Menu
What's new
By:
Filters Better Search

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

martinr said:
Don’t apologise: many of us started out like that (and some of us still feel that way. ;). Problem is there’s always a tacit, assumed foundation of knowledge and experience required. I spend a lot of my time trawling through YouTube videos and tutorials just to understand some of the questions on this forum let alone making sense of the answers! All one can do is plod on and work on the basis that if you fling enough sh!t at a wall, some of it eventually sticks.
Click to expand...

Thanks for those kind words, I appreciate it. I haven't been able to find anything on Youtube about Skynet, Diversion, or other scripts. There are a few tutorials on Asus routers and Asus-Merlin firmware, mostly about download and installation. I used to watch TV in my spare time, now I watch Youtube and try to learn something. They are not all good, though, you got to pick 'em. Some are real duds.
 
I'm trying to find a fallback solution for times that Banmalware runs, takes so long that many IPs are removed from the blocking list, like this on 28 Feb.
Code: 
Feb 28 04:29:05 RT-AC86U Skynet: [#] 78495 IPs (-45062) -- [banmalware] [245s]
Feb 29 04:25:40 RT-AC86U Skynet: [#] 128732 IPs (+50237) --[banmalware] [40s]
I have never seen that occur two days in a row. As you see this is a AC86U that normally processes the banmalware update in 35-45 seconds, except at least once weekly it runs long, well over 100 minutes up to 300 minutes. I might be the servers are busy, my thoughts are there are conflicting events on my router. I know Skynet sets random times to download IP updates. I still see these long times every 7-10 days. Oddly the "random" times Skynet like to choose is 0525, shortly after the 0520 time Diversion rotates dnsmasq log files and those processes overlap.

My thought is to somehow scan the skynet.log daily for banmalware, say 0613 daily, and if times are long, maybe over 100 minutes (TBD) it will run the banmalware update command again? As many here know from my posts thorough time, and am a script retard / dunce. Adamm, could that be added as a feature to Skynet, or does someone have a quick script that I can run in a cron job once a day to accomplish this? I try to check the Skynet log after I get up to see what banmalware update results are and manually run it again if needed, but I forget or get busy.
 
Butterfly Bones said:
except at least once weekly it runs long, well over 100 minutes up to 300 minutes.
Click to expand...

I think you mean seconds, and this most likely indicates downloading a particular list timed out and curl kept retrying as per its default parameters.

Butterfly Bones said:
I still see these long times every 7-10 days. Oddly the "random" times Skynet like to choose is 0525, shortly after the 0520 time Diversion rotates dnsmasq log files and those processes overlap
Click to expand...

We choose a random hour at 25 minutes past to avoid essentially DDOS'ing firehol's servers with thousands of Skynet users download requests. fwiw today's large change in numbers was due to this commit where we removed some inactive lists and switched to using bi_any_2_30d.ipset to replace them.
 
JT Strickland said:
Thanks for those kind words, I appreciate it. I haven't been able to find anything on Youtube about Skynet, Diversion, or other scripts. There are a few tutorials on Asus routers and Asus-Merlin firmware, mostly about download and installation. I used to watch TV in my spare time, now I watch Youtube and try to learn something. They are not all good, though, you got to pick 'em. Some are real duds.
Click to expand...
Yes indeed: some real duds out there. (Sometimes I shut it down as soon as I hear the audio.). No, I was thinking of the more basic stuff like how DNS works, what a recursive server does, how public key infrastructure works, how certificates are used ....

For the more detailed stuff, like specific tutorials on items directly relevant to this forum, you’d do well to ask, because some of the experts here have written one or 2 guides. They are mostly buried in posts so they can be hard to find without help, but some of us have them bookmarked, And if there isn’t a specific guide, you only need to query anything you don’t understand and someone will put you right.

Usually, the very first post (and maybe the next one or 2) for a specific script contain most of what you need to know to get started at least. But you’ll already have found that out.
 
Hi. I know I should probably be able to find the answer somewhere in this thread - but searching on IOT is not allowed, and after reading a few hundred posts I decided to give up :(
I'm trying to setup a guest network for my IOT sensors, and want to ban them from accessing the internet.
I did a factory reset of my AC87U running latest firmware, installed AMTM (no 385 firmware available for that device yet), Diversion, Skynet and YazFi.
The IOT network i using 10.0.3.0 as subnet, so I added the complete IP range to Skynet IOT banned devices 10.0.3.2-10.0.3.254.

