March 20

VPD is corrupted or Invalid (IBM & Cisco)

Since Lenovo FTP is having issues every now and then, I add here the script(s) to repair the VPD.


Original IBM/Cisco solution


This script must be executed under linux enviroment, for Windows 10 you can also use WSL (Debian)


Note also that the user (default  USERID) has to have S(upervisor) privileges and not O(Operator) under the MM config.



  • ensure you can access the AMM in question via ssh by opening an ssh connection,  ssh AMMUSER@x.x.x.x (where AMMUSER is a user id on the AMM, and x.x.x.x is the ip of the AMM)
  • run the script,  ./SCRIPTNAME (for ex – ./expect-fix-vpd-2014-08-22-release-servo.exp)
  • Follow prompts
  • Open a terminal to the Bladecenter Chassis AMM with the affected switch (telnet or ssh) run info -reload all -T switch[x] where x is the slot number of the switch with the corrupted VPD
  • This should cause the error to go away, but in the event that it does not, you may need to reboot the AMM. If there are 2 Management Modules, pull the secondary, reboot the primary, and then check on the status of the switch again once the AMM is finished refreshing all its information (usually about 2-3 mins after it is available via http or pingable).
  • Upload logfile if the issue is not resolved

If the script seems to exit abnormally, the check to see if VPD values were corrected. If not, re-run script
before opening a support request.



February 6

aDSL-vDSL moder/router for OpenWRT

Λοιπόν μετά από δοκιμές και ελέγχους 3+ μηνών, μπορώ να πω ότι η συσκευή με το Lede δουλεύει μια χαρά και ήδη βρίσκεται από τα Χριστούγεννα στην θέση της λειτουργώντας αδιαλείπτως.

Το αρχικό TD-W8970B που αγοράσθηκε καινούργιο, δεν κατέστη δυνατόν (ότι κι αν δοκίμασα) να δουλέψει σε ADSL από αστικό κέντρο. Μόνο από DSLAM καμπίνας έχει δυνατότητα, όπως αναφέρουν οι πληροφορίες στο διαδίκτυο, εφόσον το DSLAM αυτής εξαρχής υποστηρίζει ταυτόχρονα ADSL/VDSL στην ίδια κάρτα*. Την θέση του πήρε το TD-W8980 που έχει ίδια ακριβώς τεχνικά χαρακτηριστικά και δυνατότητες με επιπλέον την χρήση των 5GHz, που ωστόσο σε Lede/OpenWRT ακόμη (γίνονται προσπάθειες) δεν λειτουργεί το Lantiq WAVE 300 (παρομοίως ισχύει και στο TD-W9980), παρά μόνο το Atheros AR9287 στους 2,4GHz.

Παρόλο που έχει μικρή σχετικά μνήμη 8/64 (Flash/Ram) εν τούτοις πήρε όλες τις επιπλέον εφαρμογές που χρειαζόμουν (DDNS, OpenVPN, SQM QoS και p910nd). Φυσικά δεν μένει χώρος, σε περίπτωση που χρειασθεί αναβάθμιση των πακέτων που έχει, οπότε είτε θα γίνεται αναβάθμιση του image (όταν υπάρχει νέο) είτε χρήση extroot κι εξωτερικού USB.


ENG: Bottom line, TD-W8980 can work for both aDSL and vDSL, but TD-W8970B wil work on vDSL and in some cases in aDSL if its connected to DSLAM cabin .


Για όποιον ενδιαφέρεται παρακάτω έχω τις ρυθμίσεις του Network και των Interfaces, ώστε να δουλεύει η συσκευή ανάλογα την επιθυμητή κατάσταση:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr ''
	option netmask ''

config globals 'globals'
	option ula_prefix 'XXXX:XXXX:XXXX::/48'

config atm-bridge 'atm'
	option encaps 'llc'
	option payload 'bridged'
	option vci '35'
	option vpi '8'

config dsl 'dsl'
	option xfer_mode 'atm'
	option line_mode 'adsl'
	option firmware '/lib/firmware/lantiq-vrx200-a.bin'
	option annex 'a'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option netmask ''
	option ip6assign '60'
	option ipaddr ''

config interface 'wan'
	option proto 'pppoe'
	option _orig_bridge 'false'
	option ifname 'nas0'
	option username 'ΧΧΧΧΧΧ'
	option password 'ΧΧΧΧΧΧ'
	option ipv6 'auto'
	option mtu '1492'

config device 'wan_dev'
	option name 'nas0'
	option macaddr 'ΧΧ:ΧΧ:ΧΧ:ΧΧ:ΧΧ:ΧΧ'

config interface 'wan6'
	option ifname '@wan'
	option proto 'dhcpv6'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 2 4 5 6t'

