ShellMode

HowTo Configurazione AirOS in shell mode

for firmware AirOs 5.3.3 sdk

Apriamo una shell ed entriamo nel device

ssh root@IP_DEL_DEVICE

Using username "root".
Authenticating with public key "localhost@localdomain"


BusyBox v1.11.2 (2011-12-21 20:31:59 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

XM.v5.3.3.sdk#

Quindi andiamo ora a vedere come è fatto il nostro file di configurazione digitando

XM.v5.3.3.sdk# vi /tmp/system.cfg

ed iniziamo ad editarlo.

In questa prima sezione non è necessario apportare modifiche, ma la incollo per conoscenza

aaa.1.status=disabled
aaa.status=disabled
bridge.1.devname=br0
bridge.1.fd=1
bridge.1.port.1.devname=eth0
bridge.1.port.1.status=enabled
bridge.1.port.2.devname=ath0
bridge.1.port.2.status=enabled
bridge.1.port.3.devname=eth1
bridge.1.port.3.status=enabled
bridge.status=disabled
dhcpc.1.devname=br0
dhcpc.1.status=disabled
dhcpc.status=disabled
dhcpd.1.status=disabled
dhcpd.status=disabled
dnsmasq.1.devname=eth0
dnsmasq.1.status=enabled
dnsmasq.status=enabled
dyndns.status=disabled
ebtables.1.cmd=-t nat -A PREROUTING --in-interface ath0 -j arpnat --arpnat-target ACCEPT
ebtables.1.status=enabled
ebtables.2.cmd=-t nat -A POSTROUTING --out-interface ath0 -j arpnat --arpnat-target ACCEPT
ebtables.2.status=enabled
ebtables.3.cmd=-t broute -A BROUTING --protocol 0x888e --in-interface ath0 -j DROP
ebtables.3.status=disabled
ebtables.50.status=disabled
ebtables.51.status=disabled
ebtables.52.status=disabled
ebtables.status=disabled
gpio.1.direction=1
gpio.1.line=8
gpio.1.status=enabled
gpio.1.value=disabled
gpio.status=enabled
gui.language=en_US

Https Mode

Abilitiamo la porta '443' per collegarci via interfaccia web in maniera sicura, la porta '80' rimarrà attiva ma reinderizzata automaticamente in https

httpd.https.port=443
httpd.https.status=enabled
httpd.port=80
httpd.session.timeout=900
httpd.status=enabled

Anche qui di seguito non sono necessari interventi

igmpproxy.status=disabled
iptables.1.cmd=-t nat -I POSTROUTING -o ath0 -j MASQUERADE
iptables.1.status=disabled
iptables.2.status=disabled
iptables.200.status=disabled
iptables.3.status=disabled
iptables.4.status=disabled
iptables.5.status=disabled
iptables.50.status=disabled
iptables.51.status=disabled
iptables.52.status=disabled
iptables.status=disabled

Network

Qui possiamo modificare i parametri relativi alla nostra rete

netconf.1.autoip.status=disabled
netconf.1.autoneg=enabled
netconf.1.devname=eth0
netconf.1.duplex=enabled
netconf.1.hwaddr.status=disabled
netconf.1.hwaddr=
netconf.1.ip=LAN_IP
netconf.1.mtu=1500
netconf.1.netmask=LAN_SUBNET
netconf.1.promisc=enabled
netconf.1.speed=100
netconf.1.status=enabled
netconf.1.up=enabled
netconf.2.allmulti=enabled
netconf.2.autoip.status=disabled
netconf.2.devname=ath0
netconf.2.hwaddr.status=disabled
netconf.2.hwaddr=
netconf.2.ip=WLAN_IP
netconf.2.mtu=1500
netconf.2.netmask=WLAN_SUBNET
netconf.2.promisc=enabled
netconf.2.status=enabled
netconf.2.up=enabled

Non ci interessa ...

netconf.3.alias.1.status=disabled
netconf.3.alias.2.status=disabled
netconf.3.alias.3.status=disabled
netconf.3.alias.4.status=disabled
netconf.3.alias.5.status=disabled
netconf.3.alias.6.status=disabled
netconf.3.alias.7.status=disabled
netconf.3.alias.8.status=disabled
netconf.3.autoip.status=disabled
netconf.3.devname=br0
netconf.3.hwaddr.status=disabled
netconf.3.ip=192.168.1.20
netconf.3.netmask=255.255.255.0
netconf.3.status=disabled
netconf.3.up=enabled
netconf.4.autoip.status=disabled
netconf.4.devname=eth1
netconf.4.hwaddr.status=disabled
netconf.4.mtu=1500
netconf.4.up=enabled
netconf.5.autoip.status=disabled
netconf.5.devname=ath1
netconf.5.mtu=1500
netconf.6.status=disabled
netconf.status=enabled
netmode=router

