Menu
What's new
By:
Filters Better Search

Firewall doesen't block custom rules, neighter Skynet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

MamaLing

Occasional Visitor
Hi All!
I have a Asus router that I bought about 3 months ago, recently I started to focus more on network security because my home server was hacked previously. I have Pi-hole on my whole network and I want to have a secure firewall on my router.

This is my configuration (from Skynet):

Code: 
Router Model; RT-AC86U
Skynet Version; v7.3.5 (09/01/2023) (702ee3895944085a17abac5ffc112274)
iptables v1.4.15 - (eth0 @ 192.168.1.1)
ipset v7.6, protocol version: 7
IP Address; (xxx.xx.xx.xx)
FW Version; 386.9_0 (Jan 6 2023) (4.1.27)
Install Dir; /tmp/mnt/SANDISK/skynet (112.6G / 114.6G Space Available)
SWAP File; /tmp/mnt/SANDISK/myswap.swp (2.0G)
Syslog Location; (/jffs/syslog.log) (/jffs/syslog.log-1)
Uptime; 0 days, 0 hours, 5 minutes.
Ram Available; (108M / 416M)

First I tried to set custom domains to ban on the stock Merlin's firmware and after testing, the conclusion was that the firewall doesn't filter those IPs/domains I set before. So after this, I've found Skynet, I installed it, right after checked the router's GUI and Skynet's stats were blank. They continued to be blank after reboot, later I changed log level to debug on the router logs page (on GUI), I went back and suddenly I saw that Skynet begun to work. Later I started testing and added custom rules to ban domains, turns out the router doesn't block my rules.
However, looking at the logs, there are some blocking is going on, but not the predetermined rules.

Doing debug on Skynet, all tests came back ok:

Code: 
--------------------                | ----------
| Test Description |                | | Result |
--------------------                | ----------

Internet-Connectivity               | [Passed]
Write Permission                    | [Passed]
Config File                         | [Passed]
Firewall-Start Entry                | [Passed]
Services-Stop Entry                 | [Passed]
Service-Event Entry                 | [Passed]
Profile.add Entry                   | [Passed]
SWAP File                           | [Passed]
Cron Jobs                           | [Passed]
NTP Sync                            | [Passed]
IPSet Comment Support               | [Passed]
Log Level 3 Settings                | [Passed]
Duplicate Rules In RAW              | [Passed]
IPSets                              | [Passed]
IPTables Rules                      | [Passed]
Local WebUI Files                   | [Passed]
Mounted WebUI Files                 | [Passed]
MenuTree.js Entry                   | [Passed]


-----------                         | ----------
| Setting |                         | | Status |
----------                          | ----------

Skynet Auto-Updates                 | [Enabled]
Malware List Auto-Updates           | [Enabled]
Logging                             | [Enabled]
Filter Traffic                      | [Enabled]
Unban PrivateIP                     | [Enabled]
Log Invalid Packets                 | [Disabled]
Import AiProtect Data               | [Enabled]
Secure Mode                         | [Enabled]
Fast Switch List                    | [Disabled]
Syslog Location                     | [Custom]
IOT Blocking                        | [Disabled]
Country Lookup For Stats            | [Enabled]
CDN Whitelisting                    | [Enabled]
Display WebUI                       | [Enabled]

18/18 Tests Sucessful

Additionally I disabled Pi-hole during my tests, so a particular domain wouldn't be filtered on DNS level.
I have no idea what next, probably I'm going to reinstall Skynet while formatting my attached flash drive. If there's anyone who could help me, give some tips, I'd appreciate it!
 
You must log in or register to reply here.

Similar threads

S
Cannot ping/skynet will not work while Firewall is Enabled.
Replies
2
Views
434
spinfuzer
S
ChickenheadOS
Skynet Skynet 7.5.8 Firewall UI Issues
Replies
18
Views
966
ColinTaylor
C
Mogsy
Skynet Skynet WebUI as scMerlin sitemap
Replies
7
Views
862
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
X
RT-AX58U sudden DNS problem - URGENT
Replies
14
Views
659
dave14305
dave14305
P
Skynet Skynet logs of VPN(wireguard) clients
Replies
14
Views
557
peterpan
P
Similar threads
Thread starter Title Forum Replies Date
fffddd URL filtering in the firewall does not take effect Asuswrt-Merlin 7
G Feature request: firewall url filter log Asuswrt-Merlin 0
B Firewall lan - vpn? Asuswrt-Merlin 0
John Tetreault How to open ipv6 firewall to a port on the router? Asuswrt-Merlin 4
C Port Forwarding and Firewall - not working as I expect Asuswrt-Merlin 4
C IPv4 Firewall/Port-Forwarding - Appear to be the same thing on Asuswrt Asuswrt-Merlin 4
colourofsound Asus-Merlin Firewall Asuswrt-Merlin 24
H Solved Beginners firewall question. Asuswrt-Merlin 6
S Cannot ping/skynet will not work while Firewall is Enabled. Asuswrt-Merlin 2
M Firewall rule to allow only a specific domain name Asuswrt-Merlin 13

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 750 (members: 29, guests: 721)
Top