What's new

[Release] Skynet - Router Firewall & Security Enhancements

pr0jects

Occasional Visitor
Updated to 7.2.2 today but now Skynet isn't working anymore :(
Screenshot 2020-09-10 134548.jpg
I restarted skynet, updated skynet but nothing helps.
Any hint how to solve this issue?
 

Adamm

Part of the Furniture
I have successfully updated to 7.2.2.
but it is still showing no data to display eventhou putty stats are showing data.


is there anything else that I was suppose to update?
I pushed another hotfix. It appears you were rate limited by db-ip (where we get country info from), so the country field in your stats was empty causing the "no data to display" error incorrectly.

Now in the event data is missing we now replace it with a *
 

Adamm

Part of the Furniture
Updated to 7.2.2 today but now Skynet isn't working anymore :(
View attachment 26127
I restarted skynet, updated skynet but nothing helps.
Any hint how to solve this issue?
What is the output of;

Code:
firewall debug info
Along with any related skynet output from the syslog
 

pr0jects

Occasional Visitor
debug output:
-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------

Internet-Connectivity | [Passed]
Write Permission | [Passed]
Config File | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
Profile.add Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Failed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Failed]
IPTables Rules | [Failed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Failed]
MenuTree.js Entry | [Failed]


----------- | ----------
| Setting | | | Status |
---------- | ----------

Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Import AiProtect Data | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Custom]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

13/18 Tests Sucessful

[*] Rule Integrity Violation - [ #1 #2 #3 #4 #5 #6 #7 #8 #16 #17 #18 ]

[*] Mounted File Missing - [ chart.js chartjs-plugin-zoom.js hammerjs.js skynet.asp stats.js ]
I checked the ssd / the skynet folder, where I found the "missing files" in the webui folder.
screenshot_2020-09-10_number01.jpg
 

Adamm

Part of the Furniture
debug output:


I checked the ssd / the skynet folder, where I found the "missing files" in the webui folder.
View attachment 26129
There should be some syslog output indicating why Skynet failed to start. Use the following command and check for any output a few minutes later;

Code:
firewall restart
 

pr0jects

Occasional Visitor
Thank you very much!
I restarted the router and now an additional Skynet (7.2.2. again) update was available.
Update done and Skynet started without errors. I assume the first 7.2.2. update was not successfully today.
 

ikx94

New Around Here
I'm getting an error message: "[*] IPSet Version Not Supported - Please Update To Latest Firmware"

Installed it using amtm. My router is an ASUS RT-AC66U (not b1) running Firmware 374.43_44EAj9527 (Merlin LTS fork).

Is there a way to make Skynet work on this firmware version? Maybe using an old version of it?

Thanks in advance.
 

Adamm

Part of the Furniture
I'm getting an error message: "[*] IPSet Version Not Supported - Please Update To Latest Firmware"

Installed it using amtm. My router is an ASUS RT-AC66U (not b1) running Firmware 374.43_44EAj9527 (Merlin LTS fork).

Is there a way to make Skynet work on this firmware version? Maybe using an old version of it?

Thanks in advance.
Unfortunately the kernel version is too old on MIPS routers and doesn't support nessesary IPSet features. There's no way around it.
 

magenta

New Around Here
got a new modem which does not support bridge mode, im getting the following message:

Skynet: [*] Private WAN IP Detected 192.168.0.x - Please Put Your Modem In Bridge Mode / Disable CG-NAT

should i be worried? if i check my ip, i get the wan ip... is it a Security issue, what should i change?
 

andresmorago

Senior Member
hello @Adamm
lately i have been having issues with some regular websites (ipinfo.io - plotly.com) being blocked by skynet. Im currently running latest version.

both websites are hosted on ip address 216.239.38.21 (sometimes it switches to 216.239.34.21) which is being blocked by skynet. 216.239.38.21 and 216.239.34.21 are under AS15169 Google LLC which i would think its safe?

is there anything wrong on my setup of do i need to start manually un-banning these ip addresses?

Code:
tracetcp plotly.com:443 -t 300

Tracing route to 216.239.38.21 [any-in-2615.1e100.net] on port 443
Over a maximum of 30 hops.
1       *       *       *       Request timed out.
2       *       *       *       Request timed out.
3       *       *       *       Request timed out.

tracetcp ipinfo.io:443 -t 300

Tracing route to 216.239.38.21 [any-in-2615.1e100.net] on port 443
Over a maximum of 30 hops.
1       *       *       *       Request timed out.
2       *       *       *       Request timed out.
3       *       *       *       Request timed out.

