Skynet Skynet - Router Firewall & Security Enhancements

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.

Adamm

Part of the Furniture
When I restore the router, I only see this
"Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/Adata/skynet) (pid=580) - Exiting (cpid=1853)"
"Skynet: [*] WebUI Integration Requires Logging To Be Enabled"
in the log.

Nothing more than Skynet.
What is the output of the SSH command I posted above?
 

Wallace_n_Gromit

Regular Contributor
When I restore the router, I only see this
"Skynet: [*] Lock File Detected (start skynetloc=/tmp/mnt/Adata/skynet) (pid=580) - Exiting (cpid=1853)"
"Skynet: [*] WebUI Integration Requires Logging To Be Enabled"
in the log.

Nothing more than Skynet.
+While at the amtm listing of menu items press "2" at [Enter option] to open Skynet
+At the [1-15]: prompt press "12" for Debug Options
+Then at the [1-6]: prompt press "2" for Print Debug Info
 

barutchiev

Occasional Visitor
+While at the amtm listing of menu items press "2" at [Enter option] to open Skynet
+At the [1-15]: prompt press "12" for Debug Options
+Then at the [1-6]: prompt press "2" for Print Debug Info
There is no way to open a skynet. At the moment, which avoids the "2" option, it displays a screenshot of me and returns to the initial screen of amtm
What is the output of the SSH command I posted above?
What command to use to see the debug
file
Thank u
 

Adamm

Part of the Furniture
There is no way to open a skynet. At the moment, which avoids the "2" option, it displays a screenshot of me and returns to the initial screen of amtm

What command to use to see the debug
file
Thank u
Code:
firewall debug info
 

barutchiev

Occasional Visitor
Code:
firewall debug info
Sorry for the late reply, but I'm coming back from work now.


Code:
--------------------                | ----------
| Test Description |                | | Result |
--------------------                | ----------

Internet-Connectivity               | [Passed]
Write Permission                    | [Passed]
Config File                         | [Passed]
Firewall-Start Entry                | [Passed]
Services-Stop Entry                 | [Passed]
Service-Event Entry                 | [Passed]
Profile.add Entry                   | [Passed]
SWAP File                           | [Passed]
Cron Jobs                           | [Passed]
NTP Sync                            | [Passed]
IPSet Comment Support               | [Passed]
Log Level 5 Settings                | [Passed]
Duplicate Rules In RAW              | [Passed]
IPSets                              | [Passed]
IPTables Rules                      | [Passed]


-----------                         | ----------
| Setting |                         | | Status |
----------                          | ----------

Skynet Auto-Updates                 | [Disabled]
Malware List Auto-Updates           | [Disabled]
Logging                             | [Disabled]
Filter Traffic                      | [Selective]
Unban PrivateIP                     | [Disabled]
Log Invalid Packets                 | [Disabled]
Import AiProtect Data               | [Disabled]
Secure Mode                         | [Disabled]
Fast Switch List                    | [Disabled]
Syslog Location                     | [Custom]
IOT Blocking                        | [Disabled]
Country Lookup For Stats            | [Disabled]
CDN Whitelisting                    | [Disabled]
Display WebUI                       | [Disabled]

15/15 Tests Sucessful


================================================================================


/jffs/scripts/firewall: line 5686: arithmetic syntax error
 

Adamm

Part of the Furniture
Sorry for the late reply, but I'm coming back from work now.


Code:
--------------------                | ----------
| Test Description |                | | Result |
--------------------                | ----------

Internet-Connectivity               | [Passed]
Write Permission                    | [Passed]
Config File                         | [Passed]
Firewall-Start Entry                | [Passed]
Services-Stop Entry                 | [Passed]
Service-Event Entry                 | [Passed]
Profile.add Entry                   | [Passed]
SWAP File                           | [Passed]
Cron Jobs                           | [Passed]
NTP Sync                            | [Passed]
IPSet Comment Support               | [Passed]
Log Level 5 Settings                | [Passed]
Duplicate Rules In RAW              | [Passed]
IPSets                              | [Passed]
IPTables Rules                      | [Passed]


-----------                         | ----------
| Setting |                         | | Status |
----------                          | ----------

Skynet Auto-Updates                 | [Disabled]
Malware List Auto-Updates           | [Disabled]
Logging                             | [Disabled]
Filter Traffic                      | [Selective]
Unban PrivateIP                     | [Disabled]
Log Invalid Packets                 | [Disabled]
Import AiProtect Data               | [Disabled]
Secure Mode                         | [Disabled]
Fast Switch List                    | [Disabled]
Syslog Location                     | [Custom]
IOT Blocking                        | [Disabled]
Country Lookup For Stats            | [Disabled]
CDN Whitelisting                    | [Disabled]
Display WebUI                       | [Disabled]

15/15 Tests Sucessful


================================================================================


/jffs/scripts/firewall: line 5686: arithmetic syntax error
Your config file managed to get wiped, I can't assume how this happened but running the install command and going through the prompts should fix it.
 

barutchiev

Occasional Visitor
@Adamm Thank you.I will try!
EDIT:

@Adamm It happened! Thank you again for your invaluable help. It is strange how it happened, to delete these files and .... only on Skynet! Be blessed for your work and help us
 
Last edited:

bengalih

Regular Contributor
Hey all. Sorry if this has been covered before. I happened to be logged into my router GUI and SSH today while working on a few things and I noticed while going to a webpage that I lost web access. Then everyone in my house started saying they lost access - I was in the middle of already checking it.
While I was testing some pings from the router I saw in the web GUI that both my cores were being slammed close to 100%.
top wasn't super responsive (as it tends not to be when the cpu is being slammed), but I'm pretty sure I saw some skynet processes near the top of the list flash up and down several times.
Upon further investigation I found this:

Code:
25 13 * * * sh /jffs/scripts/firewall banmalware #Skynet_banmalware#
And that must be the culprit because by 1:28 the problem was gone and all of this lasted about 3 minutes.

