Some questions about Fritzbox 7430

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Hi I have some questions about the fritzbox (7430)(from the store):

1. I have access to the fritzbox via UART, and i want to make telnet available always. Is there any option to do it even after a restart?
2. I see the TR-069 does not work, is there any option to make it work / trick it to work?
3. Is there any option to perform something like cron job that will run even after a restart? (i mean that it will persistent?)

Thanks,
 

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
Hi, I have some answers to your questions ... but only hints, where you may find more information.

The solution from this thread: https://www.ip-phone-forum.de/threads/modfs-squashfs-image-avm-firmware-ändern-für-nand-basierte-fritz-boxen.273304/ works up to version 07.12 of AVM's firmware - use any (good) online translation tool to read. If you've further questions (which aren't mentioned already in the thread), you may/should ask there.

Another opportunity to add such a feature without changing AVM's firmware at all (this means the SquashFS image, which forms the main filesystem while running), is to use the same approach as my "Shell in a Box" injection script here (as a 7430 has the "usual" NAND structure with YAFFS2 wrapper): https://github.com/PeterPawn/YourFritz/blob/master/toolbox/build_shellinabox_implant_image - it's possible to implant other services, too, this way.
 

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Hi Peter,
Forgot to say thanks.
I have some additional questions for you if you can help me:
1. What about the tr-069, do you have any idea?
2. As well as, I have a sticker behind the router with CWMP account. i read in the forum you said this is: AVM + macA. and i have the password from "tr069_passphrase". What are those information? this is for the first time, the router (CPE) connects to the ACS in order to perform all configurations?
3. What is the cookie value in a7cfg file under webui part ? i see it is not the SID
Thanks
 
Zuletzt bearbeitet:

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
TR-069 needs to know, where an ACS may be found ... either from the existing "tr069.cfg" file in the configuration or from a special DHCP option (on the WAN side of the router) - but the latter option may be disabled via a setting in the mentioned "tr069.cfg" structure. If there's no configured server, TR-069 will be disabled.

Both values of the TR-069 related items from the bootloader environment are used as initial values in any TR-069 connection attempts, if there are no other settings already (e.g. in a "tr069.cfg" file from a provider-specific configuration file - look for "provider additive" to find some explanations, what this is - or once again from a DHCP option).

The "cookie" value will be used by some AVM pages from GUI to circumvent login restrictions for some pages or to implement time restrictions for some actions (no long interval between two consecutive actions, where the second one uses sometimes a less-restrictive check of authorization).

HTH
 

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Thanks for your answer,
Just to clarify , if change the trc069.cfg file to "correct" information, that could allow me to start the port 8089 ? i have tried and it does not work. I want to start it even if i don`t have access to DSL,
 

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
Configure the needed settings in the "tr069.cfg" file (the "provider-<something>.tar" file below /etc contains some examples for various providers), especially the ACS address, and enable the TR-069 function (it's in the same file, too).

I've used (month/years ago for some security/function checks of the TR-069 implementation) an URL for the ACS, which was on the LAN side of my router - but it should be possible to use the WAN side (without DSL connection), if the "dsld" is in "LAN1 mode".

The port to "knock" for CPE request from the ACS side (this is the mentioned port number 8089), will only be opened, if the "ACSInitiation..." related values are set. I'm not sure, if this port is activated without a first successful INFORM dialog with the ACS by the CPE ... but I'm sure, that AVM made some changes here after the time of my last tests.
 

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Hi Petter,
Thanks

Hi, i wanted to message with you privately, but it does not work

I have done what you said. i have replaced the tr069.cfg to this:
Then i have entered the following info:
1. cd /etc/init.d/
2. ./rc.net stop
3. ./rc.dsl.sh stop
And it is still does not work. i don`t see in "netstat" the port 8089 is listen. if i do a restart the tr069.cfg will be deleted again

As well as i did not understand your point about this:
" The" cookie "value will be used by some AVM pages from GUI to circumvent login restrictions for some pages or to implement time restrictions for some actions (no long interval between two consecutive actions, where the second one uses sometimes a less-restrictive check of authorization). "Can i put this value in the SID?
- What does it mean "guimode" in the tr069.cfg ?
 

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
To understand the usage of the mentioned "cookie" value, look into "/usr/lua/webuicookie.lua" and where it's used (and how) in other LUA files (everything may be found below /usr in some sub-directories). It's not really hard to find it.