After rebooting and connecting a smartphone and a couple of sensors to the new guest network the list of blocked IOT devices look like this. Most Unblocked devices are removed from the list.(the Unknown devices are a couple of ESP8266's with static IP's):
Code: 
---------------                          | ------------     | ---------------      | ----------
| Device Name |                          | | Local IP |     | | MAC Address |      | | Status |
---------------                          | ------------     | ---------------      | ----------
ESP-Kontor-0                             | 10.0.0.245       | dc:4f:xx:xx:xx:xx    | Unblocked
Unknown                                  | 10.0.3.11        | 2c:3a:xx:xx:xx:xx    | Blocked
Unknown                                  | 10.0.3.13        | dc:4f:xx:xx:xx:xx    | Blocked
KA_OP5T                                  | 10.0.3.154       | 94:65:xx:xx:xx:xx    | Blocked

IPtables look like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
YazFiINPUT  all  --  anywhere             anywhere
logdrop    icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
logdrop    all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
OVPN       all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
INPUT_ICMP  icmp --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             match-set Skynet-IOT src tcp dpt:ntp
ACCEPT     udp  --  anywhere             anywhere             match-set Skynet-IOT src udp dpt:ntp
LOG        all  --  anywhere             anywhere             match-set Skynet-IOT src LOG level warning tcp-sequence t"
DROP       all  --  anywhere             anywhere             match-set Skynet-IOT src
YazFiFORWARD  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
other2wan  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere             state INVALID
NSFW       all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate DNAT
OVPN       all  --  anywhere             anywhere             state NEW
logdrop    all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain ACCESS_RESTRICTION (0 references)
target     prot opt source               destination

Chain DNSFILTER_DOT (0 references)
target     prot opt source               destination

Chain FUPNP (0 references)
target     prot opt source               destination

Chain INPUT_ICMP (1 references)
target     prot opt source               destination
RETURN     icmp --  anywhere             anywhere             icmp echo-request
RETURN     icmp --  anywhere             anywhere             icmp timestamp-request
ACCEPT     icmp --  anywhere             anywhere

Chain NSFW (1 references)
target     prot opt source               destination
DROP       gre  --  anywhere             anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:1723

Chain OVPN (2 references)
target     prot opt source               destination

Chain PControls (0 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PTCSRVLAN (1 references)
target     prot opt source               destination

Chain PTCSRVWAN (1 references)
target     prot opt source               destination

Chain SECURITY (0 references)
target     prot opt source               destination
RETURN     tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5
logdrop    tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN
RETURN     tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
logdrop    tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/RST
RETURN     icmp --  anywhere             anywhere             icmp echo-request limit: avg 1/sec burst 5
logdrop    icmp --  anywhere             anywhere             icmp echo-request
RETURN     all  --  anywhere             anywhere

Chain YazFiFORWARD (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain YazFiINPUT (1 references)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             multiport dports bootps,ntp
ACCEPT     icmp --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             multiport dports bootps,ntp
ACCEPT     icmp --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere

Chain YazFiREJECT (3 references)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain default_block (0 references)
target     prot opt source               destination

Chain logaccept (0 references)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere             state NEW LOG level warning tcp-sequence tcp-options ip-o"
ACCEPT     all  --  anywhere             anywhere

Chain logdrop (9 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain other2wan (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere

Now - I guess everything looks as it should - but the smartphone still has full internet access (rebooted and disabled mobile data).
Have I misunderstood something about how IOT blocking works, oram I missing some steps?
 
@Kenneth Andersen, the 'latest firmware' isn't descriptive enough. Which actual firmware are you running? RT-AC87U: 384.13_4 is the latest and supports amtm 'built-in' which means you shouldn't have had to install amtm manually.

Depending on what you did to get to where you are, I may be tempted to start over fresh with a full M&M Config (please see the link in my signature below).

You can get around any in-forum search restrictions by using the search engine of your choice and using a variation of 'site: snbforums.com' on the end too.
 
Adamm said:
I think you mean seconds, and this most likely indicates downloading a particular list timed out and curl kept retrying as per its default parameters.



