Luc Pauwels

SMC Barricade
Tips and Tricks

[ Main | Checking for intruders | Router Time | Wireless Operation | Backup Setting | Hidden Pages | Configuring the print server | SNMP and MRTG configuration | Downloading Firmware | Downgrading the Firmware | Nice to Have ]

Checking for Intruders

The router keeps a log of all intrusions. It would be nice if the router supported the Unix syslog(3) system logger. Unfortunately it doesn't, so the only way to extract this information is via the router's web interface.

I recently came across a very nice little utility that enables you to extract the log information from the router and save it to a local file on your computer. Check out the routerlog page for more information.

Router Time

Have you ever noticed that your router uses the same date format and display language as your PC? For example, the display time on the System Status page of my router reads:

Display time: vrijdag 29 november 2002 23:23:55

rather than:

Display time: Friday, November 29, 2002 23:23:55

For those of you wondering: "vrijdag 29 november 2002" is Dutch, I live in the Dutch speaking part of Belgium (Europe).

This is what actually happens: The router only keeps track of the number of milliseconds since powering up, it doesn't have a built-in clock. The timestamps in the system log are computed by taking the current time from your PC's system clock and subtracting the number of milliseconds at which the event occurred in the past. All this is done by your web browser using JavaScript (so if your browser doesn't support JavaScript: forget timestamps). This also explains why the router seemingly uses the same regional time settings as your PC: Your browser decides how dates should be displayed, not your router!

To make sure that the system clock on your PC is accurate, you can install a freeware utility such as "Atomic Clock Sync". For more information, check out the World Time Server website.

Wireless Operation

Here's something to think about: suppose you've bought a Barricade wireless broadband router (or any other wireless router for that matter) because you want to connect your PCs to the Internet. The wireless feature is nice, but you decide you won't be needing it right away. So you configure your unit to connect to your Internet service provider and that's it. Chances are you have left your local network wide open to drive-by hackers.

So to avoid drive-by hackers stealing your bandwidth, always enable MAC Address Control, and configure Association Control such that unspecified MAC addresses are denied.

Backup Setting

The Administrator's Toolbox has a "Backup Setting" button that allows you to save the settings of your Barricade to a file (config.bin by default). But how do you upload this config.bin file to your router?

It's easier than you think: just use the Firmware Upgrade page!

Hidden Pages

The SMC firmware contains several hidden pages.

The System Information page (sysinfo.htm) is accessible by clicking to the right of the date string on the System Status page. If anybody knows what these values mean, please let me know.
The Access Point Saved Value page (wlapinit.htm) is accessible by clicking to the far right of the help button on the Wireless Setting page.
The Verbose System Log page (syslog2.htm) is accessible by clicking to the right of the refresh button on the System Log page.

I have found several other hidden pages for adjusting low-level communication parameters.

I have decided not to publish the latter two URLs because these pages appear to be obsoleted by the MAC Address Control page.

Warning: I do not recommend changing any of the parameters on the hidden pages. After all, hidden pages are hidden for a reason!

All these hidden pages were found in firmware 1.95. They might not be available in other versions of the Barricade firmware.

Configuring the Print Server

Windows 9x

Install the print server software from the installation CD. You will now have an additional printer port named "PRTmate: (All-in-1 IP-Sharer)". Select this port and enter your Barricade's IP address. All this is described in more detail in the Quick Install Guide.

Windows 2000

Contrary to what the SMC documentation states, there is no need to install the "PRTmate" printer port. You can simply install the "Print Services for Unix" component of Windows 2000 and create a new "LPR port" for your printer using your Barricade IP address as lpd server and "lp" as remote printer name.

Windows XP

Configuring the Barricade print server on Windows XP is very similar to Windows 2000. You can find an excellent Quick Install Guide on how to install a LPR printing port on Windows XP on the SMC website.

Classic MacOS
(The information in this section was provided by Timothy Sipples)

Since version 8.5.1, Apple's LaserWriter software supports the LPR protocol. The LaserWriter software was already part of MacOS 8.1 back in 1998. If you are looking for the LaserWriter software, you can find the LaserWriter 8.6 or the LaserWriter 8.6.1 software from the Apple Computer support web site.

Here is a small Macintosh LPR Printing tutorial that explains step-by-step how to configure the LaserWriter software for use with LPR-style print servers, such as the Barricate print server.

Unix/Linux

The remote printer name for Unix printing is "lp". The Barricade print server has no built-in support for CR/LF translation, so you will have to provide your own Unix print filter for this. There are several ways to create a Unix print filter. The most obvious one would probably be to write some sed or awk script.

I decided to take a different approach and use the HP DeskJet PCL printer command for CR/LF translation. This is what my printer entry in /etc/printcap looks like:

deskjet.text|djtext:\
        :rp=lp:lp=:\
        :rm=192.168.200.1:\
        :sd=/var/spool/deskjet/raw:\
        :lf=/usr/adm/lpd-errs:\
        :if=/usr/local/bin/textfilter:\
        :mx#0:sh:

The Unix text filter in /usr/local/bin/textfilter is a simple shell script that sends the appropriate PCL command to the printer before starting the print job:

#!/bin/sh
/usr/bin/printf "\033%s" "&k3G"
/bin/cat
/usr/bin/printf "\f"

More information on the HP Printer Control Language can be found on the HP support site.

