Modem Fast 5350 - Novos Comandos

Desabilitando o IPV6 - Quando a internet fica muito lenta no Ps4 ou Xbox One

x.setValuesTree("False", "Device/DHCPv6/Server/Enable");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Enable");

Por Garantia, pode se executar os comandos abaixo tambem

x.setValuesTree("False", "Device/DHCPv6/Clients/Client[@uid='1']/Enable");
x.setValuesTree("False", "Device/DHCPv6/Clients/Client[@uid='1']/RapidCommit");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Options/Option[@uid='1']/Enable");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Options/Option[@uid='2']/Enable");


x.setValuesTree("1488", "Device/PPP/Interfaces/Interface[@uid='1']/MaxMRUSize")

x.setValuesTree("1449", "Device/PPP/Interfaces/Interface[@uid='1']/CurrentMRUSize")

Modem Fast 5350 - Novos Comandos

Desabilitando o IPV6 - Quando a internet fica muito lenta no Ps4 ou Xbox One

x.setValuesTree("False", "Device/DHCPv6/Server/Enable");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Enable");

Por Garantia, pode se executar os comandos abaixo tambem

x.setValuesTree("False", "Device/DHCPv6/Clients/Client[@uid='1']/Enable");
x.setValuesTree("False", "Device/DHCPv6/Clients/Client[@uid='1']/RapidCommit");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Options/Option[@uid='1']/Enable");
x.setValuesTree("False", "Device/DHCPv6/Server/Pools/Pool[@uid='1']/Options/Option[@uid='2']/Enable");


x.setValuesTree("1488", "Device/PPP/Interfaces/Interface[@uid='1']/MaxMRUSize")

x.setValuesTree("1449", "Device/PPP/Interfaces/Interface[@uid='1']/CurrentMRUSize")

Informações complementares do modem Fast 5350

Login do Modem (CTRL+SHIFT+K no firefox)

var x = $.xmo;
x.init();
x.login("internal", "");

Listar

x.getValuesTree("Device");

Alterar o MTU

1432

x.setValuesTree("1432", "Device/IP/Interfaces/Interface[@uid='1']/MaxMTUSize");

x.setValuesTree("1432", "Device/IP/Interfaces/Interface[@uid='2']/MaxMTUSize");

x.setValuesTree("1432", "Device/IP/Interfaces/Interface[@uid='3']/MaxMTUSize");

x.setValuesTree("1432", "Device/IP/Interfaces/Interface[@uid='4']/MaxMTUSize");

x.setValuesTree("1432", "Device/IP/Interfaces/Interface[@uid='5']/MaxMTUSize"); 

1404

x.setValuesTree("1404", "Device/IP/Interfaces/Interface[@uid='1']/MaxMTUSize");

x.setValuesTree("1404", "Device/IP/Interfaces/Interface[@uid='2']/MaxMTUSize");

x.setValuesTree("1404", "Device/IP/Interfaces/Interface[@uid='3']/MaxMTUSize");

x.setValuesTree("1404", "Device/IP/Interfaces/Interface[@uid='4']/MaxMTUSize");

x.setValuesTree("1404", "Device/IP/Interfaces/Interface[@uid='5']/MaxMTUSize");

Firewall

x.setValuesTree("Low", "Device/Firewall/CVTR98Config"); 

x.setValuesTree("LOW", "Device/Firewall/Config");  

x.setValuesTree("ENABLED", "Device/Firewall/Chains/Chain[@uid='1']/Rules/Rule[@uid='1']/Status"); 

 

 

 

Certeza

x.getValuesTree("Device/IP/Interfaces")

FAST 5350

Gostaria de mudar tanto o Ip do modem quanto a mascara. Mas ao colocar um IP que difere o primeiro e segundo octeto, ele bloqueia. Mas se alterar apenas o terceiro e o quarto ele permite: Ex: Alteração permitida: 192.168.XXX.XXX, diferente da que eu quero XXX.XXX.XXX.XXX

O segundo é a alteração da Mascara de rede, a qual tambem não consigo configurar alem de 254 maquinas.
Estava fazendo o gerenciamento via Router, mas inexplicavelmente ao conectar o router, perco 10mb. Imaginando que o problema fosse o router, troquei-o, mas ainda sim o problema persiste. Acho que a GVT esta de mal comigo porque no ultimo mes baixei 1,3 TB de informação.
Bom busco uma luz que possa me dar, infelizmente meu nivel de programação é pouco (nulo na verdade), sendo que infelizmente os comandos de GOTO do antigo batch não sirvam aqui. Mas se me explicar, posso ajuda-lo a fazer testes e disponibiliza-los ao pessoal. Agradeço a atenção!

