Menu
What's new
By:
Filters Better Search

Skynet Skynet - Router Firewall & Security Enhancements

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Mutzli said:
Thanks, I'll enable it and report any observations should there be any problems. Great feature to have. Just wondering if it really does help since most attacker IP's in that list are from a unique source.
Click to expand...

Out of 211 reported hits, there were 55 unique IP's. Then after banning said IP's, Skynet reported other packets being blocked that AiProtect wasn't picking up. So all in all I think its worthwhile, if they are being detected sending malicious content there's probably a good chance the other packets not being picked up are also malicious.
 
Last edited:
Adamm said:
I've pushed v6.2.0

Changes since the last version;

Code: 
Comment support for import command
Fix lock files with blank PID line due to user error
Give imported entries identifiable string
Fix char limits on certian entries
"whitelist list imported" command
Guess Unban_PrivateIP never worked due to extra space, oops
Add Refresh_AiProtect()

The one feature that needs testing and feedback is that Skynet now bans IP's that AiProtect flags as malicious upon startup (if the feature is enabled). The current downside is that it will also ban source addresses (aka your current and previous IP's), but our whitelist should make this not matter. I'm hoping in a future version to filter out these addresses out without needing to install any additional entware packages.

To enable/disable this feature use the following commands;

Code: 
sh /jffs/scripts/firewall debug banaiprotect enable
sh /jffs/scripts/firewall debug banaiprotect disable
Click to expand...
In attempting to enable, I encountered the following error:
Code: 
Enabling AiProtect Banning
ipset v6.32: Error in line 1: Syntax error: cannot parse 767.xxx.xx.11: resolving to IPv4 address failed
Saving Changes
Not sure where first octet of 767 comes from...
 
Last edited:
I also received an error when attempting to enable banaiprotect (not the same error):

Code: 
Enabling AiProtect Banning
ipset v6.32: Error in line 5: Syntax error: cannot parse 159.65.202.482: resolving to IPv4 address failed

Skynet: [Complete] 108646 IPs / 13854 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 2533 Inbound / 1408 Outbound Connections Blocked! [debug] [3s]

Perhaps AiProtect contains spurious data or something is going wrong in the parsing?
 
visortgw said:
In attempting to enable, I encountered the following error:
Code: 
Enabling AiProtect Banning
ipset v6.32: Error in line 1: Syntax error: cannot parse 767.xxx.xx.11: resolving to IPv4 address failed
Saving Changes
Not sure where first octet of 767 comes from...
Click to expand...
Tekneek said:
I also received an error when attempting to enable banaiprotect (not the same error):

Code: 
Enabling AiProtect Banning
ipset v6.32: Error in line 5: Syntax error: cannot parse 159.65.202.482: resolving to IPv4 address failed

Skynet: [Complete] 108646 IPs / 13854 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 2533 Inbound / 1408 Outbound Connections Blocked! [debug] [3s]

Perhaps AiProtect contains spurious data or something is going wrong in the parsing?
Click to expand...

Thanks for pointing this out, using grep alone isn't accurate enough to grab this data as a sql db isn't a text format. I've pushed v6.2.1 which instead uses the sqlite3-cli package from entware. That means this specific feature will require entware to be installed, assuming it is Skynet will then proceed to install the package behind the scenes.

This also means the concern about our public IP's being incorrectly blacklisted is no longer relevant as we are querying the specific data now from the database.
 
Tekneek said:
I also received an error when attempting to enable banaiprotect (not the same error):

Code: 
Enabling AiProtect Banning
ipset v6.32: Error in line 5: Syntax error: cannot parse 159.65.202.482: resolving to IPv4 address failed

Skynet: [Complete] 108646 IPs / 13854 Ranges Banned. 0 New IPs / 0 New Ranges Banned. 2533 Inbound / 1408 Outbound Connections Blocked! [debug] [3s]

Perhaps AiProtect contains spurious data or something is going wrong in the parsing?
Click to expand...
Mine was invalid first octet, and yours is invalid fourth octet. Most likely common parsing bug...
 
