What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Force an update to the latest version (v5.3.5). I was doing some work on this command today (along with others) and corrected a bug and added some valid input checking. I also changed the CLI command to;

Code:
sh /jffs/scripts/firewall whitelist remove entry 104.16.75.76
Haha, fcking blinking red text:
Code:
Lock File Detected (start banmalware autoupdate usb=/tmp/mnt/entware) (pid=17671)
Whitelist IPTable Not Detected
Skynet IPTable Not Detected
BlockedRanges IPSet Not Detected
Skynet IPSet Not Detected
 
So, it's not clear from the hard to read red blinking text why it's showing it and what a user is supposed to do.
The answer is: Wait, it updates the db/banlists and loads the rules.
After a while when reloading the menu it disappears.
 
Force an update to the latest version (v5.3.5). I was doing some work on this command today (along with others) and corrected a bug and added some valid input checking. I also changed the CLI command to;

Code:
sh /jffs/scripts/firewall whitelist remove entry 104.16.75.76
I should just learn to run update before I do anything else, knowing how you keep tweaking. :)
 
And thanks for the new option [8]
 
hard to read red blinking text

I use Xshell 5 and it is pretty clear on my screen atleast, maybe in other terminals the font type isn't as great. Will keep that in mind

why it's showing it and what a user is supposed to do

This was originally a cut and paste from the debug info command. With that being said you are right it isn't totally clear to an inexperienced user what they are supposed to do (and that it will only appear for about 40 seconds after a firewall restart or reboot). I'll work on relaying this information better.

I should just learn to run update before I do anything else, knowing how you keep tweaking.

Yeah its always a good idea to see if there's an update if you run into any issues, I usually find and correct them quite fast. Good news is I'm pretty happy with the current state of the menu, I've gotten all the core functionality implemented that I initially hoped for and there are no outstanding bugs that I know of. Any changes going forward will probably be aesthetic more than anything.

And thanks for the new option [8]

No worries, was a good suggestion.
 
Yeah its always a good idea to see if there's an update if you run into any issues, I usually find and correct them quite fast. Good news is I'm pretty happy with the current state of the menu, I've gotten all the core functionality implemented that I initially hoped for and there are no outstanding bugs that I know of. Any changes going forward will probably be aesthetic more than anything.

Yeah, right. I know how these things go, every time one thinks it is complete another improvement comes to mind. :D

and...

Lubarsky's Law of Cybernetic Entomology
"There is *always* one more bug."
 
Can't ban country from menu, CLI. Separate and by one.

Removing Previous Country Bans
sed: /jffs/scripts/ipset.txt: No such file or directory
Banning Known IP Ranges For cn
Downloading Lists
Filtering IPv4 Ranges & Applying Blacklists
ipset v6.32: Error in line 1: The set with the given name does not exist
Skynet: [Complete] IPs / Ranges Banned. 0 New IPs / 0 New Ranges Banned. Inbound / Outbound Connections Blocked! [1s]​
 
Can't ban country from menu, CLI. Separate and by one.

Removing Previous Country Bans
sed: /jffs/scripts/ipset.txt: No such file or directory
Banning Known IP Ranges For cn
Downloading Lists
Filtering IPv4 Ranges & Applying Blacklists
ipset v6.32: Error in line 1: The set with the given name does not exist
Skynet: [Complete] IPs / Ranges Banned. 0 New IPs / 0 New Ranges Banned. Inbound / Outbound Connections Blocked! [1s]​

Skynet doesn't look installed, can you post the output of the following;

sh /jffs/scripts/firewall debug info
 
Just ran the update, i rather just see the debug status with the
Skynet: [Complete] 138566 IPs / 0 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 6 Inbound / 0 Outbound Connections Blocked! [1s] status.
 
Any chance we could get stats weekly by mail like in ABS ? :D

By all means its possible, but I don't think the current design of Skynet's stats would fit this. Skynet doesn't rotate logs on a regular basis, it purges them when the log file reaches a certain size (7MB). For some people this may take a month, for others it may only take a few days. With that being said, if Skynet were to send logs on lets say a weekly basis, you may only get a few days worth, or it could be a whole month worth of logs compiled. I'll keep it in mind for future, but for now you're probably best off just doing this externally with a cronjob with the contents of the email being the output of the stats command.

Just ran the update, i rather just see the debug status with the

Please elaborate, not quite sure what you mean.
 
When I now type firewall I no longer see the status.

Ah. Yes I cut down the main menu version to only show important information as having the full debug info seemed too cluttered. In the event there is an error it will appear blinking red, but if everything is working fine you will just see a minimal version.

For example;

TSNFsC5.png
 
Last edited:
Any chance we could get stats weekly by mail like in ABS ? :D
Meanwhile, you could include the logfile in the AB-Solution router backup function bu. Select "3. --> Custom" and fill in adblocking/custom_files/custom_backup_settings.txt with the file location, along with other files you want to be saved.
Examples are given in the file custom_backup_settings.txt.
 
Hi Adamm, thank you for the nice script.

i have a question, if someone from WAN is trying to attempt login to my router with SSH, and he failed more than 3 times, will the script autoban him?

i had been receiving some brute force attack to my router, hoping this script can solve my problem.

my problem was on another thread here
https://www.snbforums.com/threads/is-there-a-way-to-block-certain-ip-from-wan.41712/

Yes Skynet should pick up this and other port scanning activity quite smoothly.
 
thank you sir for this great utility!

by the way, will the ip become blocked permanently? or it will be release after certain days?
 
I didn't explain myself well enough, apologies :) what I meant was, before I typed firewall without arguments and it always displayed a status at the bottom,
Skynet: [Complete] 138566 IPs / 0 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 685 Inbound / 379 Outbound Connections Blocked! [28s]
Now I need to type 11 and then 3 to display it.
the red warning lines, of things that aren't as they supposed to be, are nice, but I'm really more interested in blocking snapshots / summaries as before.

Ah. Yes I cut down the main menu version to only show important information as having the full debug info seemed too cluttered. In the event there is an error it will appear blinking red, but if everything is working fine you will just see a minimal version.

For example;

TSNFsC5.png
 
before I typed firewall without arguments and it always displayed a status at the bottom

Skynet only shows this summary when its completed a task (or you use an invalid command). I'm toying around with adding this information to the main menu, but it looks out of place. So will keep playing around with it until I find something I like.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top