Menu
What's new
By:
Filters Better Search

Aegis Aegis (simple yet effective protection)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

1.4.6

A lot of internal structural changes (to reflect new terminology concept and optimize/rationalize the code).
Fixes the bug described by @Jauger
Changed the command clean by unset
unset and down are now different:
- down is to stop aegis, but it does not unset its code in firewall-start.sh and post-mount.sh and it does not removes the directives files (calculated blocklist and whitelist from sources and custom lists). It is more logical to use down when you intend to start it later.
Even though code is left in these files, aegis won’t start unless aegis up is called.
- unset stops aegis, but also removes its code from above-mentioned files. More intended to use if you won’t be using aegis for a long time.

Also, when aegis up is used and no directives files are found (first launch or after firmware upgrade), it will automatically refresh the directives.

Web Companion was updated to work with those changes (and fix the log display bug).

Recommended upgrade procedure is either from cli, or from the web interface, but after the upgrade, please reload the web page and restart aegis with refresh (if you want it on).
 
Last edited:
So I clicked the web upgrade to 1.4.6 from 1.4.5 and results are:
Aegis shield is not set (environment is clean).
Active WAN interface is 'brwan'.
no VPN tunnel found.
Blocklist directives generation time: 2020-12-21 03:40:12
No status file found.
Debug Info
  • device info: R7800 R7800 V1.0.2.81SF
  • aegis info: aegis 1.4.6-ext
  • status codes: 0#0#0#brwan#x.x.x.x/21###0#0#1
  • file codes: //
  • iptables engine rules:
  • no aegis rules are set.
  • ipset engine sets:
---------------------------------
Had to run a "Refresh directives then start aegis (without logging)" from the GUI and now everything is back to working.
 
I noticed the same; also had to "refresh directives" before the GUI showed OK.

btw, "shield was upreared from" -> I thought my english (or american english) was pretty good, but I really had to look up the meaning of uprear; it was the first time I've seen this word being used.
 
Yes, internal changes are important, and the upgrade can bring little glitches like that. The web companion is in fact trying to start it with a command that is not existing anymore (because web page calling the upgrade is still on prior version)

Solution is to refresh the page after the upgrade, then uprear the shield ;)
Yep, thought that this word was appropriate to uplift a legendary shield.
 
Heads up, the Web UI still has a slight problem, its reversing internal for external sources....
ex:
2020-12-21 18:09:56 Blocked Incoming UDP packet from WAN: 10.0.0.3:25377 to LAN: 194.57.91.200:53

2020-12-21 18:09:55 Blocked Incoming UDP packet from WAN: 10.0.0.4:47224 to LAN: 194.167.45.250:53

10.0.0.3 & 10.0.0.4 are my pihole internal addresses
 
Jauger said:
Heads up, the Web UI still has a slight problem, its reversing internal for external sources....
ex:
2020-12-21 18:09:56 Blocked Incoming UDP packet from WAN: 10.0.0.3:25377 to LAN: 194.57.91.200:53

2020-12-21 18:09:55 Blocked Incoming UDP packet from WAN: 10.0.0.4:47224 to LAN: 194.167.45.250:53

10.0.0.3 & 10.0.0.4 are my pihole internal addresses
Click to expand...
Thanks for reporting.

To debug this one, I need the raw log.
Could you send me the result of this command:
Code: 
grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis

Also, do you experience the same bug by doing in the terminal aegis log -show ?

Thank you
 
Last edited:
for me the output of the command
grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis
is empty.
I'm on v 1.4.5
 
h1ms3lf said:
for me the output of the command
grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis
is empty.
I'm on v 1.4.5
Click to expand...
This command is for @Jauger to pin-point why he experiments the bug he reported. It won’t give anyone else useful results (like you, it would return empty).

Do you experiment the same glitch in Web Companion log tab than @Jauger ?
 
HELLO_wORLD said:
This command is for @Jauger to pin-point why he experiments the bug he reported. It won’t give anyone else useful results (like you, it would return empty).

Do you experiment the same glitch in Web Companion log tab than @Jauger ?
Click to expand...

The only thing i've noticed is if I leave open the LOG tab, without refresh, after a few new entries the displayed log changes from "Blocked INCOMING TCP packet from WAN" to "Blocked INCOMING TCP packet from VPN"
but in rest everything works ok.
 
