一段时间前,我在路由器管理页面中进行搜索,但我注意到它不支持用户进行固件更新(这是ISP的speedport条目2i路由器(zte变体))。长话短说,在搜索了有关该特定型号的大量论坛评论之后,我发现我可以对它的固件进行逆向工程(由于某种原因,“他们” [isp guys]可以在其网站上下载),并且检查更新的交付方式,禁用tr 069等的方法。

没有反向工程经验,我用google找到了某种可以使我入门的教程,我也做了。

因此,在阅读了所介绍的每种工具的一些知识之后,我认为我可以做到。
但是我的固件与示例中的固件不一样(不确定它是否更简单或但是更努力),因此在尝试了一些其他我认为可行的方法后,我陷入了僵局。这是我到目前为止拥有的所有文件的链接,以防有人想要检出它们,并可能将我指向正确的方向,甚至亲自尝试。我也通常会喜欢任何专业提示。

Binwalk为我提供了以下输出,所以在找到一种提取lzma存档的方法后,我得到了这两个文件,我不知道如何方法(.7z文件是lzma存档,但是我尝试用binwalk解压缩它,但没有任何运气)。我可能由于缺少有关该主题的知识而错过了一些东西,因此,如果有任何人可以帮助我,请这样做。

预先感谢您的时间:)

评论

名为“ 240”的文件是240.7z的提取版本,但似乎缺少固件的某些部分。否则,您将无法更新固件,因为它包含IPS特定的固件。通常,ISP拥有路由器,并保留更新路由器的权利。
因此,如果我明白了这一点,则基本上它们要下载的固件是不完整的,因此无用(?)...因此,我应该找到一种直接从路由器中转储固件并从那里继续进行操作的方法。我不知道该如何做,但我会找出解决办法的。我现在还不想被打败。即使我自己找不到更新固件的方法,我也只想看看它并检查其工作原理。无论如何,谢谢您的帮助:)
尝试查找串行端口或命令注入漏洞:)
@Nikolas Efthimiadis如果您可以省下$ 30- $ 40,请给自己买辆公共汽车海盗和一个SOIC夹子。您可能可以直接从闪存芯片中提取固件。
@NikolasEfthimiadis您是否曾经设法找到正确解压缩这240个文件的方法,因为从17MB压缩文件中我得到5MB的未压缩文件...似乎丢失了某些东西...

#1 楼

@ J91321一直在努力进行配置文件解密,但没有成功。

您可以从该站点下载固件映像。此处有较新的版本。最新版本在这里。使用binwalk提取后,您应该获得一个后缀为jffs2的文件(filename.jffs2)。如果要将其安装在x86机器上,请将字节序从大变小。对于字节顺序转换,可以使用jffs2dump。然后使用mtdram挂载。已安装的jffs2映像列表(根目录):

backcfg/  bin/  defcfg/  dev/  env/  etc/  home/  lib/  linuxrc@
log/  mnt/  proc/  root/  sbin/  sys/  usercfg/  usr/  var/


文件cspd位于/ bin下。

评论

可以上传固件文件吗?该站点不再可用。谢谢你的帮助

– Nikolas Efthimiadis
18年7月15日在13:49
就像魅力一样。非常感谢你的帮助 :)

– Nikolas Efthimiadis
18年7月27日在19:08


#2 楼

我已经对ZTE Speedport Entry 2i进行了反向工程一段时间。坦率地说,大多数情况下我试图解码配置文件(在ZTE加密的备份配置文件中),但我没有设法在Internet上找到任何固件映像。该设备仅以CPE的形式出售给ISP,因此我很想知道您在哪里找到了该二进制blob。

我检查了您的文件,很遗憾,他们没有从文件中得到任何东西。我的猜测(实际上只是猜测)是它可能包含文件系统,但是由于它是中文设备,因此FS可能是专有的。

该设备具有Broadcom BCM6338,因此是MIPS架构。在板上,您会注意到4个未安装的引脚。您可能必须在此处焊接引脚。我以为这是UART,不幸的是它似乎无法正常工作,在上电之前连接到它时,该设备甚至无法启动。如果通电时已连接,则不会传输任何内容。引脚连接到PCB上标记为TEST的引脚。正如Gogeta70所提到的,使用带有SPI嗅探器的总线盗版,可以从Flash读取固件。设备具有GD5F1GQ4UAYIG NAND闪存(至少我的拥有)。我将在海盗到达时进行更新。

以下是PCB的图片,适合任何有兴趣的人。


评论

好吧,由于我的公共汽车海盗根本没有到达,我完全忘记了这一点(该死,Ebay:P)。我刚刚从当地商店订购了v4变体,但可能要花一些时间才能到达。我知道可能要晚了,但是您能对此做任何事情吗?

– Nikolas Efthimiadis
18年7月15日在9:48


我在回答中提到的问题涉及活动。有人设法提取固件。但是我还没有时间仔细研究它。

– J91321
18年7月15日在10:48
@ J91321您能给我发送设备吗,以便我尝试从中获取固件

– Vido
19年6月2日在19:44
@ J91321,您对此有何了解?

