Twiglets
Senior Member
Thanks, I know it is old and out of date *but* it has been working well.
Probably time to upgrade !!!
Skynet Skynet - Router Firewall & Security Enhancements
Probably time to upgrade !!!
Thanks, I know it is old and out of date *but* it has been working well.
Probably time to upgrade !!!
If you follow the instructions on this thread your 56u will basically become a 68u, with 2 less wireless channels, then try Skynet again.
https://www.snbforums.com/threads/aimesh-on-rt-ac56u.55732/
Twiglets
Senior Member
Thanks, but do not think I can risk 'killing' my *only* router
I will look for a new router when the next offers/specials etc are advertised.
bitmonster
Senior Member
Is there any way to get some sort of graphical or parsed Skynet report eg types of scans, countries etc..
Adamm
Part of the Furniture
The stats command(s) is the best way to get an overlook of whats being blocked. Nothing too fancy graphically though as my web development skills aren't up to the high standard I try keep Skynet at
Code:
sh /jffs/scripts/firewall statsYou can find other variations of the command in the readme for other ways to manipulate the data
bluepoint
Very Senior Member
@Adamm Is it normal for the Malware blacklist to drop by a lot? See line 2 when it auto updated(225s) this morning and line 3 when I manually updated it. This mostly happens on weekends.
Code:
Nov 2 07:00:02 Skynet: [#] 128239 IPs (+0) -- 1681 Ranges Banned (+0) || 11053 Inbound -- 14 Outbound Connections Blocked! [save] [2s]
Nov 2 07:28:45 Skynet: [#] 73604 IPs (-54635) -- 1659 Ranges Banned (-22) || 11130 Inbound -- 14 Outbound Connections Blocked! [banmalware] [225s]
Nov 2 08:42:07 Skynet: [#] 127462 IPs (+53858) -- 1648 Ranges Banned (-11) || 11355 Inbound -- 14 Outbound Connections Blocked! [banmalware] [13s]Adamm
Part of the Furniture
Judging by the runtime (255 seconds) a list probably failed to download a list for whatever reason. Nothing to worry about as it will redownload the list on the next run weather that be daily or weekly.
Whats the difference between connections being blocked that show a local IP address and connections that show the public IP? Should all be local IP? How do I identify what is the local IP?
Nov 2 17:29:31 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=176.61.XX.XXX DST=112.3.8.79 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=44764 DF PROTO=UDP SPT=51499 DPT=41117 LEN=66
17:29:21 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=0c:9d:92:49:49:60:7c:dd:90:e2:10:06:08:00 SRC=192.168.1.21 DST=115.28.209.120 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=26267 DF PROTO=TCP SPT=35683 DPT=36 SEQ=3602249979
Nov 2 17:29:31 kernel: [BLOCKED - OUTBOUND] IN= OUT=eth0 SRC=176.61.XX.XXX DST=112.3.8.79 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=44764 DF PROTO=UDP SPT=51499 DPT=41117 LEN=66
17:29:21 kernel: [BLOCKED - OUTBOUND] IN=br0 OUT= MAC=0c:9d:92:49:49:60:7c:dd:90:e2:10:06:08:00 SRC=192.168.1.21 DST=115.28.209.120 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=26267 DF PROTO=TCP SPT=35683 DPT=36 SEQ=3602249979
dave14305
Part of the Furniture
The one that shows your WAN IP as the source is coming from the router itself, not a client behind the router.
keef
Senior Member
Adamm. I noticed on Skynet today that since I corrected the menu (site check) problem Skynet reports blocking no inbound or outbound IP's. To get the network to work I had to define the DNS and not just load it from my ISP. Forward local domain queries to upstream DNS is set to N.
I cannot manually ban a site, it is still accessible. I cannot do too much right now on the network since the household is up and busy online as usual.
I should ad I am using PIA with OpenVPN.
Do you know where I can start to look to resolve this?
thanks
I cannot manually ban a site, it is still accessible. I cannot do too much right now on the network since the household is up and busy online as usual.
I should ad I am using PIA with OpenVPN.
Do you know where I can start to look to resolve this?
thanks
Last edited:
Adamm
Part of the Furniture
Mind elaborating on your network setup and what your trying to achieve? Plus the output of;
Code:
sh /jffs/scripts/firewall debug infokeef
Senior Member
Thanks for getting back to me.