Στο ADSL τα Annexes A/Β, αναφέρονται σε συνδέσεις πάνω από τηλεφωνική γραμμή POTS και ISDN αντίστοιχα. Σε αυτά έχουμε:
α. Στο Annex A, η τηλεφωνία χρησιμοποιεί τις χαμηλές συχνότητες έως 4kHz και το DSL σήμα τις υψηλότερες συχνότητες 25kHz-22MHz, χωρισμένες σε 2 περιοχές (από 1 σε US και DS).
β. Στο Annex Β, η τηλεφωνία χρησιμοποιεί τις χαμηλές συχνότητες έως 120kHz και το DSL σήμα τις υψηλότερες συχνότητες 138kHz-22MHz, χωρισμένες σε 2 περιοχές (από 1 σε US και DS).

Στο VDSL τα Annexes A/B, αναφέρονται στη φασματική περιοχή (US/DS) και τις μάσκες (PSD) που χρησιμοποιούνται στα διάφορα προφίλ σε Αμερική (Annex A) και Ευρώπη (Annex B). Υπάρχουν και άλλα Annexes, είτε ήδη καταχωρημένα σε άλλες περιοχές/χώρες, είτε δεσμευμένα για μελλοντική απόδοση.
Και στο VDSL μπορούμε να έχουμε τηλεφωνία POTS ή ISDN, με τις ανάλογες χαμηλές συχνότητες με του ADSL, αλλά εδώ οι υψηλές συχνότητες του DSL (έως 35MHz) χωρίζονται σε 6 περιοχές (από 3 σε US και DS).
Επομένως το Annex του VDSL είναι άσχετο με την τηλεφωνία και από τις καμπίνες έχουμε συγχρονισμό πάντα σε Β (δεν συμβαίνει πάντα το ίδιο από αστικό κέντρο), ανεξάρτητα το είδος τηλεφωνίας που λαμβάνουμε.

Source (
Credits (jkoukos)
September 18

OpenWRT on TD-W8970B v1

Initial installation

Part #1 Enable root access

Steps to access the linux shell using telnet for the TD-W8970 v1 firmware version0.6.0 2.12 v000c.0 Build 140613 Rel.31066n. Without opening the router physically.

  1. Login to the router web ui at Take backup of the router configuration conf.bin(Keep one copy safely incase you screw up things!)

  2. download tplink configuration encrypter/decrypter tool from the link below. (Thanks ejs1920 for making this tool)

  3. Launch the program StatPOSTer-20160306.jar

  4. Select the router as TD-w8970v1 and click on decrypt button in the program and select the config file you saved in the step1

  5. Save the decrypted conf.xml

  6. Open the the decrypted conf.xml in notepad(would suggest to keep backup of this file just in case)

  7. Add the xml tag  after the xml node SerialNumber and save it.

    <Description val="TD-W8970 v1`telnetd -p 1023 -l login`" />

  8. Click the encrypt button, select the modified config, save as conf_modified.bin

  9. Login to the router web ui at and upload the new conf_modified.bin. And let the router reboot.

  10. Router will reboot and have TD-W8970 v1`telnetd -p 1023 -l login` at the top, this is expected.

  11. Telnet to (using putty or something like it) at port 1023
  12. Enter the user name as admin and password as 1234 (Looks like some sort of backdoor, there goes my peace of mind!)
  13. You are ready to go and have access to linux shell.

Part #2 Install OpenWRT

(Filenames do not much, so download the firmware and rename it )


How to backup original firmware and install openwrt without opening the case

You will need:

1) a usb stick/thumb drive formatted as vfat/msdos
2) PC connected to TD-W8970 v 1 running original firmware either by wire or wireless
3) Telent and dd installed on the PC

Prepare the openwrt images on PC

Download the official 15.05 relese of openwrt-lantiq-xrx200-TDW8970-sysupgrade.image and run the following commnad:

dd if=openwrt-lantiq-xrx200-TDW8970-sysupgrade.image bs=1310720 skip=1 of=openwrt-lantiq-xrx200-TDW8970-sysupgrade-1.image

Create folder td-w8970 on your usb stick/thumb drive then copy these two files over the newly created folder. Unmount/eject the usb stick and plug it into the usb port on the back of TD-W8970.

