Skynet Skynet - Router Firewall & Security Enhancements
visortgw
Very Senior Member
Weekly early Monday morning...
Diamond67
Senior Member
And if router happens to be shut down or offline, the next autoupdate check will happen next week if router (and Skynet) is up and running and online? Or?
visortgw
Very Senior Member
However cron handles missed events...
Diamond67
Senior Member
I am asking just because for example with Diversion you can easily choose the most suitable blocking file update day and hour from the settings. I wonder if it could be possible to sync Skynet and Diversion update checks?
Adamm
Part of the Furniture
Skynet checks for updates at 1.25am every Monday when autoupdates are enabled. Do also note that auto-updates are different from auto-banmalware updates (but with the same logic behind it).
Marin
Very Senior Member
Hi @Adamm and everyone,
For some reason I cannot connect to www.fitbit.com on any of my devices. I have tried to whitelist it by domain. I also tried to whitelist it by monitoring all outbound IP but it still does not work (using @Adamm’s post 2 of this thread).
I did a search online regarding all Fitbit IP’s and came across this: https://community.fitbit.com/t5/Web-API-Development/What-are-Fitbit-s-IP-addresses/td-p/324402. Is the constantly changing IP’s that make whitelisting difficult?
Does anyone have any ideas on how to make this work on Skynet?
I tried to whitelist through Diversion as well and made sure to update blocking files after I did what I did in Skynet but no luck.
Thank you very much!!
Sent from my iPhone using Tapatalk
For some reason I cannot connect to www.fitbit.com on any of my devices. I have tried to whitelist it by domain. I also tried to whitelist it by monitoring all outbound IP but it still does not work (using @Adamm’s post 2 of this thread).
I did a search online regarding all Fitbit IP’s and came across this: https://community.fitbit.com/t5/Web-API-Development/What-are-Fitbit-s-IP-addresses/td-p/324402. Is the constantly changing IP’s that make whitelisting difficult?
Does anyone have any ideas on how to make this work on Skynet?
I tried to whitelist through Diversion as well and made sure to update blocking files after I did what I did in Skynet but no luck.
Thank you very much!!
Sent from my iPhone using Tapatalk
Adamm
Part of the Furniture
I can access this site fine. It also at the time of my post isn't blocked by lists from Skynet, not to mention they use CloudFlare which is globally whitelisted within Skynet.
Code:
skynet@RT-AX88U-DC28:/tmp/home/root# nslookup fitbit.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
Name: fitbit.com
Address 1: 54.230.118.135 server-54-230-118-135.sfo9.r.cloudfront.net
Address 2: 54.230.118.98 server-54-230-118-98.sfo9.r.cloudfront.net
Address 3: 54.230.118.87 server-54-230-118-87.sfo9.r.cloudfront.net
Address 4: 54.230.118.220 server-54-230-118-220.sfo9.r.cloudfront.net
skynet@RT-AX88U-DC28:/tmp/home/root# firewall stats search ip 54.230.118.135
#############################################################################################################
# _____ _ _ __ #
# / ____| | | | / / #
# | (___ | | ___ _ _ __ ___| |_ __ __/ /_ #
# \___ \| |/ / | | | '_ \ / _ \ __| \ \ / / '_ \ #
# ____) | <| |_| | | | | __/ |_ \ V /| (_) | #
# |_____/|_|\_\\__, |_| |_|\___|\__| \_/ \___/ #
# __/ | #
# |___/ #
# #
## - 01/12/2018 - Asus Firewall Addition By Adamm v6.6.4 #
## https://github.com/Adamm00/IPSet_ASUS #
#############################################################################################################
=============================================================================================================
Debug Data Detected in /tmp/mnt/Elements/skynet/skynet.log - 6.8M
Monitoring From Dec 2 01:36:20 To Dec 7 15:49:11
30105 Block Events Detected
2749 Unique IPs
1 Manual Bans Issued
54.230.118.135 is in set Skynet-Whitelist.
54.230.118.135 is NOT in set Skynet-Blacklist.
54.230.118.135 is NOT in set Skynet-BlockedRanges.
Whitelist Reason;
Associated Domain(s);
fitbit.com
IP Location - United States (AS16509)
54.230.118.135 First Tracked On
54.230.118.135 Last Tracked On
0 Blocks Total
Event Log Entries From 54.230.118.135;
First Block Tracked From 54.230.118.135;
10 Most Recent Blocks From 54.230.118.135;
Top 10 Targeted Ports From 54.230.118.135 (Inbound);
-------- | -------- | --------------
| Hits | | | Port | | | SpeedGuide |
-------- | -------- | --------------
Top 10 Sourced Ports From 54.230.118.135 (Inbound);
-------- | -------- | --------------
| Hits | | | Port | | | SpeedGuide |
-------- | -------- | --------------
=============================================================================================================Now with this being said. As long as Skynet has debug mode enabled, it will always print every time something gets blocked. There is never an exception to this rule. I suggest you follow this guide and see if it actually is Skynet causing your issues, as at the moment it seems otherwise.
Marin
Very Senior Member
Hi @Adamm,
Thank you for this, I appreciate it! I actually followed your guide and enable debug watch but for some reason I could not get any OUTbound flow and see this particular IP.
