Hacking at the BT Voyager 205 adsl router modem
This started as a wee collection of miscellaneous telnet cli commands, tweaks, hacks and other fun for the BT Voyager 205 router. a.k.a. "Globespan Viking" (Globespan is now owned by conexant), but my original BT Voyager 205 text file started getting a lot of google-type action, so I eventually got around to doing a web page proper, as promised.What we now have is pretty much Viking Central, and owners of all the viking chipset based routers; BT Voyager 205, of course, CastleNet AR502, Dynalink RTA100, RTA500-D51, GlobespanVirata, Netgear DM602, Solwise SAR100 & SAR130, Riger db102, Callisto 821, BT Voyager 205, CastleNet AR502, Cell pipe 22A (21A) -BX-AR, Dynalink RTA100 (Viking I), Dynalink RTA500-D51 (Viking II), Siemens E-010-I, Speed Modem 50, Speed Modem 100, Tenda TED8620R and probably many others; as well as folks with no pretence of owning anything even remotely similar, drop by with their router woes and triumphs. It's been a lot of fun. Check out the full story in the many hundreds (make that thousands! -ed) of comments.
I'm told the voyager pages are a good read for other network n00bs, too, so if you're looking to find out what a "Static IP" is, or learn a few proxy tricks, setup a webserver, or maybe just soak up some network basics, you may just find what you need right here. I'll let you be the judge.
As well as how to configure the voyager router, most folks seem to be looking for security and stealth, NAT rules (with examples), port-forwarding, and porn, well, apart from the porn, it's all here!
There's been some re-organising, splitting up the data into separate pages (please see the menu at the top), usually in response to the groovy comments at the foot, clarifying and expanding things as we go along, mainly so people don't have to keep asking the same questions over and again.
Fire away! but do bear in mind, if it's a technical issue that's already been covered here, the response is unlikely to be what you'd hoped for! At least run through the troubleshooting checklist before asking FAQs. Otherwise, feel free to add a comment, or just rant and flame. There's no such thing as a stupid question, though barney's come pretty close (hehe, just kiddin' dude! ;o)
meet the black box...
Model : Viking Name : voyager Domain Name : corz.ath.cx Description : DSL Modem Location : Aberdeen, Scotland Contact : cor.. https://corz.org Vendor : GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A LogThreshold: 1 Object-id : 1.3.6.1.4.1.50000 HwVersion : 810020 SwVersion : V1.1 DSL Version : Y1921a System Time : Sat Nov 27 14:11:44 2004 Time Zone : GMT DST : On Services : physical datalink internet end-to-end applications UpTime(HH:MM:SS) : 13:37:23 Backup Interval : Disable Power Required : 16V ~ 1A [16VA] AC
It's worth investing a little time in getting to know the unit, setting it up properly. With only a couple of simple commands you can create a hardware-firewalled, safe, internet-enabled LAN environment for your home or organisation. The box comes free with BT's current 1MB/2MB broadband package, possibly other packages. With free adsl connexion thrown in, it's actually not a bad deal. At least until the limits set in, circa May 2005. *sigh*
The BT Voyager 205 is a good wee box. As well as a simple USB modem (you won't need to remove that sticker, ever!), it's a "real" router, so you can just connect it to an ethernet switch and tada! your whole LAN has internet. No drivers required! I repeat: NO DRIVERS REQUIRED!!! The unit can act simultaneously as a router AND a modem, all by itself.
Using ethernet, the voyager works independently of any computer, so it doesn't matter if you're running OS X, BSD, Linux, Solaris, Classic Mac OS, Amiga OS, even Windows®; this box can act as your "always on" internet gateway. It's got NAT, a good IP filter firewall with stateful inspection (don't believe the rubbish they tell you elsewhere!), dhcp server, access control, comprehensive attack protection, automatic DUC, the works! It begs to be tweaked and hacked, and we've already discovered some useful undocumented functionality doing just that, as well as render at least one unit completely unusable!
NO USB past this point!
Before we go any further..If you insist on using USB to connect to the router, expect to a) have lots of trouble with your internet connexion, b) be ignored here when you ask perfectly reasonable questions, and c) spend a lot of time at the troubleshooting page, on your own! Simon says, "Get a NIC!", or words to that effect, which is a "Network Interface Card" and will cost around three bucks in any currency. We really did have a Simon that said that! Check the comments.
