What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I've pushed v5.7.0, mostly an under the hood minor update polishing off recent changes.

Fixed various Typos
More POSIX compliance
Support local files with the import/deport commands
Check for more errors in main menu
Only check the logdrop chain for duplicate rules
Delete leftover files upon uninstall
Check USB has write permissions upon command execution
Better port validation (dont accept values above 65535)


I also now have started a Wiki Page with explanations for common errors which is open for anyone to edit.
 
Thanks...

Are you able to add an option in Banmalware to ad-hoc update my current custom list without the need to add in the URL for the custom list.
 
Thanks...

Are you able to add an option in Banmalware to ad-hoc update my current custom list without the need to add in the URL for the custom list.

Can you elaborate alittle further on what exactly you mean here? The current banmalware functionality for custom lists is that the specified URL will be used from that point forward automatically until you change it again or reset it within Skynet.
 
Can you elaborate alittle further on what exactly you mean here? The current banmalware functionality for custom lists is that the specified URL will be used from that point forward automatically until you change it again or reset it within Skynet.
Currently in the Banmalware, there is 3 options, Default, Custom, Reset.
So, first time I add in my custom URL list. I know it will be auto update every 24 hr or using the crontab to check the frequency.

However, sometime I want to ad-hoc call for update/download of the list. For now I use command from the crontab to update it.
“sh /jffs/scripts/firewall banmalware #Skynet_banmalware#”

I just wanted this to be in GUI for easy update like in ab-solution updating the ad filter list.
 
Currently in the Banmalware, there is 3 options, Default, Custom, Reset.
So, first time I add in my custom URL list. I know it will be auto update every 24 hr or using the crontab to check the frequency.

However, sometime I want to ad-hoc call for update/download of the list. For now I use command from the crontab to update it.
“sh /jffs/scripts/firewall banmalware #Skynet_banmalware#”

I just wanted this to be in GUI for easy update like in ab-solution updating the ad filter list.

Okay think I understand where your coming from, the word ad-hoc got me confused.

Maybe my wording in that menu isn’t great, but once you set a “custom” filter, it becomes the “default” option from that point further. So if you did chose the default option, it would actually be using the filter list you specified previously.
 
Oh.. thanks.. that’s what i suspect but I didn’t test it.
In this instance, would it be better to change the term default to update? Reset to Default?
Coz when u install Skynet, the default list is already there. So normal usage is update, custom or default (set back to original default).

This will help others I think.
 
Oh.. thanks.. that’s what i suspect but I didn’t test it.
In this instance, would it be better to change the term default to update? Reset to Default?
Coz when u install Skynet, the default list is already there. So normal usage is update, custom or default (set back to original default).

This will help others I think.

Okay I've clarified this in the latest commit, the menu is now as follows;

Code:
Select Option:
[1]  --> Update
[2]  --> Change Filter List
[3]  --> Reset Filter List
 
I am having a problem where Skynet is banning Speedtest.net sites I use. I can clear autoban but they come right back. How do I find out why?

Jan 14 17:24:05 kernel: [BLOCKED - NEW BAN] IN=eth0 OUT= MAC=XXX
SRC=192.159.178.7 DST=XX.XX.XX.XX LEN=1500 TOS=0x08 PREC=0x20 TTL=52 ID=36465 DF PROTO=TCP SPT=808
0 DPT=60669 SEQ=270632691 ACK=853618780 WINDOW=227 RES=0x00 ACK URGP=0 OPT (0101080A0AB50C10292747B5)
 
I am having a problem where Skynet is banning Speedtest.net sites I use. I can clear autoban but they come right back. How do I find out why?

Jan 14 17:24:05 kernel: [BLOCKED - NEW BAN] IN=eth0 OUT= MAC=XXX
SRC=192.159.178.7 DST=XX.XX.XX.XX LEN=1500 TOS=0x08 PREC=0x20 TTL=52 ID=36465 DF PROTO=TCP SPT=808
0 DPT=60669 SEQ=270632691 ACK=853618780 WINDOW=227 RES=0x00 ACK URGP=0 OPT (0101080A0AB50C10292747B5)

On random ports like that with the additional prerequisites I've added already there's not too much else I can do as its the IPTables functionality that's flagging the packets as invalid. Your best bet would be to Whitelist the domain if its repeatedly getting blacklisted.
 
On random ports like that with the additional prerequisites I've added already there's not too much else I can do as its the IPTables functionality that's flagging the packets as invalid. Your best bet would be to Whitelist the domain if its repeatedly getting blacklisted.

Thanks. Any server I pick from speedtest.net gets added. This didn't use to happen, just started today with 3.6.8, and still with 3.7.0.
 
Thanks. Any server I pick from speedtest.net gets added. This didn't use to happen, just started today with 3.6.8, and still with 3.7.0.

Quite strange as I use the website daily and never run into any issues or false positives from it. Not sure what else to say here as I can't replicate it on my end, a reboot could help though, never hurts to try.

How do I tell "why" iptables thinks the packets are invalid? Maybe I need to reboot the router.

You ran read about SPI Firewalls here. Skynet merely piggybacks off existing functionality within the router and makes the bans permanent rather then just dropping packets that are considered invalid. Unfortunately though no solution is perfect and some people have issues with it and false positives where as others it works flawlessly.

For reference, this feature can be disabled in Skynet during the install process if its causing issues on your setup.
 
Interesting, rebooted router, cleared all autobans, and did a another test... no autoban, but still banned on outgoing.


Jan 14 18:38:01 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=XX
SRC=192.168.X.XXX DST=193.19.172.5 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=22777 DF PROTO=UDP SPT=39802 D
PT=123 LEN=56
 
Interesting, rebooted router, cleared all autobans, and did a another test... no autoban, but still banned on outgoing.


Jan 14 18:38:01 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=XX
SRC=192.168.X.XXX DST=193.19.172.5 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=22777 DF PROTO=UDP SPT=39802 D
PT=123 LEN=56

It is banned because it is already in the blacklist. Unban it now that you disabled autoban.
 
I am in github and there are some blockage of ip... I whitelisted the ip but few hr or a day later the ip changed.
The ip is surrounding 151.101.x.133.
I tried to blocked by domain but the domain ip changed...
So I think workaround is whitelist by range.

How to whitelist 151.101.x.133 ?

Anyone have this issue with github and what domain should I whitelist?
Currently whitelisted
raw.githubusercontent.com
help.github.com
github.map.fastly.net
prod.github.map.fastlylb.net

I got this domain from alienvault
 
Last edited:
I am in github and there are some blockage of ip... I whitelisted the ip but few hr or a day later the ip changed.
The ip is surrounding 151.101.x.133.
I tried to blocked by domain but the domain ip changed...
So I think workaround is whitelist by range.

How to whitelist 151.101.x.133 ?

Anyone have this issue with github and what domain should I whitelist?
Currently whitelisted
raw.githubusercontent.com
help.github.com
github.map.fastly.net
prod.github.map.fastlylb.net

I got this domain from alienvault


You can use this tool to generate a CIDR to whitelist


And you can use this guide to find out what IP is blocked that needs to be unbanned/whitelisted
 
Checked the CIDR tool. Question is I think there is only 254 possible IP and using that tool seems to cover more IP that I intended to have.
Guess for now I will just whitelist as and when needed. I don't think they have 254 ips.

Yes I am aware of how to check the IP and I did that before I whitelist.

Thanks.
 
Thanks, I will check again. I did unban all "autobans" and when I use the SH command, it shows 0 autobans.

So I rebooted, and it was still blocked. I cleared autobans, still blocked. Uninstalled and re-installed, now it works again. I really like SkyNet, so I will keep at it.
 
So today I tried to launch it and to my surprise I am having a weird issue.

I see the Skynet V5 "logo" and the ############## stuff around it/under.

Thats it. No menu, nothing.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top