8400 questions

9885 answers

15677 comments

14155 members

0 votes
94 views 2 comments
by
We have RUT955 routers with two SIMs in our product. One SIM is provided by us - the other by the customer.

When the router falls back to using our SIM, we want the router to block all other LAN traffic. The SIM will only be used so we can login to the router for troubleshooting (and stay connected to RMS).

What is the easiest / best way of implementing this?

1 Answer

0 votes
by
Hi,

I would suggest doing this with scripts.

https://wiki.teltonika-networks.com/view/RUT955_User_Scripts

You would need to create a script that would detect a change of SIM, so I would suggest looking at the gsmctl commands that give a lot of information about your SIM card that is active right now:

https://wiki.teltonika-networks.com/view/Gsmctl_commands#Get_SIM_ICCID

Regarding firewall - you would have to do it one of the ways:

1. Swap 2 configuration files of the firewall on SIM change detection with gsmctl (with LAN block and without LAN block)

2. Add or remove the firewall filter within the configuration file.

I would personally go with the first option.

Unfortunately, I will not be able to help you with script creation, but if you'll need suggestions - please ask.

EB.
by
Thanks

Won't I actually need to use a cron rather than user script? And check which SIM card is active every 30 seconds or so?

Is there any documentation on switching profile / adding a firewall rule via the CLI?

Writing the script isn't a problem

Thanks
by
Hi,

You could add rules through uci commands and also delete them through them too.

https://openwrt.org/docs/guide-user/firewall/firewall_configuration

Why I suggested user script instead of cron is because if you want accurate rule adding and deleting you would want to run the script always and not every 30 seconds or so. But if you're okay with checking it every X time - then you can do it through cron too.

EB.