Skynet Skynet - Router Firewall & Security Enhancements

[L&LD]

@Ola Malmstrom, see the amtm Step-by-Step Guide in the link in my signature below.

 

[randomName]

Just logged into my router and found that Skynet wasn't installed. I thought it wasn't deleted if a re-initialize was initiated?

 

[dave14305]

Just logged into my router and found that Skynet wasn't installed. I thought it wasn't deleted if a re-initialize was initiated?

The script is in /jffs. The logs and ipset data are on USB.

 

[Adamm]

Can anyone tell me how long it should take for the for Skynet statistics to appear in the GUI? I installed Skynet earlier this evening, but the graph areas are just blank and if I click on Update Stats, nothing happens except that I can no longer scroll down the page or leave it other than by using the browser back button. The same thing happens whether I use Firefox or Microsoft Edge.

Typo on my end, a force update should fix it.

 

[L&LD]

@Adamm, yes, fixed.

 

[Ubimo]

I just updated skynet and then did a malware blacklist update:

[i] Custom Filter Detected: https://pastebin.com/raw/A4ur1PwW
[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | /opt/bin/skynet: line 5613: can't fork
/opt/bin/skynet: line 5613: can't fork
/opt/bin/skynet: line 5613: can't fork
[36s]
[i] Consolidating Blacklist         | *--

Edit:
Tried again, now this:

[i] Custom Filter Detected: https://pastebin.com/raw/A4ur1PwW
[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | /jffs/scripts/firewall: line 5613: can't fork
[74s]
[i] Consolidating Blacklist         | [56s]
[i] Filtering IPv4 Addresses        | [12s]
[i] Filtering IPv4 Ranges           | [1s]
[i] Applying New Blacklist          | [32s]
[i] Refreshing AiProtect Bans       | [4s]
[i] Saving Changes                  | [13s]

 

[Adamm]

I just updated skynet and then did a malware blacklist update:

[i] Custom Filter Detected: https://pastebin.com/raw/A4ur1PwW
[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | /opt/bin/skynet: line 5613: can't fork
/opt/bin/skynet: line 5613: can't fork
/opt/bin/skynet: line 5613: can't fork
[36s]
[i] Consolidating Blacklist         | *--

Edit:
Tried again, now this:

[i] Custom Filter Detected: https://pastebin.com/raw/A4ur1PwW
[i] Downloading filter.list         | [1s]
[i] Refreshing Whitelists           | /jffs/scripts/firewall: line 5613: can't fork
[74s]
[i] Consolidating Blacklist         | [56s]
[i] Filtering IPv4 Addresses        | [12s]
[i] Filtering IPv4 Ranges           | [1s]
[i] Applying New Blacklist          | [32s]
[i] Refreshing AiProtect Bans       | [4s]
[i] Saving Changes                  | [13s]

Pretty sure I know the change that caused this (the code is very fragile ), but for leaning purposes whats the output of;

wc -l /jffs/addons/shared-whitelists/*
sh /jffs/scripts/firewall debug info

 

[Ubimo]

Here is the output of the first command:

      106 /jffs/addons/shared-whitelists/shared-Diversion-whitelist
       37 /jffs/addons/shared-whitelists/shared-Skynet-whitelist
       14 /jffs/addons/shared-whitelists/shared-Skynet2-whitelist
      157 total

Here is the output of the second command:

Spoiler

#############################################################################################################
# #
# ███████╗██╗ ██╗██╗ ██╗███╗ ██╗███████╗████████╗ ██╗ ██╗███████╗ #
# ██╔════╝██║ ██╔╝╚██╗ ██╔╝████╗ ██║██╔════╝╚══██╔══╝ ██║ ██║╚════██║ #
# ███████╗█████╔╝ ╚████╔╝ ██╔██╗ ██║█████╗ ██║ ██║ ██║ ██╔╝ #
# ╚════██║██╔═██╗ ╚██╔╝ ██║╚██╗██║██╔══╝ ██║ ╚██╗ ██╔╝ ██╔╝ #
# ███████║██║ ██╗ ██║ ██║ ╚████║███████╗ ██║ ╚████╔╝ ██║ #
# ╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚═══╝ ╚═╝ #
# #
# Router Firewall And Security Enhancements #
# By Adamm - https://github.com/Adamm00/IPSet_ASUS #
# 14/02/2020 - v7.1.0 #
#############################################################################################################


=============================================================================================================


Skynet Version; v7.1.0 (14/02/2020) (eb5d4309f9ee97a8e9adfa3961916774)
iptables v1.4.15 - (ppp0 @ 192.168.1.1)
ipset v6.32, protocol version: 6
IP Address; (185.xxxxxx)
FW Version; 384.15_0 (Feb 11 2020) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/USB/skynet (3.1G / 3.7G Space Available)
SWAP File; /tmp/mnt/USB/myswap.swp (256.3M)
Uptime; 1 days, 20 hours, 32 minutes.
Ram Available; (90M / 249M)


