What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

- UPnP is enabled.
- I have one port forwarding rule open for the OpenVPN Server pointing to the router.

I don't think that OpenVPN rule is required? I have never needed one. ;)
 
I don't think that OpenVPN rule is required? I have never needed one.
I'm going to test without it and see if everything still works. If so, I agree, no need for it. I think I had enabled it because I thought it was needed to connect to my OpenVPN Server remotely while my OpenVPN client was connected to ExpressVPN.

Update: I removed the port forward. Wasn't needed after all :)
 
Last edited:
I'm going to test without it and see if everything still works. If so, I agree, no need for it. I think I had enabled it because I thought it was needed to connect to my OpenVPN Server remotely while my OpenVPN client was connected to ExpressVPN.

Update: I removed the port forward. Wasn't needed after all :)
Did you rescan at grc just to see if that was the reason?
 
I'm going to test without it and see if everything still works. If so, I agree, no need for it. I think I had enabled it because I thought it was needed to connect to my OpenVPN Server remotely while my OpenVPN client was connected to ExpressVPN.

Update: I removed the port forward. Wasn't needed after all :)

It’s recommended to disable UPnP and you’re correct that you don’t need to forward any ports for OpenVPN servers that run on the router.
 
Yeah it still says port 80 and 443 open.

Are you on a cable or a Fibre ISP connection?

Also, did you clear out your browser cache? :)
 
I ran a test on the following page:
https://www.grc.com/x/ne.dll?rh1dkyd2

and the results came up as shown in the attached screenshot.

I don't recall opening ports 80 or 443 on the WAN side.

Any idea if this is normal or is there anything I need to do. The router config page is not open on the WAN either.

Thanks in advance.
If you test with a VPN client active, you are seeing results of that VPN host server. Don't ask me how I know. :rolleyes: :confused: o_O
https://www.snbforums.com/threads/server-ports-open-not-wanted-ac-68u-merlin-380-68_4.43791/
 
I do! My OpenVPN client is always connected to my VPN provider. Oh man, I would have never thought of that. Thank you.

Does this mean, I can ignore the message about the ports being open?

Exactly! Just ignore when you're on a paid for VPN. ;)
 
  • Like
Reactions: #TY
I do! My OpenVPN client is always connected to my VPN provider. Oh man, I would have never thought of that. Thank you.

Does this mean, I can ignore the message about the ports being open?
What you see is the VPN host server you are connected with, if you want to see your router, you need to turn off the VPN or use a Strict Policy Rules entry to add an IP directed straight to the WAN and not the VPN. The few posts in the linked thread make it very clear. Don't ask me how I know.... [insert highly embarrassed emoji]
 
Hello, since I installed Skynet I have problems in my xbox one. When the friends
me a party invitation, I do not receive this notification. Someone can guide me on how to solve it, thanks in advance.
 
Hello good, since I installed Skynet I have problems in my xbox one. When the buyers send me a party invitation, I do not receive this notification. Someone can guide me on how to solve it, thanks in advance.

When you uninstall Skynet are the symptoms still there (I would reboot the router too after uninstalling or re-installing any scripts)?

Are you also using Diverson? If so, did you go into the Diversion menu and enable the '+' lists?
 
When you uninstall Skynet are the symptoms still there (I would reboot the router too after uninstalling or re-installing any scripts)?

Are you also using Diverson? If so, did you go into the Diversion menu and enable the '+' lists?

I do not just use skynet sorry for my english I'm spanish and tradusco in google translator
 
I do not just use skynet sorry for my english I'm spanish and tradusco in google translator
add the folowing entries to your white list and reboot
Code:
# Xbox live
attestation.xboxlive.com # """""
cert.mgt.xboxlive.com # """""
client-s.gateway.messenger.live.com # Used for Xbox Live Messaging
clientconfig.passport.net # This domain is used for sign-ins, creating new accounts, and recovering existing Microsoft accounts
ctldl.windowsupdate.com # """""
def-vef.xboxlive.com # """""
device.auth.xboxlive.com # """""
eds.xboxlive.com # """""
help.ui.xboxlive.com # """""
licensing.xboxlive.com # """""
notify.xboxlive.com # """""
settings-win.data.microsoft.com # """""
title.auth.xboxlive.com # """""
title.mgt.xboxlive.com # """""
v10.events.data.microsoft.com # These domains are used for Xbox Live Achievements
v10.vortex-win.data.microsoft.com # """""
v20.events.data.microsoft.com # """"
www.msftncsi.com # """""
www.xboxlive.com # """""
xbox.ipv6.microsoft.com # confirmed by Microsoft as being required by Xbox Live
xboxexperiencesprod.experimentation.xboxlive.com # """""
xflight.xboxlive.com # """""
xkms.xboxlive.com # """""
xsts.auth.xboxlive.com # """""
You can also create a new file in /jffs called "shared-xbox-whitelist" then paste the entries above to it save and reboot.
 
Update: It's been two days since installing SkyNet and so far everything seems to be running well.

Is there a best practice setup after installing it (for general use) or does simply installing SkyNet take care of all this?
 
Update: It's been two days since installing SkyNet and so far everything seems to be running well.

Is there a best practice setup after installing it (for general use) or does simply installing SkyNet take care of all this?

Beyond manual whitelisting/blacklisting, Skynet is essentially “set and forget”.
 
  • Like
Reactions: #TY
add the folowing entries to your white list and reboot
Code:
# Xbox live
attestation.xboxlive.com # """""
cert.mgt.xboxlive.com # """""
client-s.gateway.messenger.live.com # Used for Xbox Live Messaging
clientconfig.passport.net # This domain is used for sign-ins, creating new accounts, and recovering existing Microsoft accounts
ctldl.windowsupdate.com # """""
def-vef.xboxlive.com # """""
device.auth.xboxlive.com # """""
eds.xboxlive.com # """""
help.ui.xboxlive.com # """""
licensing.xboxlive.com # """""
notify.xboxlive.com # """""
settings-win.data.microsoft.com # """""
title.auth.xboxlive.com # """""
title.mgt.xboxlive.com # """""
v10.events.data.microsoft.com # These domains are used for Xbox Live Achievements
v10.vortex-win.data.microsoft.com # """""
v20.events.data.microsoft.com # """"
www.msftncsi.com # """""
www.xboxlive.com # """""
xbox.ipv6.microsoft.com # confirmed by Microsoft as being required by Xbox Live
xboxexperiencesprod.experimentation.xboxlive.com # """""
xflight.xboxlive.com # """""
xkms.xboxlive.com # """""
xsts.auth.xboxlive.com # """""
You can also create a new file in /jffs called "shared-xbox-whitelist" then paste the entries above to it save and reboot.


Thank you very much, I have solved by putting the domes you have put. Thanks again. Regards!!!!
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top