Skynet Skynet - Router Firewall & Security Enhancements

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

TheLyppardMan

Very Senior Member

martinr

Part of the Furniture
I noticed today that there is an option to add AiProtection to Skynet. Is there any advantage in doing that?
That’s the Import AIProtection Data setting, which used to be known as Ban AIProtection? It’s a crude sort of artificial intelligence, if you like: Skynet learns from anything that AIProtection picks up and adds it to its list. I guess, if you subscribe to the AIProtection emails, as I do, it should reduce them even further, because you ought only to get the first alert, and, thereafter, Skynet looks after that particular IP address. So that could be one advantage.
 

Butterfly Bones

Very Senior Member
I understand the page number, but what does the 566646 refer to and does clicking on the link you kindly provided take me straight to the post I should be looking at? Still not sure if there is any advantage or disadvantage by adding AiProtection to Skynet, but I'll try searching this forum to see if I can find anything.
Sorry, try this one and search for "AIProtection" posts from Adamm, there are many, and he has answered this question many, many times.

https://www.snbforums.com/threads/r...urity-enhancements.16798/page-191#post-457893
 

CriticJay

Senior Member
n00B question: I want to hide certain Skynet/firewall log entries from the syslog. In particular, the INBOUND blocks. These all appear to be those "botnets" and random portscanners from *.RU (etc) and I think they are a fact of life in this day and age. However, I still want to see any OUTBOUND blocks by Skynet because that would imply one of my local clients is trying to hit a malware IP. Any suggestions?
 

Butterfly Bones

Very Senior Member
n00B question: I want to hide certain Skynet/firewall log entries from the syslog. In particular, the INBOUND blocks. These all appear to be those "botnets" and random portscanners from *.RU (etc) and I think they are a fact of life in this day and age. However, I still want to see any OUTBOUND blocks by Skynet because that would imply one of my local clients is trying to hit a malware IP. Any suggestions?
In Skynet menu, 11, 4
Code:
Select Menu Option:
[1]  --> Unban
[2]  --> Ban
[3]  --> Malware Blacklist
[4]  --> Whitelist
[5]  --> Import IP List
[6]  --> Deport IP List
[7]  --> Save
[8]  --> Restart Skynet
[9]  --> Temporarily Disable Skynet
[10] --> Update Skynet
[11] --> Settings
[12] --> Debug Options
[13] --> Stats
[14] --> Install Skynet
[15] --> Uninstall
[r]  --> Reload Menu
[e]  --> Exit Menu
[1-15]: 11

Select Setting To Toggle:
[1]  --> Skynet Auto-Updates        | [Enabled]                   
[2]  --> Malware List Auto-Updates  | [daily]                     
[3]  --> Logging                    | [Enabled]                   
[4]  --> Filter Traffic             | [all]                       
[5]  --> Unban PrivateIP            | [Enabled]                   
[6]  --> Log Invalid Packets        | [Enabled]                   
[7]  --> Import AiProtect Data      | [Enabled]                   
[8]  --> Secure Mode                | [Enabled]                   
[9]  --> Fast Switch List           | [Disabled]                   
[10] --> Syslog Location            | [Custom]                     
[11] --> IOT Blocking               | [Disabled]                   
[12] --> Stats Country Lookup       | [Enabled]                   
[13] --> CDN Whitelisting           | [Enabled]                   
[14] --> Display WebUI              | [Enabled]        
           
[1-14]: 4
Select Filter Option:
[1]  --> All Traffic
[2]  --> Inbound
[3]  --> Outbound
[1-3]:
 

CriticJay

Senior Member
In Skynet menu, 11, 4
I thought about that one, but it looks like it'll completely stop the inbound filtering too... no?

I would like the inbound filtering to continue (i.e. the dropping of packets from these "Russian portscanners" etc.) but not fill up the syslog.

Whereas for the outbound filtering, I would like it to both stay enabled and keep logging to syslog.
 

Butterfly Bones

Very Senior Member
I thought about that one, but it looks like it'll completely stop the inbound filtering too... no?