EM TEMPO: SOLUÇÃO

Bom seguindo a lógica de adcionar DNS fui fazendo os comandos e vendo o que era, até que consegui ver o console do firefox e as requisições, bem dai ficou "facil" verificar o que ele estava pedindo.

Bom, a explicação é a seguinte:
Ele tem em Devices/DHCPv4 algumas configurações padrão. A principio essa seria a que teria que alterar mas tem 4 Pools, onde armazena. Alterei só o default mas mesmo assim nao alterava. até que vi a requisição pedindo todas. dai alterei todas e ele passou a responder o DHCP.

O pedido de alteração do modem ficou facil, esta abaixo.

Porem não consigo setar ips pois ao tentar salvar o ip pelo mac, ele me da ip incorreto naquela faixa que eu queria alterar.. mas ja é um começo

Bom vamos la.. Primeiro setar o DNS com o do google, utilize o ip do router e dai use o comando de habilitar dns que esta na wiki. Aqui vc só definira 1 para uso, na wiki ele vai pro router e do router pode setar 2 até 4 dns)

x.setValuesTree("8.8.8.8,8.8.4.4", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/DNSServers");
x.setValuesTree("8.8.8.8,8.8.4.4", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/DNSServers");
x.setValuesTree("8.8.8.8,8.8.4.4", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/DNSServers");
x.setValuesTree("8.8.8.8,8.8.4.4", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/DNSServers");

Depois O ip range da sua rede (10.10.10.2 a 10.10.10.100) fica

x.setValuesTree("10.10.10.2", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/MinAddress");
x.setValuesTree("10.10.10.2", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/MinAddress");
x.setValuesTree("10.10.10.2", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/MinAddress");
x.setValuesTree("10.10.10.2", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/MinAddress");

x.setValuesTree("10.10.10.100", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/MaxAddress");
x.setValuesTree("10.10.10.100", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/MaxAddress");
x.setValuesTree("10.10.10.100", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/MaxAddress");
x.setValuesTree("10.10.10.100", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/MaxAddress");

depois a mascara de rede que quer que seja transmitida:

x.setValuesTree("255.0.0.0", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/SubnetMask");
x.setValuesTree("255.0.0.0", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/SubnetMask");
x.setValuesTree("255.0.0.0", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/SubnetMask");
x.setValuesTree("255.0.0.0", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/SubnetMask");

Depois IP do router novo e da transmissão do gateway

x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/IPInterface");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/IPInterface");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/IPInterface");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/IPInterface");

x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='1']/IPRouters");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='2']/IPRouters");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='3']/IPRouters");
x.setValuesTree("10.10.10.1", "Device/DHCPv4/Server/Pools/Pool[@uid='4']/IPRouters");

e por fim a mudança do nosso IP do router

x.setValuesTree("10.10.10.1", "Device/IP/Interfaces/Interface[@uid='1']/IPv4Addresses/IPv4Address[@uid='1']/IPAddress");

Indico alterar tudo no Bloco de notas e depois colar de uma vez, pois ele vai perder o dhcp. Apos isso indico tirar o modem da tomada e aguardar 10 segundos antes de colocar novamente. e apos ele subir a conexao no modem, ir no seu console (CMD) e dar

ipconfig/release
ipconfig/renew

POSTADO NO FORUM DO TRIPLE OXYGEN

AUTORIA: MINHA!!!

Atheros Based Hardware

The Atheros VAP interface will be named ath0.1 instead of wl0.1 so just substitute this name in the instructions.

[edit]Broadcom Based Hardware

Very early Broadcom based routers have radios that do not support or only partially support multiple WLAN's. You will need to telnet to the router and run this command on the router:

nvram get wl0_corerev

• If the number is 4 or less then the router is too old.
• If it is between 5 and 8 then it is capable of multiple SSID's but not multiple BSSID's, which means the wireless interfaces will all have the same MAC address so some devices might not recognize both WLAN's, and you will need to use a build that has a VINT wireless driver.
• If it is 9 or above then the router fully supports multiple WLAN's, each with their own BSSID (MAC address).