Adamm said:
Thanks for pointing this out, using grep alone isn't accurate enough to grab this data as a sql db isn't a text format. I've pushed v6.2.1 which instead uses the sqlite3-cli package from entware. That means this specific feature will require entware to be installed, assuming it is Skynet will then proceed to install the package behind the scenes.

This also means the concern about our public IP's being incorrectly blacklisted is no longer relevant as we are querying the specific data now from the database.
Click to expand...

With entware installed, I got a new error after updating Skynet and trying again:

Code: 
Enabling AiProtect Banning
Downloading http://bin.entware.net/armv7sf-k2.6/Packages.gz
Updated list of available packages in /opt/var/opkg-lists/entware
Installing sqlite3-cli (3230100-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/sqlite3-cli_3230100-1_armv7-2.6.ipk
Installing libsqlite3 (3230100-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libsqlite3_3230100-1_armv7-2.6.ipk
Installing zlib (1.2.11-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/zlib_1.2.11-2_armv7-2.6.ipk
Installing libncurses (6.1-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libncurses_6.1-1_armv7-2.6.ipk
Installing libncursesw (6.1-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libncursesw_6.1-1_armv7-2.6.ipk
Installing libreadline (7.0-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libreadline_7.0-1_armv7-2.6.ipk
Configuring zlib.
Configuring libsqlite3.
Configuring libncursesw.
Configuring libncurses.
Configuring libreadline.
Configuring sqlite3-cli.
ipset v6.32: Error in line 1: The set with the given name does not exist
 
Tekneek said:
With entware installed, I got a new error after updating Skynet and trying again:

Code: 
Enabling AiProtect Banning
Downloading http://bin.entware.net/armv7sf-k2.6/Packages.gz
Updated list of available packages in /opt/var/opkg-lists/entware
Installing sqlite3-cli (3230100-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/sqlite3-cli_3230100-1_armv7-2.6.ipk
Installing libsqlite3 (3230100-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libsqlite3_3230100-1_armv7-2.6.ipk
Installing zlib (1.2.11-2) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/zlib_1.2.11-2_armv7-2.6.ipk
Installing libncurses (6.1-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libncurses_6.1-1_armv7-2.6.ipk
Installing libncursesw (6.1-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libncursesw_6.1-1_armv7-2.6.ipk
Installing libreadline (7.0-1) to root...
Downloading http://bin.entware.net/armv7sf-k2.6/libreadline_7.0-1_armv7-2.6.ipk
Configuring zlib.
Configuring libsqlite3.
Configuring libncursesw.
Configuring libncurses.
Configuring libreadline.
Configuring sqlite3-cli.
ipset v6.32: Error in line 1: The set with the given name does not exist
Click to expand...

This should be fixed in v6.2.2

Skynet wasn't checking if the database was empty, so if it was ipset would error out when generating commands.
 
After installing entware and afterwards updating skynet to latest version it didn't start anymore, had to reinstall it :D

EDIT: I know why, the swap file was missing.. ;)
 
Last edited:
Got the same error as @Tekneek
Configuring sqlite3-cli.
ipset v6.32: Error in line 1: The set with the given name does not exist
ipset v6.32: Error in line 1: The set with the given name does not exist
Running v. 6.2.2 on AC86U
@Adamm Happy to see this feature added, nice work!
 
TheUntouchable said:
After installing entware and afterwards updating skynet to latest version it didn't start anymore, had to reinstall it :D

EDIT: I know why, the swap file was missing.. ;)
Click to expand...

Yeah whoever coded the entware-setup script didn't do a great job of being non destructive. Entware from memory nukes several startup scripts.

.TT. said:
Got the same error as @Tekneek
Configuring sqlite3-cli.
ipset v6.32: Error in line 1: The set with the given name does not exist
ipset v6.32: Error in line 1: The set with the given name does not exist
Running v. 6.2.2 on AC86U
@Adamm Happy to see this feature added, nice work!
Click to expand...

