3 # Copyright 2008, 2009 (C) Jose Vasconcellos <jvasco@verizon.net>
5 # A script that can communicate with jungo-based routers
6 # (such as MI424-WR, USR8200 and WRV54G) to backup the installed
7 # firmware and replace the boot loader.
9 # Tested with Python 2.5 on Linux and Windows
11 """Usage: %s [options] <IP_address> [image.bin | url]
13 \t-h | --help: usage statement
14 \t-d | --dump: create a flash dump
15 \t-f | --file: use <filename> to store dump contents
16 \t-u | --user: provide username (default admin)
17 \t-p | --pass: provide password (default password1)
18 \t --port: set port for http (default 8080)
19 \t-q | --quiet: don't display unnecessary information
20 \t-r | --reboot: reboot target on successful transfer
21 \t-V | --version: display version information
23 If no image (or url) is given, a flash dump is created.
24 A built-in http server is used when an image file is provided.
37 import SimpleHTTPServer
43 #password = getpass.getpass()
44 password
= "password1"
58 def start_server(server
):
59 httpd
= SocketServer
.TCPServer((server
,PORT
),SimpleHTTPServer
.SimpleHTTPRequestHandler
)
60 thread
.start_new_thread(httpd
.serve_forever
,())
65 # make sure we don't have an A0 stepping
66 tn
.write("cat /proc/cpuinfo\n")
67 buf
= tn
.read_until("Returned 0", 3)
69 print "Unable to obtain CPU information; make sure to not use A0 stepping!"
70 elif buf
.find('rev 0') > 0:
71 print "Warning: IXP42x stepping A0 detected!"
73 print "Error: No linux support for A0 stepping!"
77 tn
.write("cat /proc/mtd\n")
78 buf
= tn
.read_until("Returned 0", 3)
82 return int(buf
[i
+6:].split()[0],16)
83 # use different command
84 tn
.write("flash_layout\n")
85 buf
= tn
.read_until("Returned 0", 3)
86 i
= buf
.rfind('Range ')
88 return int(buf
[i
+17:].split()[0],16)
89 print "Can't determine flash size!"
91 print "Unable to obtain flash size!"
94 def image_dump(tn
, dumpfile
):
97 buf
= tn
.read_until("Returned 0",2)
98 i
= buf
.find("Platform:")
104 platform
=line
[:i
].split()[-1]
106 tn
.write("rg_conf_print /dev/%s/mac\n" % device
);
107 buf
= tn
.read_until("Returned 0",3)
113 print "No MAC address found! (use -f option)"
115 dumpfile
= "%s-%s.bin" % (platform
, buf
[i
:i
+17].replace(':',''))
119 print "Dumping flash contents (%dMB) to %s" % (flashsize
/1048576, dumpfile
)
120 f
= open(dumpfile
, "wb")
123 for addr
in range(t
):
125 sys
.stdout
.write('\r%d%%'%(100*addr
/t
))
128 tn
.write("flash_dump -r 0x%x -l %d -4\n" % (addr
*dumplen
, dumplen
))
133 buf
= tn
.read_until("\n")
134 if buf
.strip() == "Returned 0":
137 if s
and s
[0][-1] == ':':
140 print "Format error: %x != %x"%(a
,count
)
143 f
.write(binascii
.a2b_hex(string
.join(s
[1:],'')))
150 def telnet_option(sock
,cmd
,option
):
151 #print "Option: %d %d" % (ord(cmd), ord(option))
152 if cmd
== telnetlib
.DO
:
154 elif cmd
== telnetlib
.WILL
:
156 sock
.sendall(telnetlib
.IAC
+ c
+ option
)
158 def telnet_timeout():
159 print "Fatal error: telnet timeout!"
163 print __doc__
% os
.path
.basename(sys
.argv
[0])
168 opts
, args
= getopt
.getopt(sys
.argv
[1:], "hdf:qp:P:rvV", \
169 ["help", "dump", "file=", "user=", "pass=", "port=",
170 "quiet=", "reboot", "verbose", "version"])
171 except getopt
.GetoptError
:
172 # print help information and exit:
177 if o
in ("-h", "--help"):
180 elif o
in ("-V", "--version"):
181 print "%s: 0.11" % sys
.argv
[0]
183 elif o
in ("-d", "--no-dump"):
185 elif o
in ("-f", "--file"):
187 elif o
in ("-u", "--user"):
189 elif o
in ("-p", "--pass"):
193 elif o
in ("-q", "--quiet"):
195 elif o
in ("-r", "--reboot"):
197 elif o
in ("-v", "--verbose"):
200 # make sure we have enough arguments
205 if args
[1].split(':')[0] in ("tftp", "http", "ftp"):
213 # create a telnet session to the router
215 tn
= telnetlib
.Telnet(HOST
)
216 except socket
.error
, msg
:
217 print "Unable to establish telnet session to %s: %s" % (HOST
, msg
)
220 tn
.set_option_negotiation_callback(telnet_option
)
222 buf
= tn
.read_until("Username: ", 3)
227 buf
= tn
.read_until("Password: ", 3)
230 tn
.write(password
+"\n")
233 buf
= tn
.read_until("> ", 3)
237 flashsize
= get_flash_size()
240 image_dump(tn
, dumpfile
)
243 splitpath
= os
.path
.split(imagefile
)
245 # create load command
247 cmd
= "load -u %s -r 0\n" % (url
)
249 server
= tn
.get_socket().getsockname()[0]
250 cmd
= "load -u http://%s:%d/%s -r 0\n" % (server
, PORT
, splitpath
[1])
252 if not os
.access(imagefile
, os
.R_OK
):
253 print "File access error: %s" % (imagefile
)
256 # make sure we're in the directory where the image is located
258 os
.chdir(splitpath
[0])
263 print "Unlocking flash..."
264 tn
.write("unlock 0 0x%x\n" % flashsize
)
265 buf
= tn
.read_until("Returned 0",5)
268 print "Writing new image..."
271 buf
= tn
.read_until("Returned 0",10)
273 # wait till the transfer completed
274 buf
= tn
.read_until("Download completed successfully",20)
276 print "Flash update complete!"
This page took 0.057173 seconds and 5 git commands to generate.