If you want to show your configuration files, use a "CODE" tag/block here and do not upload them to other sites ... if they get deleted there, no later reader can view their content and see your problem.

Why do you set "guimode" to "hidden"? Without further explanations, what's your goal and what you did already, it's senseless trying to understand your intentions.

To give you an example ... I can't see, why you're stopping some services (your commands numbered 1 to 3) and obviously expect now, that something changes as a result of your changed settings. Shouldn't services get restarted first to use the changed settings now?

Furthermore I'm a bit unsure, whether you're editing the "tr069.cfg" file in the correct manner - your statement:
if i do a restart the tr069.cfg will be deleted again
sounds "odd".

But it's really possible, that wrong settings get corrected on a restart, where a "fresh copy" of the default setting will be loaded or settings for the (currently) configured provider get applied again (after each restart).

On the other hand it could be so simple as explanation, that you're using a wrong approach to edit the file and save your changes ... those actions require a special process and you wouldn't be the first one, who fails on this task.

Research "editing a TFFS file" and do not take the whole sentence as the only hint - try to find themes, where the correct process was described or look into this script: https://github.com/PeterPawn/YourFritz/blob/master/tffs/fritzos_scripts/tvi
 

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Thanks,

Just trying to understand how it works since i want to enlarge my knowledge in tr069 and maybe develop mini software for myself and get more experience in tr069.

I have successfully got it to work , but i saw it request in the EventCode of "1 BOOT" ExternalIPAddress of 10.0.0 .Can i change this IP on router ?

I don`t know what is guimode, therefor i have asked if you can help me understand it. Is that a gui i can see?
 

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
CPE WAN Management Protocol - TR-069_Amendment-5.pdf

It contains the complete description of the TR-069 protocol and you should read it first.

Your assumption (if I recognize it correctly), that the CPE would "request" an IP address via TR-069, is completely false and you should - first at all - try to understand, what TR-069 is used for and what it is able to provide as functionality.

Afterwards it makes sense to analyze the capabilities of the TR-069 implementation from FRITZ!OS and to determine, how to configure it.

The GUI part of the TR-069 implementation in FRITZ!OS is only one page, where TR-069 may be enabled or disabled and some (minor) settings may be changed (but there's no "configuration option" from GUI):
tr069_settings.PNG
(german version)
 

earoq.12

Neuer User
Mitglied seit
21 Jan 2020
Beiträge
11
Punkte für Reaktionen
0
Punkte
1
Thanks.
Yes i have started to read this manual.
Regarding this issue:

"Your assumption (if I recognize it correctly), that the CPE would "request" an IP address via TR-069, is completely false and you should - first at all - try to understand, what TR-069 is used for and what it is able to provide as functionality."
No, i did not mean to that. What i say is that i saw the CPE sends a request to the ACS and the this values: InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANIPConnection.1.ExternalIPAddress" and this "InternetGatewayDevice.ManagementServer.ConnectionRequestURL" contained an IP started with 10.0.0. What i ask if can change this IP manually ?
 

PeterPawn

IPPF-Urgestein
Mitglied seit
10 Mai 2006
Beiträge
12,881
Punkte für Reaktionen
961
Punkte
113
What i ask if can change this IP manually ?
This depends solely on the "WAN mode", you're using with your device ... consult the manual and online help pages (the little blue-white question mark in most GUI pages - at the upper right corner or somewhere else, if the "view port" is too small for "the whole picture"), how to configure a static IP for your WAN connection.

Did you recognize, that you didn't provide any info regarding the configuration of this device? Neither its firmware version (number), nor its configuration? Not even the smallest snippet ... how should anybody else know, HOW TO set the WAN IP address of your device, if none of this info is known?

And please don't misinterpret my last paragraph ... it doesn't mean, you have to provide this info only, now after my hint, and then you will get the next answer.

The basic idea behind my words is the advice to do more own research - not only "within" the firmware, rather in the available documentation first. Many questions were already answered in the past in other threads ... try to deliberate seriously, how plausible it is, that you're the first one, who's got a question for a special theme and only if you think it's really a new one or you've tried (at least a little bit hard) to find previous answers, you should go on with your next own question.

Please don't get me wrong ... it doesn't mean, you should never ask again. But please consider to constrain own questions to the points, which are really unique or new - and were not answered yet (in many other places or even in the manuals, online help pages or "Frequently Asked Questions" by the manufacturer). Thanks. Otherwise it starts to get boring ... to write same answers once more, which were written in other places already.