Qui possiamo inserire/modificare il timeserver

ntpclient.1.server=time.ien.it
ntpclient.1.status=enabled
ntpclient.status=enabled

Se usiamo OLSRd è bene abilitarlo

olsrd.status=enabled

Non occorrono modifiche

ppp.1.password=
ppp.1.status=disabled
ppp.status=disabled
pwdog.status=disabled

Radio Interface

radio.1.ack.auto=enabled
radio.1.ackdistance=600
radio.1.acktimeout=25
radio.1.ampdu.bytes=50000
radio.1.ampdu.frames=32
radio.1.ampdu.status=enabled
radio.1.antenna.gain=#modifica solo su Rocket/Bullet/NanoBridge/AirGrid/PicoStation a seconda dell'antenna che si utilizza
radio.1.antenna=4
radio.1.chanshift=0
radio.1.clksel=1
radio.1.countrycode=380
radio.1.cwm.enable=0
radio.1.cwm.mode=0
radio.1.devname=ath0
radio.1.dfs.status=enabled
radio.1.ext_antenna=0
radio.1.forbiasauto=0
radio.1.frag=off
radio.1.freq=5600
radio.1.ieee_mode=11naht20# 11naht40 per abilitare la larghezza del canale a 40Mhz
radio.1.mcastrate=15
radio.1.mode=master
radio.1.obey=disabled# enabled/diabled stabilisce il controllo automatico del transmit rate in AP mode
radio.1.polling=enabled# enabled/diabled AirMAX
radio.1.pollingnoack=
radio.1.pollingpri=# AirMAX config - con configurazione STA 3=disabled 2=Low 1=Medium 0=High - lascia vuoto in AP
radio.1.rate.auto=disabled
radio.1.rate.mcs=13# stabilisce il massimo transimt rate 0-15
radio.1.reg_obey=disabled# enabled/diabled stabilisce il controllo automatico del transmit rate in STA mode
radio.1.rts=off
radio.1.rx_antenna=0
radio.1.rx_antenna_diversity=enabled
radio.1.status=enabled
radio.1.subsystemid=0xe005
radio.1.thresh62a=
radio.1.thresh62b=
radio.1.thresh62g=
radio.1.tx_antenna=0
radio.1.tx_antenna_diversity=enabled
radio.1.txpower=14# a seconda del paese/device/antenna valori da 0 a 27
radio.countrycode=380
radio.status=enabled

ResolvName

resolv.host.1.name=NanoStationM
resolv.host.1.status=enabled
resolv.nameserver.1.ip=8.8.8.8
resolv.nameserver.1.status=enabled
resolv.nameserver.2.ip=8.8.4.4
resolv.nameserver.2.status=enabled
resolv.status=enabled

Lasciare pure com'è di seguito

route.1.devname=ath0
route.1.gateway=0.0.0.0
route.1.ip=0.0.0.0
route.1.netmask=0
route.1.status=disabled
route.status=enabled
snmp.community=public
snmp.contact=
snmp.location=
snmp.status=enabled

SSH Key Control

Qui possiamo inserire la nostra chiave pubblica per controllare il device da shell senza dover inserire la password al login

sshd.auth.key.1.comment=
sshd.auth.key.1.status=disabled
sshd.auth.key.1.type=
sshd.auth.key.1.value=
sshd.auth.passwd=enabled
sshd.port=22
sshd.status=enabled

Log server

syslog.remote.ip=
syslog.remote.port=514
syslog.remote.status=enabled
syslog.status=enabled

Di norma le info a seguire non vanno modificate, chi volesse tentare lo può fare a suo rischio e pericolo

system.button.reset=enabled
system.date.status=disabled
system.date=
system.eirp.status=enabled
system.latitude=
system.longitude=
system.modules.blacklist.1.status=disabled
system.modules.blacklist.2.status=disabled
system.modules.blacklist.3.status=disabled
system.modules.blacklist.4.status=disabled
system.modules.blacklist.status=disabled
system.timezone=GMT-1
telnetd.port=23
telnetd.status=disabled
tshaper.in.1.devname=eth0
tshaper.out.1.devname=ath0
tshaper.status=disabled
users.1.name=root#ubnt di default
users.1.password=*VOSTRA_PW_CIFRATA*
users.1.status=enabled
users.2.gid=100
users.2.name=ubnt
users.2.password=
users.2.shell=/bin/false
users.2.status=disabled
users.2.uid=100
users.status=enabled

