WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

Access Control / Safety section change with uci command?

0 votes
394 views 2 comments
by anonymous

Hello.

I need change some parameters in a RUT955 model, specifically are SSH Access Secure and List of Blocked Addresses in Access Control / Safety section. I want to do it with uci commands but I can't found where is located.

How can change it with uci command? Can I reload this change without router rebooting? From web, seems totally necessary reboot it.

For more details this is the web configuration section.

1 Answer

+1 vote
by anonymous

Hello,

The configuration file you are interested in is /etc/config/blocklist.

Depending on what which access type you want to configure, WebUI or SSH, below are a couple of example commands to block set addresses:

  • For SSH access:
    • uci add blocklist dropbear
    • uci set blocklist.@dropbear[-1].ip='<IP_address>'
    • uci commit
  • For WebUI access:
    • uci add uhttpd dropbear
    • uci set blocklist.@uhttpd[-1].ip='<IP_address>'
    • uci commit

For more details on uci configuration, refer to this page. 

It is also advised to update your device's firmware to the latest. 

Best regards,

by anonymous

Thank you. This command works and if I want to delete a blocked address I've execute

uci delete blocklist.@dropbear[0]

But I can't find a way to do the following 2 things:

  1. enable or disable SSH Access Secure
  2. when delete a blocked address, type uci commit and luci-reload (just in case), the address is still blocked and is only released when I reboot the router
Some advice to do this two things?
by anonymous

1. This configuration is set in file /etc/config/logtrigger. The commands to disable SSH Access secure should be as follows:

  • uci set logtrigger.@rule[0].enabled='0'
  • uci commit

2. I have executed commands in the following succession and had deleted blocked IP address:

root@Teltonika:/etc/config# uci add blocklist dropbear
cfg014dd4
root@Teltonika:/etc/config# uci set blocklist.@dropbear[-1].ip='192.168.1.15'
root@Teltonika:/etc/config# uci commit
root@Teltonika:/etc/config# uci show blocklist
blocklist.@dropbear[0]=dropbear
blocklist.@dropbear[0].ip='192.168.1.15'
root@Teltonika:/etc/config# uci delete blocklist.@dropbear[0]
root@Teltonika:/etc/config# uci commit
root@Teltonika:/etc/config# uci show blocklist
root@Teltonika:/etc/config# luci-reload
A match found : 18
A match found : 98
bad
enabling logtrigger
A match found : 18
A match found : 98
logtrigger is already enabled
logtrigger is already enabled
root@Teltonika:/etc/config# uci show blocklist
root@Teltonika:/etc/config#