Depends on your mission? Not sure how AIprotect stacks up against the multitudes of malware blacklists out there that skynet is able to make use of... but this is one of the biggest reasons I use skynet exactly for that reason. Outbound blacklists, and also outbound country blacklists to prevent data leakage to foreign nation states that don't need more of our data.
FYI do not update Skynet, stay on 7.2.8.
It's a bad read relying on speed test done via the router when trend micro engine is active in combination with skynet outbound traffic blocked. It is due to the fact trendmicro is making the router local traffic pass through cpu versus if it were traversing via hardware acceleration. Client speed test result should be close to unaffected.
I would only use it if I was considering opening ports on the router or if I had a heavy amount of outbound traffic I couldn't easily monitor.
It is 7.3.4 now. 2nd update for today? What was wrong with it
Maybe experts can tell from this?
github.com
Not a clueMaybe experts can tell from this?
v7.3.4 · Adamm00/IPSet_ASUS@b37b2fe
Reduce /jffs/configs/dnsmasq.conf.add size for edge cases
(Something with quotes and a number argument?)
Will wait for changelog
Extra large whitelists with longer than average domain names were breaking dnsmasq.Maybe experts can tell from this?
v7.3.4 · Adamm00/IPSet_ASUS@b37b2fe
Reduce /jffs/configs/dnsmasq.conf.add size for edge cases
(Something with quotes and a number argument?)
Sounds like you should request for an expert more often!Maybe experts can tell from this?
v7.3.4 · Adamm00/IPSet_ASUS@b37b2fe
Reduce /jffs/configs/dnsmasq.conf.add size for edge cases
(Something with quotes and a number argument?)
I use to feel the same way until IDecided to leave it on, the speed "loss" (if any as explained above) is negligible for the peace of mind offered, and the ruleset I have in place.
Thank you team, keep up the good work
Lol! Definitely not the same as Gig speed!
It was not an issue on 500 speed,always maxed out. I have tried RTRMON, I passed all the tests (after running a few bits of code suggested to get some of them working properley on the thread), might have another play. I tend to go for minimal addons as I think the more you add the router gets bloated.
oks like Firehol probably has issues with their ingestion .sh code.
I guess that is why @Adamm added a feature to where you can change the filter lists you use.Firstly, Happy New Year!
With this latest Skynet issue (stupid me upgraded), I lost all connections and did a router reset and restore (probably was due anyway).
Due to this and the fact that:
1. I have seen like 1 or 2 blocks (suspect mind you) outbound over the past 6 months
2. The firewall does a great job blocking unsolicited traffic
3. I am not sure if people have noticed or not, Firehol core lists (spamhaus, dshield, feodo) are not current any longer. e.g. spamhaus is almost 4 weeks old while source file is current. I had opened up an issue in firehol's github, but no response. L
I have decided to do away with Skynet.
Perhaps I'll revisit one day. Thanks @Adamm for your code.
That is what I did. I used a conservative approach to only use actively maintained lists. They included (from firehol): bds_atif, dshield, greensnow, cybercrime, dyndns_ponmocup, spamhaus_drop and spamhaus_edrop. I also recently added in the feodo tracker C2 list (https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt).
Thanks!
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!