But Kev tells us that if you go into your Windows Device Manager (run "devmgmt.msc") and bring up the properties for your USB root hubs, and on the "Power Management" tab, UNcheck the box where it says "Allow the computer to turn off this device to save power", you may at least not have to suffer the thing cutting out every five minutes. This will keep you going until you get a switch!
Okay, NOW we can start..
Getting Started..
Ironically, the best way to begin hacking this thing, is to start with the web interface..http://192.168.1.1 (the preset default address, you can change this)
If you have a static IP on your puter, ensure you are in the same "subnet", in other words; 192.168.1.something (if your whole LAN uses static IP's and they are *not* on that subnet, you can change the IP of the router to match your LAN, though you will have to temporarily flip your computer's IP to 192.168.1.3 to alter the router's IP to 192.168.0.1 (or whatever), oh the pain! but you can also create "virtual" ethernet connexions, serving multiple subnets)
note: the 205, as supplied by BT comes insecure out of the box. I think BT imagined the ethernet port would be used only by XBox and PS2 gamers, or perhaps they wanted to drop in sometime. Anyway, the unit connects itself to your favourite ISP right at startup (remember this if you are trying to setup the 205 for different ISP, like Tiscali, or AOL (puleeze!) or whatever, you'll need to enter your login details before you connect the 205 to the phone line!) so first thing to set is..
set this to "High", which is better than it was, but not a lot. Apply, and Save your changes. (the oddly-placed red save button appears on all the advanced pages) now you can breathe a little while you get this thing properly secure and working the way you want it to. after enabling the basic security, setup any other stuff you understand, save again, then go to..
and click the 'Save Config' button, which will save the current configuration to your hard drive.
this exported file is no more than a list of cli commands for the voyager router. with this list of commands, you can recreate your router's current state at any time in the future. make a copy of that file, and start adding to it. Later you can upload it to the router via FTP, and use it as your default command set.
Let's Hack!
With our current configuration safely backed-up, we can start to really hack this thing.There are two schools of thought as to how best to approach this task. Some folk prefer GUI tools, and others prefer a command line. Each has advantages and disadvantages. The main disadvantage of the cute web interface gui is that only some of the pages are available, however we have overcome this and though I personally prefer to use the command line to configure my router, I have created a couple of tools allowing GUI fans to access the "hidden" pages of the web interface, where you can now get to most every setting you will ever need to tweak. It's certainly easier to view the results in the web interface, anyway.
Those page selector tools are right below this article, above the comments. Conveniently, you can also open them in a separate window, and if you save the resultant page to your hard drive, you can use these tools at home, even when you're offline. If you have a webserver with php running, source is also provided.
But it's from the command line that ALL the settings are available. The ability to drag & drop commands into a telnet session, not to mention its scriptability, makes the shell ideal for a job like this. There's something wholesome about plain text commands, a particular clarity. So let's open a telnet session..
telnet
Telnet is just a protocol, like FTP is. It allows you to run a command line on a remote machine (in this case, the router). All modern operating systems have a Telnet program built-in, usually called simply "telnet". Only via telnet can we access the router's raw command line, where commands can be typed directly into the router's brain.When I first dropped into the command line (from my mac) I was frustrated by the inability to delete characters, or move around with the arrow keys. One wee mistake, and BANG! you have to start again. I tried using Putty, and other tools on the peecee, but still the same effect, eventually I just accepted that it was "a router thing".
However, if you open a plain old telnet session from a plain old DOS box, at least on XP, you have a magic telnet session that allows all these things! BobR tells me it's because of the "Terminal Emulation" mode used, of course! XP defaults to the old DEC vt100 emulation, which works perfectly! Cheers Bob!
Scattered throughout this area of the site are clickable links (there's one coming right up) which will, in theory, open a telnet session on your machine. And if you are running windows, you'll likely get the same magic telnet session as me!
by default the router lives at 192.168.1.1 so go into your shell and do..
telnet 192.168.1.1 <-- click here to telnet into your router!
( note that inside my LAN "router" resolves to 192.168.1.1 )
The account login is the same as the web interface ( preset defaults are user: admin password: admin ) very secure! you can ftp in, too, but although there's lots to see, there's not a lot to do, at least, so far. we'll see. with the right firmware it might even do ssh.