–街道
20年6月15日在15:01

#3 楼

我也看了一下这款路由器。串行端口工作正常,但是引导加载的cfe似乎已锁定(引导时并没有机会停止该过程)。在引导过程之后,他们确实提供了一个外壳,但是他们要求提供登录凭据。哪个还是不知道。
我看了看固件更新。从jffs2分区中提取对我来说不是很好。我看到了正式的linux结构(例如,root,bin ..),但是唯一包含文件的文件夹是/ bin,它并不是特别有用。有人能成功提取/ etc文件夹吗?
我现在的猜测是,nand flash dump是一种继续进行的方式,或者是Web ui中的漏洞利用,可以让我们拥有根并继续在那里。
/>
引导日志:

----
BTL1
V1.1
CPUI
L1CI
PMCI
PMCS
AFEL
PWRZ
MEML
PMCD
CPUI
L1CI
ZBSS
CODE
DATA
L12F
MAIN
OTP?
MFGZ
OTPP
USBT
SNAN
PASS
----
HELO
CPUI
L1CI
4.1602-1.0.38-116.118
PMCI
PMCM
DRAM
----
PHYS
PHYE
DDR1
400H
SIZ4
LMBE
RACE
PASS
----
ZBSS
CODE
DATA
L12F
MAIN
MGIC
RAM1


Base: 4.16_02
CFE version 1.0.38-116.118 for BCM963381 (32bit,SP,BE)
Build Date: Thu Nov 16 19:47:34 CST 2017 (xialei@localhost.localdomain)
Copyright (C) 2000-2013 Broadcom Corporation.

Chip ID: BCM63381B0, MIPS: 600MHz, DDR: 400MHz, Bus: 300MHz
Main Thread: TP0
Total Memory: 134217728 bytes (128MB)
Boot Address: 0xb8000000

SPI NAND flash device: Winbond W25N01GV, id 0xefaa block 128KB size 131072KB
pmc_init:PMC using DQM mode
board_device_init, set not used GPIO to 0 OK!
Info: get a version head, the integrality is OK!
Info: start_block:[120],kernel_magic_head at :[120], i:[257],ver_blocks:[137]
Info: get a version head, the integrality is OK!
Info: start_block:[288],kernel_magic_head at :[288], i:[425],ver_blocks:[137]

Entering norm mode ...
Info: start_block:120
Info: bad blocks before fs:0
Info: pL->dwFsStartPhyAddr:10a0000
Info: pL->fs_len:f80000
para->BootParaCksum=0001e693
Decompression OK!
Entry at 0x803976c0
Starting program at 0x803976c0
Linux version 3.4.11-rt19 (xialei@localhost.localdomain) (gcc version 4.6.2 (Buildroot 2011.11) ) #1 SMP PREEMPT Mon Mar 19 17:38:03 CST 2018
963381REF2 prom init
Check boot para cksum...
boot para cksum OK!
********************BOOT INFO**************************
version_sum:             :      2
version_nummax:          :      2
dwCurrVersionIndex:      :      0
dwBackVersionIndex:      :      1

dwVersionStartPhyAddr   0:      f00000
dwHeadRealPhyAddr       0:      2020000
dwIsCurrentVersion      0:      1
dwVersionIsBad          0:      0

