What's new

Skynet Show Country Names instead of Codes?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Country blocks will shave off a nice slice of that risk pie, but isn't a cure-all. My hope is that if we do get hit with some kind of malware, or some sneaky app or roomba vaccuum appliance is trying to exfiltrate our data, that this method will stop it in its tracks. It may work for some attacks, but not for others. That's all.
and this.
 
I banned all those countries and it stopped my VPN client from working properly, ExpressVPN. I was connected to an Australian server but when I did a test on ipleak.net it showed my ISP IP address. So I got rid of all those countries and just like that, it worked again. I could be wrong but it certainly appears to have been the blocked countries causing it. I won't block any for now.
When you apply major skynet firewall changes like this, sometimes you need to re-establish your VPN connection afterwards for it to apply everything correctly. I'd give it another shot, but remember to reset that VPN.
 
Here’s my list of blocked countries, all considered high risk according to some stuff I read:

Code:
sh /jffs/scripts/firewall ban country "ru cn kp ir sa pk ae ng in af dz by bf bi cf td co cd cg cu eg sv er ht hn iq ke lb ly gn ml mr mx mm ne ph so ss sd th to ua ve ye zw br np ro”
 
Last edited:
I've got a couple of outdoor IP Cams that love calling home to China, why would I want that? So I block that country. They still function ok...



1673051958207.png
 
I want to do all I can to protect my family and myself from rogue states.

And they are rogue because your TV says so, I guess. They protect you well and you apply the protection on your family.

Have you not just applied your own censorship on this very forum for example, because you don't like someones viewpoint? Basically the same thing.

No, very different thing - for me only personally, not for all network users and not based on viewpoints. This is a tech forum.

@BrokenDad, :)
Block whatever you want, just don't share your viewpoints here. Not needed. This is what triggered this discussion.
 
Last edited:
Here’s my list of blocked countries, all considered high risk according to some stuff I read

According to some stuff you missed, there is no need to mask private IP addresses. The same addresses are used by hundreds of thousands other devices:


Not a good idea to copy someone else's settings without good understanding what are you doing and what's happening. I don't recommend Skynet at all to people who can't troubleshoot eventual self-created or community blocklists related issues. I'm sure you don't know the answer to the question do you need Skynet or not and you can't analyze the results you're getting in charts. Most of what you see Inbound is not blocked by Skynet.
 
According to some stuff you missed, there is no need to mask private IP addresses. The same addresses are used by hundreds of thousands other devices:


Not a good idea to copy someone else's settings without good understanding what are you doing and what's happening. I don't recommend Skynet at all to people who can't troubleshoot eventual self-created or community blocklists related issues. I'm sure you don't know the answer to the question do you need Skynet or not and you can't analyze the results you're getting in charts. Most of what you see Inbound is not blocked by Skynet.
cool
 
For whatever reason you guys are doing it it's like locking a gate with no fence.

1673062089110.png


Server in another country, IPv6, VPN, Proxy, Cellular Network, someone else's Wi-Fi. Your best chance on a local network is SSL Proxy with true IDS/IPS. Not where it is coming from, but what is coming. This approach comes with issues and better hardware is needed. You have to block QUIC as well to increase traffic identification and reduce eventual traffic fingerprinting. Block all known DoH servers as well for a chance of better DNS filtering. If you are really security concerned forget about "free" options. You are 24h behind for all dangerous attacks. Discussions in an open to Internet forum only make things easier for whoever wants to do harm. What hardware, what firmware, what version, what method and what is blocked. Anything else to share?
 
Last edited:
For whatever reason you guys are doing it it's like locking a gate with no fence.

Server in another country, IPv6, VPN, Proxy, Cellular Network, someone else's Wi-Fi. Your best chance on a local network is SSL Proxy with true IDS/IPS. Not where it is coming from, but what is coming. This approach comes with issues and better hardware is needed. You have to block QUIC as well to increase traffic identification and reduce eventual traffic fingerprinting. Block all known DoH servers as well for a chance of better DNS filtering.
That's sure a lot trouble if all you want to do is send/receive faxes! Sheesh! :p
 
For whatever reason you guys are doing it it's like locking a gate with no fence.