You got that error after updating to v6.2.2? If so please post the output of the following;

Code: 
sh -x /jffs/scripts/firewall debug banaiprotect enable
 
Adamm said:
You got that error after updating to v6.2.2? If so please post the output of the following;

Code: 
sh -x /jffs/scripts/firewall debug banaiprotect enable
Click to expand...


Code: 
#############################################################################################                        ################
#                                _____ _                     _             __                                           #
#                               / ____| |                   | |           / /                                           #
#                              | (___ | | ___   _ _ __   ___| |_  __   __/ /_                                           #
#                               \___ \| |/ / | | | '_ \ / _ \ __| \ \ / / '_ \                                          #
#                               ____) |   <| |_| | | | |  __/ |_   \ V /| (_) |                                         #
#                              |_____/|_|\_\\__, |_| |_|\___|\__|   \_/  \___/                                          #
#                                            __/ |                                                                      #
#                                           |___/                                                                       #
#                                                                                                                       #
## - 30/05/2018 -                  Asus Firewall Addition By Adamm v6.2.2                                               #
##                                 https://github.com/Adamm00/IPSet_ASUS                                                            #
#############################################################################################                        ################


+ export LC_ALL=C
+ retry=1
+ nvram get ntp_ready
+ [ 1 = 0 ]
+ [ 1 -ge 300 ]
+ red=printf \e[1;31m%s\e[0m\n
+ grn=printf \e[1;32m%s\e[0m\n
+ blue=printf \e[1;36m%s\e[0m\n
+ ylow=printf \e[1;33m%s\e[0m\n
+ date +%s
+ stime=1527622078
+ grep -ow skynetloc=.* # Skynet /jffs/scripts/firewall-start+
cut -c 11-
+ grep -vE ^#
+ awk {print $1}
+ skynetloc=/tmp/mnt/Asus/skynet
+ skynetcfg=/tmp/mnt/Asus/skynet/skynet.cfg
+ skynetlog=/tmp/mnt/Asus/skynet/skynet.log
+ skynetevents=/tmp/mnt/Asus/skynet/events.log
+ skynetipset=/tmp/mnt/Asus/skynet/skynet.ipset
+ [ -z /tmp/mnt/Asus/skynet ]
+ [ ! -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ [ ! -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ [ ! -d /tmp/mnt/Asus/skynet ]
+ nvram get wan0_proto
+ [ dhcp = pppoe ]
+ nvram get wan0_proto
+ [ dhcp = pptp ]
+ nvram get wan0_proto
+ [ dhcp = l2tp ]
+ nvram get wan0_ifname
+ iface=eth0
+ [ -z debug ]
+ [ -n  ]
+ [ -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ . /tmp/mnt/Asus/skynet/skynet.cfg
+ model=RT-AC86U
+ localver=v6.2.0
+ autoupdate=enabled
+ banmalwareupdate=daily
+ forcebanmalwareupdate=
+ debugmode=disabled
+ filtertraffic=all
+ blacklist1count=109286
+ blacklist2count=8811
+ customlisturl=
+ countrylist=ru
+ excludelists=
+ unbanprivateip=
+ loginvalid=disabled
+ banaiprotect=enabled
+ Check_Lock debug banaiprotect enable
+ [ -f /tmp/skynet.lock ]
+ echo debug banaiprotect enable
+ echo 31023
+ lockskynet=true
+ Purge_Logs
+ sed \~BLOCKED -~!d /tmp/syslog.log-1 /tmp/syslog.log
+ sed -i \~BLOCKED -~d /tmp/syslog.log-1 /tmp/syslog.log
+ + awk {print $1}
du /tmp/mnt/Asus/skynet/skynet.log
+ [ 3678 -ge 10240 ]
+ [  = all ]
+ grep -c Skynet: \[Complete\] /tmp/syslog.log
+ [ 4 -gt 24 ]
+ [ ! -f /opt/bin/opkg ]
+ echo Enabling AiProtect Banning
Enabling AiProtect Banning
+ banaiprotect=enabled
+ Refresh_AiProtect
+ [ enabled = enabled ]
+ [ -f /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db ]
+ [ -f /opt/bin/opkg ]
+ [ ! -f /opt/bin/sqlite3 ]
+ [ -f /opt/bin/opkg ]
+ [ -f /opt/bin/sqlite3 ]
+ sqlite3 /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db SELECT src FROM monitor;
+ grep -qE ^([0-9]{1,3}\.){3}[0-9]{1,3}$
+ sed \~add Skynet-Blacklist ~!d;\~BanAiProtect~!d;s~ comment.*~~;s~add~del~g /tmp/mnt/Asus/s                        kynet/skynet.ipset
+ ipset restore -!
ipset v6.32: Error in line 1: The set with the given name does not exist
+ sqlite3 /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db SELECT src FROM monitor;
+ ipset restore -!
+ Filter_PrivateIP
+ grep -vE (^127\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^192\.168\.)|                        (^0.)|(^169\.254\.)|(^22[4-9]\.)|(^23[0-9]\.)|(^255\.255\.255\.255)|(^8\.8\.8\.8)|(^8\.8\.4\.                        4)
+ grep -oE ^([0-9]{1,3}\.){3}[0-9]{1,3}$
+ awk {print "add Skynet-Blacklist " $1 " comment \"BanAiProtect\""}
+ awk !x[$0]++
ipset v6.32: Error in line 1: The set with the given name does not exist
+ Save_IPSets
+ Check_Status
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ echo

