I assume Asus discussed it with them already. I don't have any other info.
Skynet Skynet - Router Firewall & Security Enhancements
I assume Asus discussed it with them already. I don't have any other info.
pattiri
Senior Member
@Adamm sorry for bothering you again but I've seen a weird issue again.
I have ZyXEL NSA 325 for years and I'm also using Skynet for about 6 months there were no problems but since this morning my NAS couldn't get IP address from my router and I've figured out why;
Skynet only blocks the DHCP packets of NAS my other devices can get an IP address which seems weird
I've tried unbannig port 67 but didn't worked. Whey I disable Skynet NAS can get an IP address.
update: I've rebooted the router. some of my devices can get IP address some of can't. They all get IP address from router.
for example; my pc can access internet but on router DHCP releases page I can't see it.
update 2: I've fixed it with unbanning 255.255.255.255
Banning broadcast address is really great idea.
I have ZyXEL NSA 325 for years and I'm also using Skynet for about 6 months there were no problems but since this morning my NAS couldn't get IP address from my router and I've figured out why;
Code:
Nov 25 10:42:21 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:c8:6c:87:6f:5b:b9:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=27749 PROTO=UDP SPT=68 DPT=67 LEN=556
Nov 25 10:42:25 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:c8:6c:87:6f:5b:b9:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=27750 PROTO=UDP SPT=68 DPT=67 LEN=556Skynet only blocks the DHCP packets of NAS my other devices can get an IP address which seems weird
I've tried unbannig port 67 but didn't worked. Whey I disable Skynet NAS can get an IP address.
update: I've rebooted the router. some of my devices can get IP address some of can't. They all get IP address from router.
for example; my pc can access internet but on router DHCP releases page I can't see it.
update 2: I've fixed it with unbanning 255.255.255.255
Code:
Exact Matches;
https://iplists.firehol.org/files/hphosts_emd.ipset - 255.255.255.255Banning broadcast address is really great idea.
Last edited:
Adamm
Part of the Furniture
@Adamm sorry for bothering you again but I've seen a weird issue again.
I have ZyXEL NSA 325 for years and I'm also using Skynet for about 6 months there were no problems but since this morning my NAS couldn't get IP address from my router and I've figured out why;
Code:Nov 25 10:42:21 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:c8:6c:87:6f:5b:b9:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=27749 PROTO=UDP SPT=68 DPT=67 LEN=556 Nov 25 10:42:25 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:c8:6c:87:6f:5b:b9:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=27750 PROTO=UDP SPT=68 DPT=67 LEN=556
Skynet only blocks the DHCP packets of NAS my other devices can get an IP address which seems weird
I've tried unbannig port 67 but didn't worked. Whey I disable Skynet NAS can get an IP address.
update: I've rebooted the router. some of my devices can get IP address some of can't. They all get IP address from router.
for example; my pc can access internet but on router DHCP releases page I can't see it.
update 2: I've fixed it with unbanning 255.255.255.255
Code:Exact Matches; https://iplists.firehol.org/files/hphosts_emd.ipset - 255.255.255.255
Banning broadcast address is really great idea.
My internet connection is currently down, but once it's back up and running I will filter this address out automatically in the script (it was added by the new filter lists I added yesterday). Thanks for debugging it.
Adamm
Part of the Furniture
Sorry about that, I've reverted the filter.list changes until my internet is up and running again to push the new update.
Butterfly Bones
Very Senior Member
I got bit last overnight as well. Woke up to no internet. Rebooted and ran firewall restart immediately and got it back before the new ban lists got me again.
Code:
Nov 25 02:00:08 Skynet: [Complete] 163786 IPs / 1990 Ranges Banned. 1 New IPs / 0 New Ranges Banned. 1049 Inbound / 63 Outbound Connections Blocked! [8s]
Nov 25 02:25:50 Skynet: [Complete] 204875 IPs / 1914 Ranges Banned. 41089 New IPs / -76 New Ranges Banned. 1081 Inbound / 63 Outbound Connections Blocked! [49s]
Nov 25 07:40:48 Skynet: [Complete] 146677 IPs / 1919 Ranges Banned. -58199 New IPs / 5 New Ranges Banned. 1508 Inbound / 71 Outbound Connections Blocked! [42s]
Protik
Senior Member
I got bit last overnight as well. Woke up to no internet. Rebooted and ran firewall restart immediately and got it back before the new ban lists got me again.