dwVersionStartPhyAddr:  1:      2400000
dwHeadRealPhyAddr:      1:      3520000
dwIsCurrentVersion:     1:      0
dwVersionIsBad          1:      0
******************************************************
pdt_verinfo_init: tcVerInfo->RunMode[3]
bootPara.bootWhichImg=0
bootPara.img_info_tbl[0].flashOffset=0x       0
sHardVersion=V1.0
bootPara.runmode=3
CPU revision is: 0002a081 (Broadcom BMIPS4350)
DSL SDRAM reserved: 0x132000
Determined physical RAM map:
 memory: 07ece000 @ 00000000 (usable)
Initrd not found or empty - disabling initrd
Zone PFN ranges:
  DMA      0x00000000 -> 0x00001000
  Normal   0x00001000 -> 0x00007ece
Movable zone start PFN for each node
Early memory PFN ranges
    0: 0x00000000 -> 0x00007ece
On node 0 totalpages: 32462
free_area_init_node: node 0, pgdat 804b1750, node_mem_map 81000000
  DMA zone: 32 pages used for memmap
  DMA zone: 0 pages reserved
  DMA zone: 4064 pages, LIFO batch:0
  Normal zone: 222 pages used for memmap
  Normal zone: 28144 pages, LIFO batch:7
PERCPU: Embedded 7 pages/cpu @81103000 s5632 r8192 d14848 u32768
pcpu-alloc: s5632 r8192 d14848 u32768 alloc=8*4096
pcpu-alloc: [0] 0 [0] 1 
Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 32208
Kernel command line: root=31:9 ro rootfstype=jffs2  irqaffinity=0
PID hash table entries: 512 (order: -1, 2048 bytes)
Dentry cache hash table entries: 16384 (order: 4, 65536 bytes)
Inode-cache hash table entries: 8192 (order: 3, 32768 bytes)
Primary instruction cache 64kB, VIPT, 4-way, linesize 16 bytes.
Primary data cache 32kB, 2-way, VIPT, cache aliases, linesize 16 bytes
Memory: 122200k/129848k available (3668k kernel code, 7648k reserved, 1076k data, 240k init, 0k highmem)
Preemptible hierarchical RCU implementation.
NR_IRQS:128
console [ttyS0] enabled
Allocating memory for DSP module core and initialization code
Allocated DSP module memory - CORE=0x0 SIZE=0, INIT=0x0 SIZE=0
Calibrating delay loop... 598.01 BogoMIPS (lpj=299008)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 512
--Kernel Config--
  SMP=1
  PREEMPT=1
  DEBUG_SPINLOCK=0
  DEBUG_MUTEXES=0
Broadcom Logger v0.1 Mar 19 2018 17:37:42
CPU revision is: 0002a081 (Broadcom BMIPS4350)
Primary instruction cache 64kB, VIPT, 4-way, linesize 16 bytes.
Primary data cache 32kB, 2-way, VIPT, cache aliases, linesize 16 bytes
Brought up 2 CPUs
NET: Registered protocol family 16
pmc_init:PMC using DQM mode
1192:57:47 [Klogctl][Info] [(562)LogCtlInit] LogCtlInit begin
1192:57:47 [Klogctl][Info] [(579)LogCtlInit] LogCtlInit end
1192:57:47 [Kern][Notice] [monitor.c(938)MonitorInit]  cspmonitor init... !  
registering PCI controller with io_map_base unset
registering PCI controller with io_map_base unset
BLOG v3.0 Initialized
BLOG Rule v1.0 Initialized
Broadcom GBPM v0.1 Mar 19 2018 17:37:43 initialized
bio: create slab <bio-0> at 0
SCSI subsystem initialized
usbcore: registered new interface driver usbfs
usbcore: registered new interface driver hub
usbcore: registered new device driver usb
PCI host bridge to bus 0000:00
pci_bus 0000:00: root bus resource [mem 0x10600000-0x106fffff]
pci_bus 0000:00: root bus resource [io  0x11700000-0x1170ffff]
pci 0000:00:09.0: [14e4:6300] type 00 class 0x0c0310
pci 0000:00:09.0: reg 10: [mem 0x1000c400-0x1000c4ff]
pci 0000:00:0a.0: [14e4:6300] type 00 class 0x0c0320
pci 0000:00:0a.0: reg 10: [mem 0x1000c300-0x1000c3ff]
PCI host bridge to bus 0000:01
pci_bus 0000:01: root bus resource [mem 0xa0000000-0xbfffffff]
pci_bus 0000:01: root bus resource [??? 0x00000000 flags 0x0]
pci 0000:01:00.0: [14e4:6338] type 01 class 0x060400
pci 0000:01:00.0: PME# supported from D0 D3hot
pci 0000:02:00.0: [14e4:a8db] type 00 class 0x028000
pci 0000:02:00.0: reg 10: [mem 0x00000000-0x00007fff 64bit]
pci 0000:02:00.0: supports D1 D2
pci 0000:01:00.0: BAR 8: assigned [mem 0xa0000000-0xa00fffff]
pci 0000:02:00.0: BAR 0: assigned [mem 0xa0000000-0xa0007fff 64bit]
pci 0000:01:00.0: PCI bridge to [bus 02-02]
pci 0000:01:00.0:   bridge window [mem 0xa0000000-0xa00fffff]
PCI: Enabling device 0000:01:00.0 (0000 -> 0002)
bcmhs_spi bcmhs_spi.1: master is unqueued, this is deprecated
skbFreeTask created successfully
NET: Registered protocol family 8
NET: Registered protocol family 20
1192:57:47 [Kern][Info] [qos.c(5055)CSPKernel_QoS_I] Qos module init
Switching to clocksource MIPS
NET: Registered protocol family 2
IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
TCP established hash table entries: 4096 (order: 3, 32768 bytes)
TCP bind hash table entries: 4096 (order: 3, 32768 bytes)
TCP: Hash tables configured (established 4096 bind 4096)
TCP: reno registered
UDP hash table entries: 128 (order: 0, 4096 bytes)
UDP-Lite hash table entries: 128 (order: 0, 4096 bytes)
NET: Registered protocol family 1
PCI: CLS 16 bytes, default 16
init_bcm_tstamp: unhandled mips_hpt_freq=300000000, adjust constants in bcm_tstamp.c
bcm_tstamp initialized, (hpt_freq=300000000 2us_div=300 2ns_mult=0 2ns_shift=0)
jffs2: version 2.2. (NAND) © 2001-2006 Red Hat, Inc.
msgmni has been set to 238
io scheduler noop registered (default)
brd: module loaded
loop: module loaded
SPI NAND Device Linux Registration
SPI NAND Linux Registration
SPI NAND device reset
Found SPI NAND device Winbond W25N01GV
SPI NAND device Winbond W25N01GV
   device id    = 0xefaa
   page size    = 0x800
   block size   = 0x20000
   total blocks = 0x400
   total size   = 0x8000000
NAND device: Manufacturer ID: 0xef, Chip ID: 0xaa (Winbond NAND 128MiB 1,8V 8-bit)
NAND_ECC_NONE selected by board driver. This is not recommended!
Creating 10 MTD partitions on "Winbond W25N01GV":
0x000000000000-0x000000220000 : "boot"
0x000000220000-0x000000320000 : "tag"
0x000000320000-0x0000004a0000 : "userconfig"
0x0000004a0000-0x000000620000 : "backconfig"
0x000000620000-0x0000007a0000 : "defconfig"
0x0000007a0000-0x000000920000 : "log"
0x000000920000-0x000000aa0000 : "env"
0x000000f00000-0x000002400000 : "rootfs1"
0x000002400000-0x000003900000 : "rootfs2"
0x0000010a0000-0x000002020000 : "filesystem"
brcmboard: brcm_board_init entry
Failed to create a netlink socket for monitor
DYING GASP IRQ initialized 
Serial: BCM63XX driver $Revision: 3.00 $
Magic SysRq with Auxilliary trigger char enabled (type ^ h for list of supported commands)
ttyS0 at MMIO 0xb0000280 (irq = 8) is a BCM63XX
ttyS1 at MMIO 0xb00002a0 (irq = 9) is a BCM63XX
Total # RxBds=5154
bcmPktDmaBds_init: Broadcom Packet DMA BDs initialized

