Skynet Additional blocking list(s)

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Volkis

New Around Here
I've tried to find an answer on how to easily add your own blocking list in addition to the default filter lists. And with easy I mean not using menues or CLI on the router.
I have an idea on letting my mail server provide a list of ip-numbers so these will be blocked at router/firewall level instead of letting the mail server do the job.
Is it possible for Skynet to read a list that is scp:ed into the /skynet/lists/ folder or should I clone the official filter, add my local url to it and provide the url for my new filter.list to Skynet?
I want this to run automagically with a cron script on the mail server and Skynet is more or less passively adding contents of the list provided by the mail server.
Maybe this topic have been handled before and I'm too old to read all threads ;-)
 

dave14305

Part of the Furniture
You'd want to experiment with the import blacklist command. I've never fully understood how persistent these import/deport commands are, but it's somewhere to start.

Code:
Example Import Commands;
( firewall import blacklist file.txt "Apples" ) This Bans All IPs From URL/Local File With The Comment Apples
( firewall import whitelist file.txt "Apples" ) This Whitelists All IPs From URL/Local File With The Comment Apples
 

SolCutter

New Around Here
I had the same question and have been researching Skynet, including looking through the GitHub files. There’s one file with about 10 entries for the blocklist used by Skynet. I imagine Adamm decided to use individual list instead of the composite Fire_Hol(1-4) list in order to cut down on issues with false positives and blocking users from accessing the firewall. Beware that many list can block private IP address ranges and that would likely result in being locked out of your firewall. Here are the default block list included with Skynet:

https://github.com/Adamm00/IPSet_ASUS/blob/master/filter.list

Although I am not certain, I believe, that the blocklist have to be in text format as IP addresses. CIDR blocks are supported. Some list are in XML format, I don’t know if those work. If you search for "Firewall Blocklist" then you’ll find some discussions relevant to other Linux distros. Also the Firehol github has a lot of useful information as well as the main Firehol site on their list and others.

I believe some of these might be included already, but here is a “list of list”.

https://opendbl.net/
 

ttgapers

Senior Member
I use 18 vs. Adamm's default 13, but updated via GUI/cli.

Code:
https://raw.githubusercontent.com/ttgapers/public/main/asus/skynet/custom.list

So for me if I wanted to add one of you entries from opendbl, I'd edit your custom.list to include the list you would like to add, assuming it's in the same ipset format. I got to mine from trial/error as some of the 0-day lists can have lots of false positives.
 

Audionut

Regular Contributor
Beware that many list can block private IP address ranges and that would likely result in being locked out of your firewall.
Skynet whitelists the lan.


For extra lists, I just cloned the skynet repo and modify the list to my liking. You can use any other hosted list also. Then in skynet, use option 3 (Malware Blocklist), then option 2 (Change Filter List).
I prefer a block all, and whitelist the known good approach. But that's difficult through a command line, so a strong list is a good compromise. For the Firehol lists, I used almost all of the active lists, that weren't also 100% common in other lists.

edit: for the country blocklist, I used this site.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top