Skynet Skynet - Router Firewall & Security Enhancements

[kowra]

Does skynet disable aiprotection?
I just installed skynet and found aiprotection disabled.
do we need both?

 

[martinr]

Does skynet disable aiprotection?
I just installed skynet and found aiprotection disabled.
do we need both?

I have not found any interaction: they are quite independent of each other and complement each other.

Are you sure AIProtection really was disabled? You’re not getting mixed up with the “Ban AIProtect” setting in Skynet (Option 11 then Option 7), which is something else?

 

[cousinit99]

I have not found any interaction: they are quite independent of each other and complement each other.

Are you sure AIProtection really was disabled? You’re not getting mixed up with the “Ban AIProtect” setting in Skynet (Option 11 then Option 7), which is something else?

^This^. My thought, exactly.

 

[Adamm]

Does skynet disable aiprotection?
I just installed skynet and found aiprotection disabled.
do we need both?

The functional you are referring to actually enhances AiProtect by adding IP's flagged for being malicious to Skynet's blacklist.

 

[Adamm]

I've pushed v6.6.6

The most notable change here is the improvement of BanAiProtect. Not only will flagged IP's be added to Skynet, but also flagged domains. There are also some minor bug fixes related to the device list in "debug info".

 

[Jack Yaz]

I've pushed v6.6.6

The number of the beast??

 

[^Tripper^]

The number of the beast??

I’ve updated. Blood started oozing out of the USB port. Works great!

 

[Marin]

The number of the beast??

Love that album! Love that band!


Sent from my iPhone using Tapatalk

 

[sl4fko]

Hi,

please help. Cannot install (or even reinstall after uninstall...) Skynet on my router, USB swap disk is formatted on EXT3, installation goes without problems. When I run skynet I get:






Skynet Version; (10/01/2019) (f1b4a6b8bd6368c5c8a97ab28cfe8f59)
iptables v1.4.15 - (ppp0 @ 192.168.1.2)
ipset v6.32, protocol version: 6
FW Version; 384.7_0 (Oct 8 2018) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/SWAP/skynet (6.9G / 7.3G Space Available)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/SWAP/skynet

SWAP | [Failed]
Cron Jobs | [Failed]
IPSets | [Failed]
IPTables Rules | [Failed]

Select Menu Option:
[1] --> Unban
[2] --> Ban
[3] --> Banmalware
[4] --> Whitelist
[5] --> Import IP List
[6] --> Deport IP List
[7] --> Save
[8] --> Restart Skynet
[9] --> Temporarily Disable Skynet
[10] --> Update Skynet
[11] --> Settings
[12] --> Debug Options
[13] --> Stats
[14] --> Install Skynet
[15] --> Uninstall

[r] --> Reload Menu
[e] --> Exit Menu

 

[martinr]

Hi,

please help. Cannot install (or even reinstall after uninstall...) Skynet on my router, USB swap disk is formatted on EXT3, installation goes without problems. When I run skynet I get:






Skynet Version; (10/01/2019) (f1b4a6b8bd6368c5c8a97ab28cfe8f59)
iptables v1.4.15 - (ppp0 @ 192.168.1.2)
ipset v6.32, protocol version: 6
FW Version; 384.7_0 (Oct 8 2018) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/SWAP/skynet (6.9G / 7.3G Space Available)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/SWAP/skynet

SWAP | [Failed]
Cron Jobs | [Failed]
IPSets | [Failed]
IPTables Rules | [Failed]

Select Menu Option:
[1] --> Unban
[2] --> Ban
[3] --> Banmalware
[4] --> Whitelist
[5] --> Import IP List
[6] --> Deport IP List
[7] --> Save
[8] --> Restart Skynet
[9] --> Temporarily Disable Skynet
[10] --> Update Skynet
[11] --> Settings
[12] --> Debug Options
[13] --> Stats
[14] --> Install Skynet
[15] --> Uninstall

[r] --> Reload Menu
[e] --> Exit Menu

How are you attempting to install Skynet? Through AMTM? Have you tried running the code listed at:

https://www.snbforums.com/threads/skynet-asus-firewall-addition.16798/

“in your favourite SSH terminal”?

 

[sl4fko]

Thank you very much, installing AMTM and through it Skynet and Diversion did the trick!

 

[martinr]

Thank you very much, installing AMTM and through it Skynet and Diversion did the trick!

Great. Thanks for the feedback. And welcome to our forum.

 

[Rob Q]

Halp - BestApp.exe or BestWebsite.com Is Being Blocked;

Don't worry, tracking down false positive bans was at the core of design. Generally speaking you can follow these steps to find (and whitelist) anything incorrectly on your Blacklist!