On a mac, you can select any command line from this page (or your own script), drag it into your terminal (connected via telnet to the router, of course) and your hacks go live!
telnet tip: before you drag-and-drop, when you select the command, select the whole line, including the following line-break; then <enter> will be pressed for you as well. in bbedit, TextPad, EditPlus, etc., this can be achieved by simply clicking to the left of the line. (this also works in certain Linux desktop configurations) note: if you drag-and-drop from this page, make sure the example IP matches yours!
another tip: Ctrl-D will close most telnet/ssh sessions.
IMPORTANT: when you login to a telnet session, you will not see your password being entered, no asterixes, nothing, but for sure, it's going in just fine! Hit <enter> as normal, and you'll login without any problem. It's not broken, it's a security feature!
I've used greyed-out text here, to differentiate between the telnet commands and my comments, to (hopefully) make things clearer, at least, clearer than they were to me when I started messing with this thing this morning, getting most of my clues from Chinese web sites! they've had the Viking chipset a while, apparently. okay ...
In a telnet session with the router, you can type any command and then a space and then a ? to get help for that command, like this..
get ?
which would produce a list of possible "get" commands, next you could do..
get ppp ?
for a list of "get ppp" commands, etc.. this tip will save you hours!
?
on it's own is the same as
help
which gets you a list of top-level commands.
use the UP key to recall the last input command. use this a lot!
after giving help, the cli puts that same command back on your current command line minus the "?", so you can build up long commands one command at a time, getting help all the way. neat. okay, first..
Stealth and Security..
You will probably want to begin by stealthing your router. A stealthed router sends a definite signal to any potential attacker, and also refuses to needlessly leak information about your computing environment. You can stealth a voyager 205 with just two simple commands..create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low
Much better! a simple start. Now you got stealth, nothing's getting in! so if you want to run any servers, ftp server, web server, whatever, or effectively use any p2p application, you'll need to create individual rules to allow this inbound traffic, inserting them numerically between the two magic stealth rules above. an example BitTorrent rule..
create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low
After dropping in another rule for the±wire it looks something like this..
this screen is here ..
You might want to enable standard attack protections..
modify fwl global blistprotect enable attackprotect enable dosprotect enable
these should be on by default, do check your model/settings (and exported .cfg file).
who da bad boys? ..
get fwl blacklist
to delete a firewall rule..
delete ipf rule entry ruleid 6881
check out the stealth page for a great deal more information about stealthing your router, including important notes on firewall testing.
NAT (not an insect)
If there are a few or more users in your home/business/organisation, you'll likely want give them all internet access. broadband was made for sharing. this is where NAT comes in. NAT, or "Network Address Translation" is simply a way for multiple "private" computers to share a single "public" IP address.The NAT "gateway" (our beloved BT voyager 205) translates all the outbound requests from our individual "private" computers (called 192.168.1.whatever, safely inside our Local Area Network, or "LAN") and alters the packets so they appear to originate from a single "public" IP address (which is all the folk on the outside can see). When the requested packets return, the NAT reverses the translation, and routes the data back to the originating "private" machine. clever stuff.
Because the Voyager can apply "stateful inspection", inbound packets are examined on arrival, and only those packets we requested are forwarded on inside the LAN. Essentially nothing gets through the NAT unless we asked for it first, or, like the BitTorrent rule above, we specifically open up a port.
So first we.. NAT everything!
create nat rule entry ruleid 100000 napt
I recently discovered that the voyager has a hidden NAT rule which does exactly this. Mine is rule ID no. 4294967295 ! I still add my own though, where I can see it.
port forwarding.. maximum 20 rules!
After opening ports to allow inward traffic, you need to route that traffic to a particular "private" computer inside your network. To do achieve this, we use port forwarding. It does exactly what is says on the can, forwarding the data packets on to the private machine.In order for this to work as expected, your private machines (machines at this side of the firewall) need to have "Static IP's". Most computers will, by default, get their IP address dynamically, that is, it will be assigned by the gateway computer, which is our router (aye, there's a wee computer inside there!). You'll need to ensure that dynamic IP addressing (dhcp) is disabled on your computer, and you have instead manually assigned a static IP to the computer, probably something like 192.168.1.3. For more information on how to do that, see here.
It could be argued that "my computer always gets assigned 192.168.1.3", but that's asking for trouble when, six months down the line, you add a laptop to the network and suddenly all your firewall rules stop working, and it takes you six hours of troubleshooting to figure out why! If you need DHCP, mindfully create a special pool of addresses, for "guests", or whatever. In a discipline with so many variables (networking) it makes a great deal of sense to convert as many as possible to constants. So with your target machine at a fixed, reliable, constant address; let's do it..