BPM: tot_mem_size=134217728B (128MB), buf_mem_size <15%> =20132655B (19MB), num of buffers=9679, buf size=2080
Broadcom BPM Module Char Driver v0.1 Mar 19 2018 17:37:47 Registered<244>
Info:zte_watchdog_init, errorEPC = 0f7e7716
pktgen: Packet Generator for packet performance testing. Version: 2.74
Netfilter messages via NETLINK v0.30.
nf_conntrack version 0.5.0 (1909 buckets, 7636 max)
ip_tables: (C) 2000-2006 Netfilter Core Team
NET: Registered protocol family 10
ip6_tables: (C) 2000-2006 Netfilter Core Team
IPv6 over IPv4 tunneling driver
NET: Registered protocol family 17
1192:57:48 [Kern][Info] [br_com_special_(109)arp_stolen_init] arp_stolen firewalling registered
Bridge firewalling registered
Ebtables v2.0 registered
L2TP core driver, V2.0
PPPoL2TP kernel driver, V2.0
PPP generic driver version 2.4.2
NET: Registered protocol family 24
1192:57:48 [Kern][Info] [ver_info_nand.c(457)ver_info_init] ver_info_init
1192:57:48 [Kern][Notice] [csp_ifinfo.c(219)csp_ifinfo_init] Initializing CSP IFinfo...
1192:57:48 [Kern][Notice] [sweth_core.c(2760)sweth_init] SW&ETH HAL driver initing!
1192:57:48 [Kern][Notice] [sweth_core.c(140)CreateSwEthObjs] Create SW & ETH objects
1192:57:48 [Kern][Notice] [sweth_core.c(156)CreateSwEthObjs] Failed to get SWITCH attr, iRet=-2
1192:57:48 [Kern][Info] [sweth_core.c(163)CreateSwEthObjs] nEmac = 1, nSw = 0, nEth=4.
1192:57:48 [Kern][Warn] [sweth_core.c(310)CreateSwEthObjs] Failed to get TAG_PARA_MAC1!
1192:57:48 [Kern][Info] [sweth_core.c(322)CreateSwEthObjs] ETH obj0: PhyType = 1, Is_assoc_sw = 0, Emac = 0, Phy = 1
1192:57:48 [Kern][Warn] [sweth_core.c(310)CreateSwEthObjs] Failed to get TAG_PARA_MAC1!
1192:57:48 [Kern][Info] [sweth_core.c(322)CreateSwEthObjs] ETH obj1: PhyType = 1, Is_assoc_sw = 0, Emac = 0, Phy = 2
1192:57:48 [Kern][Warn] [sweth_core.c(310)CreateSwEthObjs] Failed to get TAG_PARA_MAC1!
1192:57:48 [Kern][Info] [sweth_core.c(322)CreateSwEthObjs] ETH obj2: PhyType = 1, Is_assoc_sw = 0, Emac = 0, Phy = 3
1192:57:48 [Kern][Warn] [sweth_core.c(310)CreateSwEthObjs] Failed to get TAG_PARA_MAC1!
1192:57:48 [Kern][Info] [sweth_core.c(322)CreateSwEthObjs] ETH obj3: PhyType = 1, Is_assoc_sw = 0, Emac = 0, Phy = 4
Jiffies_test Driver Init Successfully 
logger: created 1024K log 'logger_main' major '99'
: success register character device for /dev/monitor
1192:57:48 [Kern][Notice] [cspmirror.c(1245)mirror_init] ***********mirror_init************
systools version:v0.7.0
errorEPC = 0f7e7716
1192:57:48 [Kern][Info] [br_multicast_se(7234)br_mcparam_init] info init!
1192:57:48 [Kern][Info] [qp_meter_api.c(66)QoSPolicerMeter] Register Meter(stb)
1192:57:48 [Kern][Info] [qp_meter_api.c(66)QoSPolicerMeter] Register Meter(srtc)
1192:57:48 [Kern][Info] [qp_meter_api.c(66)QoSPolicerMeter] Register Meter(trtc)
1192:57:48 [Kern][Info] [qp_meter_api.c(66)QoSPolicerMeter] Register Meter(hard)
1192:57:48 [Kern][Info] [qp_act_api.c(66)QoSPolicerActRe] Register Action(null)
1192:57:48 [Kern][Info] [qp_act_api.c(66)QoSPolicerActRe] Register Action(drop)
1192:57:48 [Kern][Info] [qp_act_api.c(66)QoSPolicerActRe] Register Action(dscp_mark)
1192:57:48 [Kern][Info] [qp_act_api.c(66)QoSPolicerActRe] Register Action(vlan_prio_mark)
1192:57:48 [Kern][Info] [qp_act_api.c(66)QoSPolicerActRe] Register Action(dscp_vlan_prio_mark)
child_dev_init start
child_dev_ioctl_set set[80393d20]
#######begin FDB_Notify Reg
#######after FDB_Notify Reg
#######begin FDB_Notify Reg
Shouldn't be in WHILE
#######after FDB_Notify Reg
1192:57:48 [Kern][Error] [ledkey_callback(26)keycallback_ini] Install WPS KEY Callback Failed!
VFS: Mounted root (jffs2 filesystem) readonly on device 31:9.
Freeing unused kernel memory: 240k freed
init normal mode!!!

