Skynet Skynet - Router Firewall & Security Enhancements

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.

Adamm

Part of the Furniture

Adamm

Part of the Furniture
on the lame side of things. how fast does the thumbdrive needs to be? does it have to be a USB3 drive or a old USB2 @ 2-5mb/s will do?
Any USB should do for Skynet, we only hit the filesystem for logging and config files.
 

Clark Griswald

Senior Member
Young kids 6-12 wont know those things, and mine are not 'techies' ...they just watch videos and play games
:eek: Do not let their age give you a false sense of security!
My children's school has been teaching how to produce web pages, write code & scripts, as part of the eighth grade curriculum. That computer knowledge is passed around to all the kids in school. I had to become more diligent in my pursuit of computer literacy AND all the horrible ways to thwart a "safe" intranet/internet.
Best Practice is to teach your kids right from wrong.
Good Luck-
 

JT Strickland

Senior Member
I almost never got any outbound blocks until I installed syncthing recently. I've been getting a few hits now from the 3 clients that I have it installed on, but the most are coming from my NAS, a My Cloud EX2 Ultra. Either I've got some bad guys phoning home for backup, or a couple of false positives.

Looks like they're trying to connect to 2 ip's that alienvault says are bad guys. I will have to take their word for it I reckon. I thought syncthing wore a white hat? (or for you young whipper snappers, was one of the good guys)
 

andywee

Occasional Visitor
not sure if this is the right thread to ask but is there a way to add fix ip resolve to skynet or to diversion? eg resolving to bing.com would use my predefined IP.
or translate.google.cn to a fixed defined ip set by me.

because DNS in china is not very stable. getting a new IP would also mean a different DNS and sometimes that DNS would not resolve certain stuff.
 

Adamm

Part of the Furniture
I almost never got any outbound blocks until I installed syncthing recently. I've been getting a few hits now from the 3 clients that I have it installed on, but the most are coming from my NAS, a My Cloud EX2 Ultra. Either I've got some bad guys phoning home for backup, or a couple of false positives.

Looks like they're trying to connect to 2 ip's that alienvault says are bad guys. I will have to take their word for it I reckon. I thought syncthing wore a white hat? (or for you young whipper snappers, was one of the good guys)
I don't use syncthing so I can't say exactly, but its probably just a false positive.

not sure if this is the right thread to ask but is there a way to add fix ip resolve to skynet or to diversion?
No, you would need to use custom dnsmasq configuration.
 

andywee

Occasional Visitor
I have always wondered something. is there any option to cluster all the merlin tabs together?
uidivstats, skynet together to the "addons" rather than going all over to find them?
 

Adamm

Part of the Furniture
I have always wondered something. is there any option to cluster all the merlin tabs together?
uidivstats, skynet together to the "addons" rather than going all over to find them?
"addons" is not a default tab, it is added by Jack Yaz's scripts.
 

Geo92

Occasional Visitor
Hello Adamm. I recently found out another ip address (outbound) Skynet was blocking, which is actually legit. 13.107.246.10 . Which is a Microsoft ip used for Microsoft Flight Simulator for loading the terrain on the map in real-time. I had issues with MFS when the terrain was blurry and never loaded. Whitelisting that ip solved the issue.

I figured you might be interested in knowing this, and for other users of Skynet encountering issues in MFS (2020).
 
Last edited:

TonyK132

Senior Member
Hey Adam - I just reinstalled all my scripts after doing the nuclear option. I followed the procedure for formatting the usb, then created a swap file. I then rebooted, then installed Skynet. As part of that installation, Skynet recreated the swap file. Is that the expected behavior? Couldn't you detect if a swap file of the right size exists, and not create a new one if it does exist?
 

Adamm

Part of the Furniture
As part of that installation, Skynet recreated the swap file. Is that the expected behavior? Couldn't you detect if a swap file of the right size exists, and not create a new one if it does exist?
Skynet only generates a SWAP file during installation if one isn't detected;

Code:
if ! grep -qE "^swapon " /jffs/scripts/post-mount; then Create_Swap; fi
 

Adamm

Part of the Furniture
Hi Adam.
Does Skynet work with dual WAN and WAN routing or would it only use the primary WAN?
I have no way to test (nor do I have any previous experience with dual WAN) so I can't confirm or deny.
 

Adamm

Part of the Furniture
I've pushed a minor update (no version change);

Code:
chartjs-plugin-zoom v0.7.7
 

doublehd

Occasional Visitor
Hi guys,I need a help about how I can edit those banned manual IPs( IP Range ) created by myself ?So any chance to let me know where is the the blacklist located plz?Thanks for it.
 

Adamm

Part of the Furniture
Hi guys,I need a help about how I can edit those banned manual IPs( IP Range ) created by myself ?So any chance to let me know where is the the blacklist located plz?Thanks for it.
As per the readme;

Code:
( firewall stats search manualbans ) Search For All Manual Bans


( firewall unban ip 8.8.8.8 ) This Unbans The IP Specified
( firewall unban range 8.8.8.8/24 ) This Unbans the CIDR Block Specified
 

doublehd

Occasional Visitor
Opps,I'm sorry for my bad move.I searched some threads before but I got the only result of malwares thing,I apologies for my careless anywayz and thanks for your fastest relieved of course.Best regardz.
 

barutchiev

Occasional Visitor
Hello , Can you give me a guide why I can't update Skynet? What is this error?
IMG_20201012_140555.jpg
IMG_20201012_140620.jpg
 

Adamm

Part of the Furniture
Last edited:

barutchiev

Occasional Visitor
What is the output of;

firewall debug info
When I restore the router, I only see this
"Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/Adata/skynet) (pid=580) - Exiting (cpid=1853)"
"Skynet: [*] WebUI Integration Requires Logging To Be Enabled"
in the log.

Nothing more than Skynet.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top