This example NAT rule will forward all inbound bittorrent traffic to a machine at IP address 192.168.1.3..
create nat rule entry ruleid 6881 rdr prot num 6 lcladdrfrom 192.168.1.3 lcladdrto 192.168.1.3 destportfrom num 6881 destportto num 6889
Something very similar would work for any p2p application and protocol; eMule, edonkey, kazaa, LimeWire, WinMX, Gnutella, Direct Connect, etc, etc. same for servers; FTP server, Web Server, whatever.
check out the recipes page for lots more details and a whole bag of ready-made NAT rules!
As well as simple redirection, you can create different kinds, or "flavours" of NAT rule, and put ranges of ports into one rule, too. handy, because you can only have twenty rules maximum. you can also create IP ranges (aka round-robin), more useful for sharing load on multiple servers. check out the PDF's at the foot for an almost complete list of all the NAT, and many many other rules.
A simple NAT configuration might look like this..
click the magnifying glass to look at stuff close up..
you'd think the "global address to" would need to be 255.255.255.255, but the voyager doesn't seem to care. I guess when neither are specified it just presumes you mean everything.
you can do..
create nat rule entry ?
for a list of all the NAT options. You can delete a nat port forwarding rule like this..
delete nat rule entry ruleid 6881
If you are looking for a particular solution, it's probably on the recipes page!
If not, consider making a donation, and request that it be added!
essential tweaks..
ppp link...
Enable ppp keepalive..modify ppp global keepalive enable
ppp sessions time-out after thirty minutes inactivity. let's change that..
modify ppp global pppsesstimer nevertimeout
(for v1.8 firmware, replace "nevertimeout" with "99999")
time to live..
modify ip cfg ttl 64
network connexion limits...
The maximum number of IP sessions the modem can manipulate simultaneously is 512. the default is 192, let's fix that..modify nbsize maxipsess 512
note: if you have upgraded to the v1.8 firmware (which I have not) you can only set that to 511, not 512.
for gamers..
Opening and closing lots of connexions quickly (like some p2p apps and most networked games do) can fill up that connexion table pretty fast, because you open new connexions before you have closed the old ones. exactly how long the old connexions stay open is up to you..modify nat global tcpidletimeout 3600 tcpclosewait 45 tcptimeout 30 udptimeout 90
those are the default setting, but you can probably get off with using much lower values, especially if you search for game servers a lot, something like these..
modify nat global tcpidletimeout 1800 tcpclosewait 30 tcptimeout 10 udptimeout 15
or even less. Every setup is slightly different; experimentation is the key to success. There are other parameters that may be set, too, for more details, open a telnet session with your router and do..
modify nat global ?
replace a time server entry..
modify sntp cfg disable
delete sntp servaddr dname Time.apple.com
create sntp servaddr dname pool.ntp.org
modify sntp cfg enable
get sntp stats
etc..
Get stats on stuff..get system
get nat stats
get ip stats
get sntp stats
get pfraw stats
get ethernet stats
get fwl stats
get dsl stats curr
get user
get ipf session
create a new user..
create user name boss passwd mypassword root
alg rules...
"Application Layer Gateways" are clever things, allowing you to run IRC and ICQ clients, FTP servers and the like without endless firewall hassles, thanks to the 205's "stateful inspection" mechanisms. Most of the common ones are already in place, but if you need something special, you can add it yourself.This example would allow you to connect successfully to an IRC server running on a non-standard port, in this case port 7000..
create alg port portno 7000 prot num 6 algtype mirc
more than just for fun...
modify system contact "cor, https://corz.org"
modify system location "Aberdeen, Scotland"
modify system dname "corz.ath.cx"
modify system name "Starship Voyager 205"
you can do them all at once, too..
modify system contact "cor, https://corz.org/" location "Aberdeen, Scotland" dname "corz.ath.cx" name "Starship Voyager 205"
Would be fun to have a finger server on the unit, presenting this info to whoever asks. For more of these sorts of fun and games, don't forget to check out the tips & tricks page! (Hacks for Dynamic DNS, alternative DNS servers, ping, traceroute, custom logging and much more!)
cool it!
This box runs hot. There's enough anecdotal evidence going around to suggest that when things start to wonk out, heat can be a factor. In short, keep it somewhere cool, like under a window, or sit some nice flat-bottomed, metal object on top of it to act as a heat-sink, or both..If you REALLY want to cool it, check out this.
lastly..