Code:
[$] /jffs/scripts/firewall stats search ip 216.239.38.21 10


=============================================================================================================


[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 9.8M
[i] Monitoring From Sep 7 18:01:47 To Sep 11 17:24:58
[i] 34547 Block Events Detected
[i] 4149 Unique IPs
[i] 9 Manual Bans Issued

216.239.38.21 is NOT in set Skynet-Whitelist.
216.239.38.21 is in set Skynet-Blacklist.
216.239.38.21 is NOT in set Skynet-BlockedRanges.

Blacklist Reason;
"BanAiProtect: aquawaterpurifiers.com"

--*
Associated Domain(s);
aquawaterpurifiers.com
gpstools.app
plotly.com
ipinfo.io
ssl-api.itranslateapp.com
api.getbouncer.com


[i] IP Location - Canada (GOOGLE / AS15169)

[i] 216.239.38.21 First Tracked On Sep 11 09:37:42
[i] 216.239.38.21 Last Tracked On Sep 11 17:21:54
[i] 172 Blocks Total

Event Log Entries From 216.239.38.21;

First Block Tracked From 216.239.38.21;
Sep 11 09:37:42 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=16662 DF PROTO=TCP SPT=

10 Most Recent Blocks From 216.239.38.21;
Sep 11 17:10:31 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=1 ID=15848 DF PROTO=TCP SPT=35
Sep 11 17:10:31 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=34
Sep 11 17:10:32 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=15
Sep 11 17:10:32 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=24
Sep 11 17:10:33 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=37
Sep 11 17:10:33 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=22
Sep 11 17:10:34 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=15
Sep 11 17:10:34 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=4 ID=15848 DF PROTO=TCP SPT=40
Sep 11 17:10:35 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=4 ID=15848 DF PROTO=TCP SPT=16
Sep 11 17:21:54 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=17591 DF PROTO=TCP SPT=
 
Last edited:

andresmorago

Senior Member
got a new modem which does not support bridge mode, im getting the following message:

Skynet: [*] Private WAN IP Detected 192.168.0.x - Please Put Your Modem In Bridge Mode / Disable CG-NAT

should i be worried? if i check my ip, i get the wan ip... is it a Security issue, what should i change?
you are under NAT so skynet wont help you much on the incoming connections since they are being filtered at modem level.
try to get a public wan ip from your ISP on your router via either Bridge mode (you said you dont have that feature) or any MAC passthrough option on the modem.
 
Last edited:

andywee

Occasional Visitor
firewall debug info

-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------
Internet-Connectivity | [Passed]
Write Permission | [Passed]
Config File | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
Profile.add Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Passed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------
Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Import AiProtect Data | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

18/18 Tests Sucessful
=============================================================================================================
[#] 311549 IPs (+0) -- 2058 Ranges Banned (+0) || 7 Inbound -- 0 Outbound Connections Blocked! [debug] [11s]




the stats are displaying.
-------------- | -------------- | -------------- | ----------------------
| IP Address | | | AlienVault | | | Ban Reason | | | Associated Domains |
-------------- | -------------- | -------------- | ----------------------

42.194.154.20 () | https://otx.alienvault.com/indicator/ip/42.194.154.20 | * | stat.tpns.tencent.com
104.250.52.209 () | https://otx.alienvault.com/indicator/ip/104.250.52.209 | BanMalware: alienvault_reputation.ipset | shuc-other.ksord.com
114.40.138.107 () | https://otx.alienvault.com/indicator/ip/114.40.138.107 | BanMalware: alienvault_reputation.ipset |
42.194.172.19 () | https://otx.alienvault.com/indicator/ip/42.194.172.19 | * |


=============================================================================================================


Top 10 HTTP(s) Blocks (Outbound);


-------- | -------------- | -------------- | -------------- | -------------------
| Hits | | | IP Address | | | AlienVault | | | Ban Reason | | | Associated Domain
-------- | -------------- | -------------- | -------------- | -------------------

32x | 42.194.154.20 () | https://otx.alienvault.com/indicator/ip/42.194.154.20 | * | stat.tpns.tencent.c
20x | 104.250.52.209 () | https://otx.alienvault.com/indicator/ip/104.250.52.209 | BanMalware: alienvault_reputation.ipset | shuc-other.ksord.co
15x | 42.194.172.19 () | https://otx.alienvault.com/indicator/ip/42.194.172.19 | * |
1x | 114.40.138.107 () | https://otx.alienvault.com/indicator/ip/114.40.138.107 | BanMalware: alienvault_reputation.ipset |


=============================================================================================================


Top 10 Blocks (Inbound);


-------- | -------------- | -------------- | -------------- | -------------------
| Hits | | | IP Address | | | AlienVault | | | Ban Reason | | | Associated Domain
-------- | -------------- | -------------- | -------------- | -------------------