Loading drivers and kernel modules... 

jffs2: notice: (269) check_node_data: wrong data CRC in data node at 0x00161318: read 0x90074d32, calculated 0xe9fe5f3a.
mkdir: can't create directory '/defcfg/chain1': File exists
mkdir: can't create directory '/defcfg/chain2': File exists
chipinfo: module license 'proprietary' taints kernel.
Disabling lock debugging due to kernel taint
brcmchipinfo: brcm_chipinfo_init entry
bcmxtmrt: Broadcom BCM3381B0 ATM/PTM Network Device v0.6 Mar 19 2018 17:43:20
bcmxtmcfg: bcmxtmcfg_init entry
adsl: adsl_init entry
Broadcom BCM63381B0 Ethernet Network Device v0.1 Mar 19 2018 17:43:02
ETH Init: Ch:0 - 200 tx BDs at 0xa639c000
ETH Init: Ch:0 - 3871 rx BDs at 0xa5d18000
vport_cnt=4, consolidated_portmap=0xF
dgasp: kerSysRegisterDyingGaspHandler: bcmsw registered 
vport_id=0x1, logical_port=0x0
vnet_dev[vport_id=1]=eth0
ETH0-->eth0
eth0: <Int sw port: 0> <Logical : 00> PHY_ID <0x00000001 : 0x01> MAC : 00:D0:D0:00:00:01
vport_id=0x2, logical_port=0x1
vnet_dev[vport_id=2]=eth1
ETH1-->eth1
eth1: <Int sw port: 1> <Logical : 01> PHY_ID <0x00000002 : 0x02> MAC : 00:D0:D0:00:00:01
vport_id=0x3, logical_port=0x2
vnet_dev[vport_id=3]=eth2
ETH2-->eth2
eth2: <Int sw port: 2> <Logical : 02> PHY_ID <0x00000003 : 0x03> MAC : 00:D0:D0:00:00:01
vport_id=0x4, logical_port=0x3
vnet_dev[vport_id=4]=eth3
ETH3-->eth3
eth3: <Int sw port: 3> <Logical : 03> PHY_ID <0x00000004 : 0x04> MAC : 00:D0:D0:00:00:01
Ethernet Auto Power Down and Sleep: Enabled
Energy Efficient Ethernet: Enabled
#######begin FDB_Notify Reg
Shouldn't be in WHILE
Shouldn't be in WHILE
#######after FDB_Notify Reg
#######begin FDB_Notify Reg
Shouldn't be in WHILE
Shouldn't be in WHILE
Shouldn't be in WHILE
#######after FDB_Notify Reg
1192:58:01 [Kern][Notice] [bcm_emac_adapte(663)Register_bcm_em] Register BCM EMAC driver
1192:58:01 [Kern][Notice] [sweth_core.c(588)RegisterEmacDrv] Register EMAC driver
1192:58:01 [Kern][Notice] [sweth_core.c(429)InitSwEthObjs] Initialise SW & ETH objects
1192:58:01 [Kern][Warn] [sweth_core.c(1762)hal_set_port_ma] Driver do not support set MAC address!
1192:58:01 [Kern][Warn] [sweth_core.c(1762)hal_set_port_ma] Driver do not support set MAC address!
1192:58:01 [Kern][Warn] [sweth_core.c(1762)hal_set_port_ma] Driver do not support set MAC address!
1192:58:01 [Kern][Warn] [sweth_core.c(1762)hal_set_port_ma] Driver do not support set MAC address!
NComm TMS V6.80 Kernel Module loaded.
Loading PCM shim driver

