Menu
What's new
By:
Filters Better Search

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Adamm said:
Skynet filters all clients connected to the routers OpenVPN server.
Click to expand...
hello @Adamm
i have done some checking and i believe this isnt happening to me. can you please advise?

im using ip 185.153.199.53 as blocking example. this is in skynet blacklist

10.0.0.7 is connected directly to router. when i ping or do tracert from this device, it indeed gets blocked by skynet

Code: 
Apr 19 15:14:18 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:ed:fb:ac:05:48:xx:xx:xx:6f:63:xx:xx:xxSRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=13 ID=25891 PROTO=ICMP TYPE=8 CODE=0 ID=2 SEQ=60136
1.JPG
Code: 
/opt/bin/firewall stats search ip 10.0.0.7 10
[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 8.7M
[i] Monitoring From Apr 16 03:00:05 To Apr 19 15:23:01
[i] 33467 Block Events Detected
[i] 3329 Unique IPs
[i] 9 Manual Bans Issued

10.0.0.7 is in set Skynet-Whitelist.
10.0.0.7 is NOT in set Skynet-Blacklist.
10.0.0.7 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
 10.0.0.2 "PrivateIP"
 10.0.0.7 "PrivateIP"
 10.0.0.0/8 "nvram: lan_ipaddr"
 10.0.0.66 "PrivateIP"
 10.0.0.32 "PrivateIP"
 10.0.0.6 "Shared-Whitelist: pagead2.googlesyndication.com"


[i] IP Location - Undefined (Undefined / Undefined)

[i] 10.0.0.7 First Tracked On Apr 16 03:03:02
[i] 10.0.0.7 Last Tracked On Apr 19 15:17:46
[i] 194 Blocks Total

Event Log Entries From 10.0.0.7;

First Block Tracked From 10.0.0.7;
Apr 16 03:03:02 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:23:24:xx:63:xx:xx:xx SRC=10.0.0.7 DST=180.87.4.143 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=169

10 Most Recent Blocks From 10.0.0.7;
Apr 19 15:17:42 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=30 ID=25
Apr 19 15:17:46 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx0 SRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=30 ID=25


Top 10 Targeted Ports From 10.0.0.7 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

-*-

Top 10 Sourced Ports From 10.0.0.7 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

-*-


=============================================================================================================


[#] 188242 IPs (+0) -- 15244 Ranges Banned (+0) || 488 Inbound -- 90 Outbound Connections Blocked! [stats] [35s]


10.0.1.2 is connected to the router via openvpn. routers openvpn server is 10.0.1.1 btw
in this case, running a tracert from my vpn client shows all hops and there is no sign of skynet blocking it. also, there is no output on log file
2.JPG
Code: 
[$] /opt/bin/firewall stats search ip 10.0.1.2 10


=============================================================================================================


[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 8.7M
[i] Monitoring From Apr 16 03:00:05 To Apr 19 15:21:01
[i] 33455 Block Events Detected
[i] 3327 Unique IPs
[i] 9 Manual Bans Issued

10.0.1.2 is in set Skynet-Whitelist.
10.0.1.2 is NOT in set Skynet-Blacklist.
10.0.1.2 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
*--
-*-
[i] IP Location - Undefined (Undefined / Undefined)

[i] 10.0.1.2 First Tracked On
[i] 10.0.1.2 Last Tracked On
[i] 0 Blocks Total

Event Log Entries From 10.0.1.2;

First Block Tracked From 10.0.1.2;
-*-
10 Most Recent Blocks From 10.0.1.2;
*--

Top 10 Targeted Ports From 10.0.1.2 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

*--

Top 10 Sourced Ports From 10.0.1.2 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

--*
*--

=============================================================================================================


[#] 188242 IPs (+0) -- 15244 Ranges Banned (+0) || 480 Inbound -- 90 Outbound Connections Blocked! [stats] [33s]
 
Last edited:
KGB7 said:
Select Debug Option:
[1] --> Show Log Entries As They Appear
[2] --> Print Debug Info
[3] --> Cleanup Syslog Entries
[4] --> SWAP File Management
[5] --> Backup Skynet Files
[6] --> Restore Skynet Files

[1-6]: 1

[*] Skynet Not Running - Exiting

admin@RT-AC68U:/tmp/home/root#


---------------------------------------------

Im going to do another full reinstall and get back to you with results.


edit;
Did a full reinstall and still running in to same exact issue.
Click to expand...