+ [  != 2 ]
+ Logging debug banaiprotect enable
+ oldips=109286
+ oldranges=8811
+ grep -Foc add Skynet-Black /tmp/mnt/Asus/skynet/skynet.ipset
+ blacklist1count=109286
+ grep -Foc add Skynet-Block /tmp/mnt/Asus/skynet/skynet.ipset
+ blacklist2count=8811
+ Check_Status
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ date +%s
+ ftime=1
+ [ debug = minimal ]
+ logger -st Skynet [Complete] 109286 IPs / 8811 Ranges Banned. 0 New IPs / 0 New Ranges Bann                        ed.  Inbound /  Outbound Connections Blocked! [debug] [1s]
Skynet: [Complete] 109286 IPs / 8811 Ranges Banned. 0 New IPs / 0 New Ranges Banned.  Inbound                         /  Outbound Connections Blocked! [debug] [1s]
+ echo

+ [  != 1 ]
+ Write_Config
+ echo ## Generated By Skynet - Do Not Manually Edit ##
+ date +%b %d %T
+ echo ## May 29 21:27:59 ##
+ echo
+ echo ## Installer ##
+ echo model="RT-AC86U"
+ echo localver="v6.2.0"
+ echo autoupdate="enabled"
+ echo banmalwareupdate="daily"
+ echo forcebanmalwareupdate=""
+ echo debugmode="disabled"
+ echo filtertraffic="all"
+ echo
+ echo ## Other ##
+ echo blacklist1count="109286"
+ echo blacklist2count="8811"
+ echo customlisturl=""
+ echo countrylist="ru"
+ echo excludelists=""
+ echo unbanprivateip=""
+ echo loginvalid="disabled"
+ echo banaiprotect="enabled"
+ [ true = true ]
+ rm -rf /tmp/skynet.lock
+ [ -n  ]
Let me know if i can help further :)
 
Hi,

I have a dumb question. I am trying to figure out what mac address is being hit from the logs but I am not sure how to decipher it.

