Skynet Skynet - Router Firewall & Security Enhancements

[kernol]

The problem I see is unmounting a second USB drive while the first has the swap file. It'd be better to go through the swap files and remove any from the unmounted drive, something like

tail -n+2 /proc/swaps | while read -r FILENAME _; do
    case "$FILENAME" in
        "$1/"*) swapoff "$FILENAME";;
    esac
done

This is the code prior to the latest change made by Skynet ...

[ "$(/usr/bin/find $1/myswap.swp 2> /dev/null)" ] && swapoff $1/myswap.swp # Added by Diversion

It simply did not work in time - so a clean usb eject would fail - resulting on reboot to an unclean usb state requiring journal fixing.

 

[Adamm]

The problem I see is unmounting a second USB drive while the first has the swap file. It'd be better to go through the swap files and remove any from the unmounted drive, something like

tail -n+2 /proc/swaps | while read -r FILENAME _; do
    case "$FILENAME" in
        "$1/"*) swapoff "$FILENAME";;
    esac
done

Assuming Skynet, Diversion etc etc are still loaded into memory, a swapoff call will fail in the event the "wrong" usb drive is being unmounted with the following error "Cannot allocate memory".

Could this be cleaner? Sure, but personally I think people using multiple USB's and removing them mid operation is a pretty edge case with the benefit of having a more reliable swapoff method.

 

[Adamm]

Hi Guys,
can anybody help a newb, i installed several scripts, but have problems with installing/uninstalling skynet. everytime i want to start skynet i get this screen. diversion and other scripts are working flawlessly.

Sorry I missed your comment yestrday. This indicates Skynet is waiting for NTP to sync, so there is an issue with your NTP settings.

 

[dugaduga]

As suspected you don't have enough available ram to unload the contents of the swap file, so you will need to uninstall in two stages;

sed -i '\~swapon ~d' /jffs/scripts/post-mount

Followed by a reboot of your router, then;

swapoff -a
rm -rf  "/tmp/mnt/USB/myswap.swp"

Then the swap install command should work as expected.

This did not work for me well either, diversion or some software re-enabled the swap on reboot.

adding the following code to /jffs/scripts/post-mount and rebooting did it for me

swapoff -a
rm -rf  /tmp/mnt/psda1/myswap.swp

 

[Dabombber]

Assuming Skynet, Diversion etc etc are still loaded into memory, a swapoff call will fail in the event the "wrong" usb drive is being unmounted with the following error "Cannot allocate memory".

What about trying it gracefully first? It's still not ideal, maybe it'd be worth recommending a reboot if it's forced to use -a.

[ -f "$1/myswap.swp" ] && { swapoff "$1/myswap.swp" || swapoff -a; }

 

[Ubimo]

@Adamm
Since now a swap file of 1GB is recommended, would you please adjust your OP (first post)?
There you state, that an USB drive of 500MB is required. ;-)

 

[SomeWhereOverTheRainBow]

What about trying it gracefully first? It's still not ideal, maybe it'd be worth recommending a reboot if it's forced to use -a.

[ -f "$1/myswap.swp" ] && { swapoff "$1/myswap.swp" || swapoff -a; }

swapping off upon any flash drive removal

 

[SomeWhereOverTheRainBow]

What about trying it gracefully first? It's still not ideal, maybe it'd be worth recommending a reboot if it's forced to use -a.

[ -f "$1/myswap.swp" ] && { swapoff "$1/myswap.swp" || swapoff -a; }

I think this is by far a better option, because I am swapping off on every unmount right now. (even if just removing a regular flash drive). do any of the programs like skynet or diversion rely on swap being mounted to properly run?

 

[L&LD]

My 2GB swap file is currently using 122MB of storage with 98MB Free RAM. When I'm actively using my network, the swap file usage can hit around 400MB, depending on what I'm doing.

Unless I reboot the router, and many times, even right after a reboot, there is still a few MB's worths of swap file usage.

Many of the scripts rely on the swap file to be present from what I'm observing.

 

[^Tripper^]

My 2GB swap file is currently using 122MB of storage with 98MB Free RAM. When I'm actively using my network, the swap file usage can hit around 400MB, depending on what I'm doing.

Unless I reboot the router, and many times, even right after a reboot, there is still a few MB's worths of swap file usage.

Many of the scripts rely on the swap file to be present from what I'm observing.

Am curious, what exactly are you doing when you’re “actively using” your network? I mean what’s your typical use case; simple surfing/ streaming for the family or are you running a mini data centre? I ask because it seems like you’re hitting the swap pretty heavily compared to what most folks report seeing in their case.
Hope you don’t mind the question.

 

[L&LD]

@^Tripper^, when I'm 'actively using' my network, I may be moving files (a lot) between a few computers and a NAS or two, streaming a few 4K60 HDR youtube videos and 'surfing' (reading) the web with as many as 40 tabs open in a few browser windows. I may also be performing updates to a few client devices (desktops and laptops) and also a few mobile devices too, sometime. A backup may also be running concurrently from one or more clients back to a NAS. And when there are guests over, you can multiply parts of this by a few times over.

And of course, I may also be setting up a few select routers for customers (partially) before I have to be at their premises too.

 

[^Tripper^]

Ah. A mini data centre/ backup/ entertainment complex facility/ arena/ home/ service centre. Explains that swap file usage!

 

[DocUmibozu]

Read here: https://www.snbforums.com/threads/r...urity-enhancements.16798/page-308#post-551732

Thanks, I missed it

 

[AntonK]

Interesting. Is there some reason that Port 23 gets knocked on considerably more than all the others (it seems)?

 

[Ronald Schwerer]

Interesting. Is there some reason that Port 23 gets knocked on considerably more than all the others (it seems)?

Telnet is port 23. A very unsecure legacy "feature" found in many Unix/Linux systems. If you're scanning for a site not well-managed, this port exposed is a big red flag.

 

[SomeWhereOverTheRainBow]

I got the same thing with port 23..
IDK why i have port 51413 with inbound traffic as well as port 1433 or port 8545 or 5060 or 22 or 3389 or 8080.


can skynet block these ports @Adamm

or do you have any recommended suggestions for blocking these ports?

 

[SomeWhereOverTheRainBow]

apparently I block Russia and the Netherlands constantly

 

[Chris_J]

My 2nd most blocked port is 123, i.e. time synchronisation port. What gives?!

 

[dave14305]

can skynet block these ports @Adamm

or do you have any recommended suggestions for blocking these ports

Skynet IS blocking that traffic which is why you see it in your stats.

The bad guys love scanning for those ports because they are easy to exploit (telnet, SQL Server, RDP, etc.) when open. Just because Skynet blocks them doesn’t mean they are open on your router.

 

[SomeWhereOverTheRainBow]

Skynet IS blocking that traffic which is why you see it in your stats.

The bad guys love scanning for those ports because they are easy to exploit (telnet, SQL Server, RDP, etc.) when open. Just because Skynet blocks them doesn’t mean they are open on your router.

I figured it was blocking it. I am worried about it being open on my router.