What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Just curious, why are there so many alienvault and speedtest blocks? Speedtest scans ports and is blocked? Alienvault bans bad ips?
 
Just curious, why are there so many alienvault and speedtest blocks? Speedtest scans ports and is blocked? Alienvault bans bad ips?

I think you are referring to the URLs shown in the report. Those are not the addresses being blocked! The IP at the end of the URL is what is being actually blocked.
 
I am getting the following:

upload_2018-7-2_22-11-28.png


And it does not go away after 20-60 seconds. Any troubleshooting I can do?
 
I am getting the following:

View attachment 13607

And it does not go away after 20-60 seconds. Any troubleshooting I can do?

On my Netgear R7000, it takes around 2-3 minutes. My list is huge and the router is getting older every day.. so long as it eventually returns to normal (no lock file messages), you are fine. I've put Skynet on a few clients routers that were Asus brand and the time it took was always variable. Best of luck and enjoy all the awesome features. Adamm is the man.

PS - @Adamm if you see this or anyone else who might know the answer, is there a BTC address for donations? I also have 20 some dollars of ethereum in an account which doesn't meet the minimum to transfer to my bank, I'd gladly send that your way too :)
 
I am getting the following:

View attachment 13607

And it does not go away after 20-60 seconds. Any troubleshooting I can do?
People... you really taking stopwatch to time it and reload immediately?
Depending on you router and size of list.
Mine took 130 sec.
Just wait for 3 min the reload. Patience.

Maybe @Adamm need change the text to 2 min or even 3 min to reduce unnecessary posts regarding this issue. Already seen a lot of posts on this.
 
@Adamm, have you seen IP void? http://www.ipvoid.com/scan/93.184.220.29/ its far better than alienvault; alienvault results are listed as one of dozens though unfortunately does require a captcha. Would be nice if something like this was integrated into your firewall!

Looks decent, will have todo some comparisons at some point.

I am getting the following:

View attachment 13607

And it does not go away after 20-60 seconds. Any troubleshooting I can do?

If its still there after 5 minutes then let me know, otherwise its working as expected. (Make sure you are not doing something like restarting Skynet which will cause the output you are seeing)

On my Netgear R7000, it takes around 2-3 minutes. My list is huge and the router is getting older every day.. so long as it eventually returns to normal (no lock file messages), you are fine. I've put Skynet on a few clients routers that were Asus brand and the time it took was always variable. Best of luck and enjoy all the awesome features. Adamm is the man.

PS - @Adamm if you see this or anyone else who might know the answer, is there a BTC address for donations? I also have 20 some dollars of ethereum in an account which doesn't meet the minimum to transfer to my bank, I'd gladly send that your way too :)

Just Paypal unfortunately, never really dabbled in crypto. Thanks for the support anyway.
 
If its still there after 5 minutes then let me know, otherwise its working as expected. (Make sure you are not doing something like restarting Skynet which will cause the output you are seeing)

It persisted for a few hours until I rebooted the router and it returned to normal. But while it was in that state it was not running. I can wait for it to happen again, let me know if there's any debugging info that would be useful to you.
 
Question @Adamm
I do a whitelist domain using command. The whitelist is saved and site is working. However when I check the whitelist in /jffs, it seems like it is not added in. Why? I think in few version back, the save is ok.
I did some whitelist yesterday and I saw it is in the /jffs/shared-Skynet2-whitelist
Why it is not consistent? Does it need any other command to push the changes into /shared-Skynet2-whitelist?

Edit: I think I got the shared-skynet2-whitelist update using the whitelist refresh. However I like to ask why the update wasn’t immediately after I added the whitelist domain using command or GUI.
 
Last edited:
Question @Adamm
I do a whitelist domain using command. The whitelist is saved and site is working. However when I check the whitelist in /jffs, it seems like it is not added in. Why? I think in few version back, the save is ok.
I did some whitelist yesterday and I saw it is in the /jffs/shared-Skynet2-whitelist
Why it is not consistent? Does it need any other command to push the changes into /shared-Skynet2-whitelist?

Edit: I think I got the shared-skynet2-whitelist update using the whitelist refresh. However I like to ask why the update wasn’t immediately after I added the whitelist domain using command or GUI.

The list is only currently refreshed during banmalware, whitelist refresh and startup. I'll look and see if the change fits.
 
The list is only currently refreshed during banmalware, whitelist refresh and startup. I'll look and see if the change fits.
U mean banmalware update? For most user which is 24 hr update once. In the event if the router is restart within the 24 hr, the whitelist will not be saved?

The refresh during startup, how/where it would update the list from? Wasn’t it cleared due to router restart?
 
Hi Adam,

I hope you are well. I am encountering what might be a bug when running various updates or processes through skynet. Below is an example of what happens when updating the maleware sets:

Router Model; RT-AC86U
Skynet Version; v6.2.7 (01/07/2018)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v6.32, protocol version: 6
FW Version; 384.6_alpha2-g5b076fc87 (Jun 30 2018) (4.1.27)
Install Dir; /tmp/mnt/sda1/skynet (50.9G / 56.0G Space Available)
SWAP File; /tmp/mnt/sda1/myswap.swp (2.0G)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/sda1/skynet
Banned Countries; cn ru sc ua ee ls nl gr ba bg hr cz ge hu kg lv lt mc kp ro sk vn uz lk