You selected the wrong menu entry for starters, secondly you didn’t also post the contents of your syslog from the WebUI;

Code: 
sh /jffs/scripts/firewall debug info
 
Adamm said:
You selected the wrong menu entry for starters, secondly you didn’t also post the contents of your syslog from the WebUI;

Code: 
sh /jffs/scripts/firewall debug info
Click to expand...

Router Model; RT-AC68U
Skynet Version; v7.1.6 (19/04/2020) (3231cf7fb6fa8092ead287d0c76a47e8)
iptables v1.4.15 - ( @ 192.160.100.1)
ipset v6.32, protocol version: 6
IP Address; (192.168.100.4)
FW Version; 384.16_0 (Apr 5 2020) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/sda1/skynet (1.5G / 3.7G Space Available)
SWAP File; /tmp/mnt/sda1/myswap.swp (2.0G)
Uptime; 0 days, 22 hours, 10 minutes.
Ram Available; (174M / 249M)

-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------

Internet-Connectivity | [Passed]
Write Permission | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Failed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------

Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Import AiProtect Data | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

15/16 Tests Sucessful

[*] Rule Integrity Violation - [ #6 #16 ]


EDIT:

I cant post the log, because I get this message from the forums.

The following error occurred:
Sorry, you have been blocked
You are unable to access snbforums.com
 
Last edited:
KGB7 said:
Router Model; RT-AC68U
Skynet Version; v7.1.6 (19/04/2020) (3231cf7fb6fa8092ead287d0c76a47e8)
iptables v1.4.15 - ( @ 192.160.100.1)
ipset v6.32, protocol version: 6
IP Address; (192.168.100.4)
FW Version; 384.16_0 (Apr 5 2020) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/sda1/skynet (1.5G / 3.7G Space Available)
SWAP File; /tmp/mnt/sda1/myswap.swp (2.0G)
Uptime; 0 days, 22 hours, 10 minutes.
Ram Available; (174M / 249M)

-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------

Internet-Connectivity | [Passed]
Write Permission | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Failed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------

Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Import AiProtect Data | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

15/16 Tests Sucessful

[*] Rule Integrity Violation - [ #6 #16 ]


EDIT:

I cant post the log, because I get this message from the forums.

The following error occurred:
Sorry, you have been blocked
You are unable to access snbforums.com
Click to expand...
Put the log on pastebin.com and post the link to it here. This is the security feature of SNB keeping you from posting malware. I does not understand data logs, happens to all of us. o_O
 
KGB7 said:
Alright. Lets see if this works.

https://pastebin.com/vHN3sFiw

@Adamm



Thanks Butterfly.
Click to expand...
Your WAN interface is eth3, which seems unusual to me (at least on my router). Are you doing something with Dual WAN or USB modem?

Skynet will apply the rules to the interface that is listed under:
Code: 
nvram get wan0_ifname
If this isn’t eth3 for you, it explains why it doesn’t work for you. I understand that Adamm has not implemented support for anything Dual-WAN related because he has no way to test it.
 
Last edited:
andresmorago said:
hello @Adamm
i have done some checking and i believe this isnt happening to me. can you please advise?

im using ip 185.153.199.53 as blocking example. this is in skynet blacklist

10.0.0.7 is connected directly to router. when i ping or do tracert from this device, it indeed gets blocked by skynet

Code: 
Apr 19 15:14:18 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=xx:ed:fb:ac:05:48:xx:xx:xx:6f:63:xx:xx:xxSRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=13 ID=25891 PROTO=ICMP TYPE=8 CODE=0 ID=2 SEQ=60136
View attachment 22839
Code: 
/opt/bin/firewall stats search ip 10.0.0.7 10
[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 8.7M
[i] Monitoring From Apr 16 03:00:05 To Apr 19 15:23:01
[i] 33467 Block Events Detected
[i] 3329 Unique IPs
[i] 9 Manual Bans Issued

