skeal
Part of the Furniture
No worries I got it! Thank you sir! My ssh has obscure port and key protection with anti-hammer enabled no port forwarding. My https is pretty tough too.Do I set interface to something Adamm?
No worries I got it! Thank you sir! My ssh has obscure port and key protection with anti-hammer enabled no port forwarding. My https is pretty tough too.Do I set interface to something Adamm?
Someone pls hack this guy...No worries I got it! Thank you sir! My ssh has obscure port and key protection with anti-hammer enabled no port forwarding. My https is pretty tough too.
Help for a newbie, i'm trying to find by iptables -vvL the rules added from Skynet but in all 4 tables, I find only src and dst as 0.0.0.0/0.0.0.0
Where am I wrong?
AC88U with Merlin 382.1_2 and latest Skynet with that output
Skynet: [Complete] 128607 IPs / 1873 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 8 Inbound / 0 Outbound Connections Blocked! [2s]
Thanks
iptables -t raw -vnL
The -vv flag also seems unnecessarily complex to read. Using just vL or L is sufficient
Now I understand that the output of the iptables in the last column (Destination) is very long and contains the "match" to the ipsets defined.
! match-set Whitelist dst match-set Skynet dst LOG flags 7 level 4 prefix "[BLOCKED - OUTBOUND] "
Just a quick question, if I have to insert some rules that drop anything coming from/to an internal host (logging dropped packets) and allowing a very strict set of addresses/ports (like dns,smtp to certain destinations), what is the best table/chain to add them? In the filter table in the INPUT chain?
Will you eventually add IPv6 to skynet?
iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 123 -j LOG --log-prefix "Ball_CAM_NTP_Permit"
iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 123 -j ACCEPT
iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 53 -j LOG --log-prefix "Ball_CAM_DNS_Permit"
iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 53 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.2.97 --destination-port 587 -j LOG --log-prefix "Ball_CAM_SMTP_Permit"
iptables -A INPUT -p tcp -s 192.168.2.97 --destination-port 587 -j ACCEPT
iptables -A INPUT -s 192.168.2.97 -j LOG --log-prefix "Ball_CAM_Drop"
iptables -A INPUT -s 192.168.2.97 -j DROP
I tried to setup this rules to drop any packet from a Cinese webcam I own, except ntp, smtp and dns.
I wrote those rules:
Code:iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 123 -j LOG --log-prefix "Ball_CAM_NTP_Permit" iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 123 -j ACCEPT iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 53 -j LOG --log-prefix "Ball_CAM_DNS_Permit" iptables -A INPUT -p udp -s 192.168.2.97 --destination-port 53 -j ACCEPT iptables -A INPUT -p tcp -s 192.168.2.97 --destination-port 587 -j LOG --log-prefix "Ball_CAM_SMTP_Permit" iptables -A INPUT -p tcp -s 192.168.2.97 --destination-port 587 -j ACCEPT iptables -A INPUT -s 192.168.2.97 -j LOG --log-prefix "Ball_CAM_Drop" iptables -A INPUT -s 192.168.2.97 -j DROP
The rules are correctly listed by iptables -vnL, but I did some tests but I don't see anything coming into the /tmp/syslog.log
Where is(are) my error(s)?
Thanks
If the destination address after NAT is not the router address it is processed in the FORWARD chain.
Otherwise it would be processed in the INPUT chain.
I just wonder why there are so many blocked inbound connections? At first I was a bid scared seeing it increase so fast, but after seeing other users output and screenshots displaying the same results I guess this is normal? Are these bots scanning the internet on open ports or someting?
I have skynet installed vanilla and wanted to change it to debug mode to look for myself. Do I need to go through all steps again to reinstall it to change it? I was a bit confused since it asks where to install it again while skynet is already installed and I don't want to break anything.
Skynet: [ERROR] IPSet Version Not Supported
/tmp/home/root# ipset -V
ipset v4.5, protocol version 4.
Kernel module protocol version 4
This is from page 1I tried to install script on AC66U but getting below mentioned error, router is having IPSet V4.
Please can you help me this issue. TIA!
Code:Skynet: [ERROR] IPSet Version Not Supported
Code:/tmp/home/root# ipset -V ipset v4.5, protocol version 4. Kernel module protocol version 4
Currently this script is only supported for Asus Routers with IPSet v6 (AC56U and later)
I tried to install script on AC66U but getting below mentioned error, router is having IPSet V4.
Please can you help me this issue. TIA!
Thats just the nature of the modern internet, bots constantly probing for other vulnerable devices to infect. 30k+ probes every week or two is definitely not out of the ordinary.
Just run the install command again, it will save all your current data and just change the boot args.
Ok, thank you for pointing that out. Just for the info. What exactly does the autoban feature do? I use the ban malware lists but thats different from the autoban feature right?
While IPv6 support is definitely possible and I've considered it in the past, I'm not sure if it would be as effective as its IPv4 counterpart.
One of the huge factors being that IPv4 addresses are limited and currently almost exhausted, where as there are 340 undecillion possible IPv6 addresses. So you can imagine that any malicious addresses would be able to change IP quite easily if they became blacklisted somewhere effectively defeating the purpose. There's also the fact IPv6 still has a very low adoption rate with ISP's and websites, I personally wouldn't even be able to test it myself due to this reason.
Thank you for the detailed response good to know.
My ISP happens to be one that has been using IPv6 for about 2 years now.
Am I able to install Skynet while keeping IPv6 on?
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!