What's new

Aegis Aegis 1.7.x

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

*edit* issue below was resolved by installing Voxel 9.2.5.2.17SF-HW.

@HELLO_wORLD Thanks for your work on this addon. I had it working well for a while on my RBR50 on external usb drive, however since around the time I upgraded to Voxel V9.2.5.2.16SF-HW, it seems to have stopped working (may just be coincidental timing).

I can run aegis up, however aegis status -vv then shows the following:

root@RBR50:~# aegis status -vv
aegis 1.7.12 - Verbose mode [level 2]
Problems:
- shield was upreared, but is not up!
Setting status:
- firewall-start.sh is set for aegis.
- post-mount.sh is set for aegis.
Shield status:
- shield is down.
- logging is disabled.
Directives generation times:
- actual router time: 2021-12-08 10:10:35
- sources cache list latest update: 2021-12-08 10:04:30
- global block list: 2021-12-08 10:04:31
- global bypass list: 2021-12-08 10:04:31
- VPN specific bypass list: 2021-12-08 10:04:32
iptables aegis rules:
- no aegis rules are set.
ipset aegis sets:
ipset v7.15: Kernel error received: Invalid argument
- no aegis ipsets are set.

Debug section of Web Companion shows the following:

  • device info: RBR50 RBR50 V9.2.5.2.16SF-HW
  • aegis info: aegis 1.7.12-ext
  • status codes: ck:32807|dna:brwan|dir:|ablc:|awlc:|wblc:0|wwlc:0|tblc:|twlc:|wif:|wnt:|tif:|tnt:
  • info file: tst:|nfo:|dna:|wif:|wnt:|tif:|tnt:
  • conf:
    • aegis.wan=net-iface
    • aegis.tun=net-iface
    • aegis.log=log
    • aegis.up=1
    • aegis_web.log=subsection
    • aegis_web.log.len='150'
    • aegis_web.log.basetime='1638917409'
    • aegis_web.log.pos='0'
  • iptables engine rules:
    • no aegis rules are set.
  • ipset engine sets:
I am also unable to enable logging.

I've tried a complete reinstall with unset etc, but no luck resolving the issue. Any help would be appreciated.
 
Last edited:
*edit* issue below was resolved by installing Voxel 9.2.5.2.17SF-HW.

@HELLO_wORLD Thanks for your work on this addon. I had it working well for a while on my RBR50 on external usb drive, however since around the time I upgraded to Voxel V9.2.5.2.16SF-HW, it seems to have stopped working (may just be coincidental timing).

I can run aegis up, however aegis status -vv then shows the following:

root@RBR50:~# aegis status -vv
aegis 1.7.12 - Verbose mode [level 2]
Problems:
- shield was upreared, but is not up!
Setting status:
- firewall-start.sh is set for aegis.
- post-mount.sh is set for aegis.
Shield status:
- shield is down.
- logging is disabled.
Directives generation times:
- actual router time: 2021-12-08 10:10:35
- sources cache list latest update: 2021-12-08 10:04:30
- global block list: 2021-12-08 10:04:31
- global bypass list: 2021-12-08 10:04:31
- VPN specific bypass list: 2021-12-08 10:04:32
iptables aegis rules:
- no aegis rules are set.
ipset aegis sets:
ipset v7.15: Kernel error received: Invalid argument
- no aegis ipsets are set.

Debug section of Web Companion shows the following:

  • device info: RBR50 RBR50 V9.2.5.2.16SF-HW
  • aegis info: aegis 1.7.12-ext
  • status codes: ck:32807|dna:brwan|dir:|ablc:|awlc:|wblc:0|wwlc:0|tblc:|twlc:|wif:|wnt:|tif:|tnt:
  • info file: tst:|nfo:|dna:|wif:|wnt:|tif:|tnt:
  • conf:
    • aegis.wan=net-iface
    • aegis.tun=net-iface
    • aegis.log=log
    • aegis.up=1
    • aegis_web.log=subsection
    • aegis_web.log.len='150'
    • aegis_web.log.basetime='1638917409'
    • aegis_web.log.pos='0'
  • iptables engine rules:
    • no aegis rules are set.
  • ipset engine sets:
I am also unable to enable logging.

I've tried a complete reinstall with unset etc, but no luck resolving the issue. Any help would be appreciated.

