Skynet SkyNet Blocking Subnet

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

djtech2k

Regular Contributor
I have Skynet configured to block a list of countries. The US is not one of them. Yesterday we noticed some websites not working and I traced it back to a subnet that Skynet Blocked. It says the reason is that its in my blocked country list BUT it shows it as the US, which I do not have blocked.

What's the best way to handle this? I manually whitelisted a single IP, but I guess the blacklist of overriding it or it is implemented after the whitelist.
 

djtech2k

Regular Contributor
I just edited the skynet.ipset and removed the blocked line for that CIDR block. I restarted skynet and it did not come back. Hopefully that is the best way.
 

djtech2k

Regular Contributor
Well it looks like it is blocked again today. Skynet says its showing up in SKynet-BlockRanges. Whats the best way to handle this?
 

dave14305

Part of the Furniture
Country ban data comes from a different provider than the country reporting stats. Maybe they disagree.
 

djtech2k

Regular Contributor
So what is the best way to handle this or fix it? I do not want to keep manually removing that CIDR block every day.
 

dave14305

Part of the Furniture
Skynet might be considered abandonware, since Adamm no longer posts on the forums. If the script isn’t abandoned, the users sure are (IMO). I uninstalled Skynet a while back because of this.

You can try to get some help at his GitHub page, or read the docs on the GitHub page.
Maybe if you posted more specifics like the IP and range, another Skynet user might be able to help.
 

Tech9

Very Senior Member
Perhaps you created the problem in first place blocking countries you shouldn’t have. Many common web services have servers all around the globe. What are you blocking so much? What is your router’s firewall for?
 

EmeraldDeer

Very Senior Member

djtech2k

Regular Contributor
I blocked a list of countries is for a few different reasons.

For example, I would see constant logon attempts or ports accessed from certain countries. I blocked some of those countries for security.

Another reason is because certain countries should never be accessed incoming or outgoing from my network. Nobody ever has any reason to communicate with places like China, Russia, Korea, etc. Any sites hosted there do not need accessed from my network and nothing there needs any access to my network. I only block about 10 countries.
 

Jack Yaz

Part of the Furniture
I blocked a list of countries is for a few different reasons.

For example, I would see constant logon attempts or ports accessed from certain countries. I blocked some of those countries for security.
The firewall will drop those anyway. The only additional protection country blocking inbound will provide is if you have any port forwards, and will stop bad actors knocking on the server you're forwarding to rather than on the router firewall.
 

dave14305

Part of the Furniture
185.230.60.0/22 is in the Israel (il) list from ipdeny.com.
 

djtech2k

Regular Contributor
Thats strange. I searched for it from several sources and it came back US. The specific IP even comes back as (US) in the skynet logs.
 

dave14305

Part of the Furniture
Thats strange. I searched for it from several sources and it came back US. The specific IP even comes back as (US) in the skynet logs.
See post #5. Two different sources of data used by Skynet.
 

Tech9

Very Senior Member
For example, I would see constant logon attempts or ports accessed from certain countries.

What you see is mostly Internet bots, part of the background noise. Shodan scans everything on a regular basis, for example. Your firewall drops those connections with or without Skynet. It just visualizes for you the "attempts" and you feel safer. Enable Dropped packets logging on your router with Skynet disabled and see the result. With no open ports Skynet is only preventing you from accessing what you have blocked.
 

RMerlin

Asuswrt-Merlin dev
With no open ports Skynet is only preventing you from accessing what you have blocked.
Indeed. Adding extra filtering when you have no open port is indeed mostly a waste of router resources, unless you need to do outbound filtering.
 

BreakingDad

Very Senior Member
Is there any alternative to skynet?
 

djtech2k

Regular Contributor
Thanks for the responses. Good info.

I would like to prevent anything from certain places from hitting any of my open ports. I would also like to prevent users on my network from accessing anything from those places. Its just about trying to prevent outsiders from coming in and also users accidentally or unknowingly accessing potentially harmful stuff. I realize that kind of stuff comes from all over but my thought was any little bit helps. Maybe its the wrong approach.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top