1.) Enable Debug Mode

sh /jffs/scripts/firewall settings debugmode enable

2.) Open the blocked application/website and use the command;

sh /jffs/scripts/firewall debug watch

Now look for a flood of [BLOCKED - OUTBOUND] coming from the same IP. This most likely will be the IP you are looking for if its being spammed in large numbers.

3.) Copy the IP following "DST=" it should look something like this;

DST=175.115.37.52

4.) Double check the IP is not actually something that should be banned, use a search tool like alienvault. If its related to a domain additional "Associated Domain" information should be printed beneath the log.

https://otx.alienvault.com/indicator/ip/175.115.37.52/

5.) Great we have confirmed we found the IP of the blocked website/application we are looking for, lets whitelist it!

sh /jffs/scripts/firewall whitelist ip 175.115.37.52

The output of the watch command keeps showing SRC=xxxxxxxx DST=(My modem's IP address), so I would have to white list my modem's IP address?

 

[dave14305]

The output of the watch command keeps showing SRC=xxxxxxxx DST=(My modem's IP address), so I would have to white list my modem's IP address?

If those are BLOCKED INBOUND connections then no action is required. That is Skynet keeping bad stuff from entering your network.

 

[Krvicch]

Been using Skynet, Diversion and DNSCrypt on my RT-AC86U for over a year without issue. Tonight, I updated Skynet to v6.6.6 and have had nothing but issues. Immediately after updating, I lost all Internet connectivity. Tried to load Skynet via SSH. It begins to load and then freezes. I have tried unistalling Skynet and reinstalling. Same result each time- loss of Internet connectivity. At this point I have had to uninstall Skynet to regain Internet connectivity. Ideas?

 

[Rob Q]

I've just updated to v 6.6.6 through amtm and it's working so far.

 

[Adamm]

Been using Skynet, Diversion and DNSCrypt on my RT-AC86U for over a year without issue. Tonight, I updated Skynet to v6.6.6 and have had nothing but issues. Immediately after updating, I lost all Internet connectivity. Tried to load Skynet via SSH. It begins to load and then freezes. I have tried unistalling Skynet and reinstalling. Same result each time- loss of Internet connectivity. At this point I have had to uninstall Skynet to regain Internet connectivity. Ideas?

Sounds like a DNSCrypt issue to me. The change in Skynet is minimal and has nothing todo with internet activity. Maybe a dnscrypt server is being blocked?

 

[2992]

Sounds like a DNSCrypt issue to me. The change in Skynet is minimal and has nothing todo with internet activity. Maybe a dnscrypt server is being blocked?

yes, it's the DNSCrypt. I have the same issue. I cannot remove, neither re-install DNSCrypt. Any idea how to remove it and reinstall it? Or reconfigure it?... Trying from AMTM doesn't work either: the AMTM does nothing when selecting DNSCrypt option. It shows DNSCrypt as being installed, but it doesn't open it when selecting it. I have no connectivity to internet on the router because of that DNSCrypt - so I cannot run
"curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/master/installer && sh installer ; rm installer"
command for to manually remove/reinstall it.

 

[martinr]

yes, it's the DNSCrypt. I have the same issue. I cannot remove, neither re-install DNSCrypt. Any idea how to remove it and reinstall it? Or reconfigure it?... Trying from AMTM doesn't work either: the AMTM does nothing when selecting DNSCrypt option. It shows DNSCrypt as being installed, but it doesn't open it when selecting it. I have no connectivity to internet on the router because of that DNSCrypt - so I cannot run
"curl -L -s -k -O https://raw.githubusercontent.com/thuantran/dnscrypt-asuswrt-installer/master/installer && sh installer ; rm installer"
command for to manually remove/reinstall it.

Sounds very much like what hit me out of the blue a few months back. I think I ended up doing a factory reset but there may well be a simpler, quicker way.

Needless to say, I did not reinstall DNSCrypt.

Not sure if I regained temporary Internet connectivity (long enough to release my Asus DDNS) by rebooting after leaving the router off for eg 30 secs, and that allowed me to swap over to my spare router. But I guess you tried such power-off reboots.

 

[2992]

Sounds very much like what hit me out of the blue a few months back. I think I ended up doing a factory reset but there may well be a simpler, quicker way.

Needless to say, I did not reinstall DNSCrypt.

Not sure if I regained temporary Internet connectivity (long enough to release my Asus DDNS) by rebooting after leaving the router off for eg 30 secs, and that allowed me to swap over to my spare router. But I guess you tried such power-off reboots.

I am not planning to factory reset it. Too much to reconfigure it back. I only need to find a way to reset/remove/reinstall that DNSCrypt, as I need/want to keep using it... but I have no idea now how can I do that.