Endpoint: endpoint_init entry
BOS: Enter bosInit 
BOS: Exit bosInit 
fxsnum 2,fx0 num 0 ,dect 0Endpoint: endpoint_init COMPLETED
Broadcom 802.1Q VLAN Interface, v0.1
ADDRCONF(NETDEV_UP): eth0: link is not ready
device eth0 entered promiscuous mode
Host MIPS Clock divider pwrsaving is enabled
/etc/init.norm: line 120: hostname: not found
sched_setaffinity cpu 0 (ret = 0)
1192:57:55 [User][Info] [mount_jffs2.c(37)main] mount dev is  /dev/mtdblock2  mount point is /usercfg/
1192:57:55 [User][Info] [mount_jffs2.c(99)main] mtdInfo: /dev/mtd2 size=1572864, erasesize=131072 bad block count 0 
1192:57:56 [User][Info] [mount_jffs2.c(161)main] mount dev  /dev/mtdblock2  at dir /usercfg/  success
1192:57:56 [User][Info] [mount_jffs2.c(37)main] mount dev is  /dev/mtdblock3  mount point is /backcfg/
1192:57:56 [User][Info] [mount_jffs2.c(99)main] mtdInfo: /dev/mtd3 size=1572864, erasesize=131072 bad block count 0 
1192:57:56 [User][Info] [mount_jffs2.c(161)main] mount dev  /dev/mtdblock3  at dir /backcfg/  success
1192:57:56 [User][Info] [mount_jffs2.c(37)main] mount dev is  /dev/mtdblock4  mount point is /defcfg/
1192:57:56 [User][Info] [mount_jffs2.c(99)main] mtdInfo: /dev/mtd4 size=1572864, erasesize=131072 bad block count 0 
1192:57:56 [User][Info] [mount_jffs2.c(161)main] mount dev  /dev/mtdblock4  at dir /defcfg/  success
1192:57:56 [User][Info] [mount_jffs2.c(37)main] mount dev is  /dev/mtdblock5  mount point is /log/
1192:57:56 [User][Info] [mount_jffs2.c(99)main] mtdInfo: /dev/mtd5 size=1572864, erasesize=131072 bad block count 0 
1192:57:56 [User][Info] [mount_jffs2.c(161)main] mount dev  /dev/mtdblock5  at dir /log/  success
1192:57:56 [User][Info] [mount_jffs2.c(37)main] mount dev is  /dev/mtdblock6  mount point is /env/
1192:57:56 [User][Info] [mount_jffs2.c(99)main] mtdInfo: /dev/mtd6 size=1572864, erasesize=131072 bad block count 0 
1192:57:56 [User][Info] [mount_jffs2.c(161)main] mount dev  /dev/mtdblock6  at dir /env/  success
1192:58:04 [User][Warn] [ifconfig.c(957)ifconfig] Ioctl failed!SIOCSIFADDR
1192:58:04 [OSS][Notice] [pc.c(1907)initPCFd] open /dev/ptyp0 success.

