Bypass At&t fiber BGW210-700

Phantom_Stage

Dude thank you for this info!!!!!!! OMG this is exactly what i was looking for...straight forward even for this nube. thank you thank you thank you

stephenw10

Ah, I missed that post. Didn't realise that was in our repo now. That's good as it will probably be updated for 2.4.5 which would otherwise have required a new module uploading.

Steve

Phantom_Stage

@sherpagoodness said in Bypass At&t fiber BGW210-700:

pfSense-core repository

ok I have done my best with no success...I copied and edited the files as such and placed it in root/bin

ONT_IF=igb1
RG_IF= igb0
RG_ETHER_ADDR=xx:xx:xx:xx:xx:xx replaced with mac of BGW210-700
OPNSENSE=no

edited my xml file as such above system as instructed.
<?xml version="1.0"?>
<pfsense>
<version>19.1</version>
<lastchange></lastchange>
<earlyshellcmd>/root/bin/pfatt.sh</earlyshellcmd>
<system>

placed NG_etf.ko in /boot/kernel

Any further suggestions I would really like to get rid of BGW210-700

Phantom_Stage

I also did a clean install of pfsense and tried the package install of etf with no success.

sherpagoodness

you had it going correctly....and just so you understand you're still keeping the gateway, its just off to the side now

make sure you search 'pkg search etf' then 'pkg install ng_etf-kmod'

and use the shellcmd package from the package manager rather than editing that xml file; that gave me problems trying to edit it manually

Phantom_Stage

ok thanks...will try the shellcmd to edit the xml

Phantom_Stage

installed pkg shellcmd

<earlyshellcmd>/root/bin/pfatt.sh</earlyshellcmd> earlyshellcmd ATT bridge

getting an error stating sh: syntax error: end of file unexpected (expecting word)
directly after loading configuration completes.

stephenw10

Do you get that same error if you just run the script at the command line?

It seems like the script may not be complete if it's showing that error. How did you copy it onto your firewall?

Steve

sherpagoodness

this is how your file should be - just replace with your modems mac address

#!/bin/sh
set -e

ONT_IF='igb0'
RG_IF='igb1'
RG_ETHER_ADDR='********LEAVE Apostrophes****************'
OPNSENSE='no'
LOG=/var/log/pfatt.log

getTimestamp(){
    echo `date "+%Y-%m-%d %H:%M:%S :: [pfatt.sh] ::"`
}

{
    echo "$(getTimestamp) pfSense + AT&T U-verse Residential Gateway for true bridge mode"
    echo "$(getTimestamp) Configuration: "
    echo "$(getTimestamp)        ONT_IF: $ONT_IF"
    echo "$(getTimestamp)         RG_IF: $RG_IF"
    echo "$(getTimestamp) RG_ETHER_ADDR: $RG_ETHER_ADDR"
    echo "$(getTimestamp)      OPNSENSE: $OPNSENSE"

    echo -n "$(getTimestamp) loading netgraph kernel modules... "
    /sbin/kldload -nq ng_etf
    echo "OK!"

    if [ ${OPNSENSE} != 'yes' ]; then
        echo -n "$(getTimestamp) attaching interfaces to ng_ether... "
        /usr/local/bin/php -r "pfSense_ngctl_attach('.', '$ONT_IF');" 
        /usr/local/bin/php -r "pfSense_ngctl_attach('.', '$RG_IF');"
        echo "OK!"
    fi 

    echo "$(getTimestamp) building netgraph nodes..."

    echo -n "$(getTimestamp)   creating ng_one2many... "
    /usr/sbin/ngctl mkpeer $ONT_IF: one2many lower one
    /usr/sbin/ngctl name $ONT_IF:lower o2m
    echo "OK!"

    echo -n "$(getTimestamp)   creating vlan node and interface... "
    /usr/sbin/ngctl mkpeer o2m: vlan many0 downstream
    /usr/sbin/ngctl name o2m:many0 vlan0
    /usr/sbin/ngctl mkpeer vlan0: eiface vlan0 ether

    /usr/sbin/ngctl msg vlan0: 'addfilter { vlan=0 hook="vlan0" }'
    /usr/sbin/ngctl msg ngeth0: set $RG_ETHER_ADDR
    echo "OK!"

