homehub

BT Home Hub

the home of hassle hub

First thing first :: Telnet session

In order to use CLI you need to telnet to the hub using the existing “admin” account. In most of the cases, 192.168.1.254 is the default IP of the hub.

$ telnet 192.168.1.254

Trying 192.168.1.254...

Connected to bthomehub.home.

Escape character is '^]'.

Username : admin

Password : ******

------------------------------------------------------------------------

{admin}=>

Now you are ready to configure your hub using CLI commands.

Disclaimer
Whilst I’ve made every effort to ensure that information is free from error, yet does not guarantee that the information is complete or correct and accepts no responsibility therefore. This document is totally based on my experiences, I gathered during the configuration. It worked for me but when you follow this instruction, you assume all risk damaging your home hub. I strongly recommend that you take a back up of a good working config file (user.ini) before preceding.
All the logs and the trademarks are the property of their respective owner.

Creating a SuperUser account

The type of admin work you can do is based on the user you login on as, which is basically depends upon the role, associated with that particular user. The existing pre-defined roles can be obtained using the “mlp” (Multi-Level access Polices) commands.

{admin}=>:mlp role list

Role Parent Description

---------------------------------------------------------------------------

Administrator TechnicalSupport Any service and any access from LAN/Local origin only

BT_Advanced_GUI_user Administrator Advanced GUI via http/https from LAN origin

BT_Basic_GUI_User BT_Advanced_GUI_user Basic GUI via HTTP/HTTPS from LAN

BT_Standard_CLI_User Administrator Basic CLI Access via Telnet from LAN

root - The superuser

SuperUser root Any service and any access from LAN/WAN/LOCAL

TechnicalSupport SuperUser Any service and any channels from WAN

“root” is the mother of all the roles and “Administrator” is two level below the root. I suggest, you should have at least one user with the role “SuperUser” to gain the full control over the hub.

Now let’s have look at our users. This is what I got now:

{admin}=>user list

User Flags Role

---- ----- ----

admin L SuperUser

Basic BT_Basic_GUI_User

macusers U Administrator

Flags “U” defines the default user and “L” is the local admin. “R” means remote admin and that is our user “tech”. By default, there is no SuperUser on the hub, you have to create one by your own. Now, the problem is you cannot create a user whose privileges gonna be higher than your own. So far, only root can create a user with role SuperUser. To login as root user, you need to remove all the users from the hub first and then re-create. “user flush” command removes all the user from the hub.

{admin}=>user flush

{admin}=>user list

Now, if you terminate the present telnet session and then initiate a new one, the first user that logs on (no password required), will have the root privileges i.e. the same administrative rights as the user with the role root. Here you create users, using “user add” command of your own with appropriate role of your choice. I’d suggest to create three users: admin - with SuperUser role as local admin user, a normal user - with Administrator role as the default user and the standard user - with BT_Basic_GUI_User role. The users higher than “Administrator” are not visible from the web interface users’ list.

{admin}=>user add

name = admin

password = *****

Please retype password for verification.

password = *****

role = SuperUser

[hash2] =<any string value>

[descr] = Any service and any access from LAN/WAN/LOCAL

[defuser] =

[defremadmin] =

[deflocadmin] = enabled

:user add name=dmin password=_CYP_a384b6463fc216a5f8ecb6670f86456a role=SuperUser hash2=<any string value> descr="Any service and any access from LAN/WAN/LOCAL" deflocadmin=enabled

Next, add the default user with any name of your choice (e.g. macuser) and with [defuser] = <enabled>] flag for your web based administrative work. If you fancy creating the basic user, create it with the role BT_Basic_GUI_User. user rights prints the list of privileges associated with the presently logged on user.

{admin}=>user rights

Current session info:

user: name='admin', role='SuperUser'

access: lan (origin_lan), telnet (channel_telnet), unsecure (unsecure_connection)

service(s): r_lan, r_wan, r_fs_view, r_fs_retrieve, r_rtg, r_fwdg, r_nat, r_frwl,

r_ipsec_norm, r_ipsec_adv, r_certificates, r_remote_mgnt, r_local, r_qos,

w_lan, w_wan, w_fs_passive, w_rtg, w_fwdg, w_nat, w_frwl_norm, w_frwl_adv,

w_frwl_ass, w_ipsec, w_certificates, w_remote_mgnt, w_local, w_qos, SND_lan,

SND_wan, SND_local, AND_lan, AND_wan, AND_frwl, AND_local, User_Admin,

MLP_Admin, secure_ipsec_term, secure_BR, CLI, CGI, FTP, MDAP, secure_reset,

GUI_advanced, zone_47, mbus, zone_49, zone_50, zone_51, BT_adv_GUI, zone_53,

zone_54, zone_55, BT_ipsec-mssid_CLI, zone_57, zone_58, zone_59,

BT_wizard_GUI, zone_61, zone_62, zone_63, Sensitve_file, zone_71, zone_72,

zone_73, zone_74, zone_75, zone_76, zone_77, zone_78, zone_79, zone_83,

zone_84, zone_85, zone_86, zone_87, zone_88, zone_89, zone_90, zone_91,

zone_92, trace

Now save the new configuration in the default configuration file.

{admin}=>config save filename = user

:config save filename=user

Now you are done with your users.Terminate the telnet session and log in back as user “admin” and now we are ready to configure the hub. We all love to work from our favourite corner in the house, without laying anymore nasty cables. So lets get fix the wireless now.

Page :: One