Technicolor Mac Address Filtering

Log in to your router settings. Search through your router's settings until you locate the tab or setting MAC Filtering. This is most often found within a router's Wireless or Wireless Security. Log in to your router settings. Search through your router's settings until you locate the tab or setting MAC Filtering. This is most often found within a router's Wireless or Wireless Security.


TelnetCommands for a Thomson / Technicolor Router
Tested on a TG587n V2 but may work on other Thomson routers

Important
Use the routers web interface to backup the router settings beforeplaying.
Reinstallingthe backup or in the worst case resetting to factory default andreinstalling the backup should get things back to how they were.
Use these commands at your own risk.

Enable Telnet in Vistaor Windows 7

If using Vista or Windows 7, telnetis not enabled by default but it's very easy to do and you only need dothis once.
Go to “Control Panel” > “Programs and Features” >click on “Turn windowsFeatures On and Off”> place a tick in “Telnet Client” > click ok.

Start a telnet sessionto the router.
Click on 'start' in the bottom left corner of the desk top, inthe search box (vista) or run box (windows xp) type commandthen press enter.
A black command window should pop up, in heretype telnet192.168.1.254
You will be asked for your routers username and then password,it’s the same ones used to access the routers web interface.
The first thing to do is disable the routers telnet timeout.
This prevents the telnet session unexpectedly closing.
Just enter the two commands as shown above to permanently disable thetimeout.
Telnetexample
This example displays the IP address of the DNS resolvers held in therouter.
Issue thecommand 'dns serverroute list'
Make a note of the interface shown here, it will be needed insome other commands on this page.
eg. the interface shown above isO2_ADSL2plusthis may not be the same as shown by your router.
Setthe router to use OpenDNS--R8 Firmware
CommandComments
dnsserver route listList all DNS resolvers set in the router. ( optional )
dnsserver route flushClear
dnsserver route add dns=208.67.222.222 metric=0 intf=InternetSeenote (1) below regarding 'intf=Internet'
dnsserver route add dns=208.67.220.220 metric=0 intf=InternetSeenote (1) below regarding 'intf=Internet'
dnsserver route listListall DNS resolvers set in the router. (just checking)
saveallMakethe change permanent.

The ISP DNS settings may creep back in over time.
A metric value of 0 has been used to give these new DNS settingspriority over any ISP settings.
eg the lower the metric the higher the priority.

Telnet scriptdownload to configure the DNS setting for R8 and R10 firmware
http://npr.me.uk/dns-script.zip

Undo,return to obtaining DNS resolvers via DHCP

CommandComments
dnsserver route flushClear
dnsserver route listListall DNS resolvers set in the router. (just checking)
saveallMakethe change permanent.
May need to reboot or renew the ppp session to obtain the DNS settings.

Setthe router to use OpenDNS--New R10 Firmware
CommandComments
dnsserver forward dnsset listList all DNS resolvers set in the router. ( optional )
dnsserver forward dnsset flushClear
dnsserver forward dnsset add set=0 dns=208.67.222.222 metric=0intf=InternetSeenote (1) below regarding 'intf=Internet'
dnsserver forward dnsset add set=0 dns=208.67.220.220 metric=0intf=InternetSeenote (1) below regarding 'intf=Internet'
dnsserver forward dnsset listListall DNS resolvers set in the router. (just checking)
saveallMakethe change permanent.

The ISP DNS settings may creep back in over time.
A metric value of 0 has been used to give these new DNS settingspriority over any ISP settings.
eg the lower the metric the higher the priority.

Telnetscript download to configure the DNS setting for R8 and R10 firmware
http://npr.me.uk/dns-script.zip


Undo,return to obtaining DNS resolvers via DHCP

CommandComments
dnsserver forward dnsset flushClear
dnsserver forward dnsset listListall DNS resolvers set in the router. (just checking)
saveallMakethe change permanent.
May need to reboot or renew the ppp session to obtain the DNS settings.
UpdateOpenDNS using Dynamic DNS
CommandComments
dyndnsservice listViewexisting settings -- It's the 'custom' section we'll be changing
dyndnsservice modify name=custom server=updates.dnsomatic.comupdateinterval=10800Changeservice provider to dnsomatic.com
updateinterval is 3 hours. (10800 seconds)
saveallMake the change permanent.

