Recent content by bengalih

  1. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    Hey...I was just revisiting understanding the source/target port inbound to see if I could understand why I have so many hits to/from a specific port combination? For example looking at the stats page right now I see ~5,600 inbound hits to target port 49734 and ~4,000 attempts inbound from...
  2. bengalih

    Restricted Guest Networks with DHCP - one IP range?

    @Martineau - hey man I'm just calling your attention to this because I saw your posts here and instead of necro that and quote here I'm doing the reverse. Is what I want to do possible? Have 2 separate guest WiFi network (wl0.1, wl1.1) but they each provide addresses on the same dhcp network...
  3. bengalih

    Restricted Guest Networks with DHCP - one IP range?

    Anyone? Is it not possible to host two wifi guest wifi networks (one on each channel) but use the same DHCP scope for both?
  4. bengalih

    Restricted Guest Networks with DHCP - one IP range?

    So, it has been a while since I set this up and I don't remember exactly where I got this info, but it was from some post or tutorial here or within the Merlin wiki. The challenge was I wanted to setup guest WiFi networks, but since I don't use the on-box DHCP for my network and because I chose...
  5. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    Just want to confirm that the statistics section titled "Top 10 Source Ports (Inbound)" is referring to what the external IP's (i.e. potential attacker's) originating source port is. So if I see that my highest hit "Targeted Port" is 55555 and the highest shows "Source Port" is 22222 that...
  6. bengalih

    Watchdog crash problem

    As an additional follow up I rebooted my router today after several days of it being in the above state. While my WiFi and Internet had continued to work in the state it was in, after reboot I see that most other functions failed to operate. For instance, no traffic was captured for use Traffic...
  7. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    Heh, well that's debatable, since 99.9% of the entries in the remaining syslog seem to be from skynet...but I get your point. Gotcha...so it looks like scribe or a manual configuration of syslog-ng is the way to go to remedy this. Thanks for the info.
  8. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    Can you clarify what you mean by the "syslog is purged to its own log file"? Do you mean the contents of syslog.log get purged into skynet.log or some other location? Is the reason for this obtuse behavior because skynet requires logs of a smaller size in order to run statistics? Is there a...
  9. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    I've got Skynet running for a couple weeks now. Currently I have it configured to only block incoming traffic from china. In trying to troubleshoot (a hopefully unrelated) issue this morning, I took a look at my syslog.log. My log file was just under 1100 lines long but only went back less than...
  10. bengalih

    Watchdog crash problem

    I believe I'm seeing the same problem here. On a RT-AC68U running 384.15. This morning I was able to log into SSH, but after getting the MOTD/banner I did not get a command prompt. I was also unable to get the WebUI login. I downloaded my syslog via plink (that worked) and apart from a bunch...
  11. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    a) Is there a way to at least roll-over the logs to keep them for posterity or b) Will implementing scribe help keep more (archival) data? Yes, I do know what a Stateful firewall is ;), I'm trying to understand how Skynet involves itself in it. Doing some digging it appears that as soon as...
  12. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    I know I'm using it wrong...that's kind of the point :) What I am showing there is that if you are using the menu system (not command-line) and you hit enter to leave a blank comment then the whole script dies. I don't think this is your intended behavior. I would expect you to just go back to...
  13. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    I see... These are stored in skynet.ipset not the log, so they should persist even past the 10 MB log size?
  14. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    I think you misunderstood on this one. This command would show me all blocked connections from manualbans, right? I'm looking for just a list of all IPs, ranges, etc that were manually added. I know I can grep out the ipset - is that the only way?
  15. bengalih

    [Release] Skynet - Router Firewall & Security Enhancements

    Thanks, I've been figuring some stuff out as I go. Few more comments/etc from my few minutes just playing with it: 1) Unban comment: [Comment]: [$] /opt/bin/firewall unban comment =============================================================================================================...
Top