Skynet Skynet - Router Firewall & Security Enhancements

[jrmtz85]

This setting actually enhances AiProtect by adding any IP's flagged for malicious activity to Skynet's blacklist.

( sh /jffs/scripts/firewall settings banaiprotect enable|disable ) Enable/Disable Banning IP's Flagged By AiProtect

Ah, that makes sense then. Thank you!

 

[pattiri]

Updated to 6.6.5 and getting this :/

forced installed again and updated malware but nothing changed.

admin@Fatiii:/tmp/home/root# firewall debug info
#############################################################################################################
#                     _____ _                     _             __                      #
#                    / ____| |                   | |           / /                      #
#                   | (___ | | ___   _ _ __   ___| |_  __   __/ /_                      #
#                    \___ \| |/ / | | | '_ \ / _ \ __| \ \ / / '_ \                     #
#                    ____) |   <| |_| | | | |  __/ |_   \ V /| (_) |                    #
#                   |_____/|_|\_\\__, |_| |_|\___|\__|   \_/  \___/                     #
#                                 __/ |                                                 #
#                                |___/                                                  #
#                                                                                     #
## - 08/12/2018 -           Asus Firewall Addition By Adamm v6.6.5                    #
##                   https://github.com/Adamm00/IPSet_ASUS                            #
#############################################################################################################


=============================================================================================================


Router Model; RT-AC88U
Skynet Version; v6.6.5 (08/12/2018) (e2d243b94a3a0f5ba1005dea6d6ec122)
iptables v1.4.15 - (eth0 @ 172.24.5.1)
ipset v6.32, protocol version: 6
FW Version; 384.8_0 (Dec 2 2018) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/entware/skynet (12.6G / 14.7G Space Available)
SWAP File; /tmp/mnt/entware/myswap.swp (1.0G)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/entware/skynet
Uptime; 5 days, 10 hours, 26 minutes.
/opt/bin/firewall: line 4250: arithmetic syntax error
admin@Fatiii:/tmp/home/root#

 

[Twiglets]

Upgraded to 6.6.5.
All appears to be working OK.

Thanks for the continued support and evolution of Skynet.

 

[Adamm]

Updated to 6.6.5 and getting this :/

forced installed again and updated malware but nothing changed.

admin@Fatiii:/tmp/home/root# firewall debug info
#############################################################################################################
#                     _____ _                     _             __                      #
#                    / ____| |                   | |           / /                      #
#                   | (___ | | ___   _ _ __   ___| |_  __   __/ /_                      #
#                    \___ \| |/ / | | | '_ \ / _ \ __| \ \ / / '_ \                     #
#                    ____) |   <| |_| | | | |  __/ |_   \ V /| (_) |                    #
#                   |_____/|_|\_\\__, |_| |_|\___|\__|   \_/  \___/                     #
#                                 __/ |                                                 #
#                                |___/                                                  #
#                                                                                     #
## - 08/12/2018 -           Asus Firewall Addition By Adamm v6.6.5                    #
##                   https://github.com/Adamm00/IPSet_ASUS                            #
#############################################################################################################


=============================================================================================================


Router Model; RT-AC88U
Skynet Version; v6.6.5 (08/12/2018) (e2d243b94a3a0f5ba1005dea6d6ec122)
iptables v1.4.15 - (eth0 @ 172.24.5.1)
ipset v6.32, protocol version: 6
FW Version; 384.8_0 (Dec 2 2018) (2.6.36.4brcmarm)
Install Dir; /tmp/mnt/entware/skynet (12.6G / 14.7G Space Available)
SWAP File; /tmp/mnt/entware/myswap.swp (1.0G)
Boot Args; /jffs/scripts/firewall start skynetloc=/tmp/mnt/entware/skynet
Uptime; 5 days, 10 hours, 26 minutes.
/opt/bin/firewall: line 4250: arithmetic syntax error
admin@Fatiii:/tmp/home/root#

Weird, whats the output of

cat /proc/meminfo

 

[pattiri]

