Aegis Aegis 1.7.x

[lachyzee]

*edit* issue below was resolved by installing Voxel 9.2.5.2.17SF-HW.

@HELLO_wORLD Thanks for your work on this addon. I had it working well for a while on my RBR50 on external usb drive, however since around the time I upgraded to Voxel V9.2.5.2.16SF-HW, it seems to have stopped working (may just be coincidental timing).

I can run aegis up, however aegis status -vv then shows the following:

root@RBR50:~# aegis status -vv
aegis 1.7.12 - Verbose mode [level 2]
Problems:
- shield was upreared, but is not up!
Setting status:
- firewall-start.sh is set for aegis.
- post-mount.sh is set for aegis.
Shield status:
- shield is down.
- logging is disabled.
Directives generation times:
- actual router time: 2021-12-08 10:10:35
- sources cache list latest update: 2021-12-08 10:04:30
- global block list: 2021-12-08 10:04:31
- global bypass list: 2021-12-08 10:04:31
- VPN specific bypass list: 2021-12-08 10:04:32
iptables aegis rules:
- no aegis rules are set.
ipset aegis sets:
ipset v7.15: Kernel error received: Invalid argument
- no aegis ipsets are set.

Debug section of Web Companion shows the following:

• device info: RBR50 RBR50 V9.2.5.2.16SF-HW
• aegis info: aegis 1.7.12-ext
• status codes: ck:32807|dna:brwan|dir:|ablc:|awlc:|wblc:0|wwlc:0|tblc:|twlc:|wif:|wnt:|tif:|tnt:
• info file: tst:|nfo:|dna:|wif:|wnt:|tif:|tnt:
• conf:
  • aegis.wan=net-iface
  • aegis.tun=net-iface
  • aegis.log=log
  • aegis.up=1
  • aegis_web.log=subsection
  • aegis_web.log.len='150'
  • aegis_web.log.basetime='1638917409'
  • aegis_web.log.pos='0'
• iptables engine rules:
  • no aegis rules are set.
• ipset engine sets:

I am also unable to enable logging.

I've tried a complete reinstall with unset etc, but no luck resolving the issue. Any help would be appreciated.

 

[HELLO_wORLD]

*edit* issue below was resolved by installing Voxel 9.2.5.2.17SF-HW.

@HELLO_wORLD Thanks for your work on this addon. I had it working well for a while on my RBR50 on external usb drive, however since around the time I upgraded to Voxel V9.2.5.2.16SF-HW, it seems to have stopped working (may just be coincidental timing).

I can run aegis up, however aegis status -vv then shows the following:

root@RBR50:~# aegis status -vv
aegis 1.7.12 - Verbose mode [level 2]
Problems:
- shield was upreared, but is not up!
Setting status:
- firewall-start.sh is set for aegis.
- post-mount.sh is set for aegis.
Shield status:
- shield is down.
- logging is disabled.
Directives generation times:
- actual router time: 2021-12-08 10:10:35
- sources cache list latest update: 2021-12-08 10:04:30
- global block list: 2021-12-08 10:04:31
- global bypass list: 2021-12-08 10:04:31
- VPN specific bypass list: 2021-12-08 10:04:32
iptables aegis rules:
- no aegis rules are set.
ipset aegis sets:
ipset v7.15: Kernel error received: Invalid argument
- no aegis ipsets are set.

Debug section of Web Companion shows the following:

• device info: RBR50 RBR50 V9.2.5.2.16SF-HW
• aegis info: aegis 1.7.12-ext
• status codes: ck:32807|dna:brwan|dir:|ablc:|awlc:|wblc:0|wwlc:0|tblc:|twlc:|wif:|wnt:|tif:|tnt:
• info file: tst:|nfo:|dna:|wif:|wnt:|tif:|tnt:
• conf:
  • aegis.wan=net-iface
  • aegis.tun=net-iface
  • aegis.log=log
  • aegis.up=1
  • aegis_web.log=subsection
  • aegis_web.log.len='150'
  • aegis_web.log.basetime='1638917409'
  • aegis_web.log.pos='0'
• iptables engine rules:
  • no aegis rules are set.
• ipset engine sets:

I am also unable to enable logging.

I've tried a complete reinstall with unset etc, but no luck resolving the issue. Any help would be appreciated.

I am glad to see it is now working.
It seems it was a problem with ipset as this suggests: “ipset v7.15: Kernel error received: Invalid argument”, that was fixed with firmware upgrade.

