Skynet Skynet - Router Firewall & Security Enhancements

[maelstromm]

The above should get you going. But curious if you did a full reset (M&M Config in the same link above) after flashing RMerlin firmware too?

Quick update. I followed your instructions and it worked to a T. Thank you for helping me troubleshoot.

 

[Adamm]

Is there a quick way to find out the port used for blocked outbound traffic?

You would have to search for each IP and look at the raw logs;

firewall stats search ip xxx.xxx.xxx.xxx

 

[Viktor Jaep]

Hi @Adamm -- Question -- every so often I have to temporarily unblock a site for my wife or kid to get to, but have to remind myself to block it again after they're done getting whatever they needed from that site. Is there a way to unblock a site with a timeout of say 2 hours, after which, it automatically removes it from the white list again? I've done this with more sites that I've cared to, and am afraid of having to dive back in there to do cleanup. As of late, I've just been adding remarks of "delete me" to make it easier. Not sure if that would be a possibility with the way that your scripts work. Thanks in advance for your help!

 

[TechTinkerer]

Hi @Adamm

Is your firewall script working on 384.19 beta 1 as i am receiving error that it fails with cronjobs, ipsets, iptable rules?

Thanks

 

[dave14305]

Hi @Adamm

Is your firewall script working on 384.19 beta 1 as i am receiving error that it fails with cronjobs, ipsets, iptable rules?

Thanks

Some AC86U users‘ /jffs gets changed (shrunk) during the upgrade process. You may need to format it again and reinstall.

 

[L&LD]

Release - [Test] Asuswrt-Merlin 384.19 - OpenVPN test builds

If you replace ovpn-up, then you become responsible for doing everything it was previously doing. https://github.com/RMerl/asuswrt-merlin.ng/blob/master/release/src/router/libovpn/openvpn_control.c#L237 And also updating resolv.conf/dnsmasq's config...

www.snbforums.com

Release - [Beta] Asuswrt-Merlin 384.19 beta is now available

Dirty flashed from 384.19_alpha4 to 384.19_beta1 and lost my internet connection. Dirty flashed back to 384.19_alpha4 and my internet connection was available again. Bit short on time now to look at the logs. Router model RT-AC86U. Hi, to correct my issue. First of all I noticed no code...

www.snbforums.com

 

[TechTinkerer]

Some AC86U users‘ /jffs gets changed (shrunk) during the upgrade process. You may need to format it again and reinstall.

is there a definite way to tell, what size would the jffs have to be to determine it would then require reformat, you do mean factory reset etc as everything is working apart from skynet

 

[L&LD]

@TechTinkerer see the post above yours.

 

[dave14305]

is there a definite way to tell, what size would the jffs have to be to determine it would then require reformat, you do mean factory reset etc as everything is working apart from skynet

I don’t have that router, so I don’t know, but since it was part of the beta announcement I wouldn’t try too hard to avoid the inevitable.

Release - [Beta] Asuswrt-Merlin 384.19 beta is now available

Asuswrt-Merlin 384.19 beta is now available (except for the RT-AX56U which won't be available for this release, due to outdated GPL code). Aug 9th: Beta 2 released. Changes since beta 1: b2fb39a2ed (tag: 384.19-beta2-mainline, origin/mainline, mainline) Merge branch 'master' into mainline...

www.snbforums.com

 

[TechTinkerer]

I don’t have that router, so I don’t know, but since it was part of the beta announcement I wouldn’t try too hard to avoid the inevitable.

Release - [Beta] Asuswrt-Merlin 384.19 beta is now available

Asuswrt-Merlin 384.19 beta is now available (except for the RT-AX56U which won't be available for this release, due to outdated GPL code). Aug 9th: Beta 2 released. Changes since beta 1: b2fb39a2ed (tag: 384.19-beta2-mainline, origin/mainline, mainline) Merge branch 'master' into mainline...

www.snbforums.com

Was afraid of that...so how would i limit the amount of setup can i just backup jffs and then factory reset etc?

 

[Adamm]

Hi @Adamm -- Question -- every so often I have to temporarily unblock a site for my wife or kid to get to, but have to remind myself to block it again after they're done getting whatever they needed from that site. Is there a way to unblock a site with a timeout of say 2 hours, after which, it automatically removes it from the white list again? I've done this with more sites that I've cared to, and am afraid of having to dive back in there to do cleanup. As of late, I've just been adding remarks of "delete me" to make it easier. Not sure if that would be a possibility with the way that your scripts work. Thanks in advance for your help!

Your best bet would be to just comment these entries the same, then use the following command either manually or a custom cronjob to remove them;

( firewall whitelist remove comment "Apples" ) This Removes Entries With The Comment Apples

 

[ugandy]

I'm getting an error in Skynet.
this is in 384.19b1 and i believe this may have happened after upgrading x3mRouting to 2.1.0
forced update skynet [10] doesn't help. the webui page is also gone

[edit] uninstalling and re installing skynet appears to have fixed it.

 

[Adamm]

I'm getting an error in Skynet.
this is in 384.19b1 and i believe this may have happened after upgrading x3mRouting to 2.1.0
forced update skynet [10] doesn't help. the webui page is also gone
View attachment 25282
[edit] uninstalling and re installing appears to have fixed it.

Restart Skynet and monitor your syslog, Skynet will always log an error if something prevents it from starting up.

 

[Viktor Jaep]

Your best bet would be to just comment these entries the same, then use the following command either manually or a custom cronjob to remove them;

( firewall whitelist remove comment "Apples" ) This Removes Entries With The Comment Apples

Sounds like a perfect workaround, @Adamm... thank you!

 

[MaverickPenguinX]

I'm seeing the following error when I start skynet now:

"
SWAP File Too Small - 1GB Minimum Required - Please Fix Immediately!
"

Anyone got any ideas?

 

[dave14305]

I'm seeing the following error when I start skynet now:

"
SWAP File Too Small - 1GB Minimum Required - Please Fix Immediately!
"

Anyone got any ideas?

How big is your swap file?

 

[MaverickPenguinX]

How big is your swap file?

Thank you for responding. I went ahead and did some searching and didn't realize that the swap file for skynet was created using atmt. I went ahead and recreated a larger swap file. Problem solved

 

[leon]

Subject: Skynet and speedtest

Noted earlier comments that speedtest on router is not accurate.

The speedtest results shows that with Skynet enabled, the speed dropped by 40%. Should I be concerned?

Firewall stats shows that all my Top Attacjer Source Ports are from www.speedguide.net I tried to whitelist www.speedguide.net and was tp;d that it's a;reayd added...

 

[Adamm]

The speedtest results shows that with Skynet enabled, the speed dropped by 40%. Should I be concerned?

Skynet can't "slow down" connections, it either blocks or doesn't block an IP address, there isn't any middle ground. If Skynet is blocking something, it will show up accordingly in your logs.

Firewall stats shows that all my Top Attacjer Source Ports are from www.speedguide.net I tried to whitelist www.speedguide.net and was tp;d that it's a;reayd added...

You are reading the stats wrong, the source port is at the end of the URL. The URL is there to assist users in identifying common applications that use said port.

 

[Ubimo]

@Adamm
In the recent changes in github, I see "Detect new malware strand".
What is this?