Skynet 386 GitHub builds does not work with Skynet

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Blacklistedcard

Regular Contributor
Compiling my own firmware builds from the 386 branch. The model number is not displayed when you try to launch skynet. Running firewall at the command prompt errors out.

Router Model;
Skynet Version; (01/12/2020) (358a0e65e85afa8425897a993eb84b8c)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v7.6, protocol version: 7
IP Address;
FW Version; 386.1_beta3-g1b79675d07 (Dec 28 2020) (4.1.51)
Install Dir; /tmp/mnt/sda1/skynet (50.6G / 56.2G Space Available)

/jffs/scripts/firewall: line 1: arithmetic syntax error
[email protected]:/tmp/home/root#
 

dave14305

Part of the Furniture
Run the script like this to get debugging output:
Bash:
sh -x /jffs/scripts/firewall
 

L&LD

Part of the Furniture
Note that compiling your own firmware is missing many components in the stock Asus or RMerlin fork.

Unless you're only testing for something extremely specific, it is not a build to base a router on for actual use. Depending on what settings/features you want to lose, of course.
 

dave14305

Part of the Furniture
Note that compiling your own firmware is missing many components in the stock Asus or RMerlin fork.

Unless you're only testing for something extremely specific, it is not a build to base a router on for actual use. Depending on what settings/features you want to lose, of course.
My reply is OT, but it’s very sad that ASUS had to take this drastic step to neuter the source code in this new branch. I understand it’s due to all the illegal forks and mis-uses of the proprietary Trend Micro stuff, but it really kills the feeling of an open source firmware.
 

Blacklistedcard

Regular Contributor
Run the script like this to get debugging output:
Bash:
sh -x /jffs/scripts/firewall

I think it's failing on this code... It's Merlin beta branch for the 386 firmware.

Extended_DNSStats() {
case "$1" in
1)
if [ "$lookupcountry" = "enabled" ]; then
country="($(curl -fsL --retry 3 --connect-timeout 3 -A "ASUSWRT-Merlin $model v$(nvram get buildno)_$(nvram get extendno) / $(tr -cd 0-9 </dev/urandom | head -c 20)" "https://api.db-ip.com/v2/free/${statdata}/countryCode/"))"
if [ -z "$country" ]; then country="*"; fi
fi
 

Blacklistedcard

Regular Contributor
Here is the debug output...

#############################################################################################################
# #
# ███████╗██╗ ██╗██╗ ██╗███╗ ██╗███████╗████████╗ ██╗ ██╗███████╗ #
# ██╔════╝██║ ██╔╝╚██╗ ██╔╝████╗ ██║██╔════╝╚══██╔══╝ ██║ ██║╚════██║ #
# ███████╗█████╔╝ ╚████╔╝ ██╔██╗ ██║█████╗ ██║ ██║ ██║ ██╔╝ #
# ╚════██║██╔═██╗ ╚██╔╝ ██║╚██╗██║██╔══╝ ██║ ╚██╗ ██╔╝ ██╔╝ #
# ███████║██║ ██╗ ██║ ██║ ╚████║███████╗ ██║ ╚████╔╝ ██║ #
# ╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚═══╝ ╚═╝ #
# #
# Router Firewall And Security Enhancements #
# By Adamm - https://github.com/Adamm00/IPSet_ASUS #
# 01/12/2020 - v7.2.3 #
#############################################################################################################
+ export LC_ALL=C
+ mkdir -p /tmp/skynet/lists
+ mkdir -p /jffs/addons/shared-whitelists
+ ntptimer=0
+ nvram get ntp_ready
+ [ 1 = 0 ]
+ [ 0 -ge 300 ]
+ grep -vE ^#
+ awk {print $1}
+ grep+ cut -c 11-
-ow skynetloc=.* # Skynet /jffs/scripts/firewall-start
+ skynetloc=/tmp/mnt/sda1/skynet
+ skynetcfg=/tmp/mnt/sda1/skynet/skynet.cfg
+ skynetlog=/tmp/mnt/sda1/skynet/skynet.log
+ skynetevents=/tmp/mnt/sda1/skynet/events.log
+ skynetipset=/tmp/mnt/sda1/skynet/skynet.ipset
+ date +%s
+ stime=1609436264
+ [ -z /tmp/mnt/sda1/skynet ]
+ [ ! -d /tmp/mnt/sda1/skynet ]
+ nvram get wan0_proto
+ [ dhcp = pppoe ]
+ nvram get wan0_ifname
+ iface=eth0
+ [ -z ]
+ Load_Menu
+ . /tmp/mnt/sda1/skynet/skynet.cfg
+ Display_Header 9
+ printf \n\n===================================================================================================n


=============================================================================================================