Backup the original firmware
Open telnet and connect to with login/password both as admin. Type sh after logging successfully. Run the following command to backup:

cat /dev/mtd0 > /var/usbdisk/sda1/td-w8970/mtd0
cat /dev/mtd1 > /var/usbdisk/sda1/td-w8970/mtd1
cat /dev/mtd2 > /var/usbdisk/sda1/td-w8970/mtd2
cat /dev/mtd3 > /var/usbdisk/sda1/td-w8970/mtd3
cat /dev/mtd4 > /var/usbdisk/sda1/td-w8970/mtd4
cat /dev/mtd5 > /var/usbdisk/sda1/td-w8970/mtd5
cat /dev/mtd6 > /var/usbdisk/sda1/td-w8970/mtd6

Verify the size of mtd1 file on the usb stick by executing the following command:

ls -l /var/usbdisk/sda1/td-w8970/mtd1

If the size is 1310720 you can go ahead with installing openwrt otherwise go back to “Prepare the openwrt images on PC” and replace 1310720 by the actual size in the dd command.

Install openwrt
Run the following command

cat /var/usbdisk/sda1/td-w8970/openwrt-lantiq-xrx200-TDW8970-sysupgrade.image > /dev/mtdblock1
cat /var/usbdisk/sda1/td-w8970/openwrt-lantiq-xrx200-TDW8970-sysupgrade-1.image > /dev/mtdblock2

Reboot router afterwards.


On some ISPs (ex Greek Wind) you need to change the PPPoE dial interface from pto0 to pto0.835,

as 835 is the deault VLAN that Wind is using.



April 6

HP DV7 Series BIOS and PCID

If you come across a corrupted BIOS or a bad flash of an HP DV4/5/6/7, you may see the error System Board (00A)

Usually you can fix it with the HP DMI Tools from HP (HPBQ138.exe) , but in some cases the PCID is not 25 chars but 17. This come with the error below…

The input PCID is invalid





The tools here are the old versions which allows to edit the DMI to 17 chars

HP DMI Tools

P.S. You will need a MS/Free/Mini-DOS bootable USB disk, and then copy the files

to the flash drive.


HP reference documentation

HP Consumer Notebook EEPROM utility





May 21

Open-WRT and TP-Link Wi-Fi issues

It appears that many TP-Link models have an issue with Ambient Noise Immunity (ANI)

Add to /etc/rc.local the following line

echo 0 > /sys/kernel/debug/ieee80211/phy0/ath9k/ani

There is a lot of discussion on the matter

February 22

Grep a log file and send output to mail

This is a small script that looks for a string in a log file and then the string is found, sents by mail the output

-This example is for Smoothwall, in which i run Guardian Active response and i wanted to know who is blocked

-Place it in your rc.local, reboot and check your mailbox




EMAILSUBJECT="Guardian On Firewall "

##Select you log file
#tail -f /var/log/messages | while read LINE
tail -f /var/log/guardian/guardian.log | while read LINE
#Select the string
if [ `echo $LINE | grep -c "blocked"` -gt 0 ]
# if [ `echo $LINE | grep -c "eth"` -gt 0 ]

echo "Guardian actions:" > $MESSAGEBODY
#Insert some text before the output
# echo "Guardian done it again !" >> $MESSAGEBODY
#Here i use sendEmail from Smoothwall, you can use you own sendmail/mail commands
sendEmail -f -u "$EMAILSUBJECT" -t -s -xu -xp password < $MESSAGEBODY
# fi

February 20

Fail2Ban and Zimbra

After following several guides i faced an issue with the mail reporting.

Since sendmail provided by zimbra doesn’t work with the same parameters like the default sendmail i modified the mail function of Fail2Ban.

– I have enabled only notifications for Webmail/Webadmin login attemps

For Red Hat /CentOS you will need EPEL Repo

rpm -Uvh 

Continue reading

February 18

OpenVPN Site-to-Site

This is a small how-to for OpenWRTs running OpenVPN and connecting them by creating a site-to-site VPN tunnel.


-We assign 2 IPs, one for each tun0 interface on each router

-This guide assumes that you have already install openvpn packages on both devices

-In this guide A router has 192.168.10.x network and IP in tun0 interface, and router B has 192.168.22.x network with IP in tun0 interface.

-You will need  the file /etc/openvpn/static.key or generate a new one in one router and copy it to the other.

-Port 1195-1194 can be changed

-You can have multiple blocks of configuration in OpenVPN, one for Road Warriors  (see here) and the one documented here.

-Follow the guide here for installing Open VPN and configuring the interfaces tun0/tun1 etc


Router A

config 'openvpn' 'site-to-site'
        option 'enable' '1'
        option 'port' '1195'
        option 'proto' 'udp'
        option 'dev' 'tun'
