Menu
What's new
By:
Filters Better Search

Aegis aegis: a firewall blocklist

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I see you want perfection. Installed as fast as my fingers could write aegis. It's a delight.

Code: 
- 'aegis' version 1.1.4 is installed on external drive.                                                                 - 'aegis' is in PATH. 
 - This is the last version.
 - 'iprange' is installed: iprange 1.0.4
 
Looks like I'm not so lucky, what's the steps to diagnose what's up here...

Carried out the aegis upgrade and got this...

Code: 
root@R7800:/$ aegis upgrade
Upgrading:
- Version installed: 1.1.3
- Version found: 1.1.4
? Do you want to upgrade from 1.1.3 to 1.1.4 (y/n)? y
- Downloading:
/tmp/aegis.dl       100%[===================>]  34.11K  --.-KB/s    in 0.04s
- Script installed to /opt/bolemo/scripts/aegis

So all seemed to go ok, but upon running aegis status I get this...

Code: 
root@R7800:/$ aegis status
Status:
- 'aegis' version: 1.1.4
- 'iprange' is installed: iprange 1.0.4
- Something is not right! Use 'aegis -v status' for more details
- Logging is off.
 
Tom Brough said:
Well seems to be fixed with a router reboot.
Click to expand...

Ok.

Don’t forget if you encounter any problem to use
Code: 
aegis status -v
as the -v gives the information that can help me to understand the problem.
 
  • Like
Reactions: KW.
Thanks for latest version
This is what I get

root@R7800:/$
root@R7800:/$ aegis status
Status:
- 'aegis' version: 1.1.4
- 'iprange' is installed: iprange 1.0.4
- Something is not right with iptables setup! Use 'aegis -v status' for more details
- Logging is on.
root@R7800:/$
root@R7800:/$ aegis -v status
aegis 1.1.4 - Verbose mode
Status:
- 'aegis' version: 1.1.4
- 'iprange' is installed: iprange 1.0.4
- Something is not right with iptables setup! Use 'aegis -v status' for more details
- Logging is on.
Detailed status:
- 'firewall-start.sh' exists with correct settings.
- 'post-mount.sh' exists with correct settings.
- Actual router time: 2020-05-26 09:15:46
- Blocklist generation time: 2020-05-25 03:15:04
- Router firewall was last started 2020-05-26 07:43:49:
ipset blocklist was already loaded.
iptables logging rules were set.
iptables WAN rules were set.
- iptables rules are not set properly:
iptables rules are not set for VPN tunnel
WAN interface rules are set
iptables -N aegis_dst
iptables -N aegis_src
iptables -A INPUT -i ppp0 -m set --match-set aegis_bl src -j aegis_src
iptables -A FORWARD -i ppp0 -m set --match-set aegis_bl src -j aegis_src
iptables -A FORWARD -o ppp0 -m set --match-set aegis_bl dst -j aegis_dst
iptables -A OUTPUT -o ppp0 -m set --match-set aegis_bl dst -j aegis_dst
iptables -A aegis_dst -j LOG --log-prefix "[aegis] "
iptables -A aegis_dst -j DROP
iptables -A aegis_src -j LOG --log-prefix "[aegis] "
iptables -A aegis_src -j DROP
- Logging is active.
- ipset blocklist is set:
Name: aegis_bl
Type: hash:net
Revision: 6
Header: family inet hashsize 16384 maxelem 55744
Size in memory: 1026152
References: 4
- ipset whitelist is not set.
- ipset WAN gateway bypass is not set.
root@R7800:/$
 
Tom Brough said:
Try now running

aegis update and see if it's ok afterwards.
Click to expand...
Heres the result

root@R7800:/$
root@R7800:/$ aegis update
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
root@R7800:/$
root@R7800:/$ RTNETLINK answers: No such process
 
Ok, it seems that there is a lot more going on than just aegis here...

First, can you get the output of this:
Code: 
aegis status -v

And that:
Code: 
iptables -S

Then, can you do this (and post output):
Code: 
aegis clean -v

And that (and post output put as well):
Code: 
net-wall restart

If at this point you still have those weird messages, they are not coming from aegis (but from some other rules in firewall-start.sh)

jrbmw said:
Heres the result

root@R7800:/$
root@R7800:/$ aegis update
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: Bad rule (does a matching rule exist in that chain?).
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: Bad rule (does a matching rule exist in that chain?).
ip6tables: No chain/target/match by that name.
ip6tables: No chain/target/match by that name.
root@R7800:/$
root@R7800:/$ RTNETLINK answers: No such process
Click to expand...
 