Ensure your opendns account is set to -- enable dynamic IP update
Go to www.dnsomatic.com , sign in with your OpenDNS username / password.
While there, enable update opendns.
Go to the routers web interface Toolbox > Dynamic DNS >Configure :-
Tick 'Enabled'
Interface -- Internet -- See Note (1)
Username --Opendns username
Password --Opendns password
Service -- custom
Host --enter your opendns network label or enter the catch all -- all.dnsomatic.com
Click 'Apply'
Check the routers event log to confirm 'dyndns host has been updated'.
Disabletelnet timeout
CommandComments
envget var=SESSIONTIMEOUTCheckexisting setting.
envset var=SESSIONTIMEOUT value=0Disablesession timeout.
saveallMakethe change permanent.

Getrouter stats
CommandComments
xdslinfo expand=enabledSee Telnet Scripting for a method to get these statsquick.

Forceconnection modulation mode to ADSL1, ADSL2 or ADSL2+ (also disable Annex M)
A useful byproduct of this command is that it causes a resync.
ie resetting the modulation to default (ie no change) can be used toforce the router to perform a resync.
CommandComments
xdsldebug multimodeShowall enabled modes. (optional)
xdsl debugmultimode config=t1.413issue2+g992.1_annex_aThisforces ADSL1 (ie g992.1 Annex A)
xdsl debugmultimode config=t1.413issue2+g992.3_annex_aThisforces ADSL2 (ie g992.3 Annex A)
xdsl debugmultimode config=t1.413issue2+g992.5_annex_aThisforces ADSL2+ (ie g992.5 Annex A)
xdsl debugmultimodeconfig=t1.413issue2+g992.1_annex_a+g992.3_annex_a+g992.3_annex_l+g992.5_annex_aDisableAnnex M on all connection modes
xdsl debugmultimodeconfig=t1.413issue2+g992.1_annex_a+g992.3_annex_a+g992.3_annex_l+g9
92.3_annex_m+g992.5_annex_a+g992.5_annex_m
Default,all modes available.
saveallUseone of the above commands then saveall !

Dropand Re-start ADSL (resync)
CommandComments
xdsl configstatus=downDropADSL connection
xdsl configstatus=upRaiseADSL connection

Drop/ Start PPP Session
With some ISP connections this may change your gateway it may alsochange your IP address.
Useful if your ISP sometimes has congested gateways.
CommandComments
ppp ifdetachintf=InternetDropPPP
ppp ifattachintf=Internet ConnectPPP

DHCPClient Lease Renew
CommandComments
dhcp clientifrenew intf=InternetSeenote (1) below regarding 'intf=Internet'
dhcp clientiflist expand=enabledOptional-- View DHCP Client Info

Rebootthe router
CommandComments
system reboot

Changerouter password -- I've found thistroublesome using the web interface.
CommandComments
userconfig name=SuperUser password=mypasswordMustbe an existing username ie 'SuperUser' or 'Administrator'
userconfig name=Administrator password=mypassword
saveallDon'tforget this!

Create username with 'root'privileges.
These two methods don't work with all firmware version.
Method 1
CommandComments
script addname=useroot command='user add name=me password=pass role=root'
Change'me' and 'pass' for your own username and password.
script runname=useroot pars='Runthe script.
saveallDon'tforget this!

Method 2
CommandsComments
userflushDeleteall usernames and passwords
Exittelnet session and start a new one.Nousername or password needed.
useradd name=MyUserName password=MyPassWord role=root defuser=enableddefremadmin=enabled deflocadmin=enabledReplaceMyUserName and MyPassWord
with ones of your own.
saveallMakepermanent.

Spoofrouters WAN MAC
CommandComments
ipiflist expand=enabledShowrouters MAC and other stuff
ipifdetach intf=InternetSeenote (1) below regarding 'intf=Internet'
ipifconfig intf=Internet hwaddr=00:xx:xx:xx:xx:xxSeenote (1) Replace 'xx' with your spoof MAC
ipifattach intf=InternetSeenote (1) below regarding 'intf=Internet'
saveallDon'tforget this!

DisableCWMP -- Remote management by the ISP
CommandComments
servicesystem listShowif enabled or disabled.
servicesystem modify name=CWMP-S state=disabledDisableremote assistance from the ISP.
servicesystem modify name=CWMP-C state=disabledDisablechecking for firmware updates etc 'phone home'.
saveallDon't forget this!

Undo -- Enable CWMP -- default mode
CommandComments
servicesystem modify name=CWMP-S state=enabledReturnto default setting
servicesystem modify name=CWMP-C state=enabledReturnto default setting
saveallDon'tforget this!

Enablereply to Pings from WAN
CommandComments
servicesystem list name=PING_RESPONDER expand=enabledCheckif 'interface group' is associated with WAN (ie enabled)
servicesystem ifadd name=PING_RESPONDER group=wanAddto WAN 'interface group' (ie enabled)
saveallDon't forget this!

