What's new

AiProtection - no hits at all

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I've noticed Web History also stops recording after about a week time on AC86U router running Asuswrt 48260. There are some things to fix.
My personal guess is that it`s tied to their sqlite db management, which might explain why logging stops after a while. Could be something wrong in how they purge old entries when the filesize reaches the threshold limit. Or, some people`s JFFS partition fills up before that threshold is reached.
 
I don't know why it stops recording, but reboot fixes it for the next few days.
 
My personal guess is that it`s tied to their sqlite db management, which might explain why logging stops after a while. Could be something wrong in how they purge old entries when the filesize reaches the threshold limit. Or, some people`s JFFS partition fills up before that threshold is reached.
Is there a way these old entries could be removed while the router is up and running to restore logging back to normal? I've noticed my JFFS partition rarely goes above 15%, so I'm thinking the logging issue is related to filesize thresholds or something else, and not partition issues.
 
Is there a way these old entries could be removed while the router is up and running to restore logging back to normal? I've noticed my JFFS partition rarely goes above 15%, so I'm thinking the logging issue is related to filesize thresholds or something else, and not partition issues.
I would expect it to be automatically managed (like they do for the AiProtection event log), but I don`t have any details, sorry.
 
Is there a way these old entries could be removed while the router is up and running to restore logging back to normal? I've noticed my JFFS partition rarely goes above 15%, so I'm thinking the logging issue is related to filesize thresholds or something else, and not partition issues.
I dug this out from Merlin from an old thread:


The database where it stores the logs may be corrupted.

1) Disable AiProtection/Malicious Website Blocking
2) Delete the database. Over SSH:

Code:
rm /jffs/.sys/AiProtectionMonitor/*

3) Re-enable the features
 
I dug this out from Merlin from an old thread:


The database where it stores the logs may be corrupted.

1) Disable AiProtection/Malicious Website Blocking
2) Delete the database. Over SSH:

Code:
rm /jffs/.sys/AiProtectionMonitor/*

3) Re-enable the features

This method works yet you may have to go a bit further. If disabling AiProtection and then deleting the database dose not fix the issue, I found that withdrawing perdition for all Trend Micro apps and then deleting the database with the following command dose it: rm -rf /jffs/.sys/AiProtectionMonitor/*

The reenable the features you want and test by visiting wrs49.winshipway.com

Not that it may take as much as 30 minutes till the counter changes.
 
Same problem here with firmware 3004.388.6_2.

After testing the site, here's what it shows me in Firefox.
The site is blocked, but the Aiprotection counter is still at 0...

1709797810783.png

1709797656492.png

1709797667566.png


Another problem If I authorize the site, everything's fine. However, if I remove it from the list, it still works...

I don't think it's from Merlin, but if you could pass it on to Asus to fix these problems, that would be great.
 
Last edited:
Same problem here with firmware 3004.388.6_2.

After testing the site, here's what it shows me in Firefox.
The site is blocked, but the Aiprotection counter is still at 0...

View attachment 57007
View attachment 57005
View attachment 57006

Another problem If I authorize the site, everything's fine. However, if I remove it from the list, it still works...

I don't think it's from Merlin, but if you could pass it on to Asus to fix these problems, that would be great.
It is your web browser. It should be http:// not https://
Log out of your router and test the link in private mode with http://wrs49.winshipway.com
Also if you have local access config to HTTPS, I don't think the AiProtection blocksite will work

AiProtection.png

Stats.png
 
Enjoy !
It was Firefox's fault with the "HTTPS mode only" option. I deactivated it and went back to the site in question, where the AiProtection blocking window is now displayed.
But for the moment, the counter is still at 0 :

1709804073882.png


1709804153003.png

1709804180007.png

1709804241955.png
 
Enjoy !
It was Firefox's fault with the "HTTPS mode only" option. I deactivated it and went back to the site in question, where the AiProtection blocking window is now displayed.
But for the moment, the counter is still at 0 :

View attachment 57011

View attachment 57012
View attachment 57013
View attachment 57014
You might have to follow @RMerlin steps on this link https://www.snbforums.com/threads/aiprotection-gui-always-shows-0.63682/post-659963
Don't forget to withdraw Asus privacy for AiProtection before re-enabling it

Privacy.png
 
Thanks.
Before I do something stupid, does the command work with the latest version ? (RT-AX88U - 3004.388.6_2)
Code:
rm -rf /jffs/.sys/AiProtectionMonitor/*
 
Thanks.
Before I do something stupid, does the command work with the latest version ? (RT-AX88U - 3004.388.6_2)
Code:
rm -rf /jffs/.sys/AiProtectionMonitor/*
Should be. I don't think they were any changes to AiProtection jffs database. Just follow the steps :)
 
Should be. I don't think they were any changes to AiProtection jffs database. Just follow the steps :)
So I disable the privacy, disable AiProtection and open putty, connect to the router and run the command, that's it?
 
So I disable the policy, disable AiProtection and open putty, connect to the router and run the command, that's it?
And re-enable AiProtection after running the command
 
Double Enjoy.

I've just carried out the manipulations, and the counter is alive again. How wonderful.

It's a pity that you have to do this every now and then, and the problem isn't solved for good. Perhaps you should integrate the ssh command into the Merlin firmware with each new release ?

However, I had done several WPS resets after flashing the latest firmware version, so I shouldn't have had this AiProtection problem.

Thanks in any case for this tip, which still works.

1709806838357.png

1709806351787.png
 
Double Enjoy.

I've just carried out the manipulations, and the counter is alive again. How wonderful.

It's a pity that you have to do this every now and then, and the problem isn't solved for good. Perhaps you should integrate the ssh command into the Merlin firmware with each new release ?

However, I had done several WPS resets after flashing the latest firmware version, so I shouldn't have had this AiProtection problem.

Thanks in any case for this tip, which still works.

View attachment 57021
View attachment 57020
I have only done that command once. And AiProtection is outside of Merlin's control I guess. AiProtection for me is a bonus, I don't fret over it. Just using my router for what I need and sensibly, and not install add-ons I don't need. You should be fine :)
 
I have only done that command once. And AiProtection is outside of Merlin's control I guess. AiProtection for me is a bonus, I don't fret over it. Just using my router for what I need and sensibly, and not install add-ons I don't need. You should be fine :)
Thank you for this information.
I only use it to glance at the counter to see which site has been blocked, I find it quite handy.
I don't use addons either.
Thanks in any case for reviving the counter ;)
 
The reset procedure for AI protection is a temporary fix and sometimes it has no effect. The good news is that the hosts get blocked. It makes me uneasy that the statistics don't work correctly and this problem has been around for years.

Asus needs to get there act together. The UniFi product line is now more capable and much less expensive.
 
I agree with you. In my case, the procedure worked. But it's true that this is a recurring problem.
I hope they will see this post or that someone will bring this problem up again.
For a router costing 300$, you need all the functions to work properly.
 
I only use it to glance at the counter to see which site has been blocked, I find it quite handy.
But you opened the door to Trend Micro. J'ai préféré ne rien activer et ne rien partager avec eux. Famille de 4 plus plein de bidules connectés et je n'ai qu'un script qui tourne, un bloqueur de pubs qui sert à tout le monde puisqu'au niveau routeur.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top