system toolbox » router

napravio friške backupe

root@router-wan-sa-1:/mnt/1# tar cf /tmp/router-wan-sa-1_mnt_1.tar .
root@router-wan-sa-1:/# tar cf /tmp/router-wan-sa-1_etc.tar etc

kopiram na ifold backup_etc-a

bjasko@n-book-bjasko-1:~/Desktop/wrt$ scp router-wan-sa-1_etc.tar root@ifold:/var/www/init_etc.tar

root@ifold's password: 
router-wan-sa-1_etc.tar                                                                                100%  237KB 236.5KB/s   00:00 

testirao skidanje ...OK

bjasko@n-book-bjasko-1:~/Desktop/wrt$ wget http://192.168.45.4/init_etc.tar

--14:45:10--  http://192.168.45.4/init_etc.tar
           => `init_etc.tar'
Connecting to 192.168.45.4:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 242,176 (236K) [application/x-tar]

100%[=============================================================================================>] 242,176       --.--K/s             

14:45:11 (2.69 MB/s) - `init_etc.tar' saved [242176/242176]

pokušao flashovati sa atftp-om ali neide

bjasko@n-book-bjasko-1:~/Desktop/wrt$ atftp

tftp> connect 192.168.1.1
tftp> mode octet
tftp> trace
Trace mode on.
tftp> put openwrt-wrt54g-v2-squashfs-1.bin 

greška

sent WRQ <file: openwrt-wrt54g-v2-squashfs-1.bin, mode: octet <>>
source port mismatch, check bypassedtftp: unknown error.

pokušao isto iz webifa ali !OK kaže done ali se ništa ne desi

trx je zato prošao

u logu vidim da traži 192.168.1.77 to je onda OK

Jan  1 00:00:34 OpenWrt user.info kernel: mini_fo: using base directory: /
Jan  1 00:00:34 OpenWrt user.info kernel: mini_fo: using storage directory: /jffs
Jan  1 00:00:35 OpenWrt user.info '': Connecting to 192.168.1.77 (192.168.1.77:80)
Jan  1 00:00:38 OpenWrt user.info '': wget: cannot connect to remote host (192.168.1.77): No route to host
Jan  1 00:00:59 OpenWrt authpriv.info dropbear[505]: Running in background
Jan  1 00:01:10 OpenWrt auth.info passwd: Password for root changed by root

setovao IP adresu ifolda

root@ifold:~# ip addr add 192.168.1.77/24 dev eth1

instalirao novi trx

root@OpenWrt:/tmp# mtd -r write openwrt-brcm-2.4-v2-squashfs-1.trx linux

Unlocking linux ...
Writing from openwrt-brcm-2.4-v2-squashfs-1.trx to linux ...  [w]
Rebooting ...
Connection to 192.168.1.1 closed by remote host.
Connection to 192.168.1.1 closed.

testiram proceduru na ifoldu vidim pristup routera

root@ifold:~# tail -f /var/log/apache2/access.log

192.168.1.1 - - [27/Mar/2009:17:13:18 +0100] "GET /init_etc.tar HTTP/1.0" 200 242176 "-" "Wget/1.11.4" 

uspješno je restore odrađen, zamjenjen router odmah pri ulasku vidio da mrežni mount !OK

root@router-wan-sa-1:/mnt# /etc/init.d/init-b-out-ba restart

umount: cannot umount /mnt/1: No such file or directory

napravio ga

root@router-wan-sa-1:/mnt# mkdir 1
root@router-wan-sa-1:/mnt# /etc/init.d/init-b-out-ba restart

umount: cannot umount /mnt/1: Invalid argument

Host '192.168.45.14' key accepted unconditionally.
(fingerprint md5 96:4f:2d:51:bf:61:21:4f:97:ab:35:d5:61:bd:bf:91)
cfg02f872
Plugin rp-pppoe.so loaded.

također wifi !OK

hernad se sjeti da je to do hw adrese sada je se mac izmjenio i narawno da wds odbija nas

 Link encap:Ethernet  HWaddr 00:1D:7E:55:27:97 

root@router-wan-sa-1:~# cat /etc/config/wireless

config 'wifi-device' 'wl0'
    option 'type' 'broadcom'
    option 'channel' '1'
    option 'disabled' '0'

config 'wifi-iface'
    option 'device' 'wl0'
    option 'network' 'lan'
    option 'mode' 'ap'
    option 'ssid' 'sc_office_sa'
    option 'encryption' 'wep'
    option 'hidden' '0'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

config 'wifi-iface'
    option 'device' 'wl0'
    option 'mode' 'wds'
    option 'ssid' 'sc_office_sa'
    option 'hidden' '0'
    option 'encryption' 'wep'
    option 'network' 'lan'
    option 'bssid' '00:1a:70:46:a9:29'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

config 'wifi-iface'
    option 'device' 'wl0'
    option 'mode' 'wds'
    option 'ssid' 'sc_office_sa'
    option 'hidden' '0'
    option 'encryption' 'wep'
    option 'network' 'lan'
    option 'bssid' '00:13:10:43:88:c1'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

