What's new

Skynet Show Country Names instead of Codes?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

NEVER, EVER !

---

The thing with Skynet is building up a nice whitelist overtime. Here is mine, you can see I have whitelisted ip's that have had false positives in the past, plus some of the dns ones I added to prevent future false positives.

Whitelist
9.9.9.9 comment "ManualWlist: quad 9 dns"
1.1.1.1 comment "ManualWlist: cloudflare dns"
23.227.38.74 comment "ManualWlist: govee website (shopify)"
8.8.4.4 comment "ManualWlist: google dns"
37.244.54.10 comment "ManualWlist: roblox"
23.227.38.74 comment "ManualWlist: govee (shopify)"
128.116.119.3 comment "ManualWlist: battlenet2"
37.244.28.102 comment "ManualWlist: battlenet1"
91.199.81.1/24 comment "ManualWlist: phasmophobia"
http://mirror.ossplanet.net (rpi/linux update)
https://www.animal.co.uk/ (clothing website)
http://mirror.ossplanet.net (rpi)


Blacklist

Country blocks
cn br ir ua ar iq tw th lv ru ro cl sa pk sg bg in by er sy kp pk iq dz ao am bd bo bi cf cg cu sv gq kz kg la mg ml mn mz


Starting off with 8.8.8.8,8.8.4.4,1.1.1.1,9.9.9.9 is a good thing to stop the chance of total disaster.
You block ALL of those countries? Does that ever cause issues?
 
You block ALL of those countries? Does that ever cause issues?
I've been blocking these for years with zero ill effects...

Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir iq sa ae pk af az ba bg hr cu cz eg ee ge va hu id in il kz kw kg lv md om qa ro rs sk si sy tr ua uz"
 
You block ALL of those countries? Does that ever cause issues?
Almost never, the occasional website that I actually want to see get's blocked, but I just whitelist it, or find another website with the same info. It is very very rare though.
 
NEVER, EVER !

---

The thing with Skynet is building up a nice whitelist overtime. Here is mine, you can see I have whitelisted ip's that have had false positives in the past, plus some of the dns ones I added to prevent future false positives.

Whitelist
9.9.9.9 comment "ManualWlist: quad 9 dns"
1.1.1.1 comment "ManualWlist: cloudflare dns"
23.227.38.74 comment "ManualWlist: govee website (shopify)"
8.8.4.4 comment "ManualWlist: google dns"
37.244.54.10 comment "ManualWlist: roblox"
23.227.38.74 comment "ManualWlist: govee (shopify)"
128.116.119.3 comment "ManualWlist: battlenet2"
37.244.28.102 comment "ManualWlist: battlenet1"
91.199.81.1/24 comment "ManualWlist: phasmophobia"
http://mirror.ossplanet.net (rpi/linux update)
https://www.animal.co.uk/ (clothing website)
http://mirror.ossplanet.net (rpi)


Blacklist

Country blocks
cn br ir ua ar iq tw th lv ru ro cl sa pk sg bg in by er sy kp pk iq dz ao am bd bo bi cf cg cu sv gq kz kg la mg ml mn mz


Starting off with 8.8.8.8,8.8.4.4,1.1.1.1,9.9.9.9 is a good thing to stop the chance of total disaster.
Why do you block so many countries?
 
Why do you block so many countries?
You have to ask yourself... is there any good or valid reason for any of your devices on your home network to be directly transmitting data to servers (or individuals) in North Korea? Russia? China? Iran? Iraq? The list just goes on... You would be surprised by the number of outbound blocks coming from my kids cellphones trying to reach services in banned countries, and wish I had time to dive further into which apps/services are making these calls. But who wants to uninstall TikTok, right?? :p
 
Why do you block so many countries?
Mainly what @Viktor Jaep just said, that and I have zero reason to connect to any of those countries and they (should) have zero reason to connect to me. It makes pretty much no difference to our internet experience, everything we need connects and works fine, while mitigating potential suspicious activity from the blacklisted countries.
 
So, you guys have decided to apply your own political, religious and even racial believes on your family members because some governments apply their own political, religious and racial believes on their citizens? This is an interesting strategy. If your decision is based on hackers per country, you have to follow a list like this one:


You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.

What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically. For sure, don't have any doubts. I was recently trying to help a guy from Pakistan. I've heard bad things about this country, honestly. Perhaps I had to tell him straight to f**k off? Do you run Asuswrt-Merlin and Entware? Who's Entware maintainer? You perhaps have to stop for consistency. When it's about benefits - yeah, keep updates and new packages coming! What's wrong with you?
 
Last edited:
You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.

What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically.

My thoughts exactly……
 
So, you guys have decided to apply your own political, religious and even racial believes on your family members because some governments apply their own political, religious and racial believes on their citizens? This is an interesting strategy. If your decision is based on hackers per country, you have to follow a list like this one:


You have blocked major Internet hubs and support centers for no good reason, hundreds of popular companies and services, and whoever wants to hack you has a very easy workaround using a proxy in another country you perceive as friendly. My opinion hasn't changed - you only limit yourselves.

What's wrong with people living in Iran and Iraq? If government officials or extremists want to launch a cyber attack they'll do it from a server in different country or from a different country physically. For sure, don't have any doubts. I was recently trying to help a guy from Pakistan. I've heard bad things about this country, honestly. Perhaps I had to tell him straight to f**k off? Do you run Asuswrt-Merlin and Entware? Who's Entware maintainer? You perhaps have to stop for consistency. When it's about benefits - yeah, keep updates and new packages coming! What's wrong with you?
Nothing against any of the citizens living in any of these countries... believe me. But I don't need to communicate with them... and they certainly don't need to be communicating with us on our own home network. If they desperately want to communicate, there's other ways.

