What's new
Symbianize Forum

Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.

All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!

Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC NEED)

M

madeinchina

The Loyalist
Advanced Member
Messages
525
Reaction score
0
Points
26
Pre-requisite:

- Router that has USB Port and Supports TomatoUSB firmware (it may work on other firmware as well like OpenWRT and DDWRT, but well going to focus only in TomatoUSB)

- Flash Drive (at least 1Gig)

- Internet Connection

- Telnet or SSH client Program (Putty is a good one)



Instruction:

1. Create a OPTWARE flash drive using polka's tutorial Click Here

2. Open your SSH client and login to your router's CLI interface.

3. Enter this command and wait until it finishes
Code: 
ipkg install python nano

4. Next, enter this command
Code: 
touch /opt/wimax_defender.py
nano /opt/wimax_defender.py

5. Nano will launch, enter this block of text.
(use right click on your mouse to paste the copied text)

Code: 
import sys
import telnetlib

host = "192.168.254.1"
user = "Firefly"
password = "$P4mb1h1r4N4m4nT0!!"

tn = telnetlib.Telnet(host)
tn.read_until("Login: ")
tn.write(user + "\n")
tn.read_until("Password: ")
tn.write(password + "\n")

tn.read_until("ATP>")
tn.write("sh\n")
tn.read_until("/ #")
tn.write("killall web\n")
tn.read_until("/ #")
tn.write("killall cwmp\n")
tn.read_until("/ #")
tn.write("iptables -F INPUT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -p udp --dport 68 -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -p tcp --dport 53 -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -p udp --dport 53 -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -p icmp -j DROP\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -m state --state RELATED -j ACCEPT\n")
tn.read_until("/ #")
tn.write("iptables -A INPUT -j REJECT\n")
tn.read_until("/ #")
tn.write("killall cli\n")
tn.write("exit\n")
tn.write("exit\n")

Save it by pressing Ctrl+O and then ENTER.
To exit nano, press Ctrl+X


6. Your done, exit SSH client and login to TomatoUSB for script scheduling

7. add this script under Administration >> Scripting >> WAN UP
Code: 
python2.5 /opt/wimax_defender.py

also add another one under scheduler found at Administration >> Scheduler
check the Custom field, set time to ecery 1 minute and check "Everyday"
and type this on command filed
Code: 
python2.5 /opt/wimax_defender.py


8. To check, visit your Wimax admin page and you should be getting connection reset error or webpage can not be displayed error, as well as telnet is also in-accessible. This proves that the wimax protection is working properly.

---- In case that you want to adjust setting on your Wimax modem, just directly plug it on your PC and restart the wimax modem, you should be able to access telnet and web admin of the modem.


Conclusion: As soon as TomatoUSB booted up, your WiMAX will be automagically protected, and it also run the scipt every 1 minute to assure that the protection is properly applied. And you can trash your Wimax protector on your PC since that will be useless.

Credit to lavaboy for his telnet based wimax defender scipt.
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

BM salamat TS................
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

Pa BM ako nito ts
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

UP wait for Feedback :)
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

galing ni idol! thanks dito
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

pa marka po becky thanks
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

nice TS.

:D
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

bookmark muna ts.
 
Re: Protect BM6xx WiMax CPE using TomatoUSB router! (NO PC N

This seems a bit pointless because you could do the same thing with an init.d script on the modem. Also with slightly different iptables switches you can make it so the ports are still accessible on the LAN but not the WAN

http://www.symbianize.com/showthread.php?t=1162902 for example on how I did this by appending one line to one of the init.d scripts for bm622m 2012, should be able to be done for any of the modems :D
 
Last edited:
You must log in or register to reply here.

Similar threads

r1bnc
shadowsocks private server installation and configuration
Replies
5
Views
1K
ghelskie20
G
J
How to Create OVPN NO LOAD GLOBE and TM (Debian and Ubuntu)
2 3 4
Replies
67
Views
11K
asker2558
asker2558
M
useful CMD commonds..share kolang po galing sa ibang site. ctto. nalang po
Replies
0
Views
1K
machinegunjoe2014
M
qtmitz
  • Poll
Softether internet sharing via RaspBerry pi
2 3
Replies
55
Views
213K
firmware001
F
jinblack16
Telenet The Secret Exposed..
Replies
0
Views
855
jinblack16
jinblack16
Back
Top Bottom