Don't forget to check out the router directory in my public archive for many interesting files ( including PDF's containing ALL the possible commands), firmware utilities, patches, shell scripts, and much more..https://corz.org/public/docs/comms/router/
you can download the main two directly, here..
have fun!
;o) corz.org
ps.. the original protective sticker is still stuck over the USB socket of the Voyager 205,
and it's going to stay that way, too!
Useful Links..
click this link to go directly to your router
your router's built-in help system
collection of useful things
You go click, and the router goes, well, it just goes!
Goan save yourself four weeks of headaches!
don't even go there!
top class telnet client
weird solutions
and a great OS, to boot!
try the "Outils traduits" link
potentially useful (rta100+) software & firmware
useful free IP scanner, for finding lost routers
if you want to know what ports to open for what games
Before you ask a question..
PLEASE ensure you have at least run through the troubleshooter at the foot of the troubleshooting page and checked EVERYTHING!
Note: If your router isn't a Voyager 205, go here.
Please note: comments on this page are now disabled: but that doesn't mean I want you to mail me with your router troubles! If you want my time, the PayPal button is in the top-right of all pages!
NOTE: If you load this page with ALL comments, you will probably find someone has already asked your question, and been answered.
Dear sir, i want to replace my voyager box to a Netgear DG834 and need to find out my ISP username, ISP password, IP addresses, security keys from within the voyager.... HELP PLEASE
Cheers
whit a man cor...i cannae leave this page alone as it is proving invaluable wi all the ready made commands and whit knows so here`s a question fur ye...should i use a switch wi a WAN port on it or will a LAN switch do.i`ve went through previous posts tae yerself and i can`t see that anyone has asked this before,so if i`ve missed it i`m sorry tae seem tae waste yer time,any help would be gratefully recieved and thanx for time and effort spent tae make dummies lives easier like maself...p.s.as i am studying for my a+ certification this sight has given me a wealth of information and experience in things like telnet etc. which up until now i had only read and studied.and to think i found the site by mistake...i need tae be makin mair mistakes like this.(lol)greets fae strathclyde.:)
Cor Remember your old m8 Joker
Im back from near death and on my systems again didnt think i would pull through after being fried on a 400Kv oil fill stop joint while testing.
The so called top I'tie Joiner/supervisor picked up the wrong test set and we
both went BANG! spent months with my arms in plastic bags in Oddstock,no hair and a face that would make E'gore feel good looking
Well on the mend now and a lot of catching up to do.
By the way like the new look for site m8.
Talk soon.Regards Joker
is there anyway of getting round BTs gateway industrial service so i can access sites that they have blocked
mav:
This happens a lot to some 205's and ive pulled apart and hack't and moded a killed about 8 now, And over heating i found to be the main reason for that little p-ss off.
I found that about 2 out of 5 would do this quite a lot
and others hardly ever? i think it was down to how well they were assembled and how well the heat shunt "Crap near none anyway" contacted the board.
as cor will tell you anyway "COOL IT" there is a pic'file and doc's in cor's archives if i remember rightly.
The 205 was i think designed very poorly as fare as cooling goes and causes more problems than most people realise.
They run very hot!
I have even mod'ed one 205 with a
cpu cool master fan
As well as re housing the board in a nice big brushed ali' case with loads of vents
also a copper wing mobo chip set cooler mod'ed to fit snug on voyagers I.C.'s and it never ever cuts out or gets sluggish through over heating. It makes a BIG difference
There isn't a lot of room in the orig'205 case so you have to be careful were you put heat shunt/cooling fins" As you will see from archive file,
But well worth it if you are a heavy user then over heating will get ya sooner or later
Cor: Do you still live here m8?
Regards Joker:
Andy:
LOOK HERE
I'm really at my wits end with this BT router. I go through every single page here, every command, every last detail, I even switched from USB to ethernet and bought a switch. Now even after entering all of these commands, and being well under 512 connections, i still get disconnected while downloading and browsing the internet. It's doing my head in. I have connected via FTP and tried uploading one of your ready made scripts, yet it doesn't work. It will always revert back to the default commands when the box restarts, same when i try uploading via the web interface. I'm totally clueless as to what to do to get this thing working. Is there a trick to replacing the default config.cfg file with your ready made one? Please help before i lose all my hair, cheers.
