Menu
What's new
By:
Filters Better Search

Skynet Is default firewall good enough?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Daveo said:
How do I remove and replace my Skynet filter lists with @SomeWhereOverTheRainBow list (https://raw.githubusercontent.com/jumpsmm7/GeneratedAdblock/master/filter.list) ?
Click to expand...
refer to this post

www.snbforums.com

Skynet - Is default firewall good enough?

I typically run a check against it's IP on AlienVault if something looks suspicious or just to spot check... https://otx.alienvault.com/indicator/ip/205.185.216.10 I typically do such if I find something not regularly blocked is now being blocked.
www.snbforums.com www.snbforums.com
 
When i try and use the filter list above in post 342, an error curl: option -0z: requires parameter is displayed when trying to consolidate blacklists
 
Viktor Jaep said:
So your logic was correct on this, @chongnt ... I cross-referenced entries from list 8.txt, and they were all contained within 3.txt. I've adjusted my filter list accordingly to prevent skynet from having to download and process dupes, which should save a few seconds on processing time. ;) Thanks again!
Click to expand...
I need an automatic copy of your list :D. It has been awhile since I last checked forum :(
 
SomeWhereOverTheRainBow said:
refer to this post

www.snbforums.com

Skynet - Is default firewall good enough?

I typically run a check against it's IP on AlienVault if something looks suspicious or just to spot check... https://otx.alienvault.com/indicator/ip/205.185.216.10 I typically do such if I find something not regularly blocked is now being blocked.
www.snbforums.com www.snbforums.com
Click to expand...
Many thanks. I have now successfully switchover to your filter list for Skynet :)
 
Bogey said:
Where do I enter this whitelist? I've been looking at every menu item but cannot locate it. (Am I blind or just dumb?)
Click to expand...
It is under import list option. You select the whitelist option as the type of option then you copy paste the url into the terminal.

Or you can just type it into the terminal following these set of directions.

Example Import Commands;
( firewall import blacklist file.txt "Apples" ) This Bans All IPs From URL/Local File With The Comment Apples
( firewall import whitelist file.txt "Apples" ) This Whitelists All IPs From URL/Local File With The Comment Apples
 
SomeWhereOverTheRainBow said:
It is under import list option. You select the whitelist option as the type of option then you copy paste the url into the terminal.

Or you can just type it into the terminal following these set of directions.

Example Import Commands;
( firewall import blacklist file.txt "Apples" ) This Bans All IPs From URL/Local File With The Comment Apples
( firewall import whitelist file.txt "Apples" ) This Whitelists All IPs From URL/Local File With The Comment Apples
Click to expand...
Ah I see, so this one needs updating manually, correct? Instead of the blacklist that's taken care of via the Malware Blacklist option.
 
Mogsy said:
It is too big. :(
Is the hardcoded whitelist good enough in Skynet?
Click to expand...
That depends on if you are ever concerned about running into false positives. Numerous websites/web services use the same IP addresses. False positives could range from your banking app or bank website to your favorite online game servers. Or in most extreme situations, country blocking could mean you need to allowlist root servers for unbound. It is very hard to say if skynets "hardcoded" whitelist is good enough since it was made with only consideration of the default skynet filter list. Whether you need to allow list IP's and domains depends on your personal use.
 
Been a long day, need a gut check.

I’ve got a router with WireGuard/OpenVPN sitting on the LAN side of my AX88. I have a port forward rule configured on the AX88.

With Skynet disabled, everything works. When enabled it doesn’t, the external randomly assigned carrier client IP ADDR is blocked?

Would that also mean that the tablet/phone carrier randomly assigned IP ADDR is on some blacklist?

I don’t think Skynet cares about the port, just the IP ADDR trying to connect inbound through the AX88 to get to the VPN router sitting on the LAN side…

Like I said, long day, need a gut check…

Right now I have removed Skynet but want to install it again, it’s 2am here and woke up to this so posted while fresh and to clear it out so I can catch some Zzzz’s
 

Attachments

  • 9AC9D601-1879-4046-8073-BB042A7524D1.jpeg
    9AC9D601-1879-4046-8073-BB042A7524D1.jpeg
    23.6 KB · Views: 50
That means there is a list some where in there breaking things. A list that has a nonreal ipv4 address most likely. As I mentioned before, skynet has no actual protection against this. So, it will most likely fail the moment a list has a none real ip address. What I mean by a non-real ipv4 address is an address the is out side the range of real addresses. Skynet could fix this issue by strengthening its ipv4 grep regexp.
 
Last edited:
Here's the culprit:

1678024680018.png


not very "high confidence", is it!? :)
 
You must log in or register to reply here.

Similar threads

Magnus33
Opinions on Asus Firewall is it good Enough?
Replies
8
Views
15K
coxhaus
C
redhat27
Yet another malware block script using ipset (v4 and v6)
24 25 26
Replies
512
Views
130K
thelonelycoder
thelonelycoder
Similar threads
Thread starter Title Forum Replies Date
kstamand Solved Customize default System Log | General Log web page with grep? Asuswrt-Merlin AddOns 5
ChickenheadOS Skynet Skynet 7.5.8 Firewall UI Issues Asuswrt-Merlin AddOns 19

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 577 (members: 20, guests: 557)
Top