Undo -- Disable reply to Pings from WAN -- Default mode


CommandComments
servicesystem ifdelete name=PING_RESPONDER group=wanRemoveWAN from 'interface group' (ie disabled) -- Default
saveallDon'tforget this!

Disable wireless nspeed--Routers using R8 firmware
CommandComments
wirelessifconfigShowwireless settings (optional)
wirelessifconfig interop=802.11b/gDisablewireless n
saveallDon'tforget this!

Undo -- Enable all wirelessspeeds
CommandComments
wirelessifconfig interop=802.11b/g/nEnablewireless b, g and n -- Default
saveallDon'tforget this!

Disable wireless
nspeed
--Routers using R10 firmware
CommandComments
wirelessradio interop=802.11b/gDisablewireless n
saveallDon'tforget this!

Undo -- Enable all wirelessspeeds
CommandComments
wirelessradio interop=802.11b/g/nEnablewireless b, g and n -- Default
saveallDon'tforget this!

Change wireless n speed (TG582n only)
CommandComments
wirelessradio channelwidth=20 sgi=enabledWirelessSpeed 144(n)
wireless radiochannelwidth=20/40 sgi=disabledWirelessSpeed 270(n)
wireless radiochannelwidth=20/40 sgi=enabledWirelessSpeed 300(n)
wireless radiochannelwidth=20 sgi=disabledWirelessSpeed 130(n) Default
saveallDon'tforget this!

Whenin 270(n) or 300(n) mode the router is not very good at switching offthe extra channels when not needed or when it may cause interferenceto other wireless access points.
For this reason please use these modes responsibly.
Wireless n tweaks (TG582n only)

CommandsComments
wirelessradio cdd=enabledenabled= reduce dead spots in the wireless coverage
disabled = default
wirelessradio stbc=enabledenabled= Improve signal quality
disabled = default
http://en.wikipedia.org/wiki/Space%E2%80%93time_block_code
wirelessradio frameaggregation=ampduImprovethroughput by changing type of header.
amsdu -- generaly most efficient
ampdu -- (Default) Better in environments of high error rates.
http://en.wikipedia.org/wiki/Frame_aggregation
saveallDon'tforget this!

ChangeMTU setting
CommandComments
ip iflistShowpresent setting (optional)
ip ifconfigintf=Internet mtu=1458Seenote (1) regarding 'intf=Internet' -- Set MTU for WAN
ip ifconfigintf=LocalNetwork mtu=1458SetMTU for LAN
saveallDon'tforget this!

Undo-- Return to default MTU of 1500
CommandComments
ip ifconfigintf=Internet mtu=1500Seenote (1) regarding 'intf=Internet' -- Set 1500 MTU for WAN
ip ifconfigintf=LocalNetwork mtu=1500Set1500 MTU for LAN
saveallDon'tforget this!

Disableethernet port
CommandComments
eth deviceifconfig intf=ethif1 state=disabledDisableethernet port 1. (ethif1 = port 1, ethif2 = port 2 etc )
saveallDon'tforget this!
eth deviceiflistListstate of ports (optional)

Undo-- Enable ethernet port
CommandComments
eth deviceifconfig intf=ethif1 state=enabledEnableethernet port 1. ( ethif1= port 1, ethif2 = port 2 etc )
saveallDon'tforget this!

WirelessMAC access control -- Block a wireless connection
First configure theaccess control list by adding the device you wish to control -- onlyrequired once for each device.
CommandComments
wirelessmacacl add ssid_id=0 radio_id=0 hwaddr=00:xx:xx:xx:xx:xxpermission=allowChange'00:xx:xx:xx:xx:xx' to the wireless MAC of the target PC .
Only used once for each wireless MAC added to the list.
saveall

Use the followingcommands to stop or allow a wireless connection asrequired.

CommandComments
wirelessmacacl listOptional-- Display preset wireless MAC's
wirelessmacacl modify ssid_id=0 radio_id=0 hwaddr=00:xx:xx:xx:xx:xxpermission=denyDenyconnection from the target PC -- Use when required
wirelessmacacl modify ssid_id=0 radio_id=0 hwaddr=00:xx:xx:xx:xx:xxpermission=allowAllowconnection from the target PC -- Use when required

Undo-- Remove from WirelessMAC access control list
CommandComments
wirelessmacacl listOptional -- display MAC address on list
wirelessmacacl delete ssid_id=0 radio_id=0 hwaddr=00:xx:xx:xx:xx:xxRemoveMAC from list.
saveallDon'tforget this.

