Adamm
Part of the Furniture
I whitelisted these 4
Code:discordapp.com gateway.discord.gg status.discordapp.com sydney95.discord.gg
I'm assuming this fixed your issue?
I whitelisted these 4
Code:discordapp.com gateway.discord.gg status.discordapp.com sydney95.discord.gg
I'm assuming this fixed your issue?
It did but it seems that the gateway domain IP changes after restarting discord a few times it was blocked again.
Skynet: [IP Banning Started] ... ... ...
/jffs/scripts/firewall: line 685: can't open /jffs/scripts/ipset.txt: no such file
cat: can't open '/tmp/syslog.log-1': No such file or directory
Skynet: [Complete] 0 IPs / 0 Ranges banned. 0 New IPs / 0 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [1s]
I installed the script. Now comes the following output in syslog:
Help would be nice!Code:Skynet: [IP Banning Started] ... ... ... /jffs/scripts/firewall: line 685: can't open /jffs/scripts/ipset.txt: no such file cat: can't open '/tmp/syslog.log-1': No such file or directory Skynet: [Complete] 0 IPs / 0 Ranges banned. 0 New IPs / 0 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [1s]
May 17 22:35:47 rc_service: waitting "start_firewall" via ...
May 17 22:35:47 kernel: DROP IN=eth0 OUT= MAC=34:97:f6:23:dd:f0:00:14:f1:e5:8d:31:08:00 SRC=158.85.224.180 DST=XXX.XXX.XXX.XXX LEN=93 TOS=0x00 PREC=0x00 TTL=50 ID=1962 DF PROTO=TCP SPT=443 DPT=64181 SEQ=1670933539 ACK=1401438864 WINDOW=5 RES=0x00 ACK PSH URGP=0
May 17 22:35:47 custom script: Running /jffs/scripts/firewall-start (args: eth0)
May 17 22:35:48 iTunes: daemon is stopped
May 17 22:35:48 FTP Server: daemon is stopped
May 17 22:35:49 kernel: DROP IN=eth0 OUT= MAC=34:97:f6:23:dd:f0:00:14:f1:e5:8d:31:08:00 SRC=31.13.81.13 DST=XXX.XXX.XXX.XXX LEN=104 TOS=0x00 PREC=0x00 TTL=87 ID=8531 DF PROTO=TCP SPT=443 DPT=64213 SEQ=601451224 ACK=1332006562 WINDOW=144 RES=0x00 ACK URGP=0
May 17 22:35:49 kernel: scsi 1:0:0:0: CD-ROM HUAWEI Mass Storage 2.31 PQ: 0 ANSI: 2
May 17 22:35:49 kernel: scsi 2:0:0:0: Direct-Access HUAWEI TF CARD Storage 2.31 PQ: 0 ANSI: 2
May 17 22:35:49 kernel: scsi 1:0:0:0: Attached scsi generic sg0 type 5
May 17 22:35:49 kernel: sd 2:0:0:0: Attached scsi generic sg1 type 0
May 17 22:35:49 kernel: sd 2:0:0:0: [sda] Attached SCSI removable disk
May 17 22:35:51 kernel: DROP IN=eth0 OUT= MAC=34:97:f6:23:dd:f0:00:14:f1:e5:8d:31:08:00 SRC=162.125.18.133 DST=XXX.XXX.XXX.XXX LEN=104 TOS=0x00 PREC=0x00 TTL=50 ID=18086 DF PROTO=TCP SPT=443 DPT=63932 SEQ=373692672 ACK=4119266003 WINDOW=125 RES=0x00 ACK URGP=0
May 17 22:35:51 Samba Server: smb daemon is stopped
May 17 22:35:51 kernel: gro disabled
May 17 22:35:51 Timemachine: daemon is stopped
May 17 22:35:51 kernel: gro enabled with interval 2
May 17 22:35:52 Samba Server: daemon is started
May 17 22:35:53 kernel: DROP IN=eth0 OUT= MAC=34:97:f6:23:dd:f0:00:14:f1:e5:8d:31:08:00 SRC=176.9.52.115 DST=XXX.XXX.XXX.XXX LEN=52 TOS=0x00 PREC=0x00 TTL=58 ID=53910 DF PROTO=TCP SPT=443 DPT=56736 SEQ=3485426528 ACK=962249559 WINDOW=6720 RES=0x00 ACK URGP=0 OPT (0101080A31F02600045CE42F)
cat firewall-start
sh /jffs/scripts/firewall start # Skynet Firewall Addition
sh firewall debug info
Router Model: RT-AC88U-DDF0
Skynet Version: v4.1.2 (18/05/2017)
iptables v1.4.14
ipset v6.29, protocol version: 6
FW Version: 380.66_2
Startup Entry Detected