Is it normal for this process to peg the cores so hard that I would lose internet? I did actually see in the GUI under "Internet Status" that it said my ISP was having an issue, so it actually affected the box so hard it dropped. Now I am using wpa_supplicant to authenticate to my ONT (AT&T Fiber), so it is possible this wouldn't have dropped my connection outside of this? I don't know how often this happens because unless I happen to be trying to load something for 2-3 mins at this time each day I may have not noticed it.

If this process is known to peg the CPU, why not run it a 1am instead? Can I change the cru job with no ill effects? Will it be modified back on upgrade, etc?

thanks
 

Adamm

Part of the Furniture
Is it normal for this process to peg the cores so hard that I would lose internet? I did actually see in the GUI under "Internet Status" that it said my ISP was having an issue, so it actually affected the box so hard it dropped. Now I am using wpa_supplicant to authenticate to my ONT (AT&T Fiber), so it is possible this wouldn't have dropped my connection outside of this? I don't know how often this happens because unless I happen to be trying to load something for 2-3 mins at this time each day I may have not noticed it.
I can't say I've ever seen any connection drops etc when there is high CPU usage. Is this something you can reproduce by manually running the process?

If this process is known to peg the CPU, why not run it a 1am instead? Can I change the cru job with no ill effects? Will it be modified back on upgrade, etc?
The cronjob is randomized as we used to do it at 1:25am but had the unintentional side-effect of DDOS'ing the blacklist file provider due to Skynet's large userbase slamming the server at the same time.
 

bengalih

Regular Contributor
I can't say I've ever seen any connection drops etc when there is high CPU usage. Is this something you can reproduce by manually running the process?
Well, I'm able to reproduce the high CPU usage, but after a few runs it did not interrupt my network connection (apart from speed, but my WAN connection didn't drop). Not sure, there could be other factors.
 

Rhialto

Regular Contributor
The cronjob is randomized as we used to do it at 1:25am but had the unintentional side-effect of DDOS'ing the blacklist file provider due to Skynet's large userbase slamming the server at the same time.
Is it still limited to happen in the night though so we don't notice slowdown in the day? I ask because I have no idea when it happens but my sons sometimes yell at me in the evening like if the internet was bad, maybe that could explain it.
 

TonyK132

Senior Member
Adamm - When sitting on the status page in the GUI, it looks like it does not timeout like the rest of the pages in the GUI. I was on that page when I shut down my PC last night, then this morning, I went to the GUI and it was still on that page rather than have me log in.
 

jsbeddow

Senior Member
Adamm - When sitting on the status page in the GUI, it looks like it does not timeout like the rest of the pages in the GUI. I was on that page when I shut down my PC last night, then this morning, I went to the GUI and it was still on that page rather than have me log in.
@RMerlin has mentioned (about a month ago in one thread, not sure where) that certain pages are exempt from the normal logout/timeout restrictions. Apparently those that are meant for monitoring (like the one you are referring to).
 

TonyK132

Senior Member
Ah, OK, thanks. Never mind!!
 

Adamm

Part of the Furniture
Yesterday or the day before, banmalware IP list dropped from ~300.000 to ~72.000 IPs.
Why?
Alienvault for whatever reason dropped 268,000 IP's off their list;

 

dave14305

Part of the Furniture
Alienvault for whatever reason dropped 268,000 IP's off their list;

Maybe they reached their post limit and have to start another new list? :)
 

Adamm

Part of the Furniture
Maybe they reached their post limit and have to start another new list? :)
Thanks for making me look like a moron at gym spitting out my water. You win the internet today
 

Adamm

Part of the Furniture
Attention Skynet Users!

Unfortunately the future of Skynet is in doubt. As you may or may not be aware, there have been discussions in place that will effectively kill off many of the addons that we all use on a day to day basis. If you use Skynet or any other script let your opinion be known here.


Assuming these changes go ahead on November 1st, the future of Skynet will go in one of two directions;


1) We will be moving to a more inclusive platform (Whirlpool or LTT Forums being strong candidates, but I'm open to suggestions)
2) The project (along with all the others I am involved in) will be ended all-together and no longer receive any updates/support.


I have not decided on which coarse of action will be taken as the whole situation has been quite demotivating and a bit of a slap in the face. But I still have hope that cooler heads will prevail and this decision will be reversed and we can all get on with building the community rather then trying to tear it down.

So I ask all users let your opinions be head, as individuals we can be ignored but as a community we have a voice.

-------------------------------------------------------------------------------------------------------------------------------------------
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top