I got it working by doing a reinstall. Now the malware and country lists are loaded as expected.
Thanks.
Skynet Skynet - Router Firewall & Security Enhancements
I got it working by doing a reinstall. Now the malware and country lists are loaded as expected.
Thanks.
On the external device topic - if and as applicable - I would consider Raspberry Pi. Right, no USB 3.0 (4 USB 2.0 ports) on-board, but still an amazingly affordable native Linux option. I use many of those for VoIP applications for several years now and they're very reliable and easy to maintain (Linux, after all.)
consorts
Senior Member
rt-3100 merlin 384.7 diversion 4.03
the cpu was running under 5%
installed skynet with 1gb swap file
the cpu is now running at 50% avg
even in the middle of the night with
nobody active. did i install it wrong?
i fresh rebooted the router and same %
also the cpu temp is running hotter.
update: i went into putty to check
diversion, and saw the skynet hosts merge dialog,
once i let that run, the cpu calmed down after a
fresh reboot.
so i guess my remaining questions are;
if i find skynet interferes too much with my
normal online activity, how do i remove it?
is it bound too much to diversion,
so i'll have to uninstall both and then
reinstall diversion alone?
the reason i ask is because diversion's
"medium" file caused me too much trouble
so i have to downgrade to "small" hosts file.
also, i see a lot of discussion about adding
a range of whitelists, presumably these are
known retail referral hosts that if blocked
may interfere too much with browsing.
so where can i find these popular whitelist domain ranges?
i see people on this thread discussing them, but no actual
faq or reference to their common "approved" source.
also, once diversion+skynet is running correctly,
do i still need to keep aiprotection running from asus?
or like merlin compliments asus stock,
so does skynet compliments aiprotection.
when you answer, please know i have zero linux experience,
i just know how to use tools such as WinSCP and PuTTY.
the cpu was running under 5%
installed skynet with 1gb swap file
the cpu is now running at 50% avg
even in the middle of the night with
nobody active. did i install it wrong?
i fresh rebooted the router and same %
also the cpu temp is running hotter.
update: i went into putty to check
diversion, and saw the skynet hosts merge dialog,
once i let that run, the cpu calmed down after a
fresh reboot.
so i guess my remaining questions are;
if i find skynet interferes too much with my
normal online activity, how do i remove it?
is it bound too much to diversion,
so i'll have to uninstall both and then
reinstall diversion alone?
the reason i ask is because diversion's
"medium" file caused me too much trouble
so i have to downgrade to "small" hosts file.
also, i see a lot of discussion about adding
a range of whitelists, presumably these are
known retail referral hosts that if blocked
may interfere too much with browsing.
so where can i find these popular whitelist domain ranges?
i see people on this thread discussing them, but no actual
faq or reference to their common "approved" source.
also, once diversion+skynet is running correctly,
do i still need to keep aiprotection running from asus?
or like merlin compliments asus stock,
so does skynet compliments aiprotection.
when you answer, please know i have zero linux experience,
i just know how to use tools such as WinSCP and PuTTY.
Last edited:
M
M@rco
Guest
Open an ssh session and use top (or htop - which you can install from entware) to see what's causing this high cpu load).
Adamm
Part of the Furniture
Skynets functions last at most 20-40 seconds depending on your device model, beyond that it has an almost unmeasureable effect on CPU operations.
It can be uninstall via the uninstall command or from the menu .
Both scripts are independant of eachother, but for the benefit of our collective userbase we intergrade various features to inhance functionality.
Skynet by default whitelists required addresses for system services to prevent locking yourself out or any other connectivity issues. It also whitelists domains using a format created for intergration between scripts located in the files "/jffs/shared-*-Whitelist". Common CDN providors are also whitelisted by default to help with any false positives.
The latter, Skynet was designed to compliment the built in protection mechanisisms provided by the firmware. We actually tap into AiProtect and make it even better.
Blacklistedcard
Senior Member
Getting this now?
Oct 24 12:28:31 Skynet: [%] Startup Initiated... ( skynetloc=/tmp/mnt/sda/skynet )
Oct 24 12:28:51 Skynet: [#] 178 IPs (+0) -- 0 Ranges Banned (+0) || 0 Inbound -- 0 Outbound Connections Blocked! [start] [20s]
Oct 24 12:28:31 Skynet: [%] Startup Initiated... ( skynetloc=/tmp/mnt/sda/skynet )
Oct 24 12:28:51 Skynet: [#] 178 IPs (+0) -- 0 Ranges Banned (+0) || 0 Inbound -- 0 Outbound Connections Blocked! [start] [20s]
Blacklistedcard
Senior Member
Had to re-download the ban list again manually.
Can I update banmalware not only daily but, let's say every 6-12h?
I always lose IPs during nighly update and have to manually update banmalware to get the numbers back up.
I always lose IPs during nighly update and have to manually update banmalware to get the numbers back up.