root@router-wifi-sa-2:~# cat /etc/config/wireless

config 'wifi-device' 'wl0'
    option 'type' 'broadcom'
    option 'channel' '1'
    option 'disabled' '0'

config 'wifi-iface'
    option 'device' 'wl0'
    option 'network' 'lan'
    option 'mode' 'ap'
    option 'ssid' 'sc_office_sa'
    option 'encryption' 'wep'
    option 'hidden' '0'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

config 'wifi-iface'
    option 'device' 'wl0'
    option 'mode' 'wds'
    option 'ssid' 'sc_office_sa'
    option 'hidden' '0'
    option 'encryption' 'wep'
    option 'network' 'lan'
    option 'bssid' '00:1d:7e:55:69:5e'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

podesio na wifi-sa-2 wds za novi router i onda je progulilo

root@router-wifi-sa-2:~# vi /etc/config/wireless

config 'wifi-iface'
    option 'device' 'wl0'
    option 'mode' 'wds'
    option 'ssid' 'sc_office_sa'
    option 'hidden' '0'
    option 'encryption' 'wep'
    option 'network' 'lan'
    option 'bssid' '00:1D:7E:55:27:97'
    option 'isolate' '0'
    option 'bgscan' '0'
    option 'wds' '0'
    option 'key' '1'
    option 'key1' 'eed848d83a'
    option 'macpolicy' 'none'

mora se potvrditi i fingerprint za ns.out.ba

root@router-wan-sa-1:/tmp/refresh_ip# /etc/refresh_ip.sh

cat: can't open 'last_ip.txt': No such file or directory

ip   = 89.146.133.25
restarting name server

Host '128.177.28.71' is not in the trusted hosts file.
(fingerprint md5 35:52:bf:aa:74:dc:7b:97:9d:01:6c:c4:93:c6:4d:7e)
Do you want to continue connecting? (y/n) yes
tmp.zone                                                                                               100%  184     0.2KB/s   00:00    
feedback=_2_

jošjedna zezancija iako se refresh_ip odvrti refresh zone se ne desi

root@router-wan-sa-1:/tmp/refresh_ip# /etc/refresh_ip.sh

ip   = 89.146.133.25
restarting name server
tmp.zone                                                                                               100%  184     0.2KB/s   00:00    
feedback=_2_

tmp.zone se nefiluje dobro ????

root@router-wan-sa-1:/tmp/refresh_ip# cat tmp.zone

$TTL 60   
@       IN SOA     @   root (
                       0903271717
                       60
                       20
                       3W12h
                       10 )

preko vikenda stigao info da je bug još uvijek tu a mi zbog njega i radimo ovo

Comment(by jakabin@gmail.com):

 13840 did not fix. Still the same ugly bug.
 7.09 - 8.09 - Latest trunk = All bugged

hernad je jutros pripremio novi firmware
bjasko@n-book-bjasko-1:~$ scp openwrt-brcm-2.4-v2-squashfs-2.trx root@192.168.45.254:/tmp

root@192.168.45.254's password: 
openwrt-brcm-2.4-v2-squashfs-2.trx                                                                     100% 3204KB 640.8KB/s   00:05   

isti je ubačen

root@router-wan-sa-1:/tmp# mtd -r write openwrt-brcm-2.4-v2-squashfs-2.trx linux

Unlocking linux ...
Writing from openwrt-brcm-2.4-v2-squashfs-2.trx to linux ...  [w]
Rebooting ...
Connection to 192.168.45.254 closed by remote host.

sklanjam zonu da je imamo kada pukne rrefresh_ip

[root@ernadh named]# cat sigma-com.net.zone

$TTL 60   
@       IN SOA     @   root (
                       0903300658
                       60
                       20
                       3W12h
                       10 )
  MX     10 aspmx.l.google.com.
  MX     20 alt1.aspmx.l.google.com.
  MX     20 alt2.aspmx.l.google.com.
  MX     30 aspmx2.googlemail.com.
  MX     30 aspmx3.googlemail.com.
  MX     30 aspmx4.googlemail.com.
  MX     30 aspmx5.googlemail.com.
  IN NS     ns.out.ba.
  IN NS     ns-2.out.ba.
mail-50 IN A 209.40.203.155
officesa IN A 89.146.164.120
adsl IN A 89.146.164.120
dev-infra-2 CNAME officesa
mail-10 CNAME dev-infra-2
java-infra-2 CNAME officesa
zimbra CNAME officesa
web-1 CNAME dev-infra-2
blogs CNAME web-1
forums CNAME web-1
www CNAME web-1
web-146 CNAME web-1
. CNAME officesa
jabber CNAME java-infra-2
openvpn CNAME officesa
masine CNAME web-1
www.masine CNAME web-1
repos CNAME web-1
trac CNAME web-1
svn CNAME dev-infra-2
openwrt CNAME dev-infra-2
mail CNAME mail-10
git CNAME web-1
git.masine CNAME web-1
internet CNAME officesa
googleffffffffb5479730 CNAME google.com.
mail-gw-10 CNAME officesa

