Tuesday, March 26, 2013

Dealing with Corrupt Opegear Firmware

It was inevitable. Now that I'm proudly compiling my own cellular router firmware, I'm also becoming familiar with the process of recovering from corrupt firmware.

I'm using an Ubuntu VM (described in the previous post) running in my MacBook for recovery purposes.

The Opengear instructions for recovering from bad firmware suggest that holding down the reset button is required, but I find that my router attempts to load firmware from the network no matter what. Maybe that's because I've wiped out my configuration? <- Update: yes, this seems to be the case. I haven't nailed it down exactly, but my router doesn't try to netboot every time.

Here's how I'm using that Ubuntu VM:

Required Packages
sudo apt-get install -y tftpd-hpa dhcp3-server

Recovery Software Image
cd /var/lib/tftpboot
sudo wget ftp://ftp.opengear.com/release/recovery/ACM500x_Recovery.flash

Configure DHCP Service
sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.orig
cat > /tmp/foo << EOF
option domain-name "opengear-recovery.com";
option subnet-mask;
subnet netmask {
host myopengear {
  hardware ethernet 00:13:C6:xx:xx:xx;
  filename "ACM500x_Recovery.flash";
sudo mv /tmp/foo /etc/dhcp/dhcpd.conf

Configure Static IP
It's rare that my MacBook Ethernet cable is plugged in, so my VMs are typically run in NAT mode. For this task, I'll need to run the VM in bridged mode with a fixed IP.

cat > /tmp/foo << EOF
auto lo
iface lo inet loopback
iface eth0 inet static
sudo mv /tmp/foo /etc/network/interfaces.static
sudo cp /etc/network/interfaces /etc/network/interfaces.dhcp

Switch to Bridged Mode
At this point, I switch the VM's network adapter from NAT to bridged mode using the Virtual Machine->Network Adapter pulldown menu in VMware Fusion.

In Parallels it's Virtual Machine ->Configure->Hardware->Network->Type

Now run the following to complete the change in the VM:
sudo ln -s /etc/network/interfaces.static /etc/network/interfaces
sudo pkill dhclient3
sudo /etc/init.d/network restart
sudo service isc-dhcp-server stop
sudo service isc-dhcp-server start

At this point, I power on the Opengear router while holding down it reset button with a pin. A few seconds later the router collects an IP address via BOOTP, and then the firmware via TFTP.

Hit the The router will be running a web service on port 80. Use that to replace the firmware.

Switch back to NAT mode
Before changing back to NAT mode in the hypervisor, do:

sudo ln -s /etc/network/interfaces.dhcp /etc/network/interfaces
sudo service isc-dhcp-server stop
sudo /etc/init.d/network restart

No comments:

Post a Comment