Thank you for using Aegis

 

[lachyzee]

Hi @HELLO_wORLD, thanks as always for your great addon. In the Log section of the web companion, I often see these errors. Any ideas what might be causing it? Thank you

 

[HELLO_wORLD]

Hi @HELLO_wORLD, thanks as always for your great addon. In the Log section of the web companion, I often see these errors. Any ideas what might be causing it? Thank youView attachment 41816

Have you always seen this error ?
The log page is using Ajax to load new entries in the log. Each time you see the "500 Internal Server Error", the http server of the router failed to send back the data.
I am not sure why in your case, as it is working for everybody else… What is your configuration ?
You can find that out by copy/pasting what is in the "DEBUG" tab. Thank you!

 

[mith_y2k]

Hi @HELLO_wORLD, thanks as always for your great addon. In the Log section of the web companion, I often see these errors. Any ideas what might be causing it? Thank youView attachment 41816

Are you using Safari? Try Firefox

 

[thedj]

hi guys! little confused on what this is blocking, where is iprange pulling from? who adds to that blacklist? what criteria gets blacklisted? spammers, hackers etc? Read the githhub and still a little confused. Does blacklist include AG providers? Is AdGuard on Kamoj duplicate protection or completely different?

Just upgraded voxel and kamoj after running stable for years and forget about this subject loll

 

[HELLO_wORLD]

hi guys! little confused on what this is blocking, where is iprange pulling from? who adds to that blacklist? what criteria gets blacklisted? spammers, hackers etc? Read the githhub and still a little confused. Does blacklist include AG providers? Is AdGuard on Kamoj duplicate protection or completely different?

Just upgraded voxel and kamoj after running stable for years and forget about this subject loll

Hi,

It is blacklisting anything you want, from either (or/and) lists of IPs, IP ranges that they are from a remote list published on internet or your own custom list.
It comes with some default lists (all can be seen as it is open source), that blocks known spammers, hackers and bogon IPs, but it is fully configurable to whatever you like

 

[HELLO_wORLD]

Just passing by, and I am not forgetting any of you

Wishing you a Happy and Healthy New Year 2023.
I am not working on Aegis anymore for Netgear routers, as it is mature and working fine as it is now.

I am experimenting with an Aegis on OpenWrt 22.03 based on nftables (what a change from iptables), and it works quite well. I am able to export the log to elastic search and have a nice dashboard:

 

[Remy561]

Just passing by, and I am not forgetting any of you

Wishing you a Happy and Healthy New Year 2023.
I am not working on Aegis anymore for Netgear routers, as it is mature and working fine as it is now.

I am experimenting with an Aegis on OpenWrt 22.03 based on nftables (what a change from iptables), and it works quite well. I am able to export the log to elastic search and have a nice dashboard:
View attachment 46941

Happy new year to you too!
Thank you for making and maintaining Aegis.

Every time I look at the logs it really surprises me how much incoming and outgoing traffic it blocks.

 

[Remy561]

Hi guys,

For a couple weeks AEGIS kept me from using github.
For example, with AEGIS enabled I can not reach https://github.com/bolemo/aegis/blob/stable/README.md.

I use kamoji to keep the blocklists up to date (aegis refresh) with the most recent update taking place on 2023-01-22 04:00:02 (sunday 4 AM).

Do you guys know why github was added to the blocklist?

 

[HELLO_wORLD]

Hi guys,

For a couple weeks AEGIS kept me from using github.
For example, with AEGIS enabled I can not reach https://github.com/bolemo/aegis/blob/stable/README.md.

I use kamoji to keep the blocklists up to date (aegis refresh) with the most recent update taking place on 2023-01-22 04:00:02 (sunday 4 AM).

Do you guys know why github was added to the blocklist?

It is quite common that GitHub ends up in these blocklists for a while, until someone reports it to the curators and it is ok again until next time.
I am not sure why, but I noticed that it happened several times over the years.

Best advice is to whitelist it and you won't ever be bothered again : 140.82.112.0/20

 

[Remy561]

It is quite common that GitHub ends up in these blocklists for a while, until someone reports it to the curators and it is ok again until next time.
I am not sure why, but I noticed that it happened several times over the years.

Best advice is to whitelist it and you won't ever be bothered again : 140.82.112.0/20

All is fine again with the listed ip in the global whitelist.
Thanks a lot!

 

[DeuX]

It's working amazingly and super easy to setup. Thank you!