Skynet Quad 9 being blocked by Skynet

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

BreakingDad

Very Senior Member
Just an observation, quad 9 is suddenly blocked by skynet.

Anyone else got this?

I whitelisted it. Fixed

Don't really understand why DNS servers suddenly get blocked.
 

Jack Yaz

Part of the Furniture
This is the danger of publicly updated blocklists, occasionally stuff is blacklisted by not so nice actors, or genuine mistakes.
 

EmeraldDeer

Very Senior Member
I did not experience this. If you are so inclined, identify which list the ban came from.
Code:
firewall stats search manualbans
firewall stats search {IP address}
 

BreakingDad

Very Senior Member
I did not experience this. If you are so inclined, identify which list the ban came from.
Code:
firewall stats search manualbans
firewall stats search {IP address}
Unfortunately I have re installed skynet since this happened and no longer have that info. It now seems to have been globally whitelisted however
 

dave14305

Part of the Furniture
Skynet automatically whitelists WAN DNS.
 

RMerlin

Asuswrt-Merlin dev
I would try to track down which blacklist is blocking it. @Bill Woodcock might be interested to know.
 

EmeraldDeer

Very Senior Member
Code:
firewall banmalware exclude firehol_level3.netset
 

EmeraldDeer

Very Senior Member
Say I want to exclude this list. Do I have to rerun this command again after reboot?
No, this setting will persist for the life of the Skynet installation. I can't find the external forum post, but firehol_level3 has been described as appropriate for a development environment but not a production environment.
 

Therion87

Regular Contributor
No, this setting will persist for the life of the Skynet installation. I can't find the external forum post, but firehol_level3 has been described as appropriate for a development environment but not a production environment.
Is level 2 stricter or more lax than level 3? Skynet uses level 2 as well. Or do they pull from completely different bases and aren't built on one another?
 

EmeraldDeer

Very Senior Member
Is level 2 stricter or more lax than level 3? Skynet uses level 2 as well. Or do they pull from completely different bases and aren't built on one another?
Level 2 and level3 are roughly the same size with 20% overlap. They are not composed of the same lists.

But it does not matter. The pattern of false positives, obvious ones like localhost or Quad9, have been consistent for years now. I don't think it should be in the default Skynet group.

If someone could find an alternative composed of similar lists minus the false positives, that would be be great.

firehol_level3
 

AntonK

Very Senior Member
Screenshot 2021-06-04 212338.jpg


Looks to have been whitelisted now: https://otx.alienvault.com/indicator/ip/9.9.9.9
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top