--------------- | ------------ | --------------- | ----------
| Device Name | | | Local IP | | | MAC Address | | | Status |
--------------- | ------------ | --------------- | ----------

xxxxxx | 192.168.1.40 | 8c:xxxxx | Inactive
xxxx | 192.168.1.151 | e0:xxxxxx | DELAY
xxxxxx | 192.168.1.172 | 50:xxxxxxx | Online


-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------

Internet-Connectivity | [Passed]
Write Permission | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Passed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]
Diversion Plus Content | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------

Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Ban AiProtect | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

17/17 Tests Sucessful


=============================================================================================================


[#] 276814 IPs (+0) -- 1833 Ranges Banned (+0) || 412 Inbound -- 0 Outbound Connections Blocked! [debug] [5s]

 

[Adamm]

Here is the output of the first command:

      106 /jffs/addons/shared-whitelists/shared-Diversion-whitelist
       37 /jffs/addons/shared-whitelists/shared-Skynet-whitelist
       14 /jffs/addons/shared-whitelists/shared-Skynet2-whitelist
      157 total

Here is the output of the second command:

Spoiler

#############################################################################################################
# #
# ███████╗██╗ ██╗██╗ ██╗███╗ ██╗███████╗████████╗ ██╗ ██╗███████╗ #
# ██╔════╝██║ ██╔╝╚██╗ ██╔╝████╗ ██║██╔════╝╚══██╔══╝ ██║ ██║╚════██║ #
# ███████╗█████╔╝ ╚████╔╝ ██╔██╗ ██║█████╗ ██║ ██║ ██║ ██╔╝ #
# ╚════██║██╔═██╗ ╚██╔╝ ██║╚██╗██║██╔══╝ ██║ ╚██╗ ██╔╝ ██╔╝ #
# ███████║██║ ██╗ ██║ ██║ ╚████║███████╗ ██║ ╚████╔╝ ██║ #
# ╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚═══╝ ╚═╝ #
# #
# Router Firewall And Security Enhancements #
# By Adamm - https://github.com/Adamm00/IPSet_ASUS #
# 14/02/2020 - v7.1.0 #
#############################################################################################################


=============================================================================================================


Skynet Version; v7.1.0 (14/02/2020) (eb5d4309f9ee97a8e9adfa3961916774)
iptables v1.4.15 - (ppp0 @ 192.168.1.1)
ipset v6.32, protocol version: 6
IP Address; (185.xxxxxx)
FW Version; 384.15_0 (Feb 11 2020) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/USB/skynet (3.1G / 3.7G Space Available)
SWAP File; /tmp/mnt/USB/myswap.swp (256.3M)
Uptime; 1 days, 20 hours, 32 minutes.
Ram Available; (90M / 249M)


--------------- | ------------ | --------------- | ----------
| Device Name | | | Local IP | | | MAC Address | | | Status |
--------------- | ------------ | --------------- | ----------

xxxxxx | 192.168.1.40 | 8c:xxxxx | Inactive
xxxx | 192.168.1.151 | e0:xxxxxx | DELAY
xxxxxx | 192.168.1.172 | 50:xxxxxxx | Online


-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------

Internet-Connectivity | [Passed]
Write Permission | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Passed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]
Diversion Plus Content | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------

Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Ban AiProtect | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

17/17 Tests Sucessful


=============================================================================================================


[#] 276814 IPs (+0) -- 1833 Ranges Banned (+0) || 412 Inbound -- 0 Outbound Connections Blocked! [debug] [5s]

I've been able to further isolate fork errors down to swap file size, increase your swap file to at-least 1GB (this will be enforced in future updates).

sh /jffs/scripts/firewall debug swap uninstall

sh /jffs/scripts/firewall debug swap install

 

[Butterfly Bones]

I've been able to further isolate fork errors down to swap file size, increase your swap file to at-least 1GB (this will be enforced in future updates).

sh /jffs/scripts/firewall debug swap uninstall

sh /jffs/scripts/firewall debug swap install

I have had a 512 MB swap file on my utilities USB for well over a year. With your advice, trying to remove and reinstall to 1 GB, I get this error. AMTM will not remove the existing swap file either, Now what?

Feb 15 07:09:15 RT-AC86U-4608 Skynet: [*] Restoring Damaged Swap File ( /tmp/mnt/SNB/myswap.swp )
Feb 15 07:09:18 RT-AC86U-4608 Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/SNB/skynet) (pid=25526) - Exiting (cpid=25862)

I can reformat the drive and reinstall everything if needed, I keep multiple backups on my main computer (Linux - to retain all permissions).

 

[skeal]

I have had a 512 MB swap file on my utilities USB for well over a year. With your advice, trying to remove and reinstall to 1 GB, I get this error. AMTM will not remove the existing swap file either, Now what?

