users>,vers=<2.1 or 3.0> /mnt (or other mount point)

To start within Gnome GUI from terminal:

sudo nautilus

OpenVPN configuration Synology VPN server

Client configuration settings: 

remote <dns or ip address>  1194

# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

redirect-gateway def1

When the local network of the OpenVPN client is the same as the local network of the OpenVPN server than you can add the following line to the ovpn configuration file.

route <ip address> 

for example both networks have the same local network: and traffic is not sent inside the VPN tunnel you can add to reach on the local network of the VPN server 


When you have problems with DNS for example with the DNS servers of Ziggo who only allow queries from their own network. You can change your DNS settings to the nameservers of Google. Name servers are and 

Warning message in the log file: 

WARNING: No server certificate verification method has been enabled.  See for more info.

You see this message when you connect with a standard OpenVPN server from Synology and is showed because of the way Synology implemented their OpenVPN server. 

Synology DNS server and dnsmasq

When stopping the DNS server running on the Synology NAS  I notice that port 53 is still open. 

Running netstat -anp  on the Synology NAS reveals dnsmasq to have port 53 open. 

Stopping the DCHP server in control panel stops dnsmasq from running on port 53. 


Synology best settings for Quick Connect

Use a public DNS server (For example Google DNS servers):

Control Panel, Network, General, Select Manually configure DNS server, Preferred DNS server:, Alternative DNS server:

Turn off IPv6:

Control Panel, Network, Network Interface, Select connected LAN interface, edit, IPv6, IPv6 setup off

Manual IP Address:

Control Panel, Network, Network Interface, Select connected LAN interface, edit,IPv4, use manual configuration. Don't fill in a DNS server. Fill in IP address, Subnet Mask, Gateway. If configurable uncheck jumbo frame option. 


Control Panel, Regional Options, Synchronize with NTP server: 

For example  Server address: 

Check correct local time. 

Synology check health info disks

Storage Manager, HDD/SDD

Select disk and expand information.

Check Status: Normal

Check S.M.A.R.T status: Normal 

Check Bad sector count: 0

Select disk and health info, overview

Disk Reconnection Count, Bad Sector Count and Disk Re-identification Count indicate the total quantity of events that have occurred on your disk or system.

Your data are still safely stored on the disk. Although these parameters provide early warning and information about disk health trends, they do not directly imply imminent disk failure.

Disk Reconnection Count display the sum of S.M.A.R.T. Attribute “UItraDMA CRC Error Count” and other interface issues detected by the system. If this parameter increases abruptly compared to general tendency, it may indicate that the disk or some hardware components are aging.

Select disk and health info, S.M.A.R.T test

Run Quick and Extended test. Check results. 

Select disk and health info, S.M.A.R.T info 

Use for reference 

check status: OK

Important attributes:

01 Read Error Rate:

(Vendor specific raw value.) Stores data related to the rate of hardware read errors that occurred when reading data from a disk surface. The raw value has different structure for different vendors and is often not meaningful as a decimal number.

If you see any non-zero raw values for ID 1 (for WD and Samsung disks) in the disk S.M.A.R.T. info, the disk is defective.

05 Reallocated Sectors Count : 0 

09 Power-on Hours:

Count of hours in power-on state. The raw value of this attribute shows total count of hours (or minutes, or seconds, depending on manufacturer) in power-on state.

By default, the total expected lifetime of a hard disk in perfect condition is defined as 5 years (running every day and night on all days). This is equal to 1825 days in 24/7 mode or 43800 hours.

10 Spin Retry Count: 0 

184 End-to-End error / IOEDC: 0

187 Reported Uncorrectable Errors: 0

188 Command Timeout: 0

196 Reallocation Event Count: 0

197 Current Pending Sector Count: 0

198 (Offline) Uncorrectable Sector Count: 0 

201 Soft Read Error Rate or TA Counter Detected: 

According to Synology Support:

If you see any non-zero raw values for ID 1 (for WD and Samsung disks) and ID 5/197/198 (for all disks) in the disk S.M.A.R.T. info, the disk is defective.

Synology terminal show S.M.A.R.T report

smartctl --scan

smartctl -a -d sat -T permissive /dev/sda

/dev/sda is the drive

-aPrints all SMART information about the disk.

-d satSpecifies device type. “Sat” is SCSI to ATA Translation (SAT) that is required with Synology.

