Skynet Skynet - Router Firewall & Security Enhancements

[skeal]

Was redoing my router and got around to adding Skynet back...

Is there any way to have the installer not ask to make a swap file when there already is one?

How did you setup your swap? File or partition?

 

[skeal]

Skynet is the script that requires a swap file. Diversion and Dnscrypt don't require one to operate.

 

[unsynaps]

File.

 

[skeal]

Again how was your swap file setup. Did you use Diversion or AMTM or did you create it your self?

 

[skeal]

If you see the file in AMTM remove it. Re-install Skynet and have Skynet recreate your swap file.

 

[unsynaps]

Self created.

# create swap partition
if ! [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Creating swap."
    dd if=/dev/zero of=/mnt/mpu_storage/swap bs=1024 count=1048576
    mkswap /mnt/mpu_storage/swap
fi

# enable swap partition
if [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Turning swap on."
    swapon /mnt/mpu_storage/swap
    echo 10 > /proc/sys/vm/swappiness
fi

 

[skeal]

Self created.

# create swap partition
if ! [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Creating swap."
    dd if=/dev/zero of=/mnt/mpu_storage/swap bs=1024 count=1048576
    mkswap /mnt/mpu_storage/swap
fi

# enable swap partition
if [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Turning swap on."
    swapon /mnt/mpu_storage/swap
    echo 10 > /proc/sys/vm/swappiness
fi

Remove yours and let Skynet set one up. Quickest easiest fix.

 

[jsbeddow]

Self created.

# create swap partition
if ! [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Creating swap."
    dd if=/dev/zero of=/mnt/mpu_storage/swap bs=1024 count=1048576
    mkswap /mnt/mpu_storage/swap
fi

# enable swap partition
if [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Turning swap on."
    swapon /mnt/mpu_storage/swap
    echo 10 > /proc/sys/vm/swappiness
fi

Doesn't your code create a swap partition, when what you need here is a swap file?

 

[skeal]

File.

Oh and by the way you don't have a swap file, the info you shared above is for a swap partition. By the way for recommended size of swap file use your routers memory size as a guide. For instance mine is 512 meg. I don't know anyone that can justify the use of a 2gig swap file, on these routers. Not even with transmission.

 

[unsynaps]

Found the issue.

Whatever detection code is in the firewall script to see if there is a swap drive it does not like a tab being before 'swapon' in post-mount.

This works.

# enable swap partition
if [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Turning swap on."
swapon /mnt/mpu_storage/swap
    echo 10 > /proc/sys/vm/swappiness
fi

This does not.

# enable swap partition
if [ -f /mnt/mpu_storage/swap ]; then
    logger -t CustomScript:$FILENAME "Turning swap on."
    swapon /mnt/mpu_storage/swap
    echo 10 > /proc/sys/vm/swappiness
fi

 

[Adamm]

Whatever detection code is in the firewall script to see if there is a swap drive it does not like a tab being before 'swapon' in post-mount

I'm a bit late to the party. Off the top of my head the regex is something like '^swapon.*$' so the spaces are interfering with the "standardized" regex detection methods of swap files (Skynet also detects swap partitions on limited support basis).

 

[Adamm]

Hi, my router sometimes loses track of routes to external IP addresses that are specified in a VPN client. If I restart the VPN client it doesn't fix the problem but if I also restart Skynet then it seems to come good.

Here's two consecutive entries from the log:

Jan  4 04:04:32 Skynet: [#] 130799 IPs (-22566) -- 1654 Ranges Banned (+0) || 0 Inbound -- 0 Outbound Connections Blocked! [start] [78s]
Jan  4 05:00:04 Skynet: [#] 51231 IPs (-79568) -- 0 Ranges Banned (-1654) || 52 Inbound -- 0 Outbound Connections Blocked! [save] [4s]

My router was set to reboot at 4am and that all looked fine in the log. Skynet seems to start itself up just fine but an hour later lost a bunch of the blocked addresses and all the ranges.

Running current versions of Skynet and Merlin 384.8 on an RT-AC68U (genuine). Thanks for any ideas.

Going off the information provided, I think your problem is elsewhere and you are just seeing side-effects via Skynet.

The startup process should only take around 20s, I'd start your investigation at boot time to see whats going on with your setup.

 

[Eric22]

How can I disable/enable Skynet temporarily?
What I do at the moment is to use option 9 to disable it (it does not change to enable in the menu) and then use option 8 to restart it. Is that the right way to do it?

 

[martinr]

How can I disable/enable Skynet temporarily?
What I do at the moment is to use option 9 to disable it (it does not change to enable in the menu) and then use option 8 to restart it. Is that the right way to do it?

That’s exactly what I have done. Fairly quick and simple.

 

[Adamm]

How can I disable/enable Skynet temporarily?
What I do at the moment is to use option 9 to disable it (it does not change to enable in the menu) and then use option 8 to restart it. Is that the right way to do it?

Thats correct.

 

[Descartes]

Members,

Is there a way to easily export the Skynet firewall stats report so one can easily click on the http references in the report to go directly to the link to view source of attach information? If available, it would make it easier than copy/pasting the entries.

Thanks.

 

[Skeptical.me]

Does Skynet, when blocking, include the very invasive Trend Micro servers?


Sent from my iPhone using Tapatalk Pro

 

[Adamm]

Members,

Is there a way to easily export the Skynet firewall stats report so one can easily click on the http references in the report to go directly to the link to view source of attach information? If available, it would make it easier than copy/pasting the entries.

Thanks.

Terminals like Xshell allow this functionality.

Does Skynet, when blocking, include the very invasive Trend Micro servers?


Sent from my iPhone using Tapatalk Pro

By default no.

 

[Skeptical.me]

Terminals like Xshell allow this functionality.



By default no.

In Skynet where would I enter these addresses to block them?

fbsv1.trendmicro.com

fbsv2.trendmicro.com

ntd-asus-2014b-en.fbs20.trendmicro.com

gslb1.fbs.trendmicro.com.akadns.net

rgom10-en.url.trendmicro.com

trendmicro.com.edgesuite.net

slb1.fbs.trendmicro.com.akadns.net

activeupdate.trendmicro.co.jp

backup21.url.trendmicro.com

wrs.trendmicro.com

e5110.dscd.akamaiedge.net

dlcdnets.asus.com

wideip-dlcdnets.isoi.asia

dlcdnets-ds.asus.com.edgekey.net

 

[Adamm]

In Skynet where would I enter these addresses to block them?

fbsv1.trendmicro.com

fbsv2.trendmicro.com

ntd-asus-2014b-en.fbs20.trendmicro.com

gslb1.fbs.trendmicro.com.akadns.net

rgom10-en.url.trendmicro.com

trendmicro.com.edgesuite.net

slb1.fbs.trendmicro.com.akadns.net

activeupdate.trendmicro.co.jp

backup21.url.trendmicro.com

wrs.trendmicro.com

e5110.dscd.akamaiedge.net

dlcdnets.asus.com

wideip-dlcdnets.isoi.asia

dlcdnets-ds.asus.com.edgekey.net

( sh /jffs/scripts/firewall ban domain google.com ) This Bans the URL Specified