10.0.0.7 is in set Skynet-Whitelist.
10.0.0.7 is NOT in set Skynet-Blacklist.
10.0.0.7 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
 10.0.0.2 "PrivateIP"
 10.0.0.7 "PrivateIP"
 10.0.0.0/8 "nvram: lan_ipaddr"
 10.0.0.66 "PrivateIP"
 10.0.0.32 "PrivateIP"
 10.0.0.6 "Shared-Whitelist: pagead2.googlesyndication.com"


[i] IP Location - Undefined (Undefined / Undefined)

[i] 10.0.0.7 First Tracked On Apr 16 03:03:02
[i] 10.0.0.7 Last Tracked On Apr 19 15:17:46
[i] 194 Blocks Total

Event Log Entries From 10.0.0.7;

First Block Tracked From 10.0.0.7;
Apr 16 03:03:02 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:23:24:xx:63:xx:xx:xx SRC=10.0.0.7 DST=180.87.4.143 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=169

10 Most Recent Blocks From 10.0.0.7;
Apr 19 15:17:42 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx SRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=30 ID=25
Apr 19 15:17:46 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx0 SRC=10.0.0.7 DST=185.153.199.53 LEN=92 TOS=0x00 PREC=0x00 TTL=30 ID=25


Top 10 Targeted Ports From 10.0.0.7 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

-*-

Top 10 Sourced Ports From 10.0.0.7 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

-*-


=============================================================================================================


[#] 188242 IPs (+0) -- 15244 Ranges Banned (+0) || 488 Inbound -- 90 Outbound Connections Blocked! [stats] [35s]


10.0.1.2 is connected to the router via openvpn. routers openvpn server is 10.0.1.1 btw
in this case, running a tracert from my vpn client shows all hops and there is no sign of skynet blocking it. also, there is no output on log file
View attachment 22840
Code: 
[$] /opt/bin/firewall stats search ip 10.0.1.2 10


=============================================================================================================


[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 8.7M
[i] Monitoring From Apr 16 03:00:05 To Apr 19 15:21:01
[i] 33455 Block Events Detected
[i] 3327 Unique IPs
[i] 9 Manual Bans Issued

10.0.1.2 is in set Skynet-Whitelist.
10.0.1.2 is NOT in set Skynet-Blacklist.
10.0.1.2 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;
*--
-*-
[i] IP Location - Undefined (Undefined / Undefined)

[i] 10.0.1.2 First Tracked On
[i] 10.0.1.2 Last Tracked On
[i] 0 Blocks Total

Event Log Entries From 10.0.1.2;

First Block Tracked From 10.0.1.2;
-*-
10 Most Recent Blocks From 10.0.1.2;
*--

Top 10 Targeted Ports From 10.0.1.2 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

*--

Top 10 Sourced Ports From 10.0.1.2 (Inbound);


--------   | --------   | --------------
| Hits |   | | Port |   | | SpeedGuide |
--------   | --------   | --------------

--*
*--

=============================================================================================================


[#] 188242 IPs (+0) -- 15244 Ranges Banned (+0) || 480 Inbound -- 90 Outbound Connections Blocked! [stats] [33s]
Click to expand...


I can't reproduce this on my end.


