What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

That's safe unless you visit the one or two malicious subdomains that cause wordpress blogs to be banned.
That's going to be hard to figure out. It seems in that case my antivirus is going to be the last line of defense.

Sent from my SGH-M919 using Tapatalk
 
It seems Skynet is blocking wordpress blogs like this one. I checked and AlienVault says it was previously malicious. Now I can whitelist it to go through, but will that be safe?

One of the downsides of free shared hosting is false flagging on lists like these. Because wordpress host tens of thousands of domains on the same servers, the few bad eggs get the IPs blacklisted. With that being said its safe to whitelist.
 
@Adamm I just updated from 380.68_4 to the official 382.1 I did not do anything other than update my scripts before updating the router. Everything went great. No problems and no errors. All scripts running without reinstall. You are awesome!

Question about this for Skeal or Adamm... What is the preferred method of handling Skynet when upgrading from 380.68_4 to 382.1? I see that Skeal just upgraded overtop of it, without problems. I was thinking of uninstalling since it's mounting to my USB drive, and wanted to make sure I have all devices unplugged before doing the update? Please let me know what is the preferred way to do this?

Thanks!
 
Question about this for Skeal or Adamm... What is the preferred method of handling Skynet when upgrading from 380.68_4 to 382.1? I see that Skeal just upgraded overtop of it, without problems. I was thinking of uninstalling since it's mounting to my USB drive, and wanted to make sure I have all devices unplugged before doing the update? Please let me know what is the preferred way to do this?

Thanks!
I had to reset to factory defaults because of a memory use problem. I have absolutely no problems except the QOS error that doesn't seem to harm anything. I would update scripts and flash then see from there whether you need a factory reset to correct weirdness.
 
Question about this for Skeal or Adamm... What is the preferred method of handling Skynet when upgrading from 380.68_4 to 382.1? I see that Skeal just upgraded overtop of it, without problems. I was thinking of uninstalling since it's mounting to my USB drive, and wanted to make sure I have all devices unplugged before doing the update? Please let me know what is the preferred way to do this?

Thanks!
Here is a post by the lonely coder that I use as a guide.
https://www.snbforums.com/threads/r...380-68-is-available.40761/page-26#post-351025

Also see this link, just in case.
https://www.snbforums.com/threads/a...ing-solution-v3-9-2.37511/page-92#post-358070
 
@Adamm I have a quick question for you. Is there any way to remove a specific log entry that repeats itself by using a script? ASUS has a problem they need to fix but until then the log gets bigger and bigger. Any suggestions? The error is this one:
Code:
Nov 14 08:48:40 kernel: ERR[set_app_info_qos_meta:3361] It's a paid app, please assign a default bandwidth!
 
Question about this for Skeal or Adamm... What is the preferred method of handling Skynet when upgrading from 380.68_4 to 382.1? I see that Skeal just upgraded overtop of it, without problems. I was thinking of uninstalling since it's mounting to my USB drive, and wanted to make sure I have all devices unplugged before doing the update? Please let me know what is the preferred way to do this?

Thanks!

Skynet is pretty hard to break, you can just update as per normal and it should work.

@Adamm I have a quick question for you. Is there any way to remove a specific log entry that repeats itself by using a script? ASUS has a problem they need to fix but until then the log gets bigger and bigger. Any suggestions? The error is this one:

You could just add a cronjob to-do it, for example here's how you would remove it once per hour.


Code:
cru a Clean_Logs "0 * * * * sed -i '/It's a paid app/d' /tmp/syslog.log"
 
Last edited:
I had to reset to factory defaults because of a memory use problem. I have absolutely no problems except the QOS error that doesn't seem to harm anything. I would update scripts and flash then see from there whether you need a factory reset to correct weirdness.

Thanks for the vote of confidence... I think I'll save the upgrade for the weekend when I'm near it, instead of doing it from remote. ;)
 
Thanks for the vote of confidence... I think I'll save the upgrade for the weekend when I'm near it, instead of doing it from remote. ;)
Good idea man!
 
Hey @Adamm

Just noticed I'm getting an iptable failure notice, please see below. I haven't made any changes to the router in weeks and it was working fine after i logged in Saturday to manually update skynet.

Code:
Router Model; RT-AC68U
Skynet Version; v5.5.3 (11/11/2017)
iptables v1.4.14 - (eth0 @ 192.168.39.1)
ipset v6.32, protocol version: 6
FW Version; 380.68_4 (Oct 4 2017) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/skynet/skynet (13.9G / 14.7G Space Available)
Boot Args; /jffs/scripts/firewall start debug banmalware autoupdate usb=/tmp/mnt/skynet

Checking Skynet IPTable...                [Failed]
 
Hey @Adamm

Just noticed I'm getting an iptable failure notice, please see below. I haven't made any changes to the router in weeks and it was working fine after i logged in Saturday to manually update skynet.

