Skip to content

Home

Jump to bottom Edit New page
Adamm00 edited this page Jan 11, 2018 · 10 revisions

This is the official Wiki/documentation for Skynet, a firewall addition designed for Asus routers.

Note: As with any Wiki, this documentation is a constant work-in-progress. Most of the content is contributed by the community - anyone with a Github account can edit it.

Common Issues

Lock File Detected

This warning should generally disappear within 60 seconds. Skynet has a built in lockfile system to prevent certain functions and commands interfering with each-other and causing race conditions.



Application.exe or Website.com Is Blocked

Don't worry, tracking down false positive bans was at the core of design. Generally speaking you can follow these steps to find (and unban) anything incorrectly on your Blacklist!

  1. Enable Debug Mode via the installer;

sh /jffs/scripts/firewall install


  1. Open the blocked application/website and use the command;

sh /jffs/scripts/firewall debug watch


  1. Now look for a flood of [BLOCKED - OUTBOUND] coming from the same IP. This most likely will be the IP you are looking for if its being spammed in large numbers.

  1. Copy the IP following "DST=" it should look something like this;

DST=175.115.37.52


  1. Double check the IP is not actually something that should be banned, use a search tool like alienvault.

https://otx.alienvault.com/indicator/ip/175.115.37.52/


  1. Great we have confirmed we found the IP of the blocked website/application we are looking for, lets whitelist it!

sh /jffs/scripts/firewall whitelist ip 175.115.37.52



AB-Solution Plus Content Failed

In recent versions AB-Solution and Skynet have been working together for better integration. Skynet now offloads some malware website blocking to AB-Solution to prevent false positives from sites based on shared hosting where IP based blocking may cause false positives.

To remove this error and enable "Plus Content", under the "b" option in AB-Solution select the option "Use additional hosts files"



NTP Failed To Start

Skynet relies on NTP starting on boot for accurate logging, in the event NTP fails to start in the first 5 minutes of the boot process, Skynet will abort startup.



IPSet Version Not Supported

Skynet relies on features from IPSet v6.x This means unfortunately any devices older then the AC56U are not supported as they use an older kernel which doesn't support IPSet v6.x



IPSet Extensions Not Enabled

Skynet relies on IPSet functionality in Merlin-WRT and Johns fork that was added around August 2017, that means the minimum supported versions are 380.68 / V26E3 respectively.

Add a custom footer
Add a custom sidebar
Clone this wiki locally