    echo -n "$(getTimestamp)   defining etf for $ONT_IF (ONT)... "
    /usr/sbin/ngctl mkpeer o2m: etf many1 downstream
    /usr/sbin/ngctl name o2m:many1 waneapfilter
    /usr/sbin/ngctl connect waneapfilter: $ONT_IF: nomatch upper
    echo "OK!"

    echo -n "$(getTimestamp)   defining etf for $RG_IF (RG)... "
    /usr/sbin/ngctl mkpeer $RG_IF: etf lower downstream
    /usr/sbin/ngctl name $RG_IF:lower laneapfilter
    /usr/sbin/ngctl connect laneapfilter: $RG_IF: nomatch upper
    echo "OK!"

    echo -n "$(getTimestamp)   bridging etf for $ONT_IF <-> $RG_IF... "
    /usr/sbin/ngctl connect waneapfilter: laneapfilter: eapout eapout
    echo "OK!"

    echo -n "$(getTimestamp)   defining filters for EAP traffic... "
    /usr/sbin/ngctl msg waneapfilter: 'setfilter { matchhook="eapout" ethertype=0x888e }'
    /usr/sbin/ngctl msg laneapfilter: 'setfilter { matchhook="eapout" ethertype=0x888e }'
    echo "OK!"

    echo -n "$(getTimestamp)   enabling one2many links... "
    /usr/sbin/ngctl msg o2m: setconfig "{ xmitAlg=2 failAlg=1 enabledLinks=[ 1 1 ] }"
    echo "OK!"

    echo -n "$(getTimestamp)   removing waneapfilter:nomatch hook... "
    /usr/sbin/ngctl rmhook waneapfilter: nomatch
    echo "OK!"

    echo -n "$(getTimestamp) enabling $RG_IF interface... "
    /sbin/ifconfig $RG_IF up
    echo "OK!"

    echo -n "$(getTimestamp) enabling $ONT_IF interface... "
    /sbin/ifconfig $ONT_IF up
    echo "OK!"

    echo -n "$(getTimestamp) enabling promiscuous mode on $RG_IF... "
    /sbin/ifconfig $RG_IF promisc
    echo "OK!"

    echo -n "$(getTimestamp) enabling promiscuous mode on $ONT_IF... "
    /sbin/ifconfig $ONT_IF promisc
    echo "OK!"

    echo "$(getTimestamp) ngeth0 should now be available to configure as your pfSense WAN"
    echo "$(getTimestamp) done!"
} >> $LOG

Phantom_Stage

(1) I copied PFatt.sh as raw file to notepad.
(2) Made the changes as noted saving changes using semi colon " at beginning and at end of name to ensure it save as correct file type .sh
(3) used command prompt in pfsense webgui to upload to tmp directory.
(4) SSH into pfsense using putty to create directory root/bin.
(5) used file editor in pfsense to copy file to root/bin.

stephenw10

Notepad can break stuff completely. I recommend Notepad++ in Windows, though it's been a few years since I last used it.

If you open the file in Diag > Edit file does it looks correct?

Steve

Phantom_Stage

It looks correct from what I can tell...what if I copied it directly to the pfsense file edit made the changes there then save it as file type .sh? Does that eliminate the possibility of coruption?

stephenw10

Yes. Or just pull it directly into pfSense and then edit it in the webgui:

Steve

Phantom_Stage

@stephenw10 said in Bypass At&t fiber BGW210-700:

/root/bin/pfatt.sh

Did it got the same syntax error.

stephenw10

Sorry wrong file path there. Try this:

[2.5.0-DEVELOPMENT][admin@fw321.stevew.lan]/root: fetch -o /root/bin https://raw.githubusercontent.com/aus/pfatt/master/bin/pfatt.sh
/root/bin/pfatt.sh                                    3309  B   11 MBps    00s

Phantom_Stage

now I am getting the following error...kldload: an error occurred while loading the module. Please check dmesg(8) for more details. It appears I might be out of luck.

stephenw10

Can you load the module manually?:

kldload ng_etf.ko

Phantom_Stage

nope same error...can I download ng_etf.ko to /boot/kernel directly.

stephenw10

Hmm, and you got that module from the repo using pkg install?

Phantom_Stage

@stephenw10 it says the pkg is installed gonna delete it and reinstall now.