Menu
What's new
By:
Filters Better Search

Skynet Source LAN IP for outbound IP blocked by SkyNet

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

B

buzzy

Occasional Visitor
How do I find the local source LAN IPs for outbound IP addresses that are blocked by Diversion Skynet? Basically, whodunnit? I have SkyNet and local Pi-Hole running, but not Diversion. In looking at the top 10 Blocks (Outbound) list in SkyNet, I see the IP addresses and the AlienVault information, but I want to trace it back to my LAN to see which device is trying to reach out to these blocked IPs? It doesn't seem to appear in Pi-Hole but maybe I am not sure how to query it because it only shows domain (non-IP) entries.

Bonus question: if I can figure it out that it's a specific Windows device, is there any particular log in Windows that helps me determine which application is trying to reach these blocked IPs?
 
Last edited:
How are Diversion and Pi-Hole both blocking? I’m confused. Where do you actually see the blocks?
 
You want to know the source IP addresses being blocked by Diversion but you're not running Diversion. :confused:
 
dave14305 said:
How are Diversion and Pi-Hole both blocking? I’m confused. Where do you actually see the blocks?
Click to expand...
Sorry, I meant Skynet. I am not using Diversion. Pi-Hole is just doing it's usual duties as DNS Server to block ads etc., even though it's somewhat of an overlap with SkyNet. DNS does keep great logs of logs, but only the domain names, but not the actual IP addresses, as far as I know.
 
If Skynet is blocking, you can see stats by running
Code: 
firewall stats search ip 12.34.56.78
where the IP would be the destination IP you see being blocked.
 
dave14305 said:
If Skynet is blocking, you can see stats by running
Code: 
firewall stats search ip 12.34.56.78
where the IP would be the destination IP you see being blocked.
Click to expand...
Awesome! This is exactly what I was looking for, thanks!

As a minor note, the section titles (in red) state "10 Most Recent Blocks From x.x.x.x", etc, rather than something like " ... Outgoing Blocks To x.x.x.x". Again, very minor.
 
You must log in or register to reply here.

Similar threads

B
Skynet Outbound blocks
Replies
1
Views
472
BeachGuy
B
K
Skynet No data to display for only outbound?
Replies
5
Views
373
Ripshod
Ripshod
J
Skynet Skynet - Blocked outbounds coming from the router itself?
Replies
12
Views
903
JuanGF
J
P
Skynet Skynet logs of VPN(wireguard) clients
Replies
14
Views
1K
peterpan
P
T
Skynet Device is still blocked by Skynet even after uninstalling (Resolved)
Replies
1
Views
473
TheMan6888
T
Similar threads
Thread starter Title Forum Replies Date
badaz LAN - DHCP - prevent auto DoH? Asuswrt-Merlin AddOns 5
T Make IoT devices on one-way-to-guest YazFi VLANs discoverable on main LAN Asuswrt-Merlin AddOns 8
K Skynet No data to display for only outbound? Asuswrt-Merlin AddOns 5
N Skynet SkyNet/Firewall blocking all ping requests, including outbound Asuswrt-Merlin AddOns 6
B Skynet Outbound blocks Asuswrt-Merlin AddOns 1
A [SOLVED] Turned off outbound filtering and qos for upload still incredibly slow upload speeds? Asuswrt-Merlin AddOns 24
P Skynet Hundreds of Outbound Blocks from Pi-hole Asuswrt-Merlin AddOns 12

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 656 (members: 16, guests: 640)
Top