HELP FOR YOU:
when you use a pre-cfg from archive do this and it wil work
first open cfg file with note.pad and look at the first few lins!
you need to cange the password to the one you use to login to telnet and admin page.
you also need to delete some of corz entrys. so keep the file open.
NOW LOOK AT THE PRE-cfg I USED FROM CORZ ARCHIVES THE STELTH Router setup. this is a copy of mine that work fine
after changes
-----------------------------------------------------------
create user name admin passwd YOUR root
nbsize maxipsess 511 size maxvc 8 max1483vc 8 maxppe 8
modify ppp global pppsesstimer 9999 keepalive enable
modify system contact "http://prv-joker.org.uk" model "Viking Voyager 205" location "UK" vendor "GlobespanVirata Inc.,100 Schulz Drive, Red Bank,NJ 07701,U.S.A" logthresh 1 systime "Mar 04 23:53:14 2006" dst on timezone "GMT" name "fuckers"dname"jokers"magicnum16
modify bridge mode wan2wan disable
modify pfraw global enable
create pfraw rule entry ruleid 15 ifname private dir in act deny
create pfraw rule entry ruleid 16 ifname private act deny
create pfraw rule entry ruleid 17 ifname private dir in act deny
create pfraw rule entry ruleid 18 ifname private act deny
create pfraw rule entry ruleid 19 ifname private dir in act deny
create pfraw rule entry ruleid 20 ifname private act deny
create pfraw rule entry ruleid 21 ifname private dir in act deny
create pfraw rule entry ruleid 22 ifname private act deny
create pfraw rule entry ruleid 23 ifname private dir in act deny
create pfraw rule entry ruleid 24 ifname private act deny
create pfraw rule entry ruleid 25 ifname private dir in act deny
create pfraw rule entry ruleid 26 ifname private act deny
create pfraw rule entry ruleid 27 ifname private dir in act deny
create pfraw rule entry ruleid 28 ifname private act deny
create pfraw rule entry ruleid 29 ifname private dir in act deny
create pfraw rule entry ruleid 30 ifname private act deny
create pfraw rule entry ruleid 31 ifname private dir in act deny
create pfraw rule entry ruleid 32 ifname private act deny
create pfraw rule entry ruleid 33 ifname private dir in act deny
create pfraw rule entry ruleid 34 ifname private act deny
create pfraw rule entry ruleid 35 ifname private dir in act callmgmt
create pfraw rule entry ruleid 36 ifname dmz dir in act callmgmt create pfraw rule entry ruleid 37 dir in act callmgmt
create pfraw subrule entry ruleid 15 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864
create pfraw subrule entry ruleid 16 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864
create pfraw subrule entry ruleid 17 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF
create pfraw subrule entry ruleid 18 subruleid 1 mask 0xFFFFFFFF start iph offset 16 enable cmpt range 0xE0000000 0xEFFFFFFF
create pfraw subrule entry ruleid 19 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035
create pfraw subrule entry ruleid 20 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8035
create pfraw subrule entry ruleid 21 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B
create pfraw subrule entry ruleid 22 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x809B
create pfraw subrule entry ruleid 23 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC
create pfraw subrule entry ruleid 23 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0
create pfraw subrule entry ruleid 24 subruleid 1 mask 0xFFFF offset 12 enable cmpt lteq 0x05DC
create pfraw subrule entry ruleid 24 subruleid 2 mask 0xFFFF offset 14 enable cmpt eq 0xF0F0
create pfraw subrule entry ruleid 25 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138
create pfraw subrule entry ruleid 26 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8137 0x8138
create pfraw subrule entry ruleid 27 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000
create pfraw subrule entry ruleid 28 subruleid 1 mask 0xFFFFFFFFFFFF offset 0 enable cmpt eq 0x0180C2000000
create pfraw subrule entry ruleid 29 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806
create pfraw subrule entry ruleid 30 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x0806
create pfraw subrule entry ruleid 31 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333
create pfraw subrule entry ruleid 32 subruleid 1 mask 0xFFFF offset 0 enable cmpt eq 0x3333
create pfraw subrule entry ruleid 33 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100
create pfraw subrule entry ruleid 34 subruleid 1 mask 0xFFFF offset 12 enable cmpt eq 0x8100
