Skynet Skynet - Router Firewall & Security Enhancements

[Sbfnu]

Skynet's log-file clears its-self once it reaches 10MB, so in total your looking at a maximum total size of Skynet components of ~25MB plus a SWAP file. A cheap USB with a few gigs of space should do the job, 8/16GB drives can be found for next to nothing these days.

For Diversion I used a 4 GB USB stick and partitioned it with 2 partitions, having 2 GB each. Is that sufficient for SkyNet?

And on which of these 2 partitions that I created for Diversion - one partition for diversion anmd another one for entware - does Skynet stores its data?

 

[bitmonster]

16GB old usb drive here, 1GB swap yet it only ever seems to use max 20MB or so of Swap...
Why not just use one partition for the whole USB stick? I don't see any need to partition it.

 

[Adamm]

Hi - I'll repost my request in a different format - background: I have entware installed on the router attached USB stick - 4 main applications: diversion, squid, disk-check and skynet. The first two have a 'check status' command line and show as 'alive' or 'dead', 3rd - disk-check, I tail the last line of the pre-mount log stored on the jffs partition (looking for volume and status - clean or not).
Sorry, I almost forgot nvram-save which is a life saver with the 'start clean' recommendations, before, or after a router firmware update...

Any way of having a relevant skynet status check, please, in one line?

So your looking for output added similar to the following?

For Diversion I used a 4 GB USB stick and partitioned it with 2 partitions, having 2 GB each. Is that sufficient for SkyNet?

And on which of these 2 partitions that I created for Diversion - one partition for diversion anmd another one for entware - does Skynet stores its data?

That should be fine, Skynet creates a folder named "skynet" in the root directory of where-ever its installed and all its files go there. But I don't think separate partitions for everything is completely necessary, the scripts you use are very conscious and respectful of their surroundings.

 

[Sbfnu]

Why not just use one partition for the whole USB stick? I don't see any need to partition it.

The instructions for installing Diversion on the Asus router stated that I should create 2 separate EXT2 partitions. So that's what I did.

 

[bitmonster]

Oh right well I have one 16GB EXT4 partition and it works beautifully.

More flash memory and swap than this thing will ever need. More than my PC of some years ago had.

So I have left debug mode on as I assume stat collection is required for that. I suppose that just keeps rolling over or building up in the Skynet log.

I imagine a lot of it is noise though eg torrents flailing around dynamic IP allocations or whatever.

So actual IDS trips would be particularly interesting.

Microsoft Excel and a pivot table with some lookups or something could probably achieve a lot although with max 65k lines or something.

Sent from my SM-G965F using Tapatalk

 

[Adamm]

The instructions for installing Diversion on the Asus router stated that I should create 2 separate EXT2 partitions. So that's what I did.

That setup works fine don't get me wrong, I'm just not sure its completely necessary. Not a huge deal anyway.

So I have left debug mode on as I assume stat collection is required for that. I suppose that just keeps rolling over or building up in the Skynet log.

I imagine a lot of it is noise though eg torrents flailing around dynamic IP allocations or whatever.

Pretty much, Skynet will just keep collecting the logs and rotate them once it reaches a maximum size.

So actual IDS trips would be particularly interesting.

Microsoft Excel and a pivot table with some lookups or something could probably achieve a lot although with max 65k lines or something.

Mind elaborating alittle further on what type of functionality your looking for?

 

[bitmonster]

In my fantasy world I could map or somehow graphically represent the IDS events by country or other criteria.

Ports scanned, when etc...

Any way to filter out the noise too.. I suspect a lot of it is just noise.

But an Excel pivot table could do a lot quite easily with structured data.. Excel or a script may even be able to add country codes which can be expanded via a lookup table.

Sent from my SM-G965F using Tapatalk

 

[TonyK132]

Hello - I ran into a problem with USB storage when installing Skynet, and now I'm getting this error message. How can I fix this? Is there a setting that I can change?

Skynet: [*] Problem With USB Install Location - Please Fix Immediately!

 

[Adamm]

Hello - I ran into a problem with USB storage when installing Skynet, and now I'm getting this error message. How can I fix this? Is there a setting that I can change?

Skynet: [*] Problem With USB Install Location - Please Fix Immediately!

The error means Skynet can't find the install location specified in your "/jffs/scripts/firewall-start" file (which is generated automatically during setup). I suggest using the uninstall command and re-running the install process.

 

[Grisu]

Hello - I ran into a problem with USB storage when installing Skynet, and now I'm getting this error message. How can I fix this? Is there a setting that I can change?

Skynet: [*] Problem With USB Install Location - Please Fix Immediately!

Stick in USB3.0 port?
Often a problem, set it manually to 2.0 or use 2.0-port!

 

[TonyK132]

I did the uninstall, then redid the install. Rebooted. All seems to be working well. Thanks.

 

[Makaveli]

16GB old usb drive here, 1GB swap yet it only ever seems to use max 20MB or so of Swap...
Why not just use one partition for the whole USB stick? I don't see any need to partition it.

This what is the point of the partitions I've never done it and never had an issue.

 

[skeal]

Other than one partition for the whole drive, is excessive. A small 4,8,16 gig drive in the usb 2 slot and you are golden.

 

[bitmonster]

Yeah that's all I have. Formatted as EXT4 rather than EXT2, FAT or whatever..

EXT4 is native Linux and it works great so far.

Sent from my SM-G965F using Tapatalk

 

[Torson]

I believe that the reason people in the know-how recommend the ext 2 format is because of the overhead of a journaling file system on an otherwise slow usb stick (introduced in ext3 and up.)

 

[Torson]

... @Adamm I'm looking for an one line status check of skynet - I see that I can grep the line that states 16/16 Tests successful - that's right for today - can you suggest a one-liner that stays consistent with you development endeavors? In all honesty I don't fully understand if the squid or diversion's http server 'alive' status can or may give you a fuzzy warm feeling, but I certainly know that the browsing experience is a pleasure. ... and for that I thank you all...

 

[bitmonster]

I believe that the reason people in the know-how recommend the ext 2 format is because of the overhead of a journaling file system on an otherwise slow usb stick (introduced in ext3 and up.)

I thought journalling was optional.

I have not noticed any overhead though.. Should I?

Sent from my SM-G965F using Tapatalk

 

[Torson]

Well, the question here is how do you measure overhead - that's the reason of recommendations from the "people in the know-how" Here's some interesting reading on the topic: https://www.howtogeek.com/howto/33552/htg-explains-which-linux-file-system-should-you-choose/

 

[Torson]

I use ext2 on an usb 3.0 stick - for entware at all. What I see is that speedtest (needs some swap space - I use 256MB - more is probably another reason for overhead management) is 15% slower than when run on another wired/wireless system on the same network. It's a go figure kind of thing....

 

[Adamm]

@Adamm I'm looking for an one line status check of skynet - I see that I can grep the line that states 16/16 Tests successful - that's right for today

I put out a hotfix with this change, no version increase so you will need to force update.