Code:
Router Model; RT-AC68U
Skynet Version; v5.5.3 (11/11/2017)
iptables v1.4.14 - (eth0 @ 192.168.39.1)
ipset v6.32, protocol version: 6
FW Version; 380.68_4 (Oct 4 2017) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/skynet/skynet (13.9G / 14.7G Space Available)
Boot Args; /jffs/scripts/firewall start debug banmalware autoupdate usb=/tmp/mnt/skynet

Checking Skynet IPTable...                [Failed]


Can you run;

Code:
sh /jffs/scripts/firewall restart

Then wait 60s and run;

Code:
sh /jffs/scripts/firewall debug info
 
Can you run;

Code:
sh /jffs/scripts/firewall restart

Then wait 60s and run;

Code:
sh /jffs/scripts/firewall debug info

Weird, seems to be working now ¯\_(ツ)_/¯

Code:
Router Model; RT-AC68U
Skynet Version; v5.5.3 (11/11/2017)
iptables v1.4.14 - (eth0 @ 192.168.39.1)
ipset v6.32, protocol version: 6
FW Version; 380.68_4 (Oct 4 2017) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/skynet/skynet (13.9G / 14.7G Space Available)
Boot Args; /jffs/scripts/firewall start debug banmalware autoupdate usb=/tmp/mnt/skynet
No Lock File Found

Checking Install Directory Write Permissions...        [Passed]
Checking Firewall-Start Entry...            [Passed]
Checking OpenVPN-Event Entry...                [Passed]
Checking CronJobs...                    [Passed]
Checking IPSet Comment Support...            [Passed]
Checking Log Level 7 Settings...            [Passed]
Checking Autobanning Status...                [Passed]
Checking Debug Mode Status...                [Passed]
Checking For Duplicate Rules In RAW...            [Passed]
Checking For Duplicate Rules In Filter...        [Passed]
Checking Skynet IPTable...                [Passed]
Checking Whitelist IPSet...                [Passed]
Checking BlockedRanges IPSet...                [Passed]
Checking Blacklist IPSet...                [Passed]
Checking Skynet IPSet...                [Passed]

Skynet: [Complete] 134063 IPs / 2036 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 3 Inbound / 0 Outbound Connections Blocked! [3s]
 
Has the swap file problem suddenly disappeared overnight or is it just a problem with the 86U router, where it's required for Skynet?
I'm asking because I'd like to know if I should integrate the same creation/management as @Adamm has coded into AB-Solution.
I'm not really keen on doing that if it's not necessary.
 
Has the swap file problem suddenly disappeared overnight or is it just a problem with the 86U router, where it's required for Skynet?
I'm asking because I'd like to know if I should integrate the same creation/management as @Adamm has coded into AB-Solution.
I'm not really keen on doing that if it's not necessary.
I have AC3100 absolutely no memory problem.
 
I have AC3100 absolutely no memory problem.
Same here, all my four routers cope/manage without a swap file.
I have a swap file on the primary and my development router, but they are seldom used and I created them for other reasons.
 
Has the swap file problem suddenly disappeared overnight or is it just a problem with the 86U router, where it's required for Skynet?
I'm asking because I'd like to know if I should integrate the same creation/management as @Adamm has coded into AB-Solution.
I'm not really keen on doing that if it's not necessary.

Hard to give a definitive answer as I am just going off pure feedback. It's definitely a 86U specific issue, I've seen some pictures where models only have 20mb free ram which is concerning.

With that being said I'm not positive the swap file has had any effect, I disabled parallel operations on this model only to try avoid forking errors so it kind of skewed the results. Hopefully in the near future will have a 86U in my hands to test with.
 
Does anyone know what format IP addresses have to be in to be imported in to the firewall? I have a standard text list of IP addresses with 1 on each line. I've tried it on pastebin.com and then on a file uploading site. Neither would upload in to the firewall.
 
I found AB-Solution and Entware after installing Asuswrt-Merlin and reading his wiki, This link. https://github.com/RMerl/asuswrt-merlin/wiki/How-to-use-Adblock-using-Pixelserv and this section.
Pixelserv Installation (auto-install)
Entware install recommends and gives the option to install swap. When Adamm introduced swap and the ability to remove an existing installation and reinstall via Skynet, I just tried it and it worked fine. Maybe a test to see if there is a swap file already and then proceed, with the option to install if one not found, if you feel like it?

It might be good overall with the issues seen here preciously. I like it as a safety, since my AC-68U finds the swap on boot, though it has never been used as far as I can tell.
Code:
Nov 14 15:51:28 kernel: Adding 523248k swap on /tmp/mnt/CruzerExt2/skynet/myswap.swp.  Priority:-1 extents:533 across:553940k
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top