What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Recent content by mongodb

  1. M

    Firewall/Skynet Question

    One thing to note for anyone reading this- when running "top" keep a close watch on the sirq values: CPU: 1.9% usr 1.9% sys 0.0% nic 95.3% idle 0.0% io 0.0% irq 0.6% sirq When running top before solving my issue, whilst the usr and sys values were very low the sirq value was reading...
  2. M

    Firewall/Skynet Question

    Nevermind, read up another thread where this was discussed not too long ago and RMerlin suggested enabling DoS protection but also noted that it is fairly useless against a DDoS attack which, in all fairness, is a different beast in itself.
  3. M

    Firewall/Skynet Question

    Follow-up question- does anyone know how Skynet implements DoS protection if enabled? It's currently no enabled but I want understand what it does if I do choose to enable it.
  4. M

    Firewall/Skynet Question

    Thanks Dave. Apologies, you're right. I have config'd Skynet to block both in and out: [4] --> Filter Traffic | [all] This makes more sense and I have seen an increase in port scans from Digital Ocean's ASN recently; as mentioned in my original post.
  5. M

    Firewall/Skynet Question

    Here's a weekly view of CPU usage for the last week; notice the ramp up Thursday onwards:
  6. M

    Firewall/Skynet Question

    Hi @ColinTaylor, thanks. Yep, you are defo right in suggesting that. Here's what I did just now- re-enabled Skynet and noticed erratic ping times. Went into firewall settings and disabled logging completely: [3] --> Logging | [Disabled] So, end result is that Skynet is...
  7. M

    Firewall/Skynet Question

    Here's a summary of my findings so far: - erratic pings from LAN to Merlin interface and vice versa reported (>200ms intermittently) - suspected LAN cable from router to switch replaced; behaviour did not go away - unplugged WAN interface on Merlin and pings came back down to normal levels...
  8. M

    Firewall/Skynet Question

    Hi @cptnoblivious, thanks for taking the time. Cheers for providing insight into Skynet processing outbound traffic and not non-open inbound. This is indeed correct as the logs suggest these are being logged by the kernel and not Skynet itself. You are bang on the money about logs though. I...
  9. M

    Firewall/Skynet Question

    Hi guys, So starting approx. last Thursday I've noticed my Asus Merlin router become unresponsive for a few seconds before coming back to life. This has happened roughly 6-8 hours apart but hasn't been consistent. I have constant pings going to it and modem beyond Merlin; which both stopped...
  10. M

    Skynet Skynet blocking question

    Hi there, not sure if this helps you or not but I've managed to fix the issue. Please see the OP or the message above this one.
  11. M

    Skynet Skynet blocking question

    OK, so I realised what it was. I completely forgot I had setup a convoluted NAT on the internal router that NAT'd the destination host to a test DoH client in the DMZ. My bad! Tested from another non-172.16.150.0/24 host and expected result looks good: Apr 7 15:55:12 kernel: [BLOCKED -...
  12. M

    Skynet Skynet blocking question

    Apologies for the bump up; please can an expert here weigh in on this? Thanks in advance.
  13. M

    Skynet Skynet blocking question

    As a side note, I found this handy site for finding out country-based networks- https://www.countryipblocks.net/acl.php
  14. M

    Question - e-Mail/Notification Unkown Device Connects to LAN

    Hi, Probably not the answer you're looking for but I've managed to do something similar using traffic monitoring via ntopng and the APIs that it comes with. Took a bit of manual scripting but I get notified when an IP not in the host list is seen on the network. Regards
  15. M

    Skynet Skynet blocking question

    Thanks :)
See more
Back
Top