SNMP and MRTG configuration

You need at least SMC firmware 1.95n for this to work. Older versions of the SMC firmware do not support SNMP. Even then, you only get a Barricade SNMP agent that is very poorly implemented and contains a fair amount of bugs (for more information, check out my Firmware Bugs page).

If you plan to use SNMP, please change the Get and Set Community names to something other that the default values of "public" and "private" and enable SNMP querying from the local network only!

Note: This section assumes that you will be querying your router from a UNIX server. There is no Windows stuff here!

SNMP querying with net-snmp tools

First of all, get the net-snmp tools and install them on your system. Make sure you have at least version 5.0.8, I'll explain why in just a moment.

An important thing to know is that the Barricade SNMP agent can only handle 16-bit requestIDs. If you have no idea what I'm talking about, just try to query your Barricade router:

unix$ snmpget 192.168.200.1 sysDescr.0
Timeout: No Response from 192.168.200.1.
unix$

Clearly it doesn't work! The trick is to add the following line to the snmp.conf file (either to the system-wide config file, or to your personal config file ~/.snmp/snmp.conf):

16bitIDs 1

This will force the snmpget command to use 16-bit requestIDs. This is a new net-snmp feature introduced in version 5.0.8. If you retry the previous command, you will get a response from your router:

unix$ snmpget 192.168.200.1 sysDescr.0
SNMPv2-MIB::sysDescr.0 = STRING: Internet Gateway Device
unix$

Modifying SNMP parameters

The SMC web interface only allows you to set the Get and Set Community names. If you want to set other SNMP variables (e.g. sysDescr, sysContact, or sysLocation), you will have to use the snmpset command. For example:

unix$ snmpset -c xxxxxxxxx 192.168.200.1 \
  SNMPv2-MIB::sysLocation.0 s "My Office"
SNMPv2-MIB::sysLocation.0 = STRING: My Office
unix$

MRTG data collection

Older versions of MRTG required a patch for 16-bit SNMP session support. As of version 2.10.12, this patch has been integrated in MRTG so if you haven't upgraded yet, do it now.

To generate a config file for your Barricade router with cfgmaker, you have to use the following two additional command line options:

unix$ cfgmaker --use-16bit \
  --global 'SnmpOptions: use_16bit_request_ids => 1' \
  --global 'WorkDir: /home/mrtg' \
  --global 'Options[_]: bits,growright' \
  --output barricade.cfg \
  public@barricade.place.xyz
WARNING: Using 16bit RequestIDs
--base: Get Device Info on public@barricade.place.xyz:
--base: Vendor Id:
--base: Populating confcache
--snpo: Skipping ifName scanning because public@barricade.place.xyz: does not seem to support it
--snpo: confcache public@barricade.place.xyz: Descr Ethernet-WAN --> 1
--snpo: confcache public@barricade.place.xyz: Type 6 --> 1
--snpo: Skipping ipAdEntIfIndex scanning because public@barricade.place.xyz: does not seem to support it
--snpo: confcache public@barricade.place.xyz: Eth 00-50-18-17-71-6b --> 1
--base: Get Interface Info
--base: Walking ifIndex
--base: Walking ifType
--base: Walking ifAdminStatus
--base: Walking ifOperStatus
--base: Walking ifSpeed
--base: Writing barricade.cfg
unix$

Note that you will have to manually modify the barricade.cfg file. The WAN interface is commented out by default because the reported interface speed is 0. You have several choices here: you could set the speed to the maximum speed of the interface (10.0 Mbits/s), or you could set it to the speed of your connection (in my case, this is a 3.0 Mbit/s ADSL connection).

That's basically it!

Downloading Firmware

You can find the latest version of the 7004AWBR firmware on the SMC support website. They have recently reorganized their website, so I can no longer provide a direct link to the firmware download page.

They recently removed the older firmware releases from their website, which makes downgrading your firmware rather difficult. If you need an old firmware release, try sending an Email to SMC support asking them to send you a copy of the firmware release. This worked for me in the past, it is how I got hold of firmware release 1.95.

Downgrading the Firmware

Apparently there is no easy way to downgrade the firmware of a Barricade. If you simply try to upload an older firmware version to the router, you'll probably get a "Invalid Upgrade File!" message.

Some sources claim that it is possible to downgrade a router using a "Crash Recovery Procedure" that involves short-wiring two pins on the router's COM port. This is dangerous, don't try this at home. Let me repeat that:

This is not something you should try at home!

Anyway, because installing firmware 1.95n had severely crippled my unit, I felt I had nothing to lose so I took the risk and went ahead anyway. The "Crash Recovery Procedure" for my SMC 7004AWBR (model# 750.5345) is a little less complicated because I can use the reset button rather than having to short-wire the COM port. This is how I got my router back to firmware 1.95:

  1. Unplug all the cables, including the power cord.
  2. While pressing the reset button on the back of the unit, reconnect the power cord.
  3. Watch the M1 and M2 lights. After a few seconds they will start blinking very fast (8 times/sec). The unit is now in crash recovery mode.
  4. Reconnect your PC to one of the router's LAN ports.
  5. Run the AWBR_195.exe application. It will show the IP address of the router, followed by "crash". (Note: if you see the IP address of the router followed by "crash and unreachable", that means that the IP address of your router and your PC are not in the same IP range. In this case, reconfigure the IP address of your PC and try again)
  6. Proceed to upgrade.
  7. If the upgrade is successful, the router will automatically reboot. You can now start reconfiguring the router by pointing your web browser to the router's default IP address.

Nice to Have

Here are some additional features that would be nice to have in the next firmware release: