Adamm what this banmalware do ? I forgot ask.
Adamm what this banmalware do ? I forgot ask.
You would need to run Paladins while in Skynet debug mode and see for yourself what are the ip that was blocked and u may want to verify the blocked ip via AlienVault. After that, whitelist if needed.Adamm I have run the banmwalware and still Paladins can't log in to serwers. When I disable Skynet than Paladins works and login to serwers without problems. Any other advice, please .
grep: /jffs/scripts/firewall-start: No such file or directory
grep: /jffs/scripts/firewall-start: No such file or directory
grep: /jffs/scripts/firewall-start: No such file or directory
Installing Skynet v6.0.4
Looking For Available Partitions...
[1] --> /tmp/mnt/ABSolution - (/dev/sda1)
[2] --> /tmp/mnt/ENTWARE - (/dev/sda2)
Please Enter Partition Number Or e To Exit
[0-2]:
Code:grep: /jffs/scripts/firewall-start: No such file or directory grep: /jffs/scripts/firewall-start: No such file or directory grep: /jffs/scripts/firewall-start: No such file or directory Installing Skynet v6.0.4 Looking For Available Partitions... [1] --> /tmp/mnt/ABSolution - (/dev/sda1) [2] --> /tmp/mnt/ENTWARE - (/dev/sda2) Please Enter Partition Number Or e To Exit [0-2]:
Novice here...received above error upon trying to install Skynet. Don't see any docs to get me past this issue.
thanks
Having a bizarre problem that I can't track down.
The problem is 100% reproducible, but only when Skynet is running. Disable Skynet (via menu option "Temporarily Disable Skynet") and the problem disappears. Restart Skynet and the problem comes back.
Following the log (menu 11, 2, 1) shows nothing being blocked when the problem occurs. So it seems nothing is being blocked, BUT the problem doesn't occur when Skynet is disabled. ??? Looking at stats ("Firewall Stats"), there are no devices listed under "Top 10 Blocked Devices (Outbound)".
The problem is with an Amazon Echo device playing the news briefing. The briefing begins normally, then stops after about 5 seconds. Try again, same thing -- stops after about 5 seconds. Disable Skynet, it works fine. Restart Skynet, start the briefing and it quits after 5 seconds.
Is there anything else Skynet is doing with iptables that might explain this? It looks to me like the iptables rules log everything that is blocked, yet I'm seeing nothing logged when the problem is reproduced.
What else can I do to track this down?
EDIT: I tried repeatedly running ' netstat-nat -r state -x -s "device_name" ' and each time the failure occurs I see a connection to one of various Amazon servers in SYN_SENT state. Not sure if that is meaningful or not, but makes it look like the connection request is not getting out (or acknowledgement isn't coming back). Again, this only happens when Skynet is active.
Thanks, Adamm. I've used the guide before to successfully find/fix blocks, so I understand the process. It just isn't reporting anything as blocked when this happens.The only thing I can suggest is to follow this guide. Skynet when in debug mode will always print when a connection is blocked, there is never an exception to this rule. So if it is Skynet blocking something, it will be logged.
Do anThe problem still occurs when Skynet is active, even with 0 blocks defined. After using "9-Temporarily Disable", the problem disappears. It comes back as soon as Skynet is restarted. No debug output at all when the problem occurs.
@Adamm is there a special table he should look at?
admin@RT-AC86U-2EE8:/tmp/home/root# iptables --line -t raw -vnL
Chain PREROUTING (policy ACCEPT 1033K packets, 349M bytes)
num pkts bytes target prot opt in out source destination
1 245 16499 LOG all -- br0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist dst match-set Skynet-Master dst LOG flags 7 level 4 prefix "[BLOCKED - OUTBOUND] "
2 245 16499 DROP all -- br0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist dst match-set Skynet-Master dst
3 1685 79859 LOG all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist src match-set Skynet-Master src LOG flags 7 level 4 prefix "[BLOCKED - INBOUND] "
4 1685 79859 DROP all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist src match-set Skynet-Master src
Router Model; RT-AC88U
Skynet Version; v6.0.4 (23/03/2018)
iptables v1.4.14 - (eth0 @ 192.168.1.1)
ipset v6.32, protocol version: 6
FW Version; 380.69_0 (Dec 11 2017) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/ASUS/skynet (13.3G / 14.4G Space Available)
SWAP File; /tmp/mnt/ASUS/myswap.swp (256.3M)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/ASUS/skynet
0 IPs / 0 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 0 Inbound / 0 Outbound Connections Blocked!
Chain logdrop (8 references)
pkts bytes target prot opt in out source destination
33 5640 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 match-set Skynet-Whitelist src
3 124 DROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 multiport sports 80,443,143,993,110,995,25,465 state INVALID
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 3
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x19
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x11
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x04
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x3F/0x14
3 124 all -- eth0 * 0.0.0.0/0 0.0.0.0/0 recent: SET name: TRACKINVALID side: source
0 0 LOG all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state INVALID recent: UPDATE seconds: 300 hit_count: 2 name: TRACKINVALID side: source LOG flags 7 level 4 prefix "[BLOCKED - NEW BAN] "
0 0 SET all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state INVALID recent: UPDATE seconds: 300 hit_count: 2 name: TRACKINVALID side: source add-set Skynet-Master src
3 124 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
admin@ASUS88U:/tmp/mnt/ASUS# iptables --line -t raw -vnL
Chain PREROUTING (policy ACCEPT 64696 packets, 80M bytes)
num pkts bytes target prot opt in out source destination
1 0 0 LOG all -- br0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist dst match-set Skynet-Master dst LOG flags 7 level 4 prefix "[BLOCKED - OUTBOUND] "
2 0 0 DROP all -- br0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist dst match-set Skynet-Master dst
3 0 0 LOG all -- eth0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist src match-set Skynet-Master src LOG flags 7 level 4 prefix "[BLOCKED - INBOUND] "
4 0 0 DROP all -- eth0 * 0.0.0.0/0 0.0.0.0/0 ! match-set Skynet-Whitelist src match-set Skynet-Master src
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!