HELLO_wORLD said:
Thanks for reporting.

To debug this one, I need the raw log.
Could you send me the result of this command:
Code: 
grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis

Also, do you experience the same bug by doing in the terminal aegis log -show ?

Thank you
Click to expand...
Will do but I must be on the other side of the planet from you. I'll swing home in a few hours and try....
 
h1ms3lf said:
The only thing i've noticed is if I leave open the LOG tab, without refresh, after a few new entries the displayed log changes from "Blocked INCOMING TCP packet from WAN" to "Blocked INCOMING TCP packet from VPN"
but in rest everything works ok.
Click to expand...
v1.4.6 fixed this issue ( @Jauger experienced that as well with 1.4.5)
On 1.4.6, he has another issue with WAN and LAN reversed for some of his devices.
 
running grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis gives an empty reply and my logs in the web ui and terminal are now not showing the bug. I'll continue to run it and see if it returns.
 
ok, in terminal log it shows as
2020-12-22 11:02:05 Blocked outgoing UDP packet to WAN: 208.80.126.13:53 from LAN: <unknown> (10.0.0.3):21026
which looks correct but in web ui it shows as

2020-12-22 11:02:05 Blocked Incoming UDP packet from WAN:10.0.0.3: 21026 to LAN:208.80.126.13:53

(also no outgoing logs, which is weird)
 
Ok, thanks; can you send me the result of
Code: 
grep -F "$(echo -ne "10.0.0.3\n10.0.0.4")" /var/log/log-aegis

I need that to reproduce this here and find why.

The code is the same for cli and gui, so it is a variable or some environment difference.
 
Ok, maybe it was just that :)

Your log extract is helpful, particularly if the problem comes back.
 
Ive completly uninstalled aegis...removed all my custom iptables, rebooted and did a fresh install of aegis......what I am seeing is the log in terminal is showing the correct outbound logs, the web ui isnt showing any outbound but incoming...and incoming doesnt look complete
 
Jauger said:
Ive completly uninstalled aegis...removed all my custom iptables, rebooted and did a fresh install of aegis......what I am seeing is the log in terminal is showing the correct outbound logs, the web ui isnt showing any outbound but incoming...and incoming doesnt look complete
Click to expand...
Ok, I will need to be able to reproduce the bug here to work on it. As you seem to be the only one experiencing this. Here the GUI log viewing is fine.
Here a great code that should work
Code: 
grep -F '10.0.0.4' /var/log/log-aegis
grep -F '10.0.0.3' /var/log/log-aegis

Knowing it is only on the web GUI clears some research, but then it can be on the server script delivering the log to the webpage, or the client script in the webpage.

First, could you give me (in pm if you are not confortable having it public) the result of this:
Code: 
cat /tmp/netscan/attach_device /tmp/dhcpd_hostlist /tmp/hosts

I might come with a new version that will not solve the problem, but would have a debug mode allowing to better pinpoint this kind of situation.

PS: I might be a little less responsive these times (Xmas season), but what is important is this bug is not affecting the shield itself.
 
1.4.7 1.4.8

Code cleaning.
Major optimization in generation of web log (all process is done via a very big awk command). Uses way less cpu. That should also solve @Jauger bug ;)

1.4.8 corrects minor bug: wrong protocol showing in web log for uncommon protocols.
 
Last edited:
You must log in or register to reply here.

Similar threads

HELLO_wORLD
Aegis Aegis 1.7.x
8 9 10
Replies
192
Views
24K
DeuX
DeuX
HELLO_wORLD
Aegis aegis: a firewall blocklist
7 8 9
Replies
177
Views
17K
HELLO_wORLD
HELLO_wORLD
HELLO_wORLD
Aegis Aegis 1.7.0 beta
2
Replies
29
Views
3K
HELLO_wORLD
HELLO_wORLD
HELLO_wORLD
Aegis The future of Aegis
Replies
4
Views
2K
HELLO_wORLD
HELLO_wORLD
HELLO_wORLD
[R7800, R9000 & probably others] Blocklist based Firewall addon
5 6 7
Replies
133
Views
12K
HELLO_wORLD
HELLO_wORLD

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 885 (members: 17, guests: 868)
Top