We choose a random hour at 25 minutes past to avoid essentially DDOS'ing firehol's servers with thousands of Skynet users download requests. fwiw today's large change in numbers was due to this commit where we removed some inactive lists and switched to using bi_any_2_30d.ipset to replace them.
Click to expand...
Yes, seconds not minutes. :oops:

I understand and remember why the random xx25 cron job times. I was half joking on that 0525 comment on running right after Diversion. That is what alerted me to this long xxx seconds processing and list update failure.

So no comments on a fallback feature, the point of my entire post?
 
Kenneth Andersen said:
Hi. I know I should probably be able to find the answer somewhere in this thread - but searching on IOT is not allowed, and after reading a few hundred posts I decided to give up :(
I'm trying to setup a guest network for my IOT sensors, and want to ban them from accessing the internet.
I did a factory reset of my AC87U running latest firmware, installed AMTM (no 385 firmware available for that device yet), Diversion, Skynet and YazFi.
The IOT network i using 10.0.3.0 as subnet, so I added the complete IP range to Skynet IOT banned devices 10.0.3.2-10.0.3.254.

After rebooting and connecting a smartphone and a couple of sensors to the new guest network the list of blocked IOT devices look like this. Most Unblocked devices are removed from the list.(the Unknown devices are a couple of ESP8266's with static IP's):
Code: 
---------------                          | ------------     | ---------------      | ----------
| Device Name |                          | | Local IP |     | | MAC Address |      | | Status |
---------------                          | ------------     | ---------------      | ----------
ESP-Kontor-0                             | 10.0.0.245       | dc:4f:xx:xx:xx:xx    | Unblocked
Unknown                                  | 10.0.3.11        | 2c:3a:xx:xx:xx:xx    | Blocked
Unknown                                  | 10.0.3.13        | dc:4f:xx:xx:xx:xx    | Blocked
KA_OP5T                                  | 10.0.3.154       | 94:65:xx:xx:xx:xx    | Blocked

IPtables look like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
YazFiINPUT  all  --  anywhere             anywhere
logdrop    icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
logdrop    all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
OVPN       all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
INPUT_ICMP  icmp --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             match-set Skynet-IOT src tcp dpt:ntp
ACCEPT     udp  --  anywhere             anywhere             match-set Skynet-IOT src udp dpt:ntp
LOG        all  --  anywhere             anywhere             match-set Skynet-IOT src LOG level warning tcp-sequence t"
DROP       all  --  anywhere             anywhere             match-set Skynet-IOT src
YazFiFORWARD  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
other2wan  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere             state INVALID
NSFW       all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate DNAT
OVPN       all  --  anywhere             anywhere             state NEW
logdrop    all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain ACCESS_RESTRICTION (0 references)
target     prot opt source               destination

Chain DNSFILTER_DOT (0 references)
target     prot opt source               destination

Chain FUPNP (0 references)
target     prot opt source               destination

Chain INPUT_ICMP (1 references)
target     prot opt source               destination
RETURN     icmp --  anywhere             anywhere             icmp echo-request
RETURN     icmp --  anywhere             anywhere             icmp timestamp-request
ACCEPT     icmp --  anywhere             anywhere

Chain NSFW (1 references)
target     prot opt source               destination
DROP       gre  --  anywhere             anywhere
DROP       tcp  --  anywhere             anywhere             tcp dpt:1723

Chain OVPN (2 references)
target     prot opt source               destination

Chain PControls (0 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PTCSRVLAN (1 references)
target     prot opt source               destination

Chain PTCSRVWAN (1 references)
target     prot opt source               destination

Chain SECURITY (0 references)
target     prot opt source               destination
RETURN     tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5
logdrop    tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/SYN
RETURN     tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5
logdrop    tcp  --  anywhere             anywhere             tcpflags: FIN,SYN,RST,ACK/RST
RETURN     icmp --  anywhere             anywhere             icmp echo-request limit: avg 1/sec burst 5
logdrop    icmp --  anywhere             anywhere             icmp echo-request
RETURN     all  --  anywhere             anywhere

Chain YazFiFORWARD (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain YazFiINPUT (1 references)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             multiport dports bootps,ntp
ACCEPT     icmp --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             multiport dports bootps,ntp
ACCEPT     icmp --  anywhere             anywhere
YazFiREJECT  all  --  anywhere             anywhere

Chain YazFiREJECT (3 references)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable

Chain default_block (0 references)
target     prot opt source               destination

Chain logaccept (0 references)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere             state NEW LOG level warning tcp-sequence tcp-options ip-o"
ACCEPT     all  --  anywhere             anywhere

Chain logdrop (9 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere

Chain other2wan (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
logdrop    all  --  anywhere             anywhere

Now - I guess everything looks as it should - but the smartphone still has full internet access (rebooted and disabled mobile data).
Have I misunderstood something about how IOT blocking works, oram I missing some steps?
Click to expand...