Feb 15 07:09:15 RT-AC86U-4608 Skynet: [*] Restoring Damaged Swap File ( /tmp/mnt/SNB/myswap.swp )
Feb 15 07:09:18 RT-AC86U-4608 Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/SNB/skynet) (pid=25526) - Exiting (cpid=25862)

I can reformat the drive and reinstall everything if needed, I keep multiple backups on my main computer (Linux - to retain all permissions).

I had this problem last night. I was trying to downsize from 2gig to 1gig swap and ended up having to format and reinstall everything.

 

[Adamm]

I have had a 512 MB swap file on my utilities USB for well over a year. With your advice, trying to remove and reinstall to 1 GB, I get this error. AMTM will not remove the existing swap file either, Now what?

Feb 15 07:09:15 RT-AC86U-4608 Skynet: [*] Restoring Damaged Swap File ( /tmp/mnt/SNB/myswap.swp )
Feb 15 07:09:18 RT-AC86U-4608 Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/SNB/skynet) (pid=25526) - Exiting (cpid=25862)

I can reformat the drive and reinstall everything if needed, I keep multiple backups on my main computer (Linux - to retain all permissions).

I had this problem last night. I was trying to downsize from 2gig to 1gig swap and ended up having to format and reinstall everything.

Can't reproduce this on my end, what tool did you use to create the swap files? Also what is the output of the swap uninstall command?

 

[skeal]

Can't reproduce this on my end, what tool did you use to create the swap files? Also what is the output of the swap uninstall command?

I installed and uninstalled using Skynet. Rebooted and the swap was still there just disabled. If you let's say go into AMTM and type "sw" it will ask if you want to create a swap you answer yes and it creates rather quickly...lol the swap you had without and option to resize or rename or anything.

 

[Ubimo]

I've been able to further isolate fork errors down to swap file size, increase your swap file to at-least 1GB

But, only 27MB are used in swap file. See screenshot.
Why should I increase it to 1GB?

Edit:
I can't remove swap file with you command or with amtm.

rm: can't remove '/tmp/mnt/USB/myswap.swp': Operation not permitted

 

[skeal]

Can't reproduce this on my end, what tool did you use to create the swap files? Also what is the output of the swap uninstall command?

Further to above if I try using Skynet to recreate the now removed swap, the script just reloads to the AMTM menu.

 

[Butterfly Bones]

Can't reproduce this on my end, what tool did you use to create the swap files? Also what is the output of the swap uninstall command?

It was either Skynet or AMTM, over a year ago, maybe closer to two years. The "lost+found" directory that Linux adds to a formatted drive is dated Mar 26 2018. The swap file itself is dated Jan 5 2019.
This is the result of the "sh /jffs/scripts/firewall debug swap uninstall" command.

[*] Pre-existing SWAP File Detected - Exiting!

I know @thelonelycoder will be watching this, so...
If I use the "sw" command in AMTM and choose 1=Yes

 Swap file found at:
 /tmp/mnt/SNB/myswap.swp
 Delete the Swap file? [1=Yes e=Exit]

I get this

Swap file deleted:
 /tmp/mnt/SNB/myswap.swp
 Added missing swap file entry to
 /jffs/scripts/post-mount

 

[Safemode]

You don't have to remove anything. Go to AMTM and delete swapfile from there, then you hit i in AMTM select swapfile and create new 1GB swap. That's it that's all... No reboot necessary.

 

[Butterfly Bones]

You don't have to remove anything. Go to AMTM and delete swapfile from there, then you hit i in AMTM select swapfile and create new 1GB swap. That's it that's all...

I just posted this directly above your reply.
If I use the "sw" command in AMTM and choose 1=Yes

 Swap file found at:
 /tmp/mnt/SNB/myswap.swp
 Delete the Swap file? [1=Yes e=Exit]

I get this

Swap file deleted:
 /tmp/mnt/SNB/myswap.swp
 Added missing swap file entry to
 /jffs/scripts/post-mount

 

[Adamm]

But, only 27MB are used in swap file. See screenshot.
Why should I increase it to 1GB?

To prevent fork errors as seen in your previous posts. A few years ago when Asus started using glibc library these errors became quite frequent when spawning lots of processes. I figured out then this can be partially mitigated by using a swap file, and further mitigated on the software side by limiting process spawning. After further investigation today I found increasing your SWAP file to 1GB can completely mitigate this issue without the need for any software workarounds.

 

[Safemode]

I just posted this directly above your reply.
If I use the "sw" command in AMTM and choose 1=Yes

 Swap file found at:
 /tmp/mnt/SNB/myswap.swp
 Delete the Swap file? [1=Yes e=Exit]

I get this

Swap file deleted:
 /tmp/mnt/SNB/myswap.swp
 Added missing swap file entry to
 /jffs/scripts/post-mount

Did you delete file from within Skynet or AMTM? If you deleted withing Skynet you will need to reboot and then do as mentioned with AMTM. All you're doing with AMTM and what's necessary is to delete and expand swapfile. The reason it doesn't work through Skynet is because the swapfile is being used because you're already in Skynet UI. Hope this helps...