Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. A

    Tutorial How to monitor DNS traffic in real-time

    I follow in theory, but in practice everything other than Skynet appears to load correctly with the default WAN DNS servers blank. Certainly time is set without any issue via the DoT WAN DNS servers and well before either unbound or wireguard are loaded.
  2. A

    Tutorial How to monitor DNS traffic in real-time

    Maybe its just me but.... Following this thread I had emptied out the default WAN servers (I am using Cloudflare for Strict DoT) and only route some traffic (including client DNS requests via unbound) through a Wireguard VPN. Without this blanking the WAN servers, there is always some...
  3. A

    Skynet v7.3.6

    Adding the WAN DNS servers fixed it. I would have assumed that the DoT DNS servers would have been able to resolve, but apparently not. Many thanks
  4. A

    Skynet v7.3.6

    [i] Downloading filter.list | [0s] [i] Refreshing Whitelists | [4s] [i] Consolidating Blacklist | Warning: Illegal date format for -z, --time-cond (and not a file name). Warning: Disabling time condition. See curl_getdate(3) for valid date syntax. Warning: Illegal date...
  5. A

    Skynet v7.3.6

    Yes both /tmp/skynet/lists and /tmp/mnt/Router/skynet/lists are empty Default WAN DNS are DoT (strict) Cloudflare (IPv4 and IPv6) Client DNS is routed through Unbound using Wireguard VPN (AzireVPN) DNS servers
  6. A

    Skynet v7.3.6

    (AFAIK) I don't have a custom list, this is a clean install and should just be using default settings. Where can I locate what list is being used?
  7. A

    Skynet v7.3.6

    I am confused. I had thought that when installed, Skynet blocked traffic derived via a default set of ipsets, e.g. firehol_level2.netset, firehol_level3.netset, etc. However nothing is being blocked at all, either inbound or outbound* and while sh /jffs/scripts/firewall debug info shows...
  8. A

    Skynet v7.3.6

    Hi @Adamm rebuilding router after factory reset. Just installed diversion, then skynet but there are no entries in the blacklist ipsets - what am I missing Router Model; RT-AX88U Skynet Version; v7.3.6 (09/03/2023) (35af187c15ed5871393a3249262c8dbc) iptables v1.4.15 - (eth0 @ 10.50.60.1) ipset...
  9. A

    Wireguard Session Manager (4th) thread

    An update: - with my setup - 388.2 alpha 2 and no flow cache WGM was unstable and unusable I tried just using wg11 (client) and just server (wg21) and sometimes I would get the Router kernel: [0;33;41m[ERROR mcast] bcm_mcast_blog_process,819: blog allocation failure[0m error and sometimes...
  10. A

    Wireguard Session Manager (4th) thread

    Good call, but now to work out where to look. I stopped the WG clients and server and disabled Cake (to re-enable flow cache) and the 'bcm_mcast_blog_process' errors reappeared. As I was routing the Unbound DNS via wireguard, I also removed # outgoing-interface: 192.168.3.1...
  11. A

    Wireguard Session Manager (4th) thread

    Do you have any suggestions on where to look, how to troubleshoot? if it helps
  12. A

    Wireguard Session Manager (4th) thread

    from wireguardvpn.conf # Override setting of the -t mangle FORWARD/PREROUTING '-j MARK --set-xmark 0x01/0x7' fwmarks 39 # (NOT the user Selective Routing fwmarks for Ports/IPSETs etc.) 40 # Use command 'vx' to edit this setting. 41 #NOSETXMARK
  13. A

    Wireguard Session Manager (4th) thread

    Did you turn off pkg marks in wgm? - Not knowingly, what am looking for? Could you check the firewall for them? - as above, what am I looking for? Have you had this in prior fw too? - yes.
  14. A

    Wireguard Session Manager (4th) thread

    if I enable flowcache and disable qos then this happens Noticed this when I first installed WGM, disable flow cache and it goes away.
  15. A

    Wireguard Session Manager (4th) thread

    Thanks for the update, I had assumed that it would apply to all 388.2 devices. Probably a foolish question, but do you expect to receive updated SDKs for the RT-AX88U or GT-AX11000 which will allow the blog bypass or is this it?
  16. A

    Wireguard Session Manager (4th) thread

    Walking this back a bit As I am already running WGM, do I need to disable (or even uninstall) before creating the dummy firmware/vpn director version? Server, connection to external VPN provider or both? The aim is to support IPv6, currently done via ipset as the (public) IPv6 address will be...
  17. A

    Wireguard Session Manager (4th) thread

    Hi @ZebMcKayhan and @Martineau. Further to the above and @RMerlin 's reply in the subsequent post, 388.2_alpha is now available for RT-AX88U and I have installed it onto my router. If you would like to explore whether the (firmware Wireguard) solution can be adapted to work with WireGuard...
  18. A

    [ 388.2 alpha Build(s) ] Testing available build(s)

    Dirty upgrade 388.1 to 3.0.0.4.388_22525-gd35b8fe, running about 45 mins, other than unbound, which needed a restart, everything came up fine and appears to be working as expected. Nothing unusual in the logs and no material issues seen; as noted by some other the AiMesh GUI seems a little...
  19. A

    DDNS update not working on 388.1

    As far as I can see (just looking at my RT-AX88U) DDNS will only work with IPv6 Update set to On (in DDNS) if it can retrieve the IPV6 WAN address. If it cannot do this then it will fail completely for IPv6 and IPv4. As noted above, the easiest fix is to set IPv6 Update set to Off Even if...
  20. A

    DDNS update not working after update to 386.9

    I don't know if this would work on a RT-AC68U, but for my RT-AX88U I have a similar issue in that DDNS would fail when IPv6 Native mode was enabled as (Asus) DDNS needs to pick up the IPv6 WAN address (on eth0 on theAX88U), but on my setup it was only showing on br0 - you can use ifconfig br0...
Top