create pfraw subrule entry ruleid 35 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864
create pfraw subrule entry ruleid 36 subruleid 1 mask 0xFFFF offset 12 enable cmpt range 0x8863 0x8864
create pfraw subrule entry ruleid 37 subruleid 1 mask 0xFF offset 15 enable cmpt eq 0xA7
modify fwl global blistprotect enable attackprotect enable dosprotect enable
create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in log enable seclevel high medium low
modify ipf global seclevel high pubdefact accept dmzdefact accept
create dhcp server pool start-ip 192.168.1.50 poolid 0 end-ip 192.168.1.99 mask 255.255.255.0 dname home gwy 192.168.1.1
modify snmp trap disable
create ethernet intf ifname eth-0 ip 192.168.1.1 mask 255.255.255.0
create sntp servaddr dname Time.apple.com
create sntp servaddr dname ntp0.strath.ac.uk
create sntp servaddr dname Time.euro.apple.com
create sntp servaddr dname www.time.gov
create sntp servaddr dname www.worldtimeserver.com
modify sntp cfg enable
modify ip cfg ttl 64
modify dsl config multi bitswap enable
create atm port enable ifname atm-0 maxvc 8 oamsrc 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
create ppp security ifname default
create ppp security ifname ppp-0 chap login voyager205.user@btbroadband.com
create atm trfdesc trfindex 0
create atm vc intf ifname aal5-0 lowif atm-0 vpi 0 vci 38 a5maxproto 1 vcmux
create ppp intf ifname ppp-0 startondata mru 1500 lowif aal5-0 droute true ppoa outside usedns true
odify nat global tcpidletimeout 3600 tcpclosewait 30 tcptimeout 30 udptimeout 10 enable
create nat rule entry ruleid 4294967295 napt
create nat rule entry ruleid 100000 napt
create alg port portno 21 prot num 6 algtype ftp
create alg port portno 1701 prot num 17 algtype l2tp
create alg port portno 1723 prot num 6 algtype pptp
create alg port portno 554 prot num 6 algtype rtsp
create alg port portno 7070 prot num 6 algtype ra
create alg port portno 7648 prot num 6 algtype cuseeme
create alg port portno 1719 prot num 17 algtype h323_ras
create alg port portno 1720 prot num 6 algtype h323_q931
create alg port portno 6661 prot num 6 algtype mirc
create alg port portno 6662 prot num 6 algtype mirc
create alg port portno 6663 prot num 6 algtype mirc
create alg port portno 6664 prot num 6 algtype mirc
create alg port portno 6665 prot num 6 algtype mirc
create alg port portno 6666 prot num 6 algtype mirc
create alg port portno 6667 prot num 6 algtype mirc
create alg port portno 6668 prot num 6 algtype mirc
create alg port portno 6669 prot num 6 algtype mirc
create alg port portno 7000 prot num 6 algtype mirc
create alg port portno 161 prot num 17 algtype snmp
create alg port portno 407 prot num 17 algtype timbuktu
create alg port portno 6301 prot num 17 algtype sgicompcore
create alg port portno 1863 prot num 6 upnpaware true algtype msnmsgr
create alg port portno 389 prot num 6 algtype ldap
create alg port portno 1002 prot num 6 algtype ldap
create alg port portno 500 prot num 17 algtype ike
create alg port portno 0 prot num 50 algtype esp
create alg port portno 1503 prot num 6 upnpaware true algtype t120
create alg port portno 5060 upnpaware true algtype sip
create alg port portno 5190 prot num 6 algtype icq
create bridge port intf ifname eth-0
modify stp port info ifname eth-0 priority 0x80 pcost 100
create igmp intf ifname ppp-0 host
create dns servaddr priority 0 194.73.73.94
create dns servaddr priority 1 212.74.112.66
modify autodetect cfg mode router
modify mctl access httpwanaccess disable telnetwanaccess disable ftpwanaccess disable tftpwanaccess disable snmpwanaccess disable
modify ilmi access protocol ifname atm-0 vpi 0 vci 38 proto any
END
-----------------------------------------------------------
now comper it to the new download stelth pre-cfg
And change and delete lines as i did it work with all of them
Cor: Im not shure why but if you dont remove all the change system name http:corz stuff all the way to you admin page it wont work?
And when router resets after upload nothing changes BUT when you remove the corz change name ect.
it work great! have no clue why same on f/ware 1.6 and 8??
bet you can see why but i cant m8
hello again cor,jist a wee quick note tae let ye ken i finally figured out my switch,which is a lan switch.everyhin workin magic.thanks so much for the sight i could`nae huv managed without ye...cheers m8 ......p.s.at some point in this adventure i have pulled all those faces and more now it`s....greets fae strathclyde
Joker!!! dude! it's grrrrrrrr8 to hear from you!