Checkwhich devices are connected
CommandComments
hostmgr listLookin the 'Flags' column,
'C' indicates connected

EnableWPS -- This is disabled by default on some models.
CommandComments
wireless wpsconfig state=enabledTheWPS button should now work
saveall

Undo-- Disable WPS
CommandComments
wireless wpsconfig state=disabled
saveall

EpsonSyslog -- This log survives a rebootMac address filtering vulnerability
CommandComments
syslogmsgbuf showViewrouter log in the telnet window.
syslogmsgbuf send dest=192.168.1.67Sendall the log to syslog client at IP address
syslogmsgbuf flushClearthe log
ftp://ftp.3com.com/pub/utilbin/win32/3CSyslog.zip
Link now dead, a google search will find a suitable syslog client.
Freesyslog client from 3Com
syslogconfig activate=enabledEnablecontinuous update to a syslog client.
syslogruleadd fac=all sev=debug dest=192.168.1.67Ruleto send all the log items to syslog client at 192.168.1.67

Changethe LAN IP of a Connected Device -- Static DHCP
CommandComments
dhcpserver lease listViewthe pool name and MAC address of the connected device
dhcp serverlease delete clientid=00:23:4d:xx:xx:xxFirstdelete the device.
clientid= [the MAC address found above]
dhcpserver lease add clientid=00:23:4d:xx:xx:xx pool=LAN_privateaddr=192.168.1.100 leasetime=0clientid= [the MAC address found above]
pool = [the pool name found above]
addr = [the lan IP you wish to assign - range 192.168.1.65 to 252]
leasetime=0 [infinite lease time]
saveallDon'tforget this.
Rebootthe device to obtain the new IP address

Disablethe Factory Reset Button

Caution
-- If youforget the username or password you will be locked out of therouter permanently.
Be very sureyou know the risks before using this command.
Command
systemconfig resetbutton=disabled
saveall

Undo-- Enable the Factory Reset Button (Default)
Command
systemconfig resetbutton=enabled
saveall

FixaProblemwith VOIP not working
Command
connectionunbind application=SIP port=5060
saveall

Undo
--Default
Command
connectionbind application=SIP port=5060
saveall

DisableIntrusion Detection (IDS)May help with online game problems but reduces security.
Command
idsconfig state=disabled
saveall

Undo
Command
idsconfig state=enabled
saveall

DisableCPU Low Clock Speed -- TG587n v2 and TG582n
Make the router more responsive.
CommandComments
pwrconfig Optional- view state
pwrconfigcpu-lowspeed=disabledDisableslow speed CPU
saveallMakepermanent

Undo-- default
CommandComments
pwrconfigcpu-lowspeed=enabled Enableslow speed CPU
saveallMakepermanent

Additionalpwr configcommands
CommandComments
pwr configeco-manager=enabled / disabledTheECO manager
pwrconfigcpu-microsleep=enabled / disabledAllowthe CPU to use low power instructions
pwrconfigcpu-lowspeed=enabled /disabledAllowsthe CPU to adjust it's clock speed.
pwrconfigusb-controller=enabled / disabledTheUSB controller
pwrconfigwlan-pwrcontrol=enabled / disabledWirelessLAN power control

Note:
There are reports that having these power settings enabled can causeintermittent network and internet access problems.
Disabling all of these settings followed by a router reboot cured theproblem.
Awaiting more information on this issue.
Cone-typeNAT's for Teredo Tunneling
Required for WindowsMeeting Space
The default for a Thomson router is symmetric-type NATs
UPnP needs to be enabled in the routers GUI.
Test with Microsoft's Internet Connectivity Evaluation Tool
Command
connectionbind application=CONE(UDP) port=3544
saveall

Undo-- return to the default of symmetric-type NATs
Command
connectionunbind application=CONE(UDP) port=3544
saveall

LogWeb Site Visits
CommandComments
dsdconfig state=enabledEnableaddress based filtering.
dsdsyslog config syslog=allSelectwhat to log
saveallMakethe change permanent.
dsdsyslog listUsethis command to view the log.
Alternatively use a syslog client as show in the syslog commands above.
syslogmsgbuf flushEmptythe log. -- Optional
This may quickly fill the routers memory and cause unexpected issues.
Undo
CommandComments
dsdsyslog config syslog=none
dsdconfig state=disabled
saveall

SNTP -- Change time server settings
CommandComments
sntp listListthe time servers
sntp addname=2.uk.pool.ntp.orgAdda time server.
This can be done in the routers GUI
sntp deletename=2.uk.pool.ntp.orgDeletea time server.
This can be done in the routers GUI
sntp configpoll=360
saveall
Setpoll interval to 6 hours.
Default is 60 minutes.
system settimeViewsystem time settings