Code:
Oct 25 02:00:08 Skynet: [#] 129685 IPs (+0) -- 4880 Ranges Banned (+0) || 4923 Inbound -- 103 Outbound Connections Blocked! [save] [8s]
Oct 25 02:26:20 Skynet: [#] 128794 IPs (-891) -- 4702 Ranges Banned (-178) || 4965 Inbound -- 103 Outbound Connections Blocked! [banmalware] [80s]
Oct 25 03:00:08 Skynet: [#] 128794 IPs (+0) -- 4702 Ranges Banned (+0) || 5023 Inbound -- 103 Outbound
.........
Oct 25 10:26:20 Skynet: [#] 130552 IPs (+1758) -- 4702 Ranges Banned (+0) || 5846 Inbound -- 103 Outbound Connections Blocked! [banmalware] [42s]Adamm
Part of the Furniture
The sourced lists are dynamic and constantly being modified, its not unusual for list numbers to fluctuate.
Skeptical.me
Very Senior Member
That’s a funny looking Skynet. Please try with Skynet, that way I know exactly what’s going on based on the output.
I'll get back to you soon. My iMac got destroyed by a power surge during a thunderstorm. Luckily we have content insurance. i'm
Sent from my iPad using Tapatalk Pro
Skeptical.me
Very Senior Member
Hey, I got those exact url's being blocked in skynet on my 86u
Sent from my iPad using Tapatalk Pro
Adamm
Part of the Furniture
I pushed v6.5.3
Added passed test amount to "debug info"
Print config with new command "debug info extended"
wm has been appropriately renamed fs (fast-switch) and rebranded accordingly
Banmalware lists are checked for content before procreeding (this should eliminiate ban lists dropping to 0 due to connectivitity issues)
Is_IPRange() for internal use
Added passed test amount to "debug info"
Print config with new command "debug info extended"
wm has been appropriately renamed fs (fast-switch) and rebranded accordingly
Banmalware lists are checked for content before procreeding (this should eliminiate ban lists dropping to 0 due to connectivitity issues)
Is_IPRange() for internal use
Zastoff
Very Senior Member
Getting alot of after update to v6.5.3
like every 10-15sec (Dont use 1.1.1.1 as DNS)
Code:
Oct 27 19:07:59 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=213.112.x.x DST=1.1.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=27230 SEQ=0
Code:
Oct 27 19:13:35 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=213.112.x.x DST=1.1.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=40544 SEQ=0
Oct 27 19:13:45 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=213.112.x.x DST=1.1.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=44384 SEQ=0
Oct 27 19:13:55 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=213.112.x.x DST=1.1.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=53088 SEQ=0
Oct 27 19:14:05 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=213.112.x.x DST=1.1.1.1 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=62304 SEQ=0
Last edited:
Adamm
Part of the Furniture
Why have you got cloudflare dns blocked?
Zastoff
Very Senior Member
I have not added cloudflare to any list..
Happend after update
And i Dont use 1.1.1.1 for any devices or router
Adamm
Part of the Furniture
visortgw
Very Senior Member
I had the same block occur after updating. I resolved by white listing 1.1.1.1 and 1.0.0.1.
I just wanted to share my custom filter list:
I added
https://hosts.ubuntu101.co.za/ips.list from https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist, now skynet says it reached it's limit with 500.000 blocked ips. :-D
@Adamm Can you cancel the limit? And why are the ranges gone?
I think this is a sophisticated list and should be added?
Code:
https://pastebin.com/raw/iFqeTvkFhttps://hosts.ubuntu101.co.za/ips.list from https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist, now skynet says it reached it's limit with 500.000 blocked ips. :-D
Code:
Oct 28 12:08:23 kernel: Set Skynet-Blacklist is full, maxelem 500000 reached
Oct 28 12:08:51 Skynet: [#] 500000 IPs (+369267) -- 0 Ranges Banned (-4708) || 1983 Inbound -- 12 Outbound Connections Blocked! [banmalware] [126s]@Adamm Can you cancel the limit? And why are the ranges gone?
I think this is a sophisticated list and should be added?
Last edited:
DonnyJohnny
Very Senior Member
That’s crazy. By right, firehol lvl 1-3 is more than enough and unauthorised entry would have been blocked by router own firewall.
Having so much IPs will put your router to more stress as all the traffic need to go thru the Long list of IPs and you may also have a lot of false positives and surfing experience will suffer from lag or false positives.
Similar threads
Similar threads
Similar threads
-
-
Skynet Skynet showing router itself making calls to China?
- Started by Skywise
- Replies: 26
-
Skynet Skynet - Blocked outbounds coming from the router itself?
- Started by JuanGF
- Replies: 12
-
Skynet Installing Skynet causes router to crash and reboot
- Started by ovancantfort
- Replies: 26
-
Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important?
- Started by lenovomen
- Replies: 2
-
Skynet Message on SKYNET I havent seen before- Started by Davidncali001
- Replies: 1
-
-
-
Skynet SkyNet/Firewall blocking all ping requests, including outbound
- Started by nearlyheadlessarvie
- Replies: 6
-
Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14
- Started by WRobertE
- Replies: 10