View attachment 46974

Server in another country, IPv6, VPN, Proxy, Cellular Network, someone else's Wi-Fi. Your best chance on a local network is SSL Proxy with true IDS/IPS. Not where it is coming from, but what is coming. This approach comes with issues and better hardware is needed. You have to block QUIC as well to increase traffic identification and reduce eventual traffic fingerprinting. Block all known DoH servers as well for a chance of better DNS filtering.
Yes, network “monitoring” has changed a lot since the days of https://www.ipcop.org/ :)
 
That's sure a lot trouble if all you want to do is send/receive faxes!

Exactly. Or watch YouTube. What's the point creating an entire strategy that has zero effect after one tap on the screen?

1673064703194.png


Works on business network with all wired clients, but not home Wi-Fi mostly used for saving our data on mobile plans.
 
I have question on country ban. I have been using Skynet for some time but this is my first time use this feature. For start, I banned four countries "bg ru sc ua".

I noticed this IP is blocked and the country is Singapore.
1673077058166.png


When I check in https://www.whatismyip.com/156.225.96.79/ , this ip location is indeed in Singapore.

However, according to https://ipinfo.io/AS35916/156.225.96.0/19-156.225.96.0/25
the subnet 156.225.96.0/25 belongs to a corporation assigned by AFRINIC. So probably it is right, Singapore IP should be assigned by APNIC.

I edit the country ban and zoom in to only one country. When I check Skynet BlockedRanges, It appears the banned IP 156.225.96.79 falls into the IP range 156.224.0.0/11 in my banned country sc. SC is the two-letter country abbreviation for Seychelles.
Code:
156.224.0.0/11 comment "Country: sc"

Then I check https://www.countryipblocks.net/acl.php, select the same country and try to create CIDR format. It does not show this subnet though. I am puzzled which should be correct. Nothing breaks though, just an observation from the blocked list.
 
And they are rogue because your TV says so
They are rogue, because of how they behave and are known to be rogue by the majority of respected media.

Block whatever you want, just don't share your viewpoints here. Not needed. This is what triggered this discussion.
I will share whatever I think is relevant to the discussion, there was no viewpoint, just sharing how I set up skynet. Afterall the thread is entitled "country codes for skynet" there is a clue there to what people want to discuss.

It has already been noted that it is not a catch all measure, we know that, it's just one part of protection, like dns, like av, like windoze fw, like mwb, like trendnet, etc etc

It was your distortion; implication that anyone who blocks a country is doing it out of reasons of xenophobia rather than pragmatic security mitigation that triggered this.
 
They are rogue, because of how they behave and are known to be rogue by the majority of respected media.


I will share whatever I think is relevant to the discussion, there was no viewpoint, just sharing how I set up skynet. Afterall the thread is entitled "country codes for skynet" there is a clue there to what people want to discuss.

It has already been noted that it is not a catch all measure, we know that, it's just one part of protection, like dns, like av, like windoze fw, like mwb, like trendnet, etc etc

It was your distortion; implication that anyone who blocks a country is doing it out of reasons of xenophobia rather than pragmatic security mitigation that triggered this.
The way I see it-block all you want. In general the need to allowlist increases the greater the ranges blocked. Blocking countries and asn may require you to be more ready to allowlist when something breaks then if you are blocking a simple subnet or single ip address.
 
The way I see it-block all you want. In general the need to allowlist increases the greater the ranges blocked. Blocking countries and asn may require you to be more ready to allowlist when something breaks then if you are blocking a simple subnet or single ip address.
Just added some more tr tm it af al dz sv il na sd ae zw sd kw qa tj bt cu ke mw mx ni ne ps rw so, kept separate from mainlist just to make sure nothing breaks.
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top