But I do have something against nation-state hackers who might be using their own country's infrastructure for C&C purposes, but like you said they could very easily be launching attacks from our own soil. I'm sure it's pretty likely in this case.

I also have something against ransomware and crime gangs who also, though not as sophisticated as a nation-state, may also be utilizing their own "protected" infrastructure to launch or instigate attacks. Attackers like these may shield themselves behind the veil of their nation-state, making it practically impossible for the FBI/CIA or other such authority to press charges and go after the criminals.

Country blocks will shave off a nice slice of that risk pie, but isn't a cure-all. My hope is that if we do get hit with some kind of malware, or some sneaky app or roomba vaccuum appliance is trying to exfiltrate our data, that this method will stop it in its tracks. It may work for some attacks, but not for others. That's all.
 
Why did you decide Russia, Iran, Iraq and... the list just goes on including bunch of EU and other European countries, Israel, middle East, central Asia etc... have something against you when your own country is No.2 in the hackers list? Obviously that's not all - not only hacking possibility precautions, but something else involved as well. You have to take down some of your scripts because they use Russian software. You can't take something from those people and block them at the same time because they are presumably bad guys. Do you own any products Made in China with network connectivity?
 
The usual suspect is on the wrong track again.

The point is to minimize the attack surface, while still getting valuable benefits while online.

Nothing political here. No religion either. Or racial. Strawman arguments (again).

What the tool allows us to do is decide who we connect to (and are allowed to be connected from). To the best of our current ability.

Some just like to argue because they think they're good at it.

Done.
 
Why did you decide Russia, Iran, Iraq and... the list just goes on including bunch of EU and other European countries, Israel, middle East, central Asia etc... have something against you when your own country is No.2 in the hackers list? Obviously that's not all - not only hacking possibility precautions, but something else involved as well. You have to take down some of your scripts because they use Russian software. You can't take something from those people and block them at the same time because they are presumably bad guys. Do you own any products Made in China with network connectivity?
Russia is waging cyberwar on the Ukraine and other western nations that ally with them as we speak, if you haven't noticed. Russian nation-state hackers and mobsters tend not to attack their own. Eastern Bloc countries have a notorious problem for cyber crime rings. Israel is a haven for nation state hacking, not only against the US but other countries as well, such as Iran and Iraq. Each of these countries have sophisticated hackers as well that are targeting the western world. North Korea, surprisingly, being such a tiny hermit state, has shown some surprisingly damaging hacking capabilities.

I'm sure the US is #2 on the hackers list, however, if I apply a country block on the US, it effectively turns off my ability to use the websites and services within the country that I need to use for work, entertainment, etc... I'm certain foreign hackers are going to use the US as a launching pad for their attacks, but that's a risk I'll just need to live with.

You are making it sounds like the entire US is blocking these countries and "these people" from communicating with me... and creating such a hardship for everyone over there. Well, that's not the case. It's just me. My lowly little DHCP WAN address that changes on a periodic basis. They are welcome to email me. They are welcome to compile their Entware binaries and share them with the world. They are welcome to download my scripts to help secure their environments a little more. My surrounding neighbors have no problems letting potentially malicious Russian, Chinese or North Korean traffic flow across their home network. It's just not for me.
 
It's just me.

Viktor, we agree on many things, but I don't agree on censorship. You apply censorship on your family members. It's not just you on this network and it's not based on hacker activities only. You block access to countries you personally don't like for various reasons cutting off alternative information sources as well. This doesn't increase your security because of the way firewall works. You're not stopping anyone reaching you if they want to, but stopping your network users reaching big part of Internet. I don't block any countries and I never had any issues. How can you explain that? I also have family and kids. What you did is similar to extreme Parental Controls including on your wife. Your choice, but my reaction was a result of your rhetoric questions if we want to see data from specific servers. This forum is open to Internet and we have members from the countries you have listed. It's offensive to people who have no intentions to do any harm, but happens to live in those countries. You shared your list before and I said nothing. The explanation is the issue I see.

Anyway, we have to disagree on something. ;)

Well, that's not the case.

This is the case, most likely:

 
Last edited:
Funny how the person who is most proud of putting me on their ignore list is the one who is so against censorship. :rolleyes:

And also the same one who suggests others do the same too.

Nice double standards.
 
I've been blocking these for years with zero ill effects...

Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir iq sa ae pk af az ba bg hr cu cz eg ee ge va hu id in il kz kw kg lv md om qa ro rs sk si sy tr ua uz"
I banned all those countries and it stopped my VPN client from working properly, ExpressVPN. I was connected to an Australian server but when I did a test on ipleak.net it showed my ISP IP address. So I got rid of all those countries and just like that, it worked again. I could be wrong but it certainly appears to have been the blocked countries causing it. I won't block any for now.
 
You apply censorship on your family members
Just like you would on allowing minors to access inappropriate websites, or even blocking adverts over your network (what if someone WANTS to see that ad)

I want to do all I can to protect my family and myself from rogue states. Have you not just applied your own censorship on this very forum for example, because you don't like someones viewpoint? Basically the same thing.

cutting off alternative information sources as well
Like RT?

but stopping your network users reaching big part of Internet
That is a good thing. I will probably add more countries at some point.

You don't want to, that is also fine, (although I disagree with exposing ones family like that) and it's your choice; you've had no problems, that is great- until the day you do have a problem.

Please respect others choices, it is not black and white and does not mean we think every citizen shares the same values as their leaders or we think every citizen of that country is corrupt. It's about risk mangement and mitigation.
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top