Here is an entry:

May 29 16:32:50 kernel: [BLOCKED - INBOUND] IN=eth0 OUT= MAC=4c:ed:fb:90:2b:48:00:01:5c:7a:4c:46:08:00 SRC=181.214.87.34 DST=76.124.127.21 LEN=40 TOS=0x00 PREC=0x20 TTL=239 ID=54875 PROTO=TCP SPT=44737 DPT=64004 SEQ=2345751370 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 MARK=0x8000000

Thank you,

J
 
.TT. said:
Code: 
#############################################################################################                        ################
#                                _____ _                     _             __                                           #
#                               / ____| |                   | |           / /                                           #
#                              | (___ | | ___   _ _ __   ___| |_  __   __/ /_                                           #
#                               \___ \| |/ / | | | '_ \ / _ \ __| \ \ / / '_ \                                          #
#                               ____) |   <| |_| | | | |  __/ |_   \ V /| (_) |                                         #
#                              |_____/|_|\_\\__, |_| |_|\___|\__|   \_/  \___/                                          #
#                                            __/ |                                                                      #
#                                           |___/                                                                       #
#                                                                                                                       #
## - 30/05/2018 -                  Asus Firewall Addition By Adamm v6.2.2                                               #
##                                 https://github.com/Adamm00/IPSet_ASUS                                                            #
#############################################################################################                        ################


+ export LC_ALL=C
+ retry=1
+ nvram get ntp_ready
+ [ 1 = 0 ]
+ [ 1 -ge 300 ]
+ red=printf \e[1;31m%s\e[0m\n
+ grn=printf \e[1;32m%s\e[0m\n
+ blue=printf \e[1;36m%s\e[0m\n
+ ylow=printf \e[1;33m%s\e[0m\n
+ date +%s
+ stime=1527622078
+ grep -ow skynetloc=.* # Skynet /jffs/scripts/firewall-start+
cut -c 11-
+ grep -vE ^#
+ awk {print $1}
+ skynetloc=/tmp/mnt/Asus/skynet
+ skynetcfg=/tmp/mnt/Asus/skynet/skynet.cfg
+ skynetlog=/tmp/mnt/Asus/skynet/skynet.log
+ skynetevents=/tmp/mnt/Asus/skynet/events.log
+ skynetipset=/tmp/mnt/Asus/skynet/skynet.ipset
+ [ -z /tmp/mnt/Asus/skynet ]
+ [ ! -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ [ ! -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ [ ! -d /tmp/mnt/Asus/skynet ]
+ nvram get wan0_proto
+ [ dhcp = pppoe ]
+ nvram get wan0_proto
+ [ dhcp = pptp ]
+ nvram get wan0_proto
+ [ dhcp = l2tp ]
+ nvram get wan0_ifname
+ iface=eth0
+ [ -z debug ]
+ [ -n  ]
+ [ -f /tmp/mnt/Asus/skynet/skynet.cfg ]
+ . /tmp/mnt/Asus/skynet/skynet.cfg
+ model=RT-AC86U
+ localver=v6.2.0
+ autoupdate=enabled
+ banmalwareupdate=daily
+ forcebanmalwareupdate=
+ debugmode=disabled
+ filtertraffic=all
+ blacklist1count=109286
+ blacklist2count=8811
+ customlisturl=
+ countrylist=ru
+ excludelists=
+ unbanprivateip=
+ loginvalid=disabled
+ banaiprotect=enabled
+ Check_Lock debug banaiprotect enable
+ [ -f /tmp/skynet.lock ]
+ echo debug banaiprotect enable
+ echo 31023
+ lockskynet=true
+ Purge_Logs
+ sed \~BLOCKED -~!d /tmp/syslog.log-1 /tmp/syslog.log
+ sed -i \~BLOCKED -~d /tmp/syslog.log-1 /tmp/syslog.log
+ + awk {print $1}
du /tmp/mnt/Asus/skynet/skynet.log
+ [ 3678 -ge 10240 ]
+ [  = all ]
+ grep -c Skynet: \[Complete\] /tmp/syslog.log
+ [ 4 -gt 24 ]
+ [ ! -f /opt/bin/opkg ]
+ echo Enabling AiProtect Banning
Enabling AiProtect Banning
+ banaiprotect=enabled
+ Refresh_AiProtect
+ [ enabled = enabled ]
+ [ -f /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db ]
+ [ -f /opt/bin/opkg ]
+ [ ! -f /opt/bin/sqlite3 ]
+ [ -f /opt/bin/opkg ]
+ [ -f /opt/bin/sqlite3 ]
+ sqlite3 /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db SELECT src FROM monitor;
+ grep -qE ^([0-9]{1,3}\.){3}[0-9]{1,3}$
+ sed \~add Skynet-Blacklist ~!d;\~BanAiProtect~!d;s~ comment.*~~;s~add~del~g /tmp/mnt/Asus/s                        kynet/skynet.ipset
+ ipset restore -!
ipset v6.32: Error in line 1: The set with the given name does not exist
+ sqlite3 /jffs/.sys/AiProtectionMonitor/AiProtectionMonitor.db SELECT src FROM monitor;
+ ipset restore -!
+ Filter_PrivateIP
+ grep -vE (^127\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^192\.168\.)|                        (^0.)|(^169\.254\.)|(^22[4-9]\.)|(^23[0-9]\.)|(^255\.255\.255\.255)|(^8\.8\.8\.8)|(^8\.8\.4\.                        4)
+ grep -oE ^([0-9]{1,3}\.){3}[0-9]{1,3}$
+ awk {print "add Skynet-Blacklist " $1 " comment \"BanAiProtect\""}
+ awk !x[$0]++
ipset v6.32: Error in line 1: The set with the given name does not exist
+ Save_IPSets
+ Check_Status
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ echo