(none) 
PID:  344

1192:58:09 [User][Info] [db_shm_mgr.c(109)DBShmSrvInit] iShmId:32769
1192:58:09 [User][Info] [db_shm_mgr.c(124)DBShmSrvInit] pShmBuf:60000000
[log_file.c(1704)ProcLogConf] Set LOG_FILE_CONF_SET_PDTCONF.
[log_file.c(1768)ProcLogConf] Set cAutoSave = 1
[log_filesave.c(176)CheckLogConfFile] File not exist: filename(/log/flag_usrfs), Cnt=40
1192:58:10 [dhcps][Info] [dhcps.c(160)DHCPSInit] module init success!dhcp server
1192:58:10 [dhcp4c][Warn] [dhcp4c_inst.c(4402)_dhcp4cRegSendO] Send code[60]fun[0x58fbf4] is replaced by fun[0x594d60]
1192:58:10 [monitor][Info] [cspd_monitor.c(422)MonitorMain] monitor init success
1192:58:10 [PingTracert_mgr][Info] [tracert_mgr.c(1107)tracertInit] module init success!tracert mgr
1192:58:10 [ethlinkvlan][Info] [ifs_ethlinkvlan(2313)linkifMain] IfsMain recv event(4352) msgptr((nil)) len(0)
1192:58:10 [ethlinkvlan][Info] [ifs_ethlinkvlan(2181)linkifAsynmsg] lpMsg == NULL
1192:58:10 [ppp_mgr][Info] [ppp_mgr.c(6398)PPPInit] module init success!
1192:58:10 [ipif_mgr][Info] [ifs_ipif.c(2102)ifsIPIFMain] IfsMain recv event(0x1100) msgptr((nil)) len(0)
1192:58:10 [ipif_mgr][Info] [ipv4_addr_mgr.c(1294)ipv4AddrInit] [ipv4AddrInit] success
1192:58:10 [ipif_mgr][Info] [ifs_ipif.c(2085)ifsIPIFInit] [ifsIPIFInit] success
1192:58:10 [ipif_mgr][Info] [ifs_ipif.c(1910)ifsAsynmsg] unknown ASynMsg!msg id = 4352
1192:58:10 [addr6_mgr][Info] [addr6_mgr.c(3429)Addr6Main] wEvent=0x1100, wMsgType=1, wMsgLen=0, wState=0
1192:58:10 [prefix_mgr][Info] [prefix_mgr.c(3223)prefixInit] Prefix Init Success!
1192:58:10 [bridge][Info] [bridge.c(2161)bridgeInit] module init success!(bridge_mgr)
1192:58:10 [eth_mgr][Info] [eth_mgr.c(1847)ethInit] module init success!ethernet mgr
1192:58:10 [htat_mgr][Info] [htat_mgr.c(2075)htatInit] module init success!htat_mgr init
1192:58:10 [dsl_mgr][Info] [dsl_mgr.c(3468)dsl_init] dsl init ok
1192:58:10 [xtm_mgr][Info] [xtm_mgr.c(4252)xtmInit] [xtmInit] start
1192:58:10 [xtm_mgr][Info] [xtm_mgr.c(4278)xtmInit] xtm init ok
1192:58:10 [xtm_mgr][Info] [xtm_mgr.c(4280)xtmInit] xtm support dynamic add/del interface
1192:58:10 [ptry_mgr][Info] [ptry_mgr.c(478)ptryMgrInit] module init success!(PTry mgr)
1192:58:10 [route_mgr][Info] [policy_route.c(1646)policyRtTableIn] policyRtTableInit ok
1192:58:10 [route_mgr][Info] [policy_route.c(1561)defPolicyRtChai] defPolicyRtChainInit ok
1192:58:10 [route_mgr][Info] [rip_mgr.c(39)RIPInit] Common Info: rip init
1192:58:10 [route_mgr][Info] [ripng_mgr.c(39)RIPngInit] Common Info: ripng init
1192:58:10 [route_mgr][Info] [route_mgr.c(802)routeInit] SubScribPublish DefGW Service OK
1192:58:10 [binding_mgr][Info] [binding_mgr.c(1666)bindingInit] [bindingInit] end
1192:58:10 [qos_mgr][Info] [qos_default_qdi(2246)RegisterDefault] RegisterDefaultIFQdisc. IF WAN&DEV.BRIDGING.BR1.BRPORT, Qdisc CSPDefSPWRRWFQ
1192:58:10 [qos_mgr][Info] [interface_api.c(1560)RegisterNetIFNo] RegisterNetIFNotify start, event[6] IF_ID[] WanLan[3] Handle[0x4c42dc]
1192:58:10 [qos_mgr][Info] [interface_api.c(1603)RegisterNetIFNo] Reg NetIF Notify ok, IF_ID[], WanLan[3], pHandle[0x4c42dc], Event[6]
1192:58:10 [qos_mgr][Info] [interface_api.c(1560)RegisterNetIFNo] RegisterNetIFNotify start, event[6] IF_ID[DEV.PTM.LINK1] WanLan[3] Handle[0x4c4088]
1192:58:10 [qos_mgr][Info] [interface_api.c(1573)RegisterNetIFNo] IF_ID Not Null[DEV.PTM.LINK1]
1192:58:10 [qos_mgr][Info] [interface_api.c(1603)RegisterNetIFNo] Reg NetIF Notify ok, IF_ID[DEV.PTM.LINK1], WanLan[3], pHandle[0x4c4088], Event[6]
1192:58:10 [sntp_mgr][Info] [time_policy.c(101)TpInit] module init success!3