Try an IP on your regular notwork (not guest), I did a test on my end and that much seems to work smoothly. I'll have to investigate and see if guest networks/yazfi interfere somehow.
 
Adamm said:
Try an IP on your regular notwork (not guest), I did a test on my end and that much seems to work smoothly. I'll have to investigate and see if guest networks/yazfi interfere somehow.
Click to expand...
Shouldn't do, looks like Skynet's IOT rules are above YazFi's in the FORWARD chain. Unless you match specifically against br0?

EDIT:

Looks like you assume br0 for the incoming iface:
Code: 
Load_IOTTables() {
if [ "$iotblocked" = "enabled" ]; then
    iptables -I FORWARD -i br0 -m set --match-set Skynet-IOT src ! -o tun2+ -j DROP 2>/dev/null
    if [ -n "$iotports" ]; then
        if [ "$iotproto" = "all" ] || [ "$iotproto" = "udp" ]; then
            iptables -I FORWARD -i br0 -m set --match-set Skynet-IOT src -o "$iface" -p udp -m udp -m multiport --dports "$iotports" -j ACCEPT 2>/dev/null
        fi
        if [ "$iotproto" = "all" ] || [ "$iotproto" = "tcp" ]; then
            iptables -I FORWARD -i br0 -m set --match-set Skynet-IOT src -o "$iface" -p tcp -m tcp -m multiport --dports "$iotports" -j ACCEPT 2>/dev/null
        fi
    else
        if [ "$iotproto" = "all" ] || [ "$iotproto" = "udp" ]; then
            iptables -I FORWARD -i br0 -m set --match-set Skynet-IOT src -o "$iface" -p udp -m udp --dport 123 -j ACCEPT 2>/dev/null
        fi
        if [ "$iotproto" = "all" ] || [ "$iotproto" = "tcp" ]; then
            iptables -I FORWARD -i br0 -m set --match-set Skynet-IOT src -o "$iface" -p tcp -m tcp --dport 123 -j ACCEPT 2>/dev/null
        fi
    fi
fi
}
 
Update: Has anyone figured out how to successfully whitelist QVC? I've added their IP address 167.140.19.0/24 in the VPN rules table, and I tried adding the AS number AS15086 in Skynet, but QVC still detects that I'm on a VPN.
 
Last edited:
L&LD said:
@Kenneth Andersen, the 'latest firmware' isn't descriptive enough. Which actual firmware are you running? RT-AC87U: 384.13_4 is the latest and supports amtm 'built-in' which means you shouldn't have had to install amtm manually.

Depending on what you did to get to where you are, I may be tempted to start over fresh with a full M&M Config (please see the link in my signature below).

You can get around any in-forum search restrictions by using the search engine of your choice and using a variation of 'site: snbforums.com' on the end too.
Click to expand...
Thanks.. I'm running 384.13_4, but missed that amtm was added even though RT-AC87U still hasn't been bumbed to 385.
Followed your instruction for M&M.

Adamm said:
Try an IP on your regular notwork (not guest), I did a test on my end and that much seems to work smoothly. I'll have to investigate and see if guest networks/yazfi interfere somehow.
Click to expand...
On the fresh install I added Diversion and Skynet. Created a new guest network for IOT devices, but deferred from YazFi. IOT ban working fine.

Then added YazFi (I want client isolation on my normal guest network and the IOT network), but now IOT ban isn't working anymore.
So either YazFi itself breaks the ban, or the VLAN it creates does it (requires new subnet for each network).
 
TonyK132 said:
Update: Has anyone figured out how to successfully whitelist QVC? I've added their IP address 167.140.19.0/24 in the VPN rules table, and I tried adding the AS number AS15086 in Skynet, but QVC still detects that I'm on a VPN.
Click to expand...

Uh, wrong thread? If some website detects your on a VPN its because they blacklisted your providers IP space.

Kenneth Andersen said:
On the fresh install I added Diversion and Skynet. Created a new guest network for IOT devices, but deferred from YazFi. IOT ban working fine.