+ [  != 2 ]
+ Logging debug banaiprotect enable
+ oldips=109286
+ oldranges=8811
+ grep -Foc add Skynet-Black /tmp/mnt/Asus/skynet/skynet.ipset
+ blacklist1count=109286
+ grep -Foc add Skynet-Block /tmp/mnt/Asus/skynet/skynet.ipset
+ blacklist2count=8811
+ Check_Status
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ [ -f /tmp/mnt/Asus/skynet/skynet.ipset ]
+ ipset -L -n Skynet-Whitelist
+ date +%s
+ ftime=1
+ [ debug = minimal ]
+ logger -st Skynet [Complete] 109286 IPs / 8811 Ranges Banned. 0 New IPs / 0 New Ranges Bann                        ed.  Inbound /  Outbound Connections Blocked! [debug] [1s]
Skynet: [Complete] 109286 IPs / 8811 Ranges Banned. 0 New IPs / 0 New Ranges Banned.  Inbound                         /  Outbound Connections Blocked! [debug] [1s]
+ echo

+ [  != 1 ]
+ Write_Config
+ echo ## Generated By Skynet - Do Not Manually Edit ##
+ date +%b %d %T
+ echo ## May 29 21:27:59 ##
+ echo
+ echo ## Installer ##
+ echo model="RT-AC86U"
+ echo localver="v6.2.0"
+ echo autoupdate="enabled"
+ echo banmalwareupdate="daily"
+ echo forcebanmalwareupdate=""
+ echo debugmode="disabled"
+ echo filtertraffic="all"
+ echo
+ echo ## Other ##
+ echo blacklist1count="109286"
+ echo blacklist2count="8811"
+ echo customlisturl=""
+ echo countrylist="ru"
+ echo excludelists=""
+ echo unbanprivateip=""
+ echo loginvalid="disabled"
+ echo banaiprotect="enabled"
+ [ true = true ]
+ rm -rf /tmp/skynet.lock
+ [ -n  ]
Let me know if i can help further :)
Click to expand...

Looks like Skynet isn't running. Try use the restart command or run through the installer again to fix any issues.
 
Adamm said:
This should be fixed in v6.2.2

Skynet wasn't checking if the database was empty, so if it was ipset would error out when generating commands.
Click to expand...

