What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ok, out of interest, what do you get for the following:

Code:
echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"

This shows what the version check is finding when it's run at the start of the script.

Edit: Apologies, I've now updated the code line so it mimics the latest Skynet version on GitHub
 
Last edited:
Ok, out of interest, what do you get for the following:

Code:
echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"

This shows what the version check is finding when it's run at the start of the script.
Code:
RT-AC87U-99F8:/tmp/home/root# echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653
Code:
RT-AC87U-99F8:/tmp/home/root# echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653
Like that?
 
I get 7653 as the result also.
 
Code:
RT-AC87U-99F8:/tmp/home/root# echo "$(curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653
Code:
RT-AC87U-99F8:/tmp/home/root# echo "$(/usr/sbin/curl --version | awk 'NR >= 1 && NR <= 1 {print $2}' | tr -d '.')"
7653
Like that?
I get 7653 as the result also.
Do you both have an /opt/etc/profile file?
 
Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using
Code:
/jffs/scripts/firewall
 
Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using
Code:
/jffs/scripts/firewall
OMG, I can finally go to sleep! :confused:

Great find! Breaks me when invoking through amtm. Works fine directly.
 
So if @Zastoff runs a malware update directly, in theory it should work:
Code:
sh /jffs/scripts/firewall banmalware
 
Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using
Code:
/jffs/scripts/firewall
Great find JSewell, it works like a charm on my RT-AC3200.
 
Guys, not sure if I'm missing anything but ever since Skynet v7, every update to it locks down my entire router. No internet or network on any of my devices. Logging into the router takes forever, and often requires a hard reboot (manually shutting down and restarting). Am I missing anything here? I don't recall this ever happening with the previous version. Thanks for all help.
 
Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using
Code:
/jffs/scripts/firewall

Nice work, I assumed everyone was running the commands/menu manually. Was driving me nuts :rolleyes:

Guys, not sure if I'm missing anything but ever since Skynet v7, every update to it locks down my entire router. No internet or network on any of my devices. Logging into the router takes forever, and often requires a hard reboot (manually shutting down and restarting). Am I missing anything here? I don't recall this ever happening with the previous version. Thanks for all help.

Nothing has changed in that regard, v7 changes were mostly related to the functioning of malware list updates.
 
Sorry for delay in replying @Zastoff and @DiscoSi. The values of 7653 show that the version checking option is working as expected, and not returning a weird error.

When you open Skynet, are you doing so through amtm's menus? If so, that might be a problem, as it appears amtm does an export path=/sbin:.... etc. too. Since Skynet is being launched by amtm, it will inherit the /sbin favoured path.

Try running Skynet directly using
Code:
/jffs/scripts/firewall
Bingo, that explains why it was working for me since the beginning, I always run Skynet directly using an alias "f" as it's faster than going via amtm.
 
Tested without starting from amtm "/jffs/scripts/firewall"and "sh /jffs/scripts/firewall banmalware"
(updated skynet/removed export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:$PATH)
and get:
Downloading filter.list | [0s]
Refreshing Whitelists | [10s]
Consolidating Blacklist | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
Filtering IPv4 Addresses | [5s]
Filtering IPv4 Ranges | [1s]
Applying New Blacklist | [9s]
Refreshing AiProtect Bans | [2s]
Saving Changes | [5s]

For Whitelisting Assistance -
https://www.snbforums.com/threads/r...wall-security-enhancements.16798/#post-115872


=============================================================================================================


[#] 142960 IPs (+0) -- 1621 Ranges Banned (+0) || 14 Inbound -- 0 Outbound Connections Blocked! [banmalware] [41s]
 
Last edited:
I've just tried going via amtm:
Code:
[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | [7s]
[i] Consolidating Blacklist         | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
[i] Filtering IPv4 Addresses        | [6s]
[i] Filtering IPv4 Ranges           | [0s]
[i] Applying New Blacklist          | [14s]
[i] Refreshing AiProtect Bans       | [0s]
[i] Saving Changes                  | [8s]
 
Tested without starting from amtm "/jffs/scripts/firewall"and "sh /jffs/scripts/firewall banmalware"
(updated skynet/removed export PATH=/opt/bin:/sbin:/bin:/usr/sbin:/usr/bin:$PATH)
and get:
Downloading filter.list | [0s]
Refreshing Whitelists | [10s]
Consolidating Blacklist | curl: option -fsLZ: is unknown
curl: try 'curl --help' for more information
[7s]
Filtering IPv4 Addresses | [5s]
Filtering IPv4 Ranges | [1s]
Applying New Blacklist | [9s]
Refreshing AiProtect Bans | [2s]
Saving Changes | [5s]

For Whitelisting Assistance -
https://www.snbforums.com/threads/r...wall-security-enhancements.16798/#post-115872


=============================================================================================================


[#] 142960 IPs (+0) -- 1621 Ranges Banned (+0) || 14 Inbound -- 0 Outbound Connections Blocked! [banmalware] [41s]

Force update Skynet and remove any custom modifications you have, this issue has been resolved.
 
Force update Skynet and remove any custom modifications you have, this issue has been resolved.
I removed the modifications and now also did a forced update
and retried without amtm "/jffs/scripts/firewall" and still get
Consolidating Blacklist | curl: option -fsLZ: is unknown
I will keep trying to solve it here apparently something in my setup that mess it up
Found something in entware package jq..
Code:
def del(f): delpaths([path(f)]);
def _assign(paths; value): value as $v | reduce path(paths) as $p (.; setpath($p; $v));
def _modify(paths; update): reduce path(paths) as $p (.; label $out | (setpath($p; getpath($p) | update) | ., break $out), delpaths([$p]));
Could that be it?
 
I removed the modifications and now also did a forced update
and retried without amtm "/jffs/scripts/firewall" and still get
Consolidating Blacklist | curl: option -fsLZ: is unknown
I will keep trying to solve it here apparently something in my setup that mess it up
Found something in entware package jq..
Code:
def del(f): delpaths([path(f)]);
def _assign(paths; value): value as $v | reduce path(paths) as $p (.; setpath($p; $v));
def _modify(paths; update): reduce path(paths) as $p (.; label $out | (setpath($p; getpath($p) | update) | ., break $out), delpaths([$p]));
Could that be it?


I've pushed another (and hopefully the last) hotfix which should fix launching from amtm and other weird setups/path values.
 
Updated
and now get:
Consolidating Blacklist | /jffs/scripts/firewall: eval: line 1: -fsLZ: not found
 
Updated
and now get:
Consolidating Blacklist | /jffs/scripts/firewall: eval: line 1: -fsLZ: not found

Should have a fix for your situation too, will be home to push the change in an hour

Remind me to never touch this code again :rolleyes:
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top