Then added YazFi (I want client isolation on my normal guest network and the IOT network), but now IOT ban isn't working anymore.
So either YazFi itself breaks the ban, or the VLAN it creates does it (requires new subnet for each network).
Click to expand...

Right, I'm aware of the issue as it appears these guest networks listen on a different interface then our regular br0. Its on my todo list ;)
 
5stringdeath said:
Look in AddOns / Diversion Stats
Click to expand...
5string, I found the addons. I had to add a couple of scripts, but now I've got the GUI's and can review logs.
thanks.
 
Adamm said:
Uh, wrong thread? If some website detects your on a VPN its because they blacklisted your providers IP space.

Oops, sorry.
Click to expand...
 
Adamm said:
Uh, wrong thread? If some website detects your on a VPN its because they blacklisted your providers IP space.
Click to expand...
Oops, sorry.
 
Skynet: No Data to Display

Hello, I'm running Skynet v7.1.2 via Merlin 384.15 on a RT-AC86U router and for some reason the Skynet logging function is not recording the dropped connections. If I click on the 'Advanced Settings/Firewall/Skynet' tab of the UI, I get: No Data to Display in all fields. I haven't re-started Skynet if over three days and still don't see any dropped packets...

Additionally if I type the following command in the CLI: sh /jffs/scripts/firewall stats, it gives the following result:
[*] No Logging Data Detected - Give This Time To Generate

I have rebooted the router multiple times and have tried different browsers (Firefox, IE, Chrome) with the same result. How do I go about troubleshooting this issue?

Thx

upload_2020-3-2_20-52-38.png
 

Attachments

  • upload_2020-3-2_20-49-26.png
    upload_2020-3-2_20-49-26.png
    96.5 KB · Views: 167
azdeltawye said:
Skynet: No Data to Display

Hello, I'm running Skynet v7.1.2 via Merlin 384.15 on a RT-AC86U router and for some reason the Skynet logging function is not recording the dropped connections. If I click on the 'Advanced Settings/Firewall/Skynet' tab of the UI, I get: No Data to Display in all fields. I haven't re-started Skynet if over three days and still don't see any dropped packets...

Additionally if I type the following command in the CLI: sh /jffs/scripts/firewall stats, it gives the following result:
[*] No Logging Data Detected - Give This Time To Generate

I have rebooted the router multiple times and have tried different browsers (Firefox, IE, Chrome) with the same result. How do I go about troubleshooting this issue?

Thx

View attachment 21710
Click to expand...
Check if logging is enabled in Skynet Settings. Bring up Skynet menu, choose 11 Settings, then number 3 will show status,
Code: 
3]  --> Logging                    | [Enabled]
 
Thanks for the reply @ Butterfly Bones.

Yes logging is enabled:
upload_2020-3-2_21-20-30.png
 
You must log in or register to reply here.

Similar threads

W
Looking for an add-on that does...
Replies
5
Views
2K
JGrana
JGrana
Viktor Jaep
Skynet Filter Validator v0.7 - Skynet Firewall Filter List IPv4 Integrity Validator
3 4 5
Replies
83
Views
13K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
Viktor Jaep
TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)
Replies
2
Views
109
Viktor Jaep
Viktor Jaep
RMerlin
Fun with ChatGPT...
2
Replies
33
Views
2K
RMerlin
RMerlin
M
Firewall doesen't block custom rules, neighter Skynet
Replies
0
Views
1K
MamaLing
M
Similar threads
Thread starter Title Forum Replies Date
Klonoa Skynet Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 1
S Skynet Skynet showing router itself making calls to China? Asuswrt-Merlin AddOns 26
J Skynet Skynet - Blocked outbounds coming from the router itself? Asuswrt-Merlin AddOns 12
O Skynet Installing Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 26
L Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important? Asuswrt-Merlin AddOns 2
Davidncali001 Skynet Message on SKYNET I havent seen before Asuswrt-Merlin AddOns 1
S Skynet firewall reduces wireless range Asuswrt-Merlin AddOns 14
P Skynet Internet speed lower with Skynet on Asuswrt-Merlin AddOns 9
N Skynet SkyNet/Firewall blocking all ping requests, including outbound Asuswrt-Merlin AddOns 6
W Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14 Asuswrt-Merlin AddOns 10

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 747 (members: 30, guests: 717)
Top