Code: 
skynet@RT-AX88U-DC28:/tmp/home/root# firewall ban domain adam.com
#############################################################################################################
#                                                                                                           #
#                  ███████╗██╗  ██╗██╗   ██╗███╗   ██╗███████╗████████╗    ██╗   ██╗███████╗                #
#                  ██╔════╝██║ ██╔╝╚██╗ ██╔╝████╗  ██║██╔════╝╚══██╔══╝    ██║   ██║╚════██║                #
#                  ███████╗█████╔╝  ╚████╔╝ ██╔██╗ ██║█████╗     ██║       ██║   ██║    ██╔╝                #
#                  ╚════██║██╔═██╗   ╚██╔╝  ██║╚██╗██║██╔══╝     ██║       ╚██╗ ██╔╝   ██╔╝                 #
#                  ███████║██║  ██╗   ██║   ██║ ╚████║███████╗   ██║        ╚████╔╝    ██║                  #
#                  ╚══════╝╚═╝  ╚═╝   ╚═╝   ╚═╝  ╚═══╝╚══════╝   ╚═╝         ╚═══╝     ╚═╝                  #
#                                                                                                           #
#                                 Router Firewall And Security Enhancements                                 #
#                             By Adamm -  https://github.com/Adamm00/IPSet_ASUS                             #
#                                            16/04/2020 - v7.1.6                                            #
#############################################################################################################


=============================================================================================================


[i] Adding adam.com To Blacklist
[i] Banning 64.238.206.176
[i] Saving Changes


=============================================================================================================


[#] 187588 IPs (+1) -- 1926 Ranges Banned (+0) || 629 Inbound -- 0 Outbound Connections Blocked! [ban] [5s]



skynet@RT-AX88U-DC28:/tmp/home/root# sh /jffs/scripts/firewall debug watch
#############################################################################################################
#                                                                                                           #
#                  ███████╗██╗  ██╗██╗   ██╗███╗   ██╗███████╗████████╗    ██╗   ██╗███████╗                #
#                  ██╔════╝██║ ██╔╝╚██╗ ██╔╝████╗  ██║██╔════╝╚══██╔══╝    ██║   ██║╚════██║                #
#                  ███████╗█████╔╝  ╚████╔╝ ██╔██╗ ██║█████╗     ██║       ██║   ██║    ██╔╝                #
#                  ╚════██║██╔═██╗   ╚██╔╝  ██║╚██╗██║██╔══╝     ██║       ╚██╗ ██╔╝   ██╔╝                 #
#                  ███████║██║  ██╗   ██║   ██║ ╚████║███████╗   ██║        ╚████╔╝    ██║                  #
#                  ╚══════╝╚═╝  ╚═╝   ╚═╝   ╚═╝  ╚═══╝╚══════╝   ╚═╝         ╚═══╝     ╚═╝                  #
#                                                                                                           #
#                                 Router Firewall And Security Enhancements                                 #
#                             By Adamm -  https://github.com/Adamm00/IPSet_ASUS                             #
#                                            16/04/2020 - v7.1.6                                            #
#############################################################################################################


=============================================================================================================


[i] Watching Syslog For Log Entries (ctrl +c) To Stop

Apr 20 20:06:31 kernel: [BLOCKED - INBOUND] IN=ppp0 OUT= MAC= SRC=64.238.206.176 DST=xx.xx.xx.xxx LEN=64 TOS=0x00 PREC=0x00 TTL=235 ID=36457 DF PROTO=TCP SPT=80 DPT=52691 SEQ=4007838813 ACK=623614145 WINDOW=4083 RES=0x00 ACK SYN URGP=0 OPT (02040564010303000101080A970D0
Associated Domain(s) - [adam.com]
 
Adamm said:
I can't reproduce this on my end.
Click to expand...
hello @Adamm
i dont have any ppp interfaces but tun interfaces. could this be the reason?

tun21 is the openvpn server running at my router
Code: 
andresmorago@RT-AC3100-0548:/tmp/home/root# ifconfig
br0       Link encap:Ethernet  HWaddr
          inet addr:10.0.0.1  Bcast:10.0.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:5805833 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9982969 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1640308778 (1.5 GiB)  TX bytes:11185814055 (10.4 GiB)

br0:pixelserv-t Link encap:Ethernet  HWaddr
          inet addr:10.0.0.6  Bcast:10.255.255.255  Mask:255.0.0.0
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1

eth0      Link encap:Ethernet  HWaddr
          inet addr:xxxxx  Bcast:xxxxx  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:42563485 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16984017 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:618237912 (589.5 MiB)  TX bytes:926481907 (883.5 MiB)
          Interrupt:181 Base address:0x6000