[edit]Ralink Based Hardware

The Ralink VAP interface will be named ra1 instead of wl0.1 so just substitute this name in the instructions.

[edit]Configuration

[edit]GUI Method

[edit]Basic Wireless Settings

Use a web browser to connect to your router's web GUI. Navigate to the Wireless -> Basic Settings page and under the Virtual Interfaces section press the "Add" button to add a new virtual interface. Leave the Network Configuration set to "Bridged" for all interfaces regardless of whether you want to bridge them or not because "Unbridged" has unresolved bugs at the time this was written (svn 13312). To get a working unbridged interface we will actually assign it to its own bridge later on. You may change any of the other settings to your liking.

Press the "Apply Settings" button, wait 1 minute, and then you should be able to see and connect to your new WLAN SSID. Make sure that you can connect to it, receive a DHCP lease, and browse the network/internet before you do anything further.

Note: If you're using a Broadcom VINT build then some devices may have problems connecting. Often it is just that they will only display one SSID being broadcast but they will still be able to connect if you manually create a profile for the virtual interface's SSID. Two of my old 802.11g adapters can not see the VAP's SSID but can still connect with manual profiles while my 802.11n adapter can see both SSID's being broadcast.

[edit]Encryption

Configure whatever encryption you desire on the Wireless Security page. For instance, you may want WPA2-AES for your main interface to have maximum security but use WEP or no encryption on the virtual interface to allow others to connect. You may also use the same encryption type in order to have different passwords for different people.

Note: Firmware builds prior to 12548 are known to have trouble with using different encryption settings.

Press the "Apply Settings" button, wait 1 minute, and then you should be able to see and connect to both WLAN SSID's using their new encryption settings. Make sure that you can connect to both SSID's, receive a DHCP lease, and browse the network/Internet before you do anything further.

At this point you may stop if you want to allow everything to communicate together. If you are mixing strong encryption for your main network with weak encryption or none at all on the virtual interface then it is advisable to follow the steps below to separate the interfaces so that the virtual interface is restricted from communicating with your main network.

[edit]Separating the WLAN's

Navigate to the Setup -> Networking page. Press the "Add" button in the Create Bridge section and type "br1" into the blank input box that is on the left side of all the options that just appeared. Press the "Apply Settings" button at the bottom of the page and new input boxes will appear to specify the IP address for the new bridge.

This new bridge needs to have an address that is in a different subnet than your main LAN. By default the main router LAN address is 192.168.1.1 netmask 255.255.255.0 so we will use 192.168.2.1 netmask 255.255.255.0 for the br1 bridge interface. Press the "Apply Settings" button again so that the IP address will be assigned to the br1 interface before you continue.

Press the "Add" button in the Assign to Bridge section. Select "br1" in the left drop down menu that appeared and select "wl0.1" in the other. Press the "Apply Settings" button and the virtual wireless interface wl0.1 will now be moved from br0 to br1. If you wish to bridge a VLAN or other interface to the VAP, then you can add another bridge assignment to do so.

Press the "Add" button in the Multiple DHCP Server section. Select "br1" in the left drop down menu that appeared. Press the "Apply Settings" button to finish enabling the DHCP server for the br1 interface.

Note: DHCP Type must not be set to "DHCP Forwarder," this type is often mistakenly used when it is not appropriate. If DHCP is disabled on your main LAN in Basic Setup because it is a WAP that connects LAN-LAN to an existing network instead of using the WAN port or DHCP is disabled for any other reason, then the Multiple DHCP method above will not work and instead you will need to use the Command Method for DHCP.

You should now be able to connect to VAP's SSID and receive a DHCP lease with an IP address that is in the 192.168.2.0/24 subnet. Make sure that you can connect to it, receive a DHCP lease, and connect to the router's 192.168.2.1 address from the VAP before you do anything further. On current builds (>17000) you will not be able to browse the internet until you add appropriate iptables commands later in the guide. If you are making a WAPthen you must either use the iptables commands for WAP's in the next section, or create routes throughout your network, or add a working tagged VLAN interface to the bridge.