2878x | 80.82.77.237 () | https://otx.alienvault.com/indicator/ip/80.82.77.237 | BanMalware: alienvault_reputation.ipset |
1407x | 80.82.77.231 () | https://otx.alienvault.com/indicator/ip/80.82.77.231 | BanMalware: alienvault_reputation.ipset |
921x | 89.248.168.222 () | https://otx.alienvault.com/indicator/ip/89.248.168.222 | BanMalware: firehol_level3.netset* |
697x | 45.145.67.249 () | https://otx.alienvault.com/indicator/ip/45.145.67.249 | BanMalware: firehol_level2.netset* |



but in the GUI it is still staying no data to display
 

Adamm

Part of the Furniture
firewall debug info

-------------------- | ----------
| Test Description | | | Result |
-------------------- | ----------
Internet-Connectivity | [Passed]
Write Permission | [Passed]
Config File | [Passed]
Firewall-Start Entry | [Passed]
Services-Stop Entry | [Passed]
Service-Event Entry | [Passed]
Profile.add Entry | [Passed]
SWAP File | [Passed]
Cron Jobs | [Passed]
NTP Sync | [Passed]
IPSet Comment Support | [Passed]
Log Level 5 Settings | [Passed]
Duplicate Rules In RAW | [Passed]
IPSets | [Passed]
IPTables Rules | [Passed]
Local WebUI Files | [Passed]
Mounted WebUI Files | [Passed]
MenuTree.js Entry | [Passed]


----------- | ----------
| Setting | | | Status |
---------- | ----------
Skynet Auto-Updates | [Enabled]
Malware List Auto-Updates | [Enabled]
Logging | [Enabled]
Filter Traffic | [Enabled]
Unban PrivateIP | [Enabled]
Log Invalid Packets | [Disabled]
Import AiProtect Data | [Enabled]
Secure Mode | [Enabled]
Fast Switch List | [Disabled]
Syslog Location | [Default]
IOT Blocking | [Disabled]
Country Lookup For Stats | [Enabled]
CDN Whitelisting | [Enabled]
Display WebUI | [Enabled]

18/18 Tests Sucessful
=============================================================================================================
[#] 311549 IPs (+0) -- 2058 Ranges Banned (+0) || 7 Inbound -- 0 Outbound Connections Blocked! [debug] [11s]




the stats are displaying.
-------------- | -------------- | -------------- | ----------------------
| IP Address | | | AlienVault | | | Ban Reason | | | Associated Domains |
-------------- | -------------- | -------------- | ----------------------

42.194.154.20 () | https://otx.alienvault.com/indicator/ip/42.194.154.20 | * | stat.tpns.tencent.com
104.250.52.209 () | https://otx.alienvault.com/indicator/ip/104.250.52.209 | BanMalware: alienvault_reputation.ipset | shuc-other.ksord.com
114.40.138.107 () | https://otx.alienvault.com/indicator/ip/114.40.138.107 | BanMalware: alienvault_reputation.ipset |
42.194.172.19 () | https://otx.alienvault.com/indicator/ip/42.194.172.19 | * |


=============================================================================================================


Top 10 HTTP(s) Blocks (Outbound);


-------- | -------------- | -------------- | -------------- | -------------------
| Hits | | | IP Address | | | AlienVault | | | Ban Reason | | | Associated Domain
-------- | -------------- | -------------- | -------------- | -------------------

32x | 42.194.154.20 () | https://otx.alienvault.com/indicator/ip/42.194.154.20 | * | stat.tpns.tencent.c
20x | 104.250.52.209 () | https://otx.alienvault.com/indicator/ip/104.250.52.209 | BanMalware: alienvault_reputation.ipset | shuc-other.ksord.co
15x | 42.194.172.19 () | https://otx.alienvault.com/indicator/ip/42.194.172.19 | * |
1x | 114.40.138.107 () | https://otx.alienvault.com/indicator/ip/114.40.138.107 | BanMalware: alienvault_reputation.ipset |


=============================================================================================================


Top 10 Blocks (Inbound);


-------- | -------------- | -------------- | -------------- | -------------------
| Hits | | | IP Address | | | AlienVault | | | Ban Reason | | | Associated Domain
-------- | -------------- | -------------- | -------------- | -------------------

2878x | 80.82.77.237 () | https://otx.alienvault.com/indicator/ip/80.82.77.237 | BanMalware: alienvault_reputation.ipset |
1407x | 80.82.77.231 () | https://otx.alienvault.com/indicator/ip/80.82.77.231 | BanMalware: alienvault_reputation.ipset |
921x | 89.248.168.222 () | https://otx.alienvault.com/indicator/ip/89.248.168.222 | BanMalware: firehol_level3.netset* |
697x | 45.145.67.249 () | https://otx.alienvault.com/indicator/ip/45.145.67.249 | BanMalware: firehol_level2.netset* |



but in the GUI it is still staying no data to display
Assuming you are running the latest version, please post a screenshot of the discrepancy along with an updated copy of skynet.log and stats.js
 

Adamm

Part of the Furniture
hello @Adamm
lately i have been having issues with some regular websites (ipinfo.io - plotly.com) being blocked by skynet. Im currently running latest version.

both websites are hosted on ip address 216.239.38.21 (sometimes it switches to 216.239.34.21) which is being blocked by skynet. 216.239.38.21 and 216.239.34.21 are under AS15169 Google LLC which i would think its safe?

is there anything wrong on my setup of do i need to start manually un-banning these ip addresses?