I have an Asus AC3100 running Merlin 384.13.
From within Linux I cannot copy the output screen of the command using Putty. Nothing is copied to the buffer. I was able to print the output to a file however I cannot attach the file to a message. This is not working out well. I'll figure something out eventually.
I have an Asus AC3100 running Merlin 384.13.
From within Linux I cannot copy the output screen of the command using Putty. Nothing is copied to the buffer. I was able to print the output to a file however I cannot attach the file to a message. This is not working out well. I'll figure something out eventually.
Adamm
Part of the Furniture
Skynet seems to be working correctly, your issue is most likely that you are running a double NAT setup judging by your IP (10.0.0.125). I suggest putting your ISP modem in bridge mode.
keef
Senior Member
Adamm. The funny thing is we got the new ISP router/modem about 3 months ago. Although with no user intervention Skynet just sits quietly and works, I'm surprised I did not notice this until now.
I did make a big change a few weeks ago. I changed from Astrill VPN to PIA and OpenVPN.
I will have to check with Rogers the repercussions of putting it in bridge mode. I have two TV's that connect to it with no difficulties. I also have a unmanaged switch that my PC and a plugs into. Maybe that messes things up? I may start there.
thanks
I did make a big change a few weeks ago. I changed from Astrill VPN to PIA and OpenVPN.
I will have to check with Rogers the repercussions of putting it in bridge mode. I have two TV's that connect to it with no difficulties. I also have a unmanaged switch that my PC and a plugs into. Maybe that messes things up? I may start there.
thanks
Last edited:
Adamm
Part of the Furniture
Bridge mode essentially makes it so your ISP modem handles just the “modem” side of things and allows your Asus router to handle all wireless/lan connectivity. This is the recommended setup in almost every scenario.
keef
Senior Member
Well as you knew Adamm, eliminating the switch did nothing. I had the old Rogers setup in bridge mode and it worked fine. When the tech installed this new device I asked about putting it in bridge mode, and he said it was unnecessary now and I knew very little to debate him on that.
We had TV service from another ISP that was a nightmare, it used bridge mode and I'm hoping the problems were on their end. No surprise really, they never really admitted a thing.
Now to call Rogers. I am hoping that if I have to go back to regular modem (router/modem) the current settings will have been saved. Based on the last experience all the household here wants is to turn on the tv and watch a show with no messing around.
here we go.....
We had TV service from another ISP that was a nightmare, it used bridge mode and I'm hoping the problems were on their end. No surprise really, they never really admitted a thing.
Now to call Rogers. I am hoping that if I have to go back to regular modem (router/modem) the current settings will have been saved. Based on the last experience all the household here wants is to turn on the tv and watch a show with no messing around.
here we go.....
Adamm
Part of the Furniture
Assuming your Asus device is in "Router" mode it should seamlessly switch over (although a reboot after is probably a good idea). To confirm everything is working once the switch over happens, your Asus device will display your public IP on the main page rather then the current 10.0.0.x address.
@keef are you running the new Ignite TV service now? If so, you can switch the modem to Bridge mode, but, that's not supported by Rogers. It does work, however, if you have any problems, you need to return to Gateway mode in order for Tech Support to do any troubleshooting. If you have problems with the modem/router combo, post a question in the Rogers forum. That will usually draw a response, but, if the issue if caused by the VPN, you might be on your own.
Similar threads
Similar threads
Similar threads
-
Skynet Installing Skynet causes router to crash and reboot
- Started by ovancantfort
- Replies: 26
-
Diversion Diversion & Skynet Missing on GUI after Router Reboot.- Started by cofetym
- Replies: 7
-
Solved Skynet running slow with install/update issues from AMTM?- Started by John Fitzgerald
- Replies: 10
-
Skynet Source LAN IP for outbound IP blocked by SkyNet
- Started by buzzy
- Replies: 8
-
-
-
Send stats Division and Skynet to webhook or mqtt
- Started by poudenes
- Replies: 0
-
-
-
Skynet show inbound block on Digital TV Vlan300
- Started by poudenes
- Replies: 4