I would like the inbound filtering to continue (i.e. the dropping of packets from these "Russian portscanners" etc.) but not fill up the syslog.

Whereas for the outbound filtering, I would like it to both stay enabled and keep logging to syslog.
Now I am not certain. I thought Skynet did all blocking and only logged what one choose in 11 > 4. I always choose both and then use scribe to handle all Skynet logging. Someone who knows for sutr, likely @Adamm
 

dave14305

Part of the Furniture
I thought about that one, but it looks like it'll completely stop the inbound filtering too... no?

I would like the inbound filtering to continue (i.e. the dropping of packets from these "Russian portscanners" etc.) but not fill up the syslog.

Whereas for the outbound filtering, I would like it to both stay enabled and keep logging to syslog.
I had asked for a similar choice a while ago, but it didn’t get much traction.
 

LetMePutDaTipIn

Occasional Visitor
Can someone help me with getting gamestop.com to work on my browser. Firefox, I can't seem to open open this site, I've tried whitelisting on skynet and diversion with no success. I am running a VPN but I can't seem to figure this out, TIA
 

SuperDuke

Regular Contributor
Can someone help me with getting gamestop.com to work on my browser. Firefox, I can't seem to open open this site, I've tried whitelisting on skynet and diversion with no success. I am running a VPN but I can't seem to figure this out, TIA
Did you process the whitelisting addition? That has snookered me before.
 

octopus

Very Senior Member
Can someone help me with getting gamestop.com to work on my browser. Firefox, I can't seem to open open this site, I've tried whitelisting on skynet and diversion with no success. I am running a VPN but I can't seem to figure this out, TIA
Does it work if you turn VPN off?
 

octopus

Very Senior Member
Yes but I can't figure out how to make it work with VPN on. Tried to CIDR (policy rules) but that didn't work.
Do a nslokup and use that ip and bypass wan rule in VPN.
Code:
Name:      gamestop.com
Address 1: 52.207.186.5 ec2-52-207-186-5.compute-1.amazonaws.com
Address 2: 34.199.229.237 ec2-34-199-229-237.compute-1.amazonaws.com
 
Last edited:

TheStork

Occasional Visitor
I noticed that after installing Skynet, I don’t seem to be able to change Firewall logging settings in the GUI, it reverts back to logged packet type ‘dropped’ when I try to apply a change to ‘none’. Is this expected behaviour?

I like what Skynet does and the stats on its own firewall tab in the GUI, but currently the normal system log is flooded with firewall notifications.

(I’m using a AC88u, 384.16, Skynet v7.1.5)
 
Last edited:

figorr

Occasional Visitor
Just one curious thing. I have seen in the Skynet log. "Skynet: Mounting Skynet Web Page As user4.asp"

I remember that when I installed Skynet, at the beginning the user was user1.asp.

Everytime I restart or shut down the router ... Skynet will create a new user?

Are the previous users still there?

Should I delete the previous users? How?

Or should I reinstall Skynet?
 

Adamm

Part of the Furniture
I noticed that after installing Skynet, I don’t seem to be able to change Firewall logging settings in the GUI, it reverts back to logged packet type ‘dropped’ when I try to apply a change to ‘none’. Is this expected behaviour?

I like what Skynet does and the stats on its own firewall tab in the GUI, but currently the normal system log is flooded with firewall notifications.

(I’m using a AC88u, 384.16, Skynet v7.1.5)
Skynet hijacks this setting as it changes how IPTables rules are created. As for "your system log being flooded", logging is required for Skynet stats to operate. Skynet will self purge the log every time a command is run or at the top of every hour.

Just one curious thing. I have seen in the Skynet log. "Skynet: Mounting Skynet Web Page As user4.asp"

I remember that when I installed Skynet, at the beginning the user was user1.asp.

Everytime I restart or shut down the router ... Skynet will create a new user?

Are the previous users still there?

Should I delete the previous users? How?

Or should I reinstall Skynet?
You can safely ignore that output, it is for developers. All WebUI addons are allocated a page during their respective startup's ranging from user1-user10 to mount their content too. This output just means Skynet was the fourth script to request a page.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top