eth1      Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1259793 errors:0 dropped:3 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:674668847 (643.4 MiB)

eth2      Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10293595 errors:0 dropped:24231 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:678945831 (647.4 MiB)

fwd0      Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:1244329 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1033598 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:433242143 (413.1 MiB)
          Interrupt:179 Base address:0x4000

fwd1      Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:10301458 errors:0 dropped:0 overruns:0 frame:0
          TX packets:4387592 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:1060755907 (1011.6 MiB)
          Interrupt:180 Base address:0x5000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1
          RX packets:448329 errors:0 dropped:0 overruns:0 frame:0
          TX packets:448329 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:99160665 (94.5 MiB)  TX bytes:99160665 (94.5 MiB)

lo:0      Link encap:Local Loopback
          inet addr:127.0.1.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING MULTICAST  MTU:16436  Metric:1

tun11     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.0.2.2  P-t-P:10.0.2.2  Mask:255.255.255.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:119998 errors:0 dropped:0 overruns:0 frame:0
          TX packets:110575 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:103028729 (98.2 MiB)  TX bytes:80454635 (76.7 MiB)

tun21     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.0.1.1  P-t-P:10.0.1.1  Mask:255.255.255.0
          UP POINTOPOINT RUNNING NOARP PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:48 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:4746 (4.6 KiB)  TX bytes:8592 (8.3 KiB)

vlan1     Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING PROMISC ALLMULTI MULTICAST  MTU:1500  Metric:1
          RX packets:5837050 errors:0 dropped:0 overruns:0 frame:0
          TX packets:10078335 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1664986924 (1.5 GiB)  TX bytes:11233565497 (10.4 GiB)

vlan2     Link encap:Ethernet  HWaddr
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
 
Good evening

Does anyone know how to block gambling websites as one of our family member is having problems with it
 
dave14305 said:
Your WAN interface is eth3, which seems unusual to me (at least on my router). Are you doing something with Dual WAN or USB modem?

Skynet will apply the rules to the interface that is listed under:
Code: 
nvram get wan0_ifname
If this isn’t eth3 for you, it explains why it doesn’t work for you. I understand that Adamm has not implemented support for anything Dual-WAN related because he has no way to test it.
Click to expand...

Im using a HotSpot connected to router via USB port as my source for internet.

Thanks for the clarification.
 
hello, a quick question. I reset my Asus router to factory settings and set it up again. my settings: Internet> Lan cable to Wan port of the Asus router. The Fritzbox has the IP 192.168.178.1, Asus when IP 192.168.33.1


Now the skynet log is spammed with this error. Can someone explain to me that this means? Is the connection to the Fritzbox blocked? And how do I fix this problem?

Apr 21 00:07:59 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=23505 DF OPT (94040000) PROTO=2 MARK=0x8000000
Apr 21 00:10:04 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=26008 DF OPT (94040000) PROTO=2 MARK=0x8000000
Apr 21 00:12:09 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=32870 DF OPT (94040000) PROTO=2 MARK=0x8000000

Lg. Philipp
 
Hi guys, just wanted to check how can i unblock blocked devices from skynet? i am actually trying to update the firmware of my note 10+ but then it seem the update is not downloading and when i login to skynet to check, my phone is being blocked.
 
Kenji said:
hello, a quick question. I reset my Asus router to factory settings and set it up again. my settings: Internet> Lan cable to Wan port of the Asus router. The Fritzbox has the IP 192.168.178.1, Asus when IP 192.168.33.1


Now the skynet log is spammed with this error. Can someone explain to me that this means? Is the connection to the Fritzbox blocked? And how do I fix this problem?

Apr 21 00:07:59 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=23505 DF OPT (94040000) PROTO=2 MARK=0x8000000
Apr 21 00:10:04 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=26008 DF OPT (94040000) PROTO=2 MARK=0x8000000
Apr 21 00:12:09 lul kernel: [BLOCKED - INVALID] IN=eth0 OUT= MAC=01:00:5e:00:00:01:cc:ce:1e:0f:09:30:08:00 SRC=192.168.178.1 DST=224.0.0.1 LEN=36 TOS=0x00 PREC=0xC0 TTL=1 ID=32870 DF OPT (94040000) PROTO=2 MARK=0x8000000

Lg. Philipp
Click to expand...