Cronjob Not Detected
Autobanning Disabled
Whitelist IPTable Not Detected
BlockedRanges IPTable Not Detected
Blacklist IPTable Not Detected
Whitelist IPSet Not Detected
BlockedRanges IPSet Not Detected
Blacklist IPSet Not Detected
ipset v6.29: The set with the given name does not exist
ipset v6.29: The set with the given name does not exist
Skynet: [Complete] -7 IPs / -7 Ranges banned. -7 New IPs / -7 New Ranges Banned. IP / Range Connections Blocked! [1s]
wget -O /jffs/scripts/firewall https://raw.githubusercontent.com/Adamm00/IPSet_ASUS/master/firewall.sh
chmod +x /jffs/scripts/firewall
sh /jffs/scripts/firewall install
1
Vanilla Selected
sed: /jffs/scripts/firewall-start: No such file or directory
Restarting Firewall To Apply Changes
Done.
sh /jffs/scripts/firewall start
Skynet: [IP Banning Started] ... ... ...
firewall: line 704: can't open /jffs/scripts/ipset.txt: no such file
cat: can't open '/tmp/syslog.log-1': No such file or directory
ipset v6.29: The set with the given name does not exist
ipset v6.29: The set with the given name does not exist
Skynet: [Complete] 0 IPs / 0 Ranges banned. 7 New IPs / 7 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [2s]
sh firewall debug info
Router Model: RT-AC88U-DDF0
Skynet Version: v4.1.2 (18/05/2017)
iptables v1.4.14
ipset v6.29, protocol version: 6
FW Version: 380.66_2
Startup Entry Detected
Cronjob Detected
Autobanning Enabled
Whitelist IPTable Detected
BlockedRanges IPTable Detected
Blacklist IPTable Detected
Whitelist IPSet Detected
BlockedRanges IPSet Detected
Blacklist IPSet Detected
Skynet: [Complete] 1 IPs / 0 Ranges banned. 1 New IPs / 0 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [1s]
Installing Skynet v4.1.3
This Will Remove Any Old Install Arguements And Can Be Run Multiple Times
Please Select Installation Mode (Number)
1. Vanilla - Default Installation
2. NoAuto - Default Installation Without Autobanning
3. Debug - Default Installation With Debug Print For Extended Stat Reporting
4. NoAuto & Debug - Default Installation With No Autobanning And Debug Print
1
Vanilla Selected
Would You Like To Enable Weekly Malwarelist Updating
1. Yes
2. No
Please Select Option (Number)
2
Malware List Updating Disabled
sed: /jffs/scripts/firewall-start: No such file or directory
Restarting Firewall To Apply Changes
Done.
Router Model: RT-AC88U-DDF0
Skynet Version: v4.1.3 (18/05/2017)
iptables v1.4.14
ipset v6.29, protocol version: 6
FW Version: 380.66_2
Startup Entry Detected
Cronjob Not Detected
Autobanning Disabled
Whitelist IPTable Not Detected
BlockedRanges IPTable Not Detected
Blacklist IPTable Not Detected
Whitelist IPSet Not Detected
BlockedRanges IPSet Not Detected
Blacklist IPSet Not Detected
ipset v6.29: The set with the given name does not exist
ipset v6.29: The set with the given name does not exist
Skynet: [Complete] -7 IPs / -7 Ranges banned. -7 New IPs / -7 New Ranges Banned. IP / Range Connections Blocked! [1s]
Thanks, really appreciate it!Just got my new RT-AC88U and the second thing I installed (sorry, latest merlin was the first one ) was your script!
sh /jffs/scripts/firewall update
sh /jffs/scripts/firewall install
--> sh /jffs/scripts/firewall update
Skynet: [New Version Detected - Updating To v4.1.4]... ... ...
Skynet: [Skynet Sucessfully Updated - Restarting Firewall]
Done.
