Skynet Skynet - Router Firewall & Security Enhancements

[JSewell]

Ok, out of interest, what do you get for the following:

echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"

This shows what the version check is finding when it's run at the start of the script.

Edit: Apologies, I've now updated the code line so it mimics the latest Skynet version on GitHub

 

[Zastoff]

Ok, out of interest, what do you get for the following:

echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"

This shows what the version check is finding when it's run at the start of the script.

RT-AC87U-99F8:/tmp/home/root# echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653

RT-AC87U-99F8:/tmp/home/root# echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653

Like that?

 

[DiscoSi]

I get 7653 as the result also.

 

[dave14305]

RT-AC87U-99F8:/tmp/home/root# echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653

RT-AC87U-99F8:/tmp/home/root# echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653

Like that?

I get 7653 as the result also.

Do you both have an /opt/etc/profile file?

 

[JSewell]

Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using

/jffs/scripts/firewall

 

[dave14305]

Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using

/jffs/scripts/firewall

OMG, I can finally go to sleep!

Great find! Breaks me when invoking through amtm. Works fine directly.

 

[JSewell]

OMG, I can finally go to sleep!

Me too! All the best,
J

 

[dave14305]

So if @Zastoff runs a malware update directly, in theory it should work:

sh /jffs/scripts/firewall banmalware

 

[Safemode]

Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using

/jffs/scripts/firewall

Great find JSewell, it works like a charm on my RT-AC3200.

 

[#TY]

Guys, not sure if I'm missing anything but ever since Skynet v7, every update to it locks down my entire router. No internet or network on any of my devices. Logging into the router takes forever, and often requires a hard reboot (manually shutting down and restarting). Am I missing anything here? I don't recall this ever happening with the previous version. Thanks for all help.

 

[Adamm]

Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using

/jffs/scripts/firewall

Nice work, I assumed everyone was running the commands/menu manually. Was driving me nuts

Guys, not sure if I'm missing anything but ever since Skynet v7, every update to it locks down my entire router. No internet or network on any of my devices. Logging into the router takes forever, and often requires a hard reboot (manually shutting down and restarting). Am I missing anything here? I don't recall this ever happening with the previous version. Thanks for all help.

Nothing has changed in that regard, v7 changes were mostly related to the functioning of malware list updates.

 

[grifo]

Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using

/jffs/scripts/firewall

Bingo, that explains why it was working for me since the beginning, I always run Skynet directly using an alias "f" as it's faster than going via amtm.

 

[Zastoff]

Tested without starting from amtm "/jffs/scripts/firewall"and "sh /jffs/scripts/firewall banmalware"
(updated skynet/removed export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:$PATH)
and get:

Spoiler: Malware Blacklist update

Downloading filter.list | [0s]
Refreshing Whitelists | [10s]
Consolidating Blacklist | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
Filtering IPv4 Addresses | [5s]
Filtering IPv4 Ranges | [1s]
Applying New Blacklist | [9s]
Refreshing AiProtect Bans | [2s]
Saving Changes | [5s]

For Whitelisting Assistance -
https://www.snbforums.com/threads/r...wall-security-enhancements.16798/#post-115872


=============================================================================================================


[#] 142960 IPs (+0) -- 1621 Ranges Banned (+0) || 14 Inbound -- 0 Outbound Connections Blocked! [banmalware] [41s]

 

[grifo]

I've just tried going via amtm:

[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | [7s]
[i] Consolidating Blacklist         | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
[i] Filtering IPv4 Addresses        | [6s]
[i] Filtering IPv4 Ranges           | [0s]
[i] Applying New Blacklist          | [14s]
[i] Refreshing AiProtect Bans       | [0s]
[i] Saving Changes                  | [8s]

 

[Adamm]

Tested without starting from amtm "/jffs/scripts/firewall"and "sh /jffs/scripts/firewall banmalware"
(updated skynet/removed export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:$PATH)
and get:

Spoiler: Malware Blacklist update

Downloading filter.list | [0s]
Refreshing Whitelists | [10s]
Consolidating Blacklist | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
Filtering IPv4 Addresses | [5s]
Filtering IPv4 Ranges | [1s]
Applying New Blacklist | [9s]
Refreshing AiProtect Bans | [2s]
Saving Changes | [5s]

For Whitelisting Assistance -
https://www.snbforums.com/threads/r...wall-security-enhancements.16798/#post-115872


=============================================================================================================


[#] 142960 IPs (+0) -- 1621 Ranges Banned (+0) || 14 Inbound -- 0 Outbound Connections Blocked! [banmalware] [41s]

Force update Skynet and remove any custom modifications you have, this issue has been resolved.

 

[Zastoff]

Force update Skynet and remove any custom modifications you have, this issue has been resolved.

I removed the modifications and now also did a forced update
and retried without amtm "/jffs/scripts/firewall" and still get
Consolidating Blacklist | curl: option -fsLZ: is unknown
I will keep trying to solve it here apparently something in my setup that mess it up
Found something in entware package jq..

def del(f): delpaths([path(f)]);
def _assign(paths; value): value as $v | reduce path(paths) as $p (.; setpath($p; $v));
def _modify(paths; update): reduce path(paths) as $p (.; label $out | (setpath($p; getpath($p) | update) | ., break $out), delpaths([$p]));

Could that be it?

 

[Adamm]

I removed the modifications and now also did a forced update
and retried without amtm "/jffs/scripts/firewall" and still get
Consolidating Blacklist | curl: option -fsLZ: is unknown
I will keep trying to solve it here apparently something in my setup that mess it up
Found something in entware package jq..

def del(f): delpaths([path(f)]);
def _assign(paths; value): value as $v | reduce path(paths) as $p (.; setpath($p; $v));
def _modify(paths; update): reduce path(paths) as $p (.; label $out | (setpath($p; getpath($p) | update) | ., break $out), delpaths([$p]));

Could that be it?

I've pushed another (and hopefully the last) hotfix which should fix launching from amtm and other weird setups/path values.

 

[Zastoff]

Updated
and now get:
Consolidating Blacklist | /jffs/scripts/firewall: eval: line 1: -fsLZ: not found

 

[Adamm]

Updated
and now get:
Consolidating Blacklist | /jffs/scripts/firewall: eval: line 1: -fsLZ: not found

Should have a fix for your situation too, will be home to push the change in an hour

Remind me to never touch this code again

 

[SomeWhereOverTheRainBow]

Should have a fix for your situation too, will be home to push the change in an hour

Remind me to never touch this code again

skynet is aware.. you cannot change it.