I am glad to see it is now working.
It seems it was a problem with ipset as this suggests: “ipset v7.15: Kernel error received: Invalid argument”, that was fixed with firmware upgrade.

Thank you for using Aegis :)
 
Hi @HELLO_wORLD, thanks as always for your great addon. In the Log section of the web companion, I often see these errors. Any ideas what might be causing it? Thank you
Screenshot 2022-06-13 121727.png
 
Hi @HELLO_wORLD, thanks as always for your great addon. In the Log section of the web companion, I often see these errors. Any ideas what might be causing it? Thank youView attachment 41816
Have you always seen this error ?
The log page is using Ajax to load new entries in the log. Each time you see the "500 Internal Server Error", the http server of the router failed to send back the data.
I am not sure why in your case, as it is working for everybody else… What is your configuration ?
You can find that out by copy/pasting what is in the "DEBUG" tab. Thank you!
 
hi guys! little confused on what this is blocking, where is iprange pulling from? who adds to that blacklist? what criteria gets blacklisted? spammers, hackers etc? Read the githhub and still a little confused. Does blacklist include AG providers? Is AdGuard on Kamoj duplicate protection or completely different?

Just upgraded voxel and kamoj after running stable for years and forget about this subject loll
 
Last edited:
hi guys! little confused on what this is blocking, where is iprange pulling from? who adds to that blacklist? what criteria gets blacklisted? spammers, hackers etc? Read the githhub and still a little confused. Does blacklist include AG providers? Is AdGuard on Kamoj duplicate protection or completely different?

Just upgraded voxel and kamoj after running stable for years and forget about this subject loll
Hi,

It is blacklisting anything you want, from either (or/and) lists of IPs, IP ranges that they are from a remote list published on internet or your own custom list.
It comes with some default lists (all can be seen as it is open source), that blocks known spammers, hackers and bogon IPs, but it is fully configurable to whatever you like :)
 
Just passing by, and I am not forgetting any of you :)

Wishing you a Happy and Healthy New Year 2023.
I am not working on Aegis anymore for Netgear routers, as it is mature and working fine as it is now.

I am experimenting with an Aegis on OpenWrt 22.03 based on nftables (what a change from iptables), and it works quite well. I am able to export the log to elastic search and have a nice dashboard:
Capture d’écran 2023-01-05 à 16.47.11.png
 
Last edited:
Just passing by, and I am not forgetting any of you :)

Wishing you a Happy and Healthy New Year 2023.
I am not working on Aegis anymore for Netgear routers, as it is mature and working fine as it is now.

I am experimenting with an Aegis on OpenWrt 22.03 based on nftables (what a change from iptables), and it works quite well. I am able to export the log to elastic search and have a nice dashboard:
View attachment 46941

Happy new year to you too!
Thank you for making and maintaining Aegis.

Every time I look at the logs it really surprises me how much incoming and outgoing traffic it blocks.
 
Hi guys,

For a couple weeks AEGIS kept me from using github.
For example, with AEGIS enabled I can not reach https://github.com/bolemo/aegis/blob/stable/README.md.

I use kamoji to keep the blocklists up to date (aegis refresh) with the most recent update taking place on 2023-01-22 04:00:02 (sunday 4 AM).

Do you guys know why github was added to the blocklist?
 
Hi guys,

For a couple weeks AEGIS kept me from using github.
For example, with AEGIS enabled I can not reach https://github.com/bolemo/aegis/blob/stable/README.md.

I use kamoji to keep the blocklists up to date (aegis refresh) with the most recent update taking place on 2023-01-22 04:00:02 (sunday 4 AM).

Do you guys know why github was added to the blocklist?
It is quite common that GitHub ends up in these blocklists for a while, until someone reports it to the curators and it is ok again until next time.
I am not sure why, but I noticed that it happened several times over the years.

Best advice is to whitelist it and you won't ever be bothered again ;): 140.82.112.0/20
 
It is quite common that GitHub ends up in these blocklists for a while, until someone reports it to the curators and it is ok again until next time.
I am not sure why, but I noticed that it happened several times over the years.

Best advice is to whitelist it and you won't ever be bothered again ;): 140.82.112.0/20

All is fine again with the listed ip in the global whitelist.
Thanks a lot!
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top