--> sh /jffs/scripts/firewall install
Installing Skynet v4.1.4
This Will Remove Any Old Install Arguements And Can Be Run Multiple Times
Please Select Installation Mode (Number)
1. Vanilla - Default Installation
2. NoAuto - Default Installation Without Autobanning
3. Debug - Default Installation With Debug Print For Extended Stat Reporting
4. NoAuto & Debug - Default Installation With No Autobanning And Debug Print
1
Vanilla Selected
Would You Like To Enable Weekly Malwarelist Updating
1. Yes
2. No
Please Select Option (Number)
2
Malware List Updating Disabled
Restarting Firewall To Apply Changes
Done.
--> sh /jffs/scripts/firewall debug info
Router Model: RT-AC88U-DDF0
Skynet Version: v4.1.4 (18/05/2017)
iptables v1.4.14
ipset v6.29, protocol version: 6
FW Version: 380.66_2
Startup Entry Detected
Cronjob Not Detected
Autobanning Disabled
Whitelist IPTable Not Detected
BlockedRanges IPTable Not Detected
Blacklist IPTable Not Detected
Whitelist IPSet Not Detected
BlockedRanges IPSet Not Detected
Blacklist IPSet Not Detected
ipset v6.29: The set with the given name does not exist
ipset v6.29: The set with the given name does not exist
Skynet: [Complete] -7 IPs / -7 Ranges banned. 0 New IPs / 0 New Ranges Banned. IP / Range Connections Blocked! [1s]
rm -rf /jffs/scripts/firewall-start
sh /jffs/scripts/firewall update
sh /jffs/scripts/firewall install
@Adamm, you probably don't want to delete firewall-start - it may have other stuff in it...
May 17 23:09:33 Skynet: [Skynet Up To Date - v4.1.3]
May 17 23:09:34 kernel: xt_set: Unknown symbol ip_set_test (err 0)
May 17 23:09:34 kernel: xt_set: Unknown symbol ip_set_del (err 0)
May 17 23:09:34 kernel: xt_set: Unknown symbol ip_set_nfnl_put (err 0)
May 17 23:09:34 kernel: xt_set: Unknown symbol ip_set_nfnl_get_byindex (err 0)
May 17 23:09:39 kernel: * Make sure sizeof(struct sw_struct)=160 is consistent
May 17 23:09:40 kernel: sizeof forward param = 160
May 17 23:09:40 Skynet: [Complete] 0 IPs / 0 Ranges banned. 0 New IPs / 0 New Ranges Banned. IP / Range Connections Blocked! [15s]
May 17 23:11:25 Skynet: [Skynet Up To Date - v4.1.3]
May 17 23:11:26 Skynet: [Complete] 0 IPs / 0 Ranges banned. 0 New IPs / 0 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [3s]
May 17 23:18:05 Skynet: [New Version Detected - Updating To ]... ... ...
May 17 23:18:05 Skynet: [Skynet Sucessfully Updated - Restarting Firewall]
May 17 23:18:09 Skynet: [Skynet Up To Date - v4.1.5]
May 17 23:18:30 Skynet: [Skynet Up To Date - v4.1.5]
May 17 23:18:31 Skynet: [Complete] 6 IPs / 0 Ranges banned. 0 New IPs / 0 New Ranges Banned. 0 IP / 0 Range Connections Blocked! [2s]
May 17 23:20:05 kernel: [BLOCKED - NEW BAN] IN=eth0 OUT= MAC=14:dd:a9:cb:0d:f0:04:02:1f:f7:b5:16:08:00 SRC=17.252.44.83 DST=192.168.2.100 LEN=52 TOS=0x00 PREC=0x00 TTL=54 ID=44837 DF PROTO=TCP SPT=443 DPT=57750 SEQ=2341401344 ACK=50450437 WINDOW=293 RES=0x00 ACK FIN URGP=0 OPT (0101080A6C169377276449BA)
Does the script work properly? Apparently, little is blocked ..?
sh /jffs/scripts/firewall update
sh /jffs/scripts/firewall install
Ehm... auto-update as optional feature? I'm suffering from repetitive strain injuries because of your pace of updating this project
How does your program decide if something should be banned
As per request, auto updating can now be enabled during install. I'll slow down eventually
sh /jffs/scripts/firewall update
sh /jffs/scripts/firewall install
sh /jffs/scripts/firewall update
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!