Weird, whats the output of

Here;

admin@Fatiii:/tmp/home/root# cat /proc/meminfo
MemTotal:         515184 kB
MemFree:          155236 kB
Buffers:            7056 kB
Cached:            68456 kB
SwapCached:        10048 kB
Active:            45544 kB
Inactive:         134032 kB
Active(anon):       8920 kB
Inactive(anon):    97720 kB
Active(file):      36624 kB
Inactive(file):    36312 kB
Unevictable:           0 kB
Mlocked:               0 kB
SwapTotal:       1048572 kB
SwapFree:        1032180 kB
Dirty:                32 kB
Writeback:             0 kB
AnonPages:         99728 kB
Mapped:            12524 kB
Shmem:              2576 kB
Slab:              81552 kB
SReclaimable:       4184 kB
SUnreclaim:        77368 kB
KernelStack:        1136 kB
PageTables:         1600 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:     1306164 kB
Committed_AS:     167476 kB
VmallocTotal:    1302528 kB
VmallocUsed:      108176 kB
VmallocChunk:    1074960 kB
admin@Fatiii:/tmp/home/root#

 

[Adamm]

Here;

Thanks, I pushed a hotfix. Turns out (non HND devices?) are missing the MemAvailable output, so we will base it on MemFree instead for those models.

 

[pattiri]

Thanks, I pushed a hotfix. Turns out (non HND devices?) are missing the MemAvailable output, so we will base it on MemFree instead for those models.

Now all seems fine. Thanks

 

[visortgw]

Now all seems fine. Thanks

Thanks, I pushed a hotfix. Turns out (non HND devices?) are missing the MemAvailable output, so we will base it on MemFree instead for those models.

What is HND vs non-HND device?

 

[Adamm]

What is HND vs non-HND device?

HND = AC86U / AX88U

 

[Zastoff]

Maybe a stupid question about unknown device when checking debug info (Have two unknown devices) first is the isp gateway i guess with a cisco mac adress(on WAN) , The other Unknown has a ip starting with 169.254.x.x with a Asustek mac adress (On LAN), (But if i dont ask i dont learn )What device is that?
edit: Is it APIPA (Automatic Private IP Addressing) if a device dont get a ip adress from the DHCP-server?

 

[Skeptical.me]

So, I have a question.

What are the best countries to block (IP Addresses)? Is cz a good place to start, I've noticed a lot of unauthorised access attempts come from IP addresses originating from there. What countries have you blocked, and why?

 

[visortgw]

So, I have a question.

What are the best countries to block IP Address? Is cz a good place to start, I've noticed a lot of unauthorised access attempts come IP addresses from there. What countries have you blocked, and why?

There is no generic best answer. You need to base it upon your needs and level of risk that you are willing to take.

 

[Skeptical.me]

There is no generic best answer. You need to base it upon your needs and level of risk that you are willing to take.

Okay, that makes sense. I'm just trying to learn more about Diversion, Pixelserv, Entaware, & Skynet at the moment. 1. So I can get my configuration the way I like it, and 2. Learn more about them so I can answer other people's questions here. Thank you very much.

 

[paulad]

After I installed SKYNET i rebooted the router.

then I got this. any idea how I can fix this?

 

[paulad]

I have reinstalled skynet and it works. so.... If I wanted to reboot the router, what should I do?

Can I reboot the router for cleaning ram?

After I installed skynet it was this.

 

[visortgw]

I have reinstalled skynet and it works. so.... If I wanted to reboot the router, what should I do?

Can I reboot the router for cleaning ram?

After I installed skynet it was this.

Try disabling Diversion temporarily.

 

[dave14305]

I have reinstalled skynet and it works. so.... If I wanted to reboot the router, what should I do?

Can I reboot the router for cleaning ram?

After I installed skynet it was this.

Check on the Tools page, in the Memory section to see how much is allocated for buffers. If it is large, then don’t worry about free memory. The buffers will be released when needed for processes.

 

[paulad]

Check on the Tools page, in the Memory section to see how much is allocated for buffers. If it is large, then don’t worry about free memory. The buffers will be released when needed for processes.

Total 883.27 MB
Free 38.14 MB
Buffers 0.00 MB
Cache 447.57 MB
Swap 0.03 / 2048.00 MB

Is this legit? or somthing wrong?

 

[dave14305]

Large cache is OK. Run top command in ssh terminal and then press M to sort by memory descending to see top consumers of memory.

 

[paulad]

seems working now.

after I reinstall SKYNET.

and I did temper stop skynet and reboot the router.

then everything works.!