 -T permissiveDefines tolerance type. “Permissive” tells to ignore failure(s) of mandatory SMART commands and is required with Synology.
The commando also shows Hardware disk information:
Model Family:     

Device Model:     

Serial Number:   

LU WWN Device Id:

Firmware Version: 80.00A80

User Capacity:    

Sector Sizes:     

Device is:       

ATA Version is:   

SATA Version is:  

Local Time is:    

SMART support is: 

SMART support is: 


To run a short S.M.A.R.T test: 

smartctl -d sat -t short /dev/sda

Synology Terminal Commands

Synology Terminal Commands

Synology Terminal Commando laat meerdere commando's zien die uitgevoerd kunnen worden na het maken van een ssh verbinding met de Synology NAS. Ssh moet wel eerst ingeschakeld worden op de Synology NAS om verbinding te kunnen maken.

Synology Terminal Commando








start terminal via ssh

ssh user@host

sudo -i

Geef nogmaals het wachtwoord op, hierna kunnen commando's uitgevoerd worden.

Check Network traffic and Bandwidth on Synology NAS.

synogear install


Synology Terminal commando check open port en programma:

netstat -natpu

-a, --all                display all sockets (default: connected)

-n, --numeric        don't resolve names

-p, --programs      display PID/Program name for sockets

-t                         display only TCP connections

-u.                       display only UDP connections

Synology check network performance


ethtool -S eth0

ethtool -g eth0

netstat -s -p TCP

Synology display activity like pid, processor, memory and


Synology geheugengebruik

free -h

Synology Hardening

Synology Hardening

Synology Hardening steps to change the default settings to improve security on a Synology NAS. 

Synology Hardening

Synology DSM 6.1 hardening settings:

Using the  Security Advisor:

Install and run the Synology Security Advisor and consider changing the advised mentioned settings. 

Control Panel:
Control Panel, Update & Restore, DSM Update:
  • Update Settings. Change the settings accordingly with in mind that security fixes are applied as soon a possible. 
Control Panel, user:
  • make a new user with full administrative rights, test this new user and disable admin. 
  • Advanced, Password Settings, Select Allow non-administrator users to reset forgotten passwords via email. 
  • Avanced, Password Settings, Apply password strength rules, select;
    • Exclude name and description of user from password. 
    • Include mixed case
    • Include numeric characters
    • Include special characters
    • Exclude common password
    • Minimal password length: 8
    • Password history (times): 1
  • Advanced,Password Expiration, select;
    • Enable password expiration 
    • Maximum password valid duration (days): 183 (except administrator users). Check administrator user Password is always valid. Manually change this password regularly. 
    • Minimum password valid duration (days): 1
    • Prompt users to change password upon login before expiration (days): 14
    • Send expiration notification emails; sent at 12:00, Days before the expiration; 14,10,5,3,2,1 
  • Advanced, 2-Step Verification,
    • Enforce 2-step verification for the following users, all users
Control Panel, Terminal & SNMP, Terminal:
  • (in case) SSH service, advanced settings, High
Control Panel, Security, Security:
  • Improve protection against cross-site request forgery attacks
  • Improve security with HTTP Content Security Policy (CSP) header.
  • Do not allow DSM to be embedded with iFrame.
  • Clear all saved user login sessions upon system restart. 
Control Panel, Security,Firewall:
  • consider enabling firewall which depends on the IT infrastructure. Firewall rules can be enabled for VPN services which can improve security or protect a access for Hyperbackup. This can be implemented with an allow and deny rule for certain services. 
Control Panel, Security, Protection:
  • consider enable DoS protection depending on your IT infrastructure. 
Control Panel, Security,Account, Auto Block:
  • select Enable auto block, login attempts: 10, Within (minutes): 5. Enable block expiration, Unblock after (days): 1. Consider using an allow/block list. 
Control Panel, Security, Account, Enable Account Protection, Untrusted Clients:
  • login attempts:5
  • Within (minutes):1
  • Cancel account protection (minutes later):30 
Control Panel, Security, Account, Account Protection, Trusted clients:
  •  Login attempts:10
  • Within (minutes):1
  • Unblock (minutes later):30 
Control Panel, security, advanced, TLS/ SSL Cipher Suites:
  • Select Modern compatibility 
Control Panel, Network, DSM settings,
  • Selecteer Automatically redirect HTTP connections to HTTPS ( Web Station and Photo Station excluded ). 
  • Enable browser's incognito mode or using guest browsing feature when accessing Synology NAS with a public computer
1 2 3