Unbindthe FTP ALG -- Fix access problem to a local FTP server from theinternet.
Normal port forward rules are still required.
CommandComments
connectionbindlist
Optional- view the bind list
connectionunbind application=FTP port=21Unbindthe FTP helper
connectionbindlist
Optional- view the bind list
saveallMakepermanent

Undo
CommandComments
connectionbind application=FTP port=21Bindthe FTP helper to port 21
connectionbindlistOptional- view the bind list
saveallMakepermanent

DLNAServer (Media Sharing) Not Discovered Across LAN / WLAN. SOLVEDThis issue is present in firmware 8.2.7.7 Don'tknow about other firmware versions.

CommandComments
eth bridgeigmpsnooping configViewpresent state.
If state=enabled then apply the fix
eth bridgeigmpsnooping config brname=bridge state=disabledApplyfix
saveallMakepermanent

Turn Off LED Lights
CommandComments
system qualled value=alloffTurnall LED's off
saveallMakepermanent

Undo-- Enable LED lights
CommandComments
system qualled value=unlockEnableLED's
saveallMakepermanent

Correct The Decimal (.) and Digit (,)Separators
Some firmware versions confuse the decimal point with the comma.
CommandComment
system localeDisplaypresent settings
system localedec_symbol=.Assignthe decimal point
system localegroup_symbol=,Assignthe comma
saveallMakepermanent

No Auto Retrain
Prevent reconnecting after dropping the ADSL connection
CommandsComments
xdslqual freeze-showtime state=enabledStop reconnecting
saveallMake permanent

Undo
CommandsComments
xdslqual freeze-showtime state=disableDefault
saveallMake permanent

Throttle Speed Through a EthernetPort -- Shaper

CommandsComments
ethswitch shaper iflistUse anytime to view shaper settings
ethswitch shaper ifconfig port=1 ingress=disabled shaper=0 state=enabledspeed=384000 burstsize=16Ethernet port 1
Egress speed 384000 bps
ethswitch shaper ifconfig port=1 ingress=enabled shaper=0 state=enabledspeed=768000 burstsize=16Ethernet port 1
Ingress speed 768000 bps
ethswitch shaper config shaper=0 unicast=enabled multicast=enabledbroadcast=enabled control=disabled unknown=enabled discard=disablednormalize=disabled exclude_ipg=disabledConfigure shaper 0 to throttle on ingress, not neededfor egress
saveallMake permanent
Change the port and speed to suit your requirements.
Speed automatically notches in steps of 64Kbps.
Note(1) :
The 'intf=Internet'part of the above commands may need to be changed depending on therouters firmware.
ie 'intf=Internet'should be correct for standard firmware.

Mac Address Filtering 2wire


O2 supplied routers may need 'intf=Internet'replacing with :-
For O2 supplied routers on a LLU connections replace with 'intf=O2_ADSL2plus'or in some cases 'intf=RoutedEthoA'

Technicolor Mac Address Filtering

For O2 supplied routers on the Access service replace with 'intf=O2_ADSL'
Hint - You can check which one to use for the WAN interface by lookingat the results fromthe 'dns server routelist' command.
See the screen capture below, in this case it's 'intf=O2_ADSL2plus'.
Note(2)
To close the telnet session type -- exit-- press 'enter'
Thinking ofmoving to PlusNet Broadband?
You can support this site by signing up via the above link.

Reference
CLIReference Guide TG857n v2 r8.4.3
This reference guide also shows all the hidden commands.
Source Produced by Alexat www.modem-help.co.uk
Thomson CLI Reference Guide TG587n
Thomson CLIReference Guide TG585 v7
Technicolor CustomerRelease Note - Main Track R8.4.3 Maintenance 2


projects

Mac Filtering


Telnetcommands for aThomson router
Change DNS Settings on a ThomsonRouter -- (Two methods)
MultipleSSID

Web Access Control Schedule (TOD)

Webcontent filter


Telnet scripting

EnableWDS
ConnectTwo ThomsonRouters Together

BasicDMZ on a Thomson Router

AdvancedDMZ on a Thomson TG587n
Forwardall ports to a specific LANIP
IPQoS
Wakeon LAN from Internet
Xboxand PS3 on a Thomson router
RemoteAccess to a Thomson Router
Fixa problem with VPN (IPSec) Connections(Firmware Release 8.4.3only)
Fixa problem with VPN (PPTP) Connections

BridgeMode and Create a EWAN Port

HomePage
footer
Copyright©NPR 2010 - 2016 Disclaimer