odrađen restart i router pokupio sa ifolda tar etc-a

192.168.1.1 - - [30/Mar/2009:13:43:03 +0200] "GET /init_etc.tar HTTP/1.0" 200 242176 "-" "Wget/1.11.4" 

nakon restore routera ništa !OK boot lampica treperi i nikako se ne podiže sistem

heh router se pretvorio u ciglu

tftp sa linux-a neide

root@n-book-bjasko-1:~# tftp 192.168.1.1 
tftp> mode octet
tftp> trace
Packet tracing on.
tftp> put openwrt-brcm-2.4-v2-squashfs-2.trx
sent WRQ <file=openwrt-brcm-2.4-v2-squashfs-2.trx, mode=octet>
sent WRQ <file=openwrt-brcm-2.4-v2-squashfs-2.trx, mode=octet>

stavio router u bootwait dakle sada čeka na tftp na 192.168.1.1 (nakon paljenja cca 3 sec pritisnuti reset dugme i pustiti )

pokušao i sa windozeta ...!OK timeout javlja

na kraju ispio uči u failsafe prići mu sa telnetom te wgetom sa ifolda skinuo opet firmware i odradio flash

root@(none):/# cd ..

root@(none):/# cd /tmp/

root@(none):/tmp# wget http://192.168.1.77/openwrt-brcm-2.4-v2-squashfs-2.trx

--2000-01-01 00:05:44--  http://192.168.1.77/openwrt-brcm-2.4-v2-squashfs-2.trx

Connecting to 192.168.1.77:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 3280896 (3.1M) [text/plain]

Saving to: `openwrt-brcm-2.4-v2-squashfs-2.trx'

100%[======================================>] 3,280,896   2.78M/s   in 1.1s

2000-01-01 00:05:45 (2.78 MB/s) - `openwrt-brcm-2.4-v2-squashfs-2.trx' saved [32

80896/3280896]

root@(none):/tmp#

pa ga ponovo flasham

root@(none):/tmp# mtd -r write openwrt-brcm-2.4-v2-squashfs-2.trx linux

Unlocking linux ...

Writing from openwrt-brcm-2.4-v2-squashfs-2.trx to linux ...  [w]

Rebooting ...

e sad možemo opet ispočetka router je na 192.168.1.1 dali ga opet pustiti u recovery ???

evo stanje fs-a sada
root@OpenWrt:~# df -h

Filesystem                Size      Used Available Use% Mounted on
rootfs                    2.6M      2.6M         0 100% /
/dev/root                 2.6M      2.6M         0 100% /rom
tmpfs                     7.0M    108.0k      6.9M   2% /tmp
mini_fo:/tmp/root         2.6M      2.6M         0 100% /tmp/root
/dev/mtdblock/4         640.0k    336.0k    304.0k  53% /jffs
mini_fo:/jffs             2.6M      2.6M         0 100% /

odradili ponovo i opet se router zblaznio idemo opet sada jedno po jedno

testirao fw skriptu, ona radi ali izbacuje neke greške ali ne resetuje router

root@OpenWrt:/tmp# ./router-wan-sa-1.fw

Device "ppp0" does not exist.
Device "ppp1" does not exist.
Activating firewall script generated Fri Oct 31 14:28:36 2008  by hernad
Rule 0 (NAT)
Rule 1 (NAT)
Rule 2 (NAT)
Rule 3 (NAT)
Rule 4 (NAT)
Rule 5 (NAT)
Rule 6 (NAT)
Rule 7 (NAT)
Rule 8 (NAT)
Rule 9 (NAT)
Rule 10 (NAT)
Rule 11 (NAT)
Rule 12 (NAT)
Rule 13 (NAT)
Rule 14 (NAT)
Rule 15 (NAT)
Rule 16 (NAT)
Rule 17 (NAT)
Rule 18 (NAT)
Rule 19 (NAT)
Rule 0 (br-lan)
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Rule 1 (lo)
Rule 2 (ppp0)
Rule 3 (global)
Rule 4 (br-lan)
Rule 5 (ppp0)
Rule 7 (ppp0)
Rule 8 (ppp0)
Rule 9 (ppp0)
Rule 10 (ppp0)
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Rule 11 (ppp1)
Rule 12 (global)
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
iptables: Invalid argument
Rule 13 (global)
iptables: Invalid argument
iptables: Invalid argument
Rule 14 (global)
iptables: Invalid argument
iptables: Invalid argument
Rule 16 (global)
iptables: Invalid argument
Rule 17 (global)
Rule 18 (global)
Rule 19 (global)
Rule 20 (global)

mislim da je bolje da se ide sa podeševanje servis astep by step kao kod inicijelnog štimanja tako ćemo vidjeti lakše gdje puca nego da vadimo iz ovog backup-a, jer može biti milion stavari od privilegija pa dalje.

• uključiš u struju
• 3 sekunde sačekaš
• 5 sekundi držiš reset
• dmz trepti kad je u failsafe režimu

• uključiš u struju
• 1-2 sekunde sačekaš
• držiš reset dok se ne uplali dmz
• pustiš reset
• dmz trepti kad je u failsafe režimu