Skynet > 11 (settings) > 6 (log invalid packets) = disable.
 
  • Like
Reactions: a5m
Noob question Alert: I have rules in the UI to forward ports to specific devices of coming from outside, three in total. I can only see one working when I test from another network. Can I just use iptables to forward these three "rules" instead ?

Where would I make this change so it would be persistent post reboot ?
 
ryosuke said:
Hi guys, just wanted to check how can i unblock blocked devices from skynet? i am actually trying to update the firmware of my note 10+ but then it seem the update is not downloading and when i login to skynet to check, my phone is being blocked.
Click to expand...

As per the second post in this thread;

Adamm said:
Halp - BestApp.exe or BestWebsite.com Is Being Blocked;

Don't worry, tracking down false positive bans was at the core of design. Generally speaking you can follow these steps to find (and whitelist) anything incorrectly on your Blacklist!

1.) Enable Logging
Code: 
sh /jffs/scripts/firewall settings logmode enable
2.) Open the blocked application/website and use the command;

Code: 
sh /jffs/scripts/firewall debug watch
Now look for a flood of [BLOCKED - OUTBOUND] coming from the same IP. This most likely will be the IP you are looking for if its being spammed in large numbers.

3.) Copy the IP following "DST=" it should look something like this;
Code: 
DST=175.115.37.52
4.) Double check the IP is not actually something that should be banned, use a search tool like alienvault. If its related to a domain additional "Associated Domain" information should be printed beneath the log.

Code: 
https://otx.alienvault.com/indicator/ip/175.115.37.52/
5.) Great we have confirmed we found the IP of the blocked website/application we are looking for, lets whitelist it!

Code: 
sh /jffs/scripts/firewall whitelist ip 175.115.37.52
Click to expand...

Wishmaster1965 said:
Noob question Alert: I have rules in the UI to forward ports to specific devices of coming from outside, three in total. I can only see one working when I test from another network. Can I just use iptables to forward these three "rules" instead ?

Where would I make this change so it would be persistent post reboot ?
Click to expand...

This has nothing todo with Skynet.
 
  • Like
Reactions: a5m
You must log in or register to reply here.

Similar threads

W
Looking for an add-on that does...
Replies
5
Views
2K
JGrana
JGrana
Viktor Jaep
Skynet Filter Validator v0.7 - Skynet Firewall Filter List IPv4 Integrity Validator
3 4 5
Replies
83
Views
13K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
Viktor Jaep
TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)
Replies
2
Views
242
Viktor Jaep
Viktor Jaep
RMerlin
Fun with ChatGPT...
2
Replies
33
Views
2K
RMerlin
RMerlin
M
Firewall doesen't block custom rules, neighter Skynet
Replies
0
Views
1K
MamaLing
M
Similar threads
Thread starter Title Forum Replies Date
Klonoa Skynet Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 1
S Skynet Skynet showing router itself making calls to China? Asuswrt-Merlin AddOns 26
J Skynet Skynet - Blocked outbounds coming from the router itself? Asuswrt-Merlin AddOns 12
O Skynet Installing Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 26
L Skynet I have installed the skynet firewall how do I configure it if the security of iot devices is important? Asuswrt-Merlin AddOns 2
Davidncali001 Skynet Message on SKYNET I havent seen before Asuswrt-Merlin AddOns 1
S Skynet firewall reduces wireless range Asuswrt-Merlin AddOns 14
P Skynet Internet speed lower with Skynet on Asuswrt-Merlin AddOns 9
N Skynet SkyNet/Firewall blocking all ping requests, including outbound Asuswrt-Merlin AddOns 6
W Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14 Asuswrt-Merlin AddOns 10

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 923 (members: 20, guests: 903)
Top