johnathonm
Regular Contributor
Yes, AiProtect kicks in before IPTables gets a chance.
Client? No. As per the nature of VPN clients we only make a direct connection with the VPN host.
These will be updated every time banmalware is run, or Skynet is restarted. You can view the list of banned IPs via this method using;
Code:admin@RT-AC86U-2EE8:/tmp/home/root# ipset -L Skynet-Blacklist | grep AiProtect 178.128.189.64 comment "BanAiProtect" 185.12.179.76 comment "BanAiProtect" 185.244.25.208 comment "BanAiProtect" 207.154.228.42 comment "BanAiProtect" 178.128.196.251 comment "BanAiProtect" 206.189.75.8 comment "BanAiProtect" 206.81.6.196 comment "BanAiProtect" 217.61.96.203 comment "BanAiProtect" 185.246.153.115 comment "BanAiProtect" 94.177.245.187 comment "BanAiProtect" 174.138.58.18 comment "BanAiProtect" 138.68.46.67 comment "BanAiProtect" 206.189.29.19 comment "BanAiProtect" 174.138.3.128 comment "BanAiProtect" 206.189.19.46 comment "BanAiProtect" 178.128.176.221 comment "BanAiProtect"
Well that explains why your DNS servers aren't automatically whitelisted. If you manually specify something you would need to do the same in Skynet.
I did.