[edit]Command Method

This section does not contain complete instructions. Currently it only has substitutions for the GUI method to overcome problems with certain configurations.

[edit]DHCP

Go to the Services tab and find the DNSMasq section. Make sure that DNSMasq is Enabled. Adjust the following options to fit your environment (omit the comment lines starting with '#') and them to the Additional DNSMasq Options text area.

# Enables DHCP on br1
interface=br1
# Set the default gateway for br1 clients
dhcp-option=br1,3,192.168.2.1
# Set the DHCP range and default lease time of 24 hours for br1 clients
dhcp-range=br1,192.168.2.100,192.168.2.150,255.255.255.0,24h

If you would like to use different DNS servers for the VAP then you can use this DNSMasq option regardless of which DHCP configuration method you used (NOTE: do not use brackets).

dhcp-option=br1,6,[DNS IP 1],[DNS IP 2]

July 2015 addition: Beside the info above (I didn't need to implement them as of build r25179), in a WAP setup hosting the DHCP server for the main LAN (br0) you may find the advertised dhcp options to the clients are wrong, at least the gateway (sent to client as WAP's lan IP). Paste this in the Additional DNSMasq Options text area:

option=lan,3,192.168.1.1      <-your gateway here
dhcp-option=lan,6,208.67.222.222,208.67.220.220       <-your prefered DNS servers here

Adapt to your needs (second line optional) These options seem to override the default wrong ones.

Restricting Access

OBSERVAÇÃO: PARA A BR1 ACESSAR A INTERNET E NAO ACESSAR A BR0, SÓ USAR

iptables -I FORWARD -i br1 -o `get_wanface` -j ACCEPT

Now that you have your WLAN's working you can start limiting what access they have. Here are several iptablescommands that you can save to your firewall script on the Administration -> Commands page. These commands are written in the same order that the should appear in your firewall script, changing the order can affect the way that they work. Mix and match them however you like, just be sure to keep them in the order they appear on this page.

If you have any problems with your firewall script, then create a forum thread and be sure to describe in great detail what you're trying to do, what it is actually doing, and post your firewall script.

Enable NAT on the WAN port to correct a bug in builds over 17000

iptables -t nat -I POSTROUTING -o `get_wanface` -j SNAT --to `nvram get wan_ipaddr`

Allow br1 access to br0, the WAN, and any other subnets (required if SPI firewall is on)

iptables -I FORWARD -i br1 -m state --state NEW -j ACCEPT
iptables -I FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu

Restrict br1 from accessing br0 (do not use on WAP's)

iptables -I FORWARD -i br1 -o br0 -m state --state NEW -j DROP

Restrict br0 from accessing br1

iptables -I FORWARD -i br0 -o br1 -m state --state NEW -j DROP

Restrict br1 from accessing the WAN port (no internet access!)

iptables -I FORWARD -i br1 -o `get_wanface` -j DROP

Restrict br1 from accessing the WAN subnet (still has internet, do not use on WAP's)

iptables -I FORWARD -i br1 -d `nvram get wan_ipaddr`/`nvram get wan_netmask` -m state --state NEW -j DROP

Restrict br1 from accessing br0's subnet but pass traffic through br0 to the internet (for WAP's - WAN port disabled)

iptables -I FORWARD -i br1 -d `nvram get lan_ipaddr`/`nvram get lan_netmask` -m state --state NEW -j DROP

Enable NAT for traffic being routed out br0 so that br1 has connectivity (for WAP's - WAN port disabled)

iptables -t nat -I POSTROUTING -o br0 -j SNAT --to `nvram get lan_ipaddr`

Restrict br1 from accessing the router's local sockets (software running on the router)

iptables -I INPUT -i br1 -m state --state NEW -j DROP

Allow br1 to access DHCP on the router

iptables -I INPUT -i br1 -p udp --dport 67 -j ACCEPT

Allow br1 to access DNS on the router

iptables -I INPUT -i br1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT -i br1 -p tcp --dport 53 -j ACCEPT

Sagemcom F@st 5350 GV – Desbloqueio

Retirado do site www.tripleoxygen.net

Não me responsabilizo caso aconteça algo de errado com seu modem, linha, plano, TV, etc.. ou tenha problemas com a GVT. O propósito deste “desbloqueio” é apenas para que tenha maior controle do modem e possa usar os recursos que ele oferece e, de forma alguma, prejudicar a GVT. E lembrem-se: esse método é GRATUITO.

