Skynet Skynet - Router Firewall & Security Enhancements

[Wishmaster1965]

I have this question right now. For me it is the UDP 1149 port for my OpenVPN server that is always blocked: $

But unfortunately the Adamm only says IP based.

Have you tried the ASUS gui / WAN / Port Trigger or Port Forwarding ?

 

[dave14305]

I get this message for the last two weeks when updating the Malwarebanlist
Refreshing Whitelists | du: : No such file or directory
When I print the debug info it passes all tests.
Diversion is on its most current release.

Sounds like your swap file is missing or undetected.

 

[Triton]

Sounds like your swap file is missing or undetected.

SWAP File | [Passed]
And the Asuswrt webGUI sees it too

 

[dave14305]

SWAP File | [Passed]
And the Asuswrt webGUI sees it too

What's the output of

cat /proc/swaps

 

[Triton]

What's the output of

cat /proc/swaps

Filename Type Size Used Priority
/tmp/mnt/SKYNET/myswap.swp file 1048572 0 -1

 

[Kenji]

Have you tried the ASUS gui / WAN / Port Trigger or Port Forwarding ?

Yes, but I'm not sure if that's all true. that's why i put everything i thought here do you know your way better?
with activated firewall it still doesn't work: / Tips?

lg.

 

[dave14305]

Filename Type Size Used Priority
/tmp/mnt/SKYNET/myswap.swp file 1048572 0 -1

How about running this:

grep swaplocation /tmp/mnt/SKYNET/skynet/skynet.cfg

I'm guessing it doesn't exist or is blank.

 

[Triton]

How about running this:

grep swaplocation /tmp/mnt/SKYNET/skynet/skynet.cfg

I'm guessing it doesn't exist or is blank.

output was
swaplocation=""

then the file lock notice showed up for some minutes.
now it's gone but i still get the same message when updating the malware banlist

 

[dave14305]

output was
swaplocation=""

then the file lock notice showed up for some minutes.
now it's gone but i still get the same message when updating the malware banlist

How about running

sh /jffs/scripts/firewall debug swap install

Then see if that populates the skynet.cfg file.

 

[Triton]

How about running

sh /jffs/scripts/firewall debug swap install

Then see if that populates the skynet.cfg file.

seems to have done the trick, no error message anymore
thanks!

 

[dave14305]

Yes, but I'm not sure if that's all true. that's why i put everything i thought here do you know your way better?
with activated firewall it still doesn't work: / Tips?

lg.

There is usually no need to port forward or trigger for the built-in OpenVPN server. Remove all that stuff you added. Then check the state of the firewall rules:

iptables -nvL OVPN

 

[Kenji]

There is usually no need to port forward or trigger for the built-in OpenVPN server. Remove all that stuff you added. Then check the state of the firewall rules:

iptables -nvL OVPN

All rules removed. Now only the VPN server and the VPN client (Nordvpn) are running
I don't know my way around but it shouldn't look like this?

lg.

 

[dave14305]

All rules removed. Now only the VPN server and the VPN client (Nordvpn) are running
I don't know my way around but it shouldn't look like this?

lg.

So you have a client and server both running on the router simultaneously. Too complicated for my limited VPN knowledge.

 

[L0nkFromPA]

I'm not sure if this has been requested before, but could there be an option, preferably on by default, to automatically whitelist addresses like the resolved IP of the configured NTP servers, the currently configured DNS resolvers, and the WAN default gateway? Basically things that if they were FPs in IP lists, they would stop everything from working and prevent fetching updated lists and therefore prevent fixing the FP.

This hasn't happened, I just have custom lists and was thinking of bad things that could happen.

 

[dave14305]

I'm not sure if this has been requested before, but could there be an option, preferably on by default, to automatically whitelist addresses like the resolved IP of the configured NTP servers, the currently configured DNS resolvers, and the WAN default gateway? Basically things that if they were FPs in IP lists, they would stop everything from working and prevent fetching updated lists and therefore prevent fixing the FP.

Already part of the script. It includes the WAN IP, but not the WAN gateway.

 

[L0nkFromPA]

Already part of the script. It includes the WAN IP, but not the WAN gateway.

Thanks for the reply. I looked through the script and found what I think are whitelist entries for all of the things I asked for here except the WAN gateway. I might have missed it, though.

 

[AntonK]

Hi everyone,

Question from a total non-techie (well, almost total): is there anything that either Diversion or SkyNet would be doing that would block my Desktop PC from connecting to my Echo Studio when listening via Spotify? All of a sudden I can't play Spotify through my Echo. I can play SiriusXM no problem. I'm guessing it's a temporary outage somewhere else, because I've been using Diversion and SkyNet for some time without any issues (see my signature below). Still, just checking...

Thanks,
Anton

 

[SomeWhereOverTheRainBow]

Hi everyone,

Question from a total non-techie (well, almost total): is there anything that either Diversion or SkyNet would be doing that would block my Desktop PC from connecting to my Echo Studio when listening via Spotify? All of a sudden I can't play Spotify through my Echo. I can play SiriusXM no problem. I'm guessing it's a temporary outage somewhere else, because I've been using Diversion and SkyNet for some time without any issues (see my signature below). Still, just checking...

Thanks,
Anton

if you are using any adblockers that block domains associated with spotify, It would most likely be an issue with the block list you are using with diversion as skynet mainly only blocks threat level stuff. check your logs in diversion and look for domains specifically being blocked when you try to access spotify from your echo. it will list all the domain traffic that is being blocked for the ip addess that is associated with your echo. ( first you need to identify the ip address assigned to your echo before this will be relevant). Once you identify the domains being blocked, then add them to your whitelist and run process all list.
if you need more help with this try moving this issue to the diversion thread for more help.

 

[SomeWhereOverTheRainBow]

Hi everyone,

Question from a total non-techie (well, almost total): is there anything that either Diversion or SkyNet would be doing that would block my Desktop PC from connecting to my Echo Studio when listening via Spotify? All of a sudden I can't play Spotify through my Echo. I can play SiriusXM no problem. I'm guessing it's a temporary outage somewhere else, because I've been using Diversion and SkyNet for some time without any issues (see my signature below). Still, just checking...

Thanks,
Anton

apresolve.spotify.com
upgrade.scdn.com
market.spotify.com
spclient.wg.spotify.com
audio-ake.spotify.com.edgesuite.net
mobile-ap.spotify.com

here is some commonly whitelisted ones for spotify try them out in your diversion whitelist and let me know if it resolves your issue.

**edit** Note i just updated the list with a corrected spelling **

 

[Ubimo]

What's the standard filter list? URL?