Does this mean all is ok with aegis....before I try what you said

root@R7800:/$
root@R7800:/$ /opt/bolemo/scripts/aegis info
Info:
- 'aegis' version 1.1.4 is installed on external drive.
- 'aegis' is in PATH.
- This is the last version.
- 'iprange' is installed: iprange 1.0.4
root@R7800:/$
root@R7800:/$ aegis status
Status:
- 'aegis' version: 1.1.4
- 'iprange' is installed: iprange 1.0.4
- 'aegis' is set and active for WAN interface (ppp0) and VPN tunnel (tun21).
- Filtering 619883251 IP adresses.
- WAN gateway IP range does not need to be bypassed.
- Logging is on.
root@R7800:/$
 
Yep :)

jrbmw said:
Does this mean all is ok with aegis....before I try what you said

root@R7800:/$
root@R7800:/$ /opt/bolemo/scripts/aegis info
Info:
- 'aegis' version 1.1.4 is installed on external drive.
- 'aegis' is in PATH.
- This is the last version.
- 'iprange' is installed: iprange 1.0.4
root@R7800:/$
root@R7800:/$ aegis status
Status:
- 'aegis' version: 1.1.4
- 'iprange' is installed: iprange 1.0.4
- 'aegis' is set and active for WAN interface (ppp0) and VPN tunnel (tun21).
- Filtering 619883251 IP adresses.
- WAN gateway IP range does not need to be bypassed.
- Logging is on.
root@R7800:/$
Click to expand...
 
Tom Brough said:
I've noticed I've got it installed on USB but it didn't survive a firmware update to version 77 today.. but it reinstalled easy enough.
Click to expand...

I will do the firmware update just before going to sleep. Will see if it survives or not for me.

Thank you all for reporting, it helps to make aegis better :)
 
Flashed firmware, reboot and aegis was up and running for me.
 
After voxel update on r9000 I had to install Aeigs again, but worse was that iprange dont work anymore but get the message its not for my device.

Code: 
Installing on external device /tmp/mnt/sdb1                                                                             Creating directory (if not already existing): /tmp/mnt/sdb1/bolemo                                                      Creating symlink (if not already existing): /opt/bolemo                                                                 Creating subdirectories in bolemo: scripts, etc                                                                         Installing firewall-blocklist files                                                                                     Done!                                                                                                                   The iprange version offered by this installer are not supported on this device, if you want to install iprange, you need to do it through Entware.                                                                                              Remove install files? [y/n] y                                                                                                                                                                                                                   Removing install files...                                                                                               Done!
 
@Hello World

while checking aegis status I find I have 1.0.3 installed on my internal drive and 1.1.4 on my external drive.
Dont know how that happened:( ....can you tell me how to clear the internal drive
 
No problem :)

Code: 
cd /root
ls -l
At this point, you should see a ‘bolemo’ folder, confirming you have it installed in internal memory.

Then:
Code: 
rm -rf bolemo
That’s it ;)

jrbmw said:
@Hello World

while checking aegis status I find I have 1.0.3 installed on my internal drive and 1.1.4 on my external drive.
Dont know how that happened:( ....can you tell me how to clear the internal drive
Click to expand...
 
This is what I got , is it right

root@R7800:/$ cd /root
root@R7800:~$ ls -l
root@R7800:~$
root@R7800:~$ rm -rf bolemo
root@R7800:~$

Regards

obviously not right
oot@R7800:~$ aegis status
Status:
- 'aegis' version: 1.0.3
- 'iprange' is installed: iprange 1.0.4
- 'aegis' is set and active.
- Filtering 620027834 IP adresses.
- Logging is on.
root@R7800:~$
root@R7800:~$ aegis info
Info:
- 'aegis' version 1.0.3 is installed on internal drive.
- Lastest version available: 1.1.4
- 'iprange' is installed: iprange 1.0.4
root@R7800:~$
root@R7800:~$
 
You must log in or register to reply here.

Similar threads

HELLO_wORLD
Aegis Aegis 1.7.x
8 9 10
Replies
192
Views
24K
DeuX
DeuX
HELLO_wORLD
Aegis Aegis (simple yet effective protection)
15 16 17
Replies
327
Views
31K
Jake77
J
HELLO_wORLD
Tutorial Adding custom SSID and specific VLAN (for IOT for example)
Replies
14
Views
803
alexnev
A
HELLO_wORLD
[R7800, R9000 & probably others] Blocklist based Firewall addon
5 6 7
Replies
133
Views
12K
HELLO_wORLD
HELLO_wORLD
HELLO_wORLD
[R7800] warnings with iptables
Replies
8
Views
2K
R. Gerrits
R

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 798 (members: 19, guests: 779)
Top