Menu
What's new
By:
Filters Better Search

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hi...How can you check the existing URLs in the blacklist? I"m trying to see which URLs I have blacklisted myself, to see if I need to remove any. Thanks!
 
timonoj said:
Hi...How can you check the existing URLs in the blacklist? I"m trying to see which URLs I have blacklisted myself, to see if I need to remove any. Thanks!
Click to expand...

Code: 
sh /jffs/scripts/firewall stats search manualbans

You can also add a number at the end of the command to change the top x output to a number of your choosing.
 
Thanks! Just read a bit more, mentioning this is an addon to the official Asus firewall. This means that it also has the same lack of HTTPS site blocking, is this correct?

Thanks for your help!
 
timonoj said:
Thanks! Just read a bit more, mentioning this is an addon to the official Asus firewall. This means that it also has the same lack of HTTPS site blocking, is this correct?

Thanks for your help!
Click to expand...

Negative. This is IP based blocking so it will catch traffic on any port.
 
So an update for AC86U users:

The old fork() errors seem to have been corrected by Asus, but there's a new error which is proving frustrating to get around and debug, so I will be holding off on updates until we can get that resolved within the firmware.

In good news, the CPU performance on this thing is better then expected. x3 the speed on most functions compared to my old AC68U. Things like banmalware have dropped from 45s > 14s, saving from 7s > 2s.

So hopefully we can get this last issue resolved in the near future so I can push out the speed improvements accordingly, then potentially put this extra CPU power to use as "runtime" won't be a big factor in the decision making process anymore.
 
Adamm said:
So an update for AC86U users:

The old fork() errors seem to have been corrected by Asus, but there's a new error which is proving frustrating to get around and debug, so I will be holding off on updates until we can get that resolved within the firmware.

In good news, the CPU performance on this thing is better then expected. x3 the speed on most functions compared to my old AC68U. Things like banmalware have dropped from 45s > 14s, saving from 7s > 2s.

So hopefully we can get this last issue resolved in the near future so I can push out the speed improvements accordingly, then potentially put this extra CPU power to use as "runtime" won't be a big factor in the decision making process anymore.
Click to expand...
Tempting...
 
SkyNet is blocking updates for my virus scanner, Emsisoft Anti-Malware.

Somehow 205.185.216.42, which is the IP of cdn.emsisoft.com, is in the BanMalware blacklist?

Why?

(Adding cdn.emsisoft.com to the whitelist enabled EAM updates)
 
Possibly because something else that's malicious shares either the sane subnet, or the same IP (that IP belongs to a CDN, it's not owned by Emsisoft themselves).
 
Ah. Does SkyNet support wildcards?

They asked me to whitelist *.emsisoft.com, but I don't see any entries with a "*" in the whitelist.
 
XIII said:
Ah. Does SkyNet support wildcards?

They asked me to whitelist *.emsisoft.com, but I don't see any entries with a "*" in the whitelist.
Click to expand...

Unfortunately not, as Skynet resolves addresses and blocks their IP's directly, the website ban/unban feature is simply Skynet doing the heavy lifting for the user. As Merlin said its probably something else on the same CDN which was the intention of the block, you can unban it via this guide
 
Hm. A lot more is being blocked (Netatmo Health Home Coach and Belkin Wemo cannot reach their servers to check for firmware updates; several local shops unreachable).

Need to investigate this after work...
 
Some list may be old and obsolete. You may want to search the IP blocked in the bannalware. See which list contain those blocked IP.
Custom the filter list by removing that particular ipset list.

Alternatively is you can feedback to the maintainer of the ipset list. You can find them here. https://iplists.firehol.org/
 
XIII said:
As soon as I performed (only) the first 2 steps from that guide all sites open properly...

When I turn off debugging they fail; when I turn it on they work...
Click to expand...
Did u wait a while when you are in vanilla mode? Coz the Skynet may not be loaded properly. Even if u switched off debug, the whitelist should still be there.. have u try listing out the whitelist in vanilla mode? Try adding the whitelist again?

However this could be a bug for Adamm to check.. if added in debug then switch back vanilla whitelist gone?
 
As I said I performed only the first 2 steps:
Code: 
sh /jffs/scripts/firewall install
sh /jffs/scripts/firewall debug watch
So I did not even add anything to the whitelist...
 
I suspect it work properly coz when u did the debug installation, while the Skynet will take around 1-2min to load you. You did your testing on those websites... it will go thru as Skynet not complete its loading.

The idea of debug is to see dropped ip . U should see those ip blocked log when u enter the website.
 
I tried. Sites are indeed blocked after a couple of minutes.

So far all the problematic sites seem to be (on) CDN's. I'm rather surprised to see that the local webshop is running on a Google CDN and has the same IP address 216.239.34.21 as virustotal.com (which is blocked by SkyNet):

Code: 
add Blacklist 216.239.34.21 comment "BanMalware"
 
You must log in or register to reply here.

Similar threads

W
Looking for an add-on that does...
Replies
5
Views
2K
JGrana
JGrana
Viktor Jaep
Skynet Filter Validator v0.7 - Skynet Firewall Filter List IPv4 Integrity Validator
3 4 5
Replies
83
Views
13K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
M
Firewall doesen't block custom rules, neighter Skynet
Replies
0
Views
1K
MamaLing
M
G
Skynet Cannot start Skynet
Replies
0
Views
2K
gjf
G
Viktor Jaep
TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)
26 27 28
Replies
556
Views
59K
XIII
XIII
Similar threads
Thread starter Title Forum Replies Date
Klonoa Skynet Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 1
S Skynet Skynet showing router itself making calls to China? Asuswrt-Merlin AddOns 26
J Skynet Skynet - Blocked outbounds coming from the router itself? Asuswrt-Merlin AddOns 12
O Skynet Installing Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 26
Davidncali001 Skynet Message on SKYNET I havent seen before Asuswrt-Merlin AddOns 1
S Skynet firewall reduces wireless range Asuswrt-Merlin AddOns 14
P Skynet Internet speed lower with Skynet on Asuswrt-Merlin AddOns 9
N Skynet SkyNet/Firewall blocking all ping requests, including outbound Asuswrt-Merlin AddOns 6
W Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14 Asuswrt-Merlin AddOns 10
D Skynet Best way to configure SkyNet on RX-AT82U Asuswrt-Merlin AddOns 7

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 837 (members: 15, guests: 822)
Top