Working well here now, after reinstalling and updating to 6.2.2. Thanks!
 
Adamm said:
I've pushed v6.2.0

Changes since the last version;

Code: 
Comment support for import command
Fix lock files with blank PID line due to user error
Give imported entries identifiable string
Fix char limits on certian entries
"whitelist list imported" command
Guess Unban_PrivateIP never worked due to extra space, oops
Add Refresh_AiProtect()

The one feature that needs testing and feedback is that Skynet now bans IP's that AiProtect flags as malicious upon startup (if the feature is enabled). The current downside is that it will also ban source addresses (aka your current and previous IP's), but our whitelist should make this not matter. I'm hoping in a future version to filter out these addresses out without needing to install any additional entware packages.

To enable/disable this feature use the following commands;

Code: 
sh /jffs/scripts/firewall debug banaiprotect enable
sh /jffs/scripts/firewall debug banaiprotect disable
Click to expand...
May I know the frequency of it checking database and adding ip? Updating together with banmalware list?

It has checking ability and will not duplicate its result right? Like adding the ip more than once in blacklist.
 
DonnyJohnny said:
May I know the frequency of it checking database and adding ip? Updating together with banmalware list?

It has checking ability and will not duplicate its result right? Like adding the ip more than once in blacklist.
Click to expand...

It updates upon startup and when banmalware is run. Skynet prevents duplicates and gets rid of stale entries.

johnathonm said:
I have a dumb question. I am trying to figure out what mac address is being hit from the logs but I am not sure how to decipher it.
Click to expand...

Its probably the router's mac address. You can confirm via;

Code: 
nvram show | grep 4c:ed

(You may need to capitalize the letters as its case sensitive)
 
hervon said:
6.2.2 does not show up when i check for update in the GUI.
Click to expand...

Might be a github thing, try a force update and it should download the most recent version.
 
@Adamm, did you bump the version number back to 6.2.1 on purpose with your last change or was that a typo?
 
Last edited:
You must log in or register to reply here.

Similar threads

O
Skynet Installing Skynet causes router to crash and reboot
2
Replies
26
Views
2K
Quoc Huynh
Q
U
Skynet Skynet and dig resolving completely different set of IP's
Replies
2
Views
720
ColinTaylor
C
W
Looking for an add-on that does...
Replies
5
Views
890
JGrana
JGrana
Viktor Jaep
Skynet Filter Validator v0.7 - Skynet Firewall Filter List IPv4 Integrity Validator
3 4 5
Replies
83
Views
10K
SomeWhereOverTheRainBow
SomeWhereOverTheRainBow
topmusic
ddns ip whitelist with little script.
Replies
9
Views
977
topmusic
topmusic
Similar threads
Thread starter Title Forum Replies Date
O Skynet Installing Skynet causes router to crash and reboot Asuswrt-Merlin AddOns 26
cofetym Diversion Diversion & Skynet Missing on GUI after Router Reboot. Asuswrt-Merlin AddOns 7
P Any usefulness for Skynet + pfsense/opnsense in transparent bridge mode? Asuswrt-Merlin AddOns 12
John Fitzgerald Solved Skynet running slow with install/update issues from AMTM? Asuswrt-Merlin AddOns 10
B Skynet Source LAN IP for outbound IP blocked by SkyNet Asuswrt-Merlin AddOns 8
P Skynet Skynet errors Asuswrt-Merlin AddOns 8
ChickenheadOS Skynet Skynet 7.5.8 Firewall UI Issues Asuswrt-Merlin AddOns 18
P Send stats Division and Skynet to webhook or mqtt Asuswrt-Merlin AddOns 0
BATTLEPENCIL Skynet Unable to uninstall Skynet Asuswrt-Merlin AddOns 11
U Skynet Unable to Install Skynet Asuswrt-Merlin AddOns 31

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 1,107 (members: 27, guests: 1,080)
Top