Code:
tracetcp plotly.com:443 -t 300

Tracing route to 216.239.38.21 [any-in-2615.1e100.net] on port 443
Over a maximum of 30 hops.
1       *       *       *       Request timed out.
2       *       *       *       Request timed out.
3       *       *       *       Request timed out.

tracetcp ipinfo.io:443 -t 300

Tracing route to 216.239.38.21 [any-in-2615.1e100.net] on port 443
Over a maximum of 30 hops.
1       *       *       *       Request timed out.
2       *       *       *       Request timed out.
3       *       *       *       Request timed out.

Code:
[$] /jffs/scripts/firewall stats search ip 216.239.38.21 10


=============================================================================================================


[i] Logging Data Detected in /tmp/mnt/sda1/skynet/skynet.log - 9.8M
[i] Monitoring From Sep 7 18:01:47 To Sep 11 17:24:58
[i] 34547 Block Events Detected
[i] 4149 Unique IPs
[i] 9 Manual Bans Issued

216.239.38.21 is NOT in set Skynet-Whitelist.
216.239.38.21 is in set Skynet-Blacklist.
216.239.38.21 is NOT in set Skynet-BlockedRanges.

Blacklist Reason;
"BanAiProtect: aquawaterpurifiers.com"

--*
Associated Domain(s);
aquawaterpurifiers.com
gpstools.app
plotly.com
ipinfo.io
ssl-api.itranslateapp.com
api.getbouncer.com


[i] IP Location - Canada (GOOGLE / AS15169)

[i] 216.239.38.21 First Tracked On Sep 11 09:37:42
[i] 216.239.38.21 Last Tracked On Sep 11 17:21:54
[i] 172 Blocks Total

Event Log Entries From 216.239.38.21;

First Block Tracked From 216.239.38.21;
Sep 11 09:37:42 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=16662 DF PROTO=TCP SPT=

10 Most Recent Blocks From 216.239.38.21;
Sep 11 17:10:31 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=1 ID=15848 DF PROTO=TCP SPT=35
Sep 11 17:10:31 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=34
Sep 11 17:10:32 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=15
Sep 11 17:10:32 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=2 ID=15848 DF PROTO=TCP SPT=24
Sep 11 17:10:33 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=37
Sep 11 17:10:33 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=22
Sep 11 17:10:34 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=3 ID=15848 DF PROTO=TCP SPT=15
Sep 11 17:10:34 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=4 ID=15848 DF PROTO=TCP SPT=40
Sep 11 17:10:35 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=4 ID=15848 DF PROTO=TCP SPT=16
Sep 11 17:21:54 RT-AC3100-0548 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=4c:ed:fb:ac:05:48:7c:b2:7d:d0:32:8e:08:00 SRC=10.0.0.41 DST=216.239.38.21 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=17591 DF PROTO=TCP SPT=
AiProtect flagged a website you visited as malicious (aquawaterpurifiers.com), Skynet then used this flag to ban the corresponding IP. If this is causing false positives due to other sites on the same server, you can whitelist the IP with the following guide;

 

magenta

New Around Here
you are under NAT so skynet wont help you much on the incoming connections since they are being filtered at modem level.
try to get a public wan ip from your ISP on your router via either Bridge mode (you said you dont have that feature) or any MAC passthrough option on the modem.
alright so im "secure" in that way. Port-Triggering & Port-Forwarding is possible nothing more... sadly
 

Daveo

Occasional Visitor
If I decide to use Skynet, do I need to disable anything on router before/after I've installed Skynet ?

Currently got AIProtection switched on.
 

AntonK

Senior Member
If I decide to use Skynet, do I need to disable anything on router before/after I've installed Skynet ?

Currently got AIProtection switched on.
Skynet works seamlessly with the router, no need to disable anything for it to work properly. And it interacts with AIProtection, forming a more perfect union.
 
Last edited:

RAH-66

Regular Contributor
@Adamm HI,
I ran into a problem when disconnecting the USB drive from the second port of the router. When disconnecting from webui, the swap file is unmounted. The problem is in the script /jffs/scripts/unmount
Code:
swapoff -a 2>/dev/null # Skynet
To solve this problem, can use a variable from Merlin's instructions for unmount
Code:
swapoff $1/myswap.swp 2>/dev/null # Skynet
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top