What's new

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hi

what's the syntax to ban two countries?
Just list the country digraphs with spaces between them. For example, I have "cn il ir kp ru tw ua"

Edit. WITH spaces. :facepalm:
 
Last edited:
Hi, new Skynet user. In the Merlin Firewall/General tab, should the Enable Firewall be set to Yes or No? Also, is there a FAQ on Skynet somewhere?
Thanks
 
Hi, new Skynet user. In the Merlin Firewall/General tab, should the Enable Firewall be set to Yes or No? Also, is there a FAQ on Skynet somewhere?
Thanks

Yes, enable firewall.

FAQ, Not as such, most issues have been well & truly covered in this thread though.......:)
 
does skynet allow importing of list of domains for ip blocking?
If you look at the screen capture in post #1, you will see this:
Code:
[5]  --> Import IP List
Also post #2 has a huge amount of info for those seeking Skynet features.
 
If you look at the screen capture in post #1, you will see this:
Code:
[5]  --> Import IP List
Also post #2 has a huge amount of info for those seeking Skynet features.
@Butterfly Bones , I think you miss-understand me. I was asking if it was already a feature as I am new to using skynet. I was wondering because the two post, as you mention, leave a lot to question more than it answers. I would settle for a simple no.
Thank you for taking the time to respond.
 
does skynet allow importing of list of domains for ip blocking?

I suggest using Diversion in conjunction with Skynet for DNS based blacklisting.
 
I suggest using Diversion in conjunction with Skynet for DNS based blacklisting.
Adamm,
Can you please advise how this is setup. I installed both diversion and skynet yesterday. I then added blacklist by domain for CNN.com and it added the 3 ips for the domain to the ipset and restarted dnsmasq I believe.

But after rebooting the router and restarting my PC I can still ping and access cnn.com from chrome and ping. Any idea what I did wrong?

Sent from my SM-A505U1 using Tapatalk
 
But after rebooting the router and restarting my PC I can still ping and access cnn.com from chrome and ping. Any idea what I did wrong?

Did you add both the naked domain and the www versions? Because the naked domain seems to redirect to the www version for me. And both are handled as separate domains in blocking.

FWIW I use cnn as a test for adblocking because it's such a monster offender in terms of advertisements.
 
Did you add both the naked domain and the www versions? Because the naked domain seems to redirect to the www version for me. And both are handled as separate domains in blocking.

FWIW I use cnn as a test for adblocking because it's such a monster offender in terms of advertisements.
No just cnn.com I will try www.cnn.com tonight not talking about diversion more so skynet. How can I be sure the firewall-start etc were all setup correctly? Should I try uninstall reinstalling skynet for it to remake the files.

Also, is there a way to only ban or allow specific ips for a specific device on my network

Sent from my SM-A505U1 using Tapatalk
 
Btw i tried www.cnn.com and still no dice. I did stats and got the following, is something setup wrong ( I never added cnn.com to a whitelist only a blacklist)?
Code:
[i] Monitoring From  To
[i] 0 Block Events Detected
[i] 0 Unique IPs
[i] 4 Manual Bans Issued

151.101.193.67 is in set Skynet-Whitelist.
151.101.193.67 is in set Skynet-Blacklist.
151.101.193.67 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;

Blacklist Reason;
 "ManualBanD: www.cnn.com"


Associated Domain(s);
cnn.com


[i] IP Location - United States (Fastly / AS54113)

[i] 151.101.193.67 First Tracked On
[i] 151.101.193.67 Last Tracked On
[i] 0 Blocks Total

Event Log Entries From 151.101.193.67;
Dec 10 22:51:44 Skynet: [Manual Ban] TYPE=Domain SRC=151.101.193.67 Host=www.cnn.com

First Block Tracked From 151.101.193.67;

50 Most Recent Blocks From 151.101.193.67;
 
Btw i tried www.cnn.com and still no dice. I did stats and got the following, is something setup wrong ( I never added cnn.com to a whitelist only a blacklist)?
Code:
[i] Monitoring From  To
[i] 0 Block Events Detected
[i] 0 Unique IPs
[i] 4 Manual Bans Issued

151.101.193.67 is in set Skynet-Whitelist.
151.101.193.67 is in set Skynet-Blacklist.
151.101.193.67 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;

Blacklist Reason;
 "ManualBanD: www.cnn.com"


Associated Domain(s);
cnn.com


[i] IP Location - United States (Fastly / AS54113)

[i] 151.101.193.67 First Tracked On
[i] 151.101.193.67 Last Tracked On
[i] 0 Blocks Total

Event Log Entries From 151.101.193.67;
Dec 10 22:51:44 Skynet: [Manual Ban] TYPE=Domain SRC=151.101.193.67 Host=www.cnn.com

First Block Tracked From 151.101.193.67;

50 Most Recent Blocks From 151.101.193.67;


Diversion is probably where you should be doing that stuff.
 
Btw i tried www.cnn.com and still no dice. I did stats and got the following, is something setup wrong ( I never added cnn.com to a whitelist only a blacklist)?
Code:
[i] Monitoring From  To
[i] 0 Block Events Detected
[i] 0 Unique IPs
[i] 4 Manual Bans Issued

151.101.193.67 is in set Skynet-Whitelist.
151.101.193.67 is in set Skynet-Blacklist.
151.101.193.67 is NOT in set Skynet-BlockedRanges.

Whitelist Reason;

Blacklist Reason;
 "ManualBanD: www.cnn.com"


Associated Domain(s);
cnn.com


[i] IP Location - United States (Fastly / AS54113)

[i] 151.101.193.67 First Tracked On
[i] 151.101.193.67 Last Tracked On
[i] 0 Blocks Total

Event Log Entries From 151.101.193.67;
Dec 10 22:51:44 Skynet: [Manual Ban] TYPE=Domain SRC=151.101.193.67 Host=www.cnn.com

First Block Tracked From 151.101.193.67;

50 Most Recent Blocks From 151.101.193.67;
The Fastly CDN is whitelisted by default. There’s an option to disable CDN whitelisting, but that could lead to more unintended blocking.

Diversion is a better place to block the domain as @Treadler says.
 
Also, if CNN is already in your browser's DNS cache (looking at you, Firefox) then it will get around Diversion. You'll need to clear your local machine's DNS cache.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top