vLAN

vlan.1.status=disabled
vlan.2.status=disabled
vlan.status=disabled

Wireless

wireless.1.addmtikie=enabled
wireless.1.ap=00:00:00:00:00:00# In STA Mode MAC ADDRESS del AP
wireless.1.authmode=1
wireless.1.compression=0
wireless.1.devname=ath0
wireless.1.fastframes=0
wireless.1.frameburst=0
wireless.1.hide_ssid=disabled
wireless.1.l2_isolation=disabled
wireless.1.mac_acl.1.mac=
wireless.1.mac_acl.1.status=disabled
wireless.1.mac_acl.10.mac=
wireless.1.mac_acl.10.status=disabled
wireless.1.mac_acl.11.mac=
wireless.1.mac_acl.11.status=disabled
wireless.1.mac_acl.12.mac=
wireless.1.mac_acl.12.status=disabled
wireless.1.mac_acl.13.mac=
wireless.1.mac_acl.13.status=disabled
wireless.1.mac_acl.14.mac=
wireless.1.mac_acl.14.status=disabled
wireless.1.mac_acl.15.mac=
wireless.1.mac_acl.15.status=disabled
wireless.1.mac_acl.16.mac=
wireless.1.mac_acl.16.status=disabled
wireless.1.mac_acl.17.mac=
wireless.1.mac_acl.17.status=disabled
wireless.1.mac_acl.18.mac=
wireless.1.mac_acl.18.status=disabled
wireless.1.mac_acl.19.mac=
wireless.1.mac_acl.19.status=disabled
wireless.1.mac_acl.2.mac=
wireless.1.mac_acl.2.status=disabled
wireless.1.mac_acl.20.mac=
wireless.1.mac_acl.20.status=disabled
wireless.1.mac_acl.21.mac=
wireless.1.mac_acl.21.status=disabled
wireless.1.mac_acl.22.mac=
wireless.1.mac_acl.22.status=disabled
wireless.1.mac_acl.23.mac=
wireless.1.mac_acl.23.status=disabled
wireless.1.mac_acl.24.mac=
wireless.1.mac_acl.24.status=disabled
wireless.1.mac_acl.25.mac=
wireless.1.mac_acl.25.status=disabled
wireless.1.mac_acl.26.mac=
wireless.1.mac_acl.26.status=disabled
wireless.1.mac_acl.27.mac=
wireless.1.mac_acl.27.status=disabled
wireless.1.mac_acl.28.mac=
wireless.1.mac_acl.28.status=disabled
wireless.1.mac_acl.29.mac=
wireless.1.mac_acl.29.status=disabled
wireless.1.mac_acl.3.mac=
wireless.1.mac_acl.3.status=disabled
wireless.1.mac_acl.30.mac=
wireless.1.mac_acl.30.status=disabled
wireless.1.mac_acl.31.mac=
wireless.1.mac_acl.31.status=disabled
wireless.1.mac_acl.32.mac=
wireless.1.mac_acl.32.status=disabled
wireless.1.mac_acl.4.mac=
wireless.1.mac_acl.4.status=disabled
wireless.1.mac_acl.5.mac=
wireless.1.mac_acl.5.status=disabled
wireless.1.mac_acl.6.mac=
wireless.1.mac_acl.6.status=disabled
wireless.1.mac_acl.7.mac=
wireless.1.mac_acl.7.status=disabled
wireless.1.mac_acl.8.mac=
wireless.1.mac_acl.8.status=disabled
wireless.1.mac_acl.9.mac=
wireless.1.mac_acl.9.status=disabled
wireless.1.mac_acl.policy=allow
wireless.1.mac_acl.status=disabled
wireless.1.macclone=disabled
wireless.1.scan_list.channels=
wireless.1.scan_list.status=disabled
wireless.1.security=none
wireless.1.signal_led1=1
wireless.1.signal_led2=2
wireless.1.signal_led3=3
wireless.1.signal_led4=4
wireless.1.ssid=ninux.org
wireless.1.status=enabled
wireless.1.wds=disabled
wireless.1.wmm=enabled
wireless.1.wmmlevel=
wireless.status=enabled
wpasupplicant.device.1.status=disabled
wpasupplicant.profile.1.network.1.bssid=
wpasupplicant.status=disabled

Al termine delle modifiche salviamo ed usciamo dal terminale digitando prima ESC e poi ":wq" quindi facciamo un rapido controllo di ciò che abbiamo effettuato rileggendo il file con il comando

cat /tmp/system.cfg

Se tutto è corretto passiamo a fissare le modifiche in maniera permanente con il comando

cfgmtd -f /tmp/system.cfg -p /etc -w && reboot

Buon divertimento!

l'ultima modifica è del 2012-09-30 16:57:57, fatta da Nemesis