Skynet Skynet - Router Firewall & Security Enhancements

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

wbartels

Occasional Visitor
The purpose of Skynet-Whitelist, Skynet-Blacklist and Skynet-BlockedRanges are clear. But how do the Skynet-IOT work. Why do the IOT (internet of things) need other rules? Thanks Willem
 

dave14305

Part of the Furniture
If someone wants to share a copy of state.js (or whichever file @RMerlin said hardcoded them), I could have a look
https://github.com/john9527/asuswrt-merlin/blob/374.43_2-update/release/src/router/www/state.js

I appended a Skynet tab and link to user1.asp on lines 507 and 522 to have the tab show up, but I don’t think Adamm’s page expects the older style. I switched back to Merlin for now, so my interest is waning until/if John comes back to provide his expertise. And push his new source to Github.

I think to compare Adamm’s page with a normal Firewall page like this would be the next step: https://github.com/john9527/asuswrt...router/www/Advanced_BasicFirewall_Content.asp
 

Justinb

Occasional Visitor
Hi - perhaps I am doing something wrong, or perhaps what I'm trying to achieve cannot be done. I'm trying to block access to certain sites to stop my kids getting on them.

Running the latest SKyNet on an AC88U router. All options are default / recommended with a 2GB swap file.

I' added a manual ban for www.instagram.com, instagram.com, tiktok.com

However I'm finding that I'm still able to visit these sites. Any thoughts?
 

Treadler

Very Senior Member
Hi - perhaps I am doing something wrong, or perhaps what I'm trying to achieve cannot be done. I'm trying to block access to certain sites to stop my kids getting on them.

Running the latest SKyNet on an AC88U router. All options are default / recommended with a 2GB swap file.

I' added a manual ban for www.instagram.com, instagram.com, tiktok.com

However I'm finding that I'm still able to visit these sites. Any thoughts?

Try blocking them in Diversion.:)
 

Mutzli

Very Senior Member
I updated to 7.09 and noticed that the blocked IPs are down now from about 150,000 to around 90,000 without changing anything. Did you change the default blocking list?
 

Adamm

Part of the Furniture
I updated to 7.09 and noticed that the blocked IPs are down now from about 150,000 to around 90,000 without changing anything. Did you change the default blocking list?

One of the firehol lists was purged a few days ago by the looks of it, would have to check out their stats to find out which exactly. Nothing wrong on our end.

Edit; Looks like it was alienvault's reputation list
 

Mutzli

Very Senior Member
One of the firehol lists was purged a few days ago by the looks of it, would have to check out their stats to find out which exactly. Nothing wrong on our end.

Edit; Looks like it was alienvault's reputation list
That's some serious purge:
upload_2020-1-25_10-20-29.png
 

Mutzli

Very Senior Member
One of the firehol lists was purged a few days ago by the looks of it, would have to check out their stats to find out which exactly. Nothing wrong on our end.

Edit; Looks like it was alienvault's reputation list
Something else I noticed after updating to 7.09. The UI stats are not updating anymore:
upload_2020-1-25_10-52-17.png


In- and Outbound Blocks shows zero blocks, even though the log shows plenty of blocked sites:
upload_2020-1-25_10-54-8.png
 

Adamm

Part of the Furniture
Something else I noticed after updating to 7.09. The UI stats are not updating anymore:
View attachment 21044

In- and Outbound Blocks shows zero blocks, even though the log shows plenty of blocked sites:
View attachment 21045

The stats page gets updated twice a day on a cronjob unless manually triggered. Restarting the firewall service will also reset these counters.
 

Mutzli

Very Senior Member
The stats page gets updated twice a day on a cronjob unless manually triggered. Restarting the firewall service will also reset these counters.
Yep, all is well in paradise:
upload_2020-1-25_11-6-46.png
 

L&LD

Part of the Furniture
@Adamm is there a way to show 'Ranges banned in total' as a running stat since Skynet was first installed? :)
 
  • Like
Reactions: a5m

Wisiwyg

Regular Contributor
Quick off-topic...
Shout-out to L&LD for the M&M config and Nuclear Option reset info. Had a AC86U that dropped to 20mb throughput from 200mb. Tried all sorts of fixes, followed the Nuclear, M&M, AMTM setup and all's well again. TY L&LD....
Aaand, Back On Topic!
 

randomName

Very Senior Member
I just checked my log file for the router and noticed I have 5 outbound connections blocked. I don't have logging enabled, but is there a way to view what's being blocked? I'm still on 384.14 firmware..
 

Adamm

Part of the Furniture
I just checked my log file for the router and noticed I have 5 outbound connections blocked. I don't have logging enabled, but is there a way to view what's being blocked? I'm still on 384.14 firmware..

No, logging is required to see exactly what’s being blocked
 

TheLyppardMan

Very Senior Member
Hi Adamm. I've only just discovered your script, so I've installed it via amtm (which I've also only discovered recently). The script seems to be working as it's blocking stuff, but there is no tab for it in the GUI on my RT-AC86U. I've tried rebooting the router, but no change. What do I need to do?
 

Jack Yaz

Part of the Furniture
Hi Adamm. I've only just discovered your script, so I've installed it via amtm (which I've also only discovered recently). The script seems to be working as it's blocking stuff, but there is no tab for it in the GUI on my RT-AC86U. I've tried rebooting the router, but no change. What do I need to do?
Are you running the 384.15 alpha? It may be worth @Adamm adding a prompt in the menu/script about the firmware version requirement, if one doesn't already exist.
 

TheLyppardMan

Very Senior Member
Current stats, but still no tab in the GUI of my RT-AC86U running the latest stable Merlin firmware. Don't know how to resolve this.
 

Attachments

  • Screenshot - 26_01_2020 , 14_27_44.png
    Screenshot - 26_01_2020 , 14_27_44.png
    138.7 KB · Views: 196
  • Screenshot - 26_01_2020 , 14_28_43.png
    Screenshot - 26_01_2020 , 14_28_43.png
    236.2 KB · Views: 189

Mutzli

Very Senior Member
Current stats, but still no tab in the GUI of my RT-AC86U running the latest stable Merlin firmware. Don't know how to resolve this.
Only works on 384.15, you're still on 384.14!
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top