1192:58:10 [sntp_mgr][Info] [sntp_mgr.c(1694)sntpInit] module init success!SNTP mgr
1192:58:10 [ddns_mgr][Info] [ddns_mgr.c(1539)ddnsInit] module init success!ddns_mgr
1192:58:10 [dns_mgr][Info] [dns_mgr.c(437)dnsInit] SubScribPublish NetIF Service OK
1192:58:10 [dns_mgr][Info] [comp_dns_mgr.c(76)CompDnsInit] Init Comp_Dns_Mgr Success!
1192:58:10 [fm_mgr][Info] [fm_mgr.c(2641)fmServerInit] module init success!Enter FmServer Init!
1192:58:10 [fm_mgr][Info] [fm_mgr.c(4236)fmMgrInit] module init success!fm mgr
1192:58:10 [tr143_mgr][Info] [tr143_mgr.c(547)tr143Init] module init success!tr143 mgr
1192:58:10 [ipv6_tunl_mgr][Info] [ipv6_tunl_mgr.c(416)IPv6TunlMgrMain] wEvent=0x1100, wMsgType=1, wMsgLen=0, wState=0
1192:58:10 [ipv6_tunl_mgr][Info] [tunl46_mgr.c(1851)TunnelMain] wEvent=0x1100, wMsgType=1, wMsgLen=0, wState=0
1192:58:10 [ipv6_tunl_mgr][Info] [tunl46_mgr.c(1617)TunnelMgrInit] [TunnelMgrInit] start
1192:58:10 [ipv6_tunl_mgr][Info] [tunl46_mgr.c(1622)TunnelMgrInit] [TunnelMgrInit] OK
1192:58:10 [ipv6_tunl_mgr][Info] [tunl64_mgr.c(1826)Tunl64Main] wEvent=0x1100, wMsgType=1, wMsgLen=0, wState=0
1192:58:10 [fon_mgr][Info] [fon_mgr.c(3915)FonMain] wEvent=0x1100, wMsgType=1, wMsgLen=0, wState=0
1192:58:10 [ipif_mgr][Info] [ifs_netif.c(2579)interfaceNotify] [interfaceNotifyHook] start, to pid[10103]
1192:58:10 [ipif_mgr][Info] [ifs_netif.c(2579)interfaceNotify] [interfaceNotifyHook] start, to pid[10103]
1192:58:10 [DB][Error] [dbc_mgr_tbl.c(494)dbCreateDomainN] create table fail (ParentControlUser) domain(FilterMode) error default value
1192:58:10 [DB][Info] [dbc_tbl_wol_inf(18)dbCreateWolInfo] call dbCreateWolInfoTbl
1192:58:10 [DB][Error] [dbc_def_dev_inf(176)setVerNumFromFi] /etc/ver_num_des file open error!
1192:58:10 [DB][Warn] [dbc_mgr_tbl.c(1662)dbSetValComm] not find domain table(WLANBase) domain(AutoChannelFrom)
1192:58:10 [DB][Warn] [dbc_mgr_tbl.c(1662)dbSetValComm] not find domain table(WLANBase) domain(AutoChannelTo)
1192:58:10 [DB][Error] [dbc_mgr_def.c(79)dbMgrStaticSetI] not find table (PDTWLANWAPI)
1192:58:10 [DB][Info] [dbc_def_wol_inf(22)dbDefWolInfo] call dbDefWolInfo
1192:58:10 [DB][Info] [dbc_init_pdt_in(2485)dbCheckSingleCf] DB Decry cfg end (iRet: 0)
1192:58:10 [DB][Warn] [dbc_mgr_file_xm(1688)_dbXMLTblChk] load database failed table(L2BAvailIF) cut or exceed max row or unequal row.
1192:58:10 [DB][Warn] [dbc_mgr_file_xm(1688)_dbXMLTblChk] load database failed table(BrFilter) cut or exceed max row or unequal row.
1192:58:11 [DB][Info] [dbc_person_teln(66)dbPersonInitTel] set password
1192:58:11 [DB][Info] [dbc_mgr_file.c(1250)dbFileLoadCfg] find file /var/tmp/db_Decry_cfg.xml
1192:58:15 [DB][Info] [dbc_mgr_file.c(2290)dbInitSignVal] szCfgSignVal= Speedport Entry 2i,iRet:0
1192:58:15 [DB][Info] [dbc_init_pdt_in(1636)_PdtDBTransferC] [_PdtDBTransferCfg] dwFlagVerNum=12, dwFlagVerNumExt=5
1192:58:15 [DB][Info] [dbc_core.c(1249)dbEndTm] (ALL) end, use 455 tick
1192:58:15 [OSS][Warn] [oss_sche.c(868)RunProcess] RunProcess process[DB] Event[0x1100] dwUsedTicks[483]
----------------------------------------------[log_file.c(1444)ProcLogConf] Set SaveEnable=1
1192:58:15 [dhcp6s][Info] [ipif_api.c(2190)RegAddr6Notify] RegAddr6Notify start, event[3] IF_ID[] WanLan[2] Handle[0x59cdc8]
1192:58:15 [PingTracert_mgr][Info] [tracert_mgr.c(1134)tracertStart] module start success!tracert mgr
1192:58:15 [srm_mgr][Info] [srm_mgr.c(228)SrmInit] module init success!use SRM_DBVIEW data
1192:58:15 [adev_mgr][Info] [extend_options.(121)CspAddParseOptP]


评论

虽然该帖子没有提供答案,但其中包含了对于查询者和将来的访问者可能有价值的信息。但是,它太长了,无法转换为评论,因此已转换为社区Wiki。

– 0xC0000022L♦
18年5月5日在15:49