+ echo Router Model;
Router Model;
+ Filter_Date
+ grep -m1 -oE [0-9]{1,2}([/][0-9]{1,2})([/][0-9]{1,4})
+ + awk {print $1}
md5sum /jffs/scripts/firewall
+ echo Skynet Version; (01/12/2020) (358a0e65e85afa8425897a993eb84b8c)
Skynet Version; (01/12/2020) (358a0e65e85afa8425897a993eb84b8c)
+ iptables --version
+ nvram get lan_ipaddr
+ echo iptables v1.4.15 - (eth0 @ 192.168.1.1)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
+ ipset -v
ipset v7.6, protocol version: 7
+ nvram+ Is_PrivateIP
+ grep -qE ^(0\.|10\.|100\.(6[4-9]|[7-9][0-9]|1[0-1][0-9]|12[0-7])\.|127\.|169\.254\.|172\.1[6-9]\.|172\.2[0-9]\)
get wan0_ipaddr
+ nvram get wan0_ipaddr
+ nvram get ipv6_service
+ [ dhcp6 != disabled ]
+ nvram get ipv6_prefix
+ nvram get ipv6_prefix_length
+ echo - (2607:fea8:a7c0:f::/64)
+ echo IP Address;
IP Address;
+ nvram get buildno
+ nvram get extendno
+ + uname -v
awk {printf "%s %s %s\n", $5, $6, $9}
+ uname -r
+ echo FW Version; 386.1_beta4-gde99bc07fd (Dec 31 2020) (4.1.51)
FW Version; 386.1_beta4-gde99bc07fd (Dec 31 2020) (4.1.51)
+ df -h /tmp/mnt/sda1/skynet
+ xargs
+ awk {printf "%s / %s\n", $11, $9}
+ echo Install Dir; /tmp/mnt/sda1/skynet (50.7G / 56.2G Space Available)
Install Dir; /tmp/mnt/sda1/skynet (50.7G / 56.2G Space Available)
+ [ -n ]
+ [ -n ]
+ [ -f /tmp/skynet.lock ]
+ sed -n 2p /tmp/skynet.lock
+ [ -d /proc/29954 ]
+ echo

+ Check_Connection
+ + grepgrep -qvE -E ^#
start.* # Skynet /jffs/scripts/firewall-start
+ [ -w /tmp/mnt/sda1/skynet ]
+ Check_Swap
+ grep -qF file /proc/swaps
+ + crugrep l
-c Skynet
+ [ 2 -lt 2 ]
+ Check_IPSets
+ ipset -L -n Skynet-Whitelist
+ ipset -L -n Skynet-Blacklist
+ ipset -L -n Skynet-BlockedRanges
+ ipset -L -n Skynet-Master
+ ipset -L -n Skynet-IOT
+ [ -n ]
+ Check_IPTables
+ [ = all ]
+ [ = inbound ]
+ [ = all ]
+ [ = outbound ]
+ nvram get sshd_enable
+ [ 2 = 1 ]
+ [ = enabled ]
+ [ = enabled ]
+ [ -n ]
+ [ = enabled ]
+ [ != 1 ]
+ Print_Log minimal
+ oldips=
+ oldranges=
+ grep -Foc add Skynet-Black /tmp/mnt/sda1/skynet/skynet.ipset
+ blacklist1count=49994
+ grep -Foc add Skynet-Block /tmp/mnt/sda1/skynet/skynet.ipset
+ blacklist2count=1865
+ unset fail
+ Check_IPTables
+ [ = all ]
+ [ = inbound ]
+ [ = all ]
+ [ = outbound ]
+ nvram get sshd_enable
+ [ 2 = 1 ]
+ [ = enabled ]
+ [ = enabled ]
+ [ -n ]
+ [ != outbound ]
+ iptables -xnvL PREROUTING -t+ raw
grep -Fv LOG
+ grep -F Skynet-Master src
+ awk {print $1}
+ hits1=
+ [ != inbound ]
+ iptables -xnvL PREROUTING+ -tgrep raw
-Fv LOG
+ grep -F Skynet-Master dst
+ awk {print $1}
+ iptables -xnvL OUTPUT -t+ raw
grep -Fv LOG
+ grep -F Skynet-Master dst
+ awk {print $1}
/jffs/scripts/firewall: line 1: arithmetic syntax error
 

dave14305

Part of the Furniture
It looks like the addition in this line is the cause:
Bash:
hits2="$(($(iptables -xnvL PREROUTING -t raw | grep -Fv "LOG" | grep -F "Skynet-Master dst" | awk '{print $1}') + $(iptables -xnvL OUTPUT -t raw | grep -Fv "LOG" | grep -F "Skynet-Master dst" | awk '{print $1}')))"
Try breaking down each command to see which one doesn’t result in a number.
Bash:
iptables -xnvL PREROUTING -t raw | grep -Fv "LOG" | grep -F "Skynet-Master dst" | awk '{print $1}'
Bash:
iptables -xnvL OUTPUT -t raw | grep -Fv "LOG" | grep -F "Skynet-Master dst" | awk '{print $1}'
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top