Abra seu navegador (Mozilla Firefox ou Google Chrome), entre na página de configuração do modem e faça login. Com a página aberta, pressione CTRL+SHIFT+K no Firefox ou CTRL+SHIFT+J no Chrome. No console que abre, de acordo com a versão do firmware de seu modem, entre com:

SG790131200068 e SG790131200312

1	$.xmo.setValuesTree(4, "Device/Managers/NetworkData/RunLevel")

SG790131200412 e SG790131200418

1 2 3 4

var x = $.xmo; x.init(); x.login("internal", ""); x.setValuesTree(4, $.xpaths.runlevel);

Reinicie o modem, ele estará em runlevel 4. Se quiser outro runlevel, basta trocar na linha acima.

No SG790131200312 e abaixo,  se quiser desativar o gerenciamento remoto do modem e evitar a atualizações automáticas, assim evitar que o desbloqueio seja desfeito, execute:

1	$.xmo.setValuesTree(false, "Device/ManagementServer/EnableCWMP")

ou

1	$.xmo.setValuesTree("http://", "Device/ManagementServer/URL")

Obviamente também perderá possíveis melhorias. A URL original é https://acs.gvt.com.br. Se mesmo assim ele atualizar, uma pena.  No SG790131200412 o acesso a estes parâmetros foi removido.

Talvez teremos algo “bacana” sobre o 2764 e o 5350 em breve.

Edit: infelizmente alguns “bons” colegas (de Porto Alegre, principalmente) insistem em aproveitar das informações postadas aqui para arrecadar alguns trocados no ML à custa daqueles que poderiam ter encontrado o método com um pouco mais de Google-fu ou perseverança. Espalhem o método, é de graça.

Edit 2: agradeço a todos pelas palavras. 

Edit 3: Aos que queriam as imagens de firmware originais, já estão disponíveis no file vault do dispositivo neste link.

Edit 4: caso receba mensagens de erro ao digitar os comandos no navegador, apague e digite novamente todas as aspas.

Para gravar uma imagem no modem, abra o console no navegador (o mesmo acima) e digite, em ordem:

1 2 3

var req = $.xmo.client.newRequest() req.remoteCall("Device", "download", {id: "0", fileType: "1 Firmware Upgrade Image", url: "http://tripleoxygen.net/files/router_hacking/sagemcom/f5350gv/firmware/SG790131200312-sagemcom-5350-gvt-3.12.5301-combined-squashfs.img.gsdf" }, 0, 0, 0, 0) req.send()

Substitua a URL acima para outra imagem, caso necessário. Testei uma vez e funciona perfeitamente, mas como estou longe do 5350 GV para testar novamente, pode ser necessário algum pequeno ajuste na linha acima, só copiei de uma rápida anotação aqui. Dê um feedback caso tente.

Nota: o 5350 GV mantém 2 cópias de firmware em sua flash. Normalmente, uma mais antiga e outra operacional, sempre atualizada. Quando atualizei manualmente pelo método acima, ele gravou a imagem atualizada nas 2 partições, sumindo com a antiga. Pode ser que isso não aconteça em outro modem. Ou pode ser que isso não seja relevante. Está avisado. 

Edit 5: caso queira fazer flash de um novo firmware a partir de um pen-drive (seu modem deve estar no runlevel 4 para isso, obviamente), faça:

1 2 3

var req = $.xmo.client.newRequest() req.remoteCall("Device", "download", {id: "0", fileType: "1 Firmware Upgrade Image", url: "file:///mnt/sda1/SG790131200312-sagemcom-5350-gvt-3.12.5301-combined-squashfs.img.gsdf" }, 0, 0, 0, 0) req.send()

Note que, caso seu volume tenha um nome/label, ele pode aparecer no lugar de sda1. Remova quaisquer nomes antes de usá-lo no modem para evitar problemas.

O procedimento funciona em todas as versões, até agora.

Edit 6: na versão 412, algumas coisas mudaram. Grato ao Diogo pelo comandos para a nova versão. Atualizado o post.