Yes! I live! But sometimes I can't face the public, only code and poetry makes sense.
Oh! Before I go any further, I wanted to thank you for the hidden gift you sent in the cpu box I discovered it last month, much appreciated!
Hospital? Bloody hell! I figured you were off to some foreign place making heaps of dosh, or something, but zapped? Yikes! That's nasty. I still get the heebie-jeebies whenever I look at one of those red sucker things in the back of a CRT, ever since I pulled one of them out as a kid. Not quite in the same league, I know, still, I respect elec-trickery in all forms! You're not dead, that's the main thing!
As for the "corz" in the 205 configs, what?!? Fer real? I wonder if BT added something to their firmware? That is naughty! I'll have to do a re-write of the ready-mades methinks; I need to get back in that folder anyway. I'll have to see if I can slam the URL in somewhere else, I don't like the idea of these things escaping without their name-collars, getting lost. Good to have you back m8.
Where was I? Oh yeah..
graeme, try loading this page with *all* comments. All I know about VPN is there, not a lot. When I get a chance, I'll maybe add a VPN section to the tricks page, exaplaining this. It does work, and there's data there in the comments. If someone wants to compile a "VPN tut" from them, it would be very much appreciated!
whytey, good one! I'll add something about this somewhere. I guess if you are unfamiliar with unix/telnet/ssh logins, this might seem strange, expecting asterixes, were you?. I hadn't thought about it. noted.
Mav, if you have old (<v1.6) firmware, VoIP can cause this. Upgrade it. You can get a v1.6 firmware in the archives here.
andy s, ahh, good to hear a familiar accent! I've pulled all those faces too, networking can have that effect! Glad you got it all working. I don't think it matters too much what kind of switch you use, so long as it switches!
alison, what's "BTs gateway industrial"? Sounds like there would be lots of pipes there, wherever it is.
ho! I'm done! that wasn't so bad!
;o)
ps..
Any question that I didn't answer are either answered by someone else (thanks dudes!), or in the lovingly crafted main articles which I recommend you read, twice, or else in the comments somewhere already. I know it's a chore to load them all, but if it's any consolation, I do plan to write a "comment search" facility, perhaps returning relevant "chunks" of comments, dunno when, which should make the process somewhat easier.
Until then, brace yourself and hit the "show all comments" link! In Firefox (and other browsers) you can do something called "type-to-find" which enables you to just start typing any word and have the browser jump to that part of the page. This makes searching wads of text, like these comments are, rather easy.
By default, Firefox's type-to-find only jumps to links, which seems silly to me, but you can change that by adding this to your user.js file.. The user.js file generally lives inside Firefox profile directory, and if it doesn't exist, simply create it!
pps.. anyone I genuinely missed, post again, we'll get there.
ppps.. the other day I coded a "post-dumper" which I created in response to my anguished screams on my browser crashing right in the middle of the last time I attempted to catch-up here. even if you preview something, or just play with the tag-tools, or whatever, it gets dumped to a file, and can be recovered.
Within only a few hours of being uploaded, two things became immediately apparent..
1. I get hit with spam-bots to the tune of about 1.2MB of posted spam per day! none of it actually gets posted, though they do try and try again. I'll leave you to hunt around the site to figure out how I manage that. and..
2. some of you guys preview your comments *a lot*. I mean, more than I do! and that really is saying something. You know who you are, and to you guys especially, the thoughtful posters who are not happy until that post is *just so*, I pay my utmost respect! You make my day, and are a part of my site in fundamental ways. Thank you!
Hello ;o)
Need some big help mate Azzie has just started playing up telling
me that my DHT is firewalled. yet I have been using the same
port as always can see all the files all the seeds just not downloading
a kb. dont know what has happened have changed nothing port probes all
perfect.
Any views please
Best
barney
Many thanks to Joker and Cor for the advice. will deffo try it all out and see what happens. Keep up the good work guys.
Mav
Hi im trying to hack my router, i managed to sort out my ZA firewall to allow Java,to allow me to use the configuration manager but i cant use the telnet it wont allow me to put in a password... i can enter admin as a name but cant put anything in password!! Any ideas??
Posting here is disabled at this time.