Code:Nov 25 02:00:08 Skynet: [Complete] 163786 IPs / 1990 Ranges Banned. 1 New IPs / 0 New Ranges Banned. 1049 Inbound / 63 Outbound Connections Blocked! [8s] Nov 25 02:25:50 Skynet: [Complete] 204875 IPs / 1914 Ranges Banned. 41089 New IPs / -76 New Ranges Banned. 1081 Inbound / 63 Outbound Connections Blocked! [49s] Nov 25 07:40:48 Skynet: [Complete] 146677 IPs / 1919 Ranges Banned. -58199 New IPs / 5 New Ranges Banned. 1508 Inbound / 71 Outbound Connections Blocked! [42s]
Was affected by this here too. Woke up morning and found none of my devices cannot get to DNS. Luckily one of the devices connected to the router was not affected. So did a banmalware and everything was fixed in no time.
Adamm
Part of the Furniture
No, this feature is independent and will only be updated each time you execute it
When I play with the Skynet menus nearly all menu's log out after completing function, instead of going back into the main menu? can that be changed so that after doing "something" you end up back in the main main instead of your telnet cursor?
By now I can also envision a new app called "SNB Menu" pulling all this stuff together, putting all the scripts and installers in one place, which would save a lot of notes and separate sessions, something like:
----------------------------------------------------------------------
Welcome to the SNBforum Merlin firmware addition menu, what would you like to do today?
1. Download and install Skynet
2. Download and install ab-solution
3. Open Skynet
4. Open ab-solution
5. Update pixelserv
6. Update this menu
7. Exit
Please select input: (1-7)
----------------------------------------------------------------------
By now I can also envision a new app called "SNB Menu" pulling all this stuff together, putting all the scripts and installers in one place, which would save a lot of notes and separate sessions, something like:
----------------------------------------------------------------------
Welcome to the SNBforum Merlin firmware addition menu, what would you like to do today?
1. Download and install Skynet
2. Download and install ab-solution
3. Open Skynet
4. Open ab-solution
5. Update pixelserv
6. Update this menu
7. Exit
Please select input: (1-7)
----------------------------------------------------------------------
Last edited:
thelonelycoder
Part of the Furniture
Piece of cake.
I'll get to it later, hosted on GitHub so all can contribute.
Adamm
Part of the Furniture
I've added your first suggestion about the Skynet menu, it won't go live though until my internet is running again (36 hour suburb wide outage and counting )
The second suggestion seems simple enough, I'll leave it to @thelonelycoder for the time being due to my situation and push commits to it if/when nessesary.
It might be that pulling a beta is a bad idea if someone needs a menu to get this far.
Adamm
Part of the Furniture
@Raphie I've pushed v5.5.5 with your suggestion amung some other small changes.
As for the issue we had with the broadcast IP being blocked from the newly added lists yesterday, I've hardcoded a fix so this never occurs again, and am also working with @thelonelycoder on a better solution for these DNS based security lists that when converted to IP's were causing false positives due to shared hosting servers etc. No eta but expect to hear more about this in future resulting in both less false positives and more integration with his great script.
As for the issue we had with the broadcast IP being blocked from the newly added lists yesterday, I've hardcoded a fix so this never occurs again, and am also working with @thelonelycoder on a better solution for these DNS based security lists that when converted to IP's were causing false positives due to shared hosting servers etc. No eta but expect to hear more about this in future resulting in both less false positives and more integration with his great script.
Butterfly Bones
Very Senior Member
Ha! I was just coming to report the same thing! It needs a pause after the screen info is printed.@Adamm
I think your menu refresh is happening too quickly. When I check Debug Options / Print Debug Info - it flashes by too quickly and returns to the menu. If I do it again it just exits to the prompt.
Adamm
Part of the Furniture
@Adamm
I think your menu refresh is happening too quickly. When I check Debug Options / Print Debug Info - it flashes by too quickly and returns to the menu. If I do it again it just exits to the prompt.
Thanks for pointing out that flaw, damn you guys
For the time being on the first attempt you can just scroll up to see the result, I'll work on a real fix shortly.
Similar threads
Similar threads
Similar threads
-
-
Skynet Skynet showing router itself making calls to China?
- Started by Skywise
- Replies: 26
-
Skynet Skynet - Blocked outbounds coming from the router itself?
- Started by JuanGF
- Replies: 12
-
Skynet Installing Skynet causes router to crash and reboot
- Started by ovancantfort
- Replies: 26
-
Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important?
- Started by lenovomen
- Replies: 2
-
Skynet Message on SKYNET I havent seen before- Started by Davidncali001
- Replies: 1
-
-
-
Skynet SkyNet/Firewall blocking all ping requests, including outbound
- Started by nearlyheadlessarvie
- Replies: 6
-
Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14
- Started by WRobertE
- Replies: 10
Latest threads
-
GT-AX11000 Pro - Issue Gaming on Two Xbox Consoles Simultaneously
- Started by TheFunk7279
- Replies: 0
-
-
USB Wifi 7 adapter - USB-BE92 Nano- Started by RMerlin
- Replies: 2
-
-
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!