I may have to uninstall Skynet and reinstall it again to see if that solves the issue.
Sent from my iPhone using Tapatalk
Adamm
Part of the Furniture
thelonelycoder
Part of the Furniture
When whitelisting in Diversion the domain is added to the shared whitelist. Skynet does the same. Everytime the whitelist is processed the shared whitelist(s) are processed as well. Diversion restarts Skynet automatically in such a case to have it do its whitelisting.
Seeing that fitbit.com is resolved to a real world IP by presumably Dnsmasq I'd say that Diversion isn't blocking it either.
Maybe your ISP or your set DNS provider blocks the domain.
Marin
Very Senior Member
@Adamm and @thelonelycoder,
Thank you for your thoughts! I will take a look at my other router settings to see if I can find out more what is causing this!
Marin
Sent from my iPhone using Tapatalk
Thank you for your thoughts! I will take a look at my other router settings to see if I can find out more what is causing this!
Marin
Sent from my iPhone using Tapatalk
dave14305
Part of the Furniture
What response do you get when accessing www.fitbit.com? Is this in a browser or through a Fitbit app or both? Screenshot of the error?
From your router, what are the outputs of
Code:
nslookup www.fitbit.com
ping www.fitbit.com
traceroute www.fitbit.com
curl -v https://www.fitbit.com/Marin
Very Senior Member
@dave14305,
Here you go:
Code:
@RT-AC86U-99A8:/tmp/home/root# curl -v https://www.fitbit.com/
* getaddrinfo(3) failed for www.fitbit.com:443
* Couldn't resolve host 'www.fitbit.com'
* Closing connection 0
curl: (6) Couldn't resolve host 'www.fitbit.com'
thekokas062897@RT-AC86U-99A8:/tmp/home/root#
Code:
@RT-AC86U-99A8:/tmp/home/root# traceroute www.fitbit.com
traceroute: bad address 'www.fitbit.com'
Code:
@RT-AC86U-99A8:/tmp/home/root# ping www.fitbit.com
ping: bad address 'www.fitbit.com'
Code:
@RT-AC86U-99A8:/tmp/home/root# nslookup www.fitbit.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
nslookup: can't resolve 'www.fitbit.com'Also see Safari/Chrome screenshots.
Thank you!
Attachments
Marin
Very Senior Member
Also from @Adamm's guide:
I get the same output but not with the whitelist comment next to them....yet I know I have whitelisted this site
Code:
@RT-AC86U-99A8:/tmp/home/root# nslookup fitbit.com
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain
Name: fitbit.com
Address 1: 52.222.225.133 server-52-222-225-133.lhr52.r.cloudfront.net
Address 2: 52.222.225.106 server-52-222-225-106.lhr52.r.cloudfront.net
Address 3: 52.222.225.108 server-52-222-225-108.lhr52.r.cloudfront.net
Address 4: 52.222.225.185 server-52-222-225-185.lhr52.r.cloudfront.netI get the same output but not with the whitelist comment next to them....yet I know I have whitelisted this site
dave14305
Part of the Furniture
How is DNS configured on your router?
WAN page settings?
LAN DHCP settings?
LAN DNSFILTER settings?
Contents of hosts file in etc directory?
Are you still using Stubby?
Last edited:
Marin
Very Senior Member
Well apparently it is my VPN DSN settings in WAN. I use NordVPN (strict configuration and policy rules) and their DNS servers. When I change servers to those of Cloudlflare's, I am able to connect to it. This is rather strange as I have not changed my VPN DNS settings in months and until a month ago I used to connect to fitbit.com on my phone, laptop just fine. Somehow now I can't connect to it any longer.
Adamm
Part of the Furniture
I've pushed v6.6.5
Code:
Aesthetic improvements
Error codes for rule integrity violations
Movistar fix
Add third failover for Check_Connection()
Additional swap debug output
Only show IPv4 address in device list
Add uptime / ram usage to "debug info"
Note; Ram usage numbers will be different to the WebUI. We are reporting figures available to the system. Cached memory is considered available. Hardware reserve is deducted from the total ram (10-12%)
Last edited:
Adamm
Part of the Furniture
This setting actually enhances AiProtect by adding any IP's flagged for malicious activity to Skynet's blacklist.
Code:
( sh /jffs/scripts/firewall settings banaiprotect enable|disable ) Enable/Disable Banning IP's Flagged By AiProtectSimilar threads
Similar threads
Similar threads
-
-
Skynet Skynet showing router itself making calls to China?
- Started by Skywise
- Replies: 26
-
Skynet Skynet - Blocked outbounds coming from the router itself?
- Started by JuanGF
- Replies: 12
-
Skynet Installing Skynet causes router to crash and reboot
- Started by ovancantfort
- Replies: 26
-
Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important?
- Started by lenovomen
- Replies: 2
-
Skynet Message on SKYNET I havent seen before- Started by Davidncali001
- Replies: 1
-
-
-
Skynet SkyNet/Firewall blocking all ping requests, including outbound
- Started by nearlyheadlessarvie
- Replies: 6
-
Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14
- Started by WRobertE
- Replies: 10