112206 IPs / 28013 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 2 Inbound / 0 Outbound Connections Blocked!

Select Menu Option:
[1] --> Unban
[2] --> Ban
[3] --> Banmalware
[4] --> Whitelist
[5] --> Import IP List
[6] --> Deport IP List
[7] --> Save
[8] --> Restart Skynet
[9] --> Temporarily Disable Skynet
[10] --> Update Skynet
[11] --> Debug Options
[12] --> Stats
[13] --> Install Skynet / Change Boot Options
[14] --> Uninstall

[r] --> Reload Menu
[e] --> Exit Menu

[1-14]: 3

Select Option:
[1] --> Update
[2] --> Change Filter List
[3] --> Reset Filter List
[4] --> Exclude Individual Lists
[5] --> Reset Exclusion List

[1-5]: 1

firewall banmalware

Downloading filter.list [0s]
Refreshing Whitelists [1s]
Consolidating Blacklist [4s]
Saving Changes [2s]
Removing Previous Malware Bans [7s]
Filtering IPv4 Addresses [2s]
Filtering IPv4 Ranges [0s]
Applying Blacklists [2s]

For False Positive Website Bans Use; ( sh firewall whitelist domain URL )

Skynet: [Complete] 109254 IPs / 27987 Ranges Banned. -2952 New IPs / -26 New Ranges Banned. 5 Inbound / 0 Outbound Connections Blocked! [banmalware] [18s]



Press Enter To Continue...
firewall: exec: line 3239: firewall: not found

I am getting the error whenever I do anything manually. The changes apply but it is kicking me out of skynet on most occasions.

I am not sure what the issue is here.

Thanks,

J
 
Most likely a USB drive issue. It looks like some parts of the script are not executed correctly. You might have a bad sector or corrupt data on your USB drive.
 
Hi Adam,

I hope you are well. I am encountering what might be a bug when running various updates or processes through skynet. Below is an example of what happens when updating the maleware sets:

Router Model; RT-AC86U
Skynet Version; v6.2.7 (01/07/2018)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v6.32, protocol version: 6
FW Version; 384.6_alpha2-g5b076fc87 (Jun 30 2018) (4.1.27)
Install Dir; /tmp/mnt/sda1/skynet (50.9G / 56.0G Space Available)
SWAP File; /tmp/mnt/sda1/myswap.swp (2.0G)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/sda1/skynet
Banned Countries; cn ru sc ua ee ls nl gr ba bg hr cz ge hu kg lv lt mc kp ro sk vn uz lk

112206 IPs / 28013 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 2 Inbound / 0 Outbound Connections Blocked!

Select Menu Option:
[1] --> Unban
[2] --> Ban
[3] --> Banmalware
[4] --> Whitelist
[5] --> Import IP List
[6] --> Deport IP List
[7] --> Save
[8] --> Restart Skynet
[9] --> Temporarily Disable Skynet
[10] --> Update Skynet
[11] --> Debug Options
[12] --> Stats
[13] --> Install Skynet / Change Boot Options
[14] --> Uninstall

[r] --> Reload Menu
[e] --> Exit Menu

[1-14]: 3

Select Option:
[1] --> Update
[2] --> Change Filter List
[3] --> Reset Filter List
[4] --> Exclude Individual Lists
[5] --> Reset Exclusion List

[1-5]: 1

firewall banmalware

Downloading filter.list [0s]
Refreshing Whitelists [1s]
Consolidating Blacklist [4s]
Saving Changes [2s]
Removing Previous Malware Bans [7s]
Filtering IPv4 Addresses [2s]
Filtering IPv4 Ranges [0s]
Applying Blacklists [2s]

For False Positive Website Bans Use; ( sh firewall whitelist domain URL )

Skynet: [Complete] 109254 IPs / 27987 Ranges Banned. -2952 New IPs / -26 New Ranges Banned. 5 Inbound / 0 Outbound Connections Blocked! [banmalware] [18s]



Press Enter To Continue...
firewall: exec: line 3239: firewall: not found

I am getting the error whenever I do anything manually. The changes apply but it is kicking me out of skynet on most occasions.

I am not sure what the issue is here.

Thanks,

J

Unfortunately I can't reproduce this after about 20 attempts. If you can reproduce this consistently we can debug further. Give the router a reboot first to help rule out other potential causes.
 
Most likely a USB drive issue. It looks like some parts of the script are not executed correctly. You might have a bad sector or corrupt data on your USB drive.
Hi Mutzli,

I am not as familiar with linux and checking filesystems. My USB drive is formatted as EXT4 and is mounted on /mnt/sda1 - if you, or anyone could offer guidance on running a scan I'd appreciate it.

Thank you,

J
 
Hi Mutzli,

I am not as familiar with linux and checking filesystems. My USB drive is formatted as EXT4 and is mounted on /mnt/sda1 - if you, or anyone could offer guidance on running a scan I'd appreciate it.

Thank you,

J

I don't think an e2fsck will resolve the issue. As I stated earlier, please try reboot then reproduce the issue and we can work from there.
 
I've pushed v6.3.0.

Mostly under the hood changes removing legacy code to polish up Skynet in its current stable state. In doing so I've removed the v5 > v6 updater code, so if anyone is still running a very old version they will need to update to the previous version first if they want to preserve their data. (at this point I'd assume 99% have already upgraded so I doubt its an issue).

I've also made it so Skynet populates the shared whitelist immediately with domains rather then wait for it to be refreshed as suggested by @DonnyJohnny

Skynet will also now show users the command equivalent of any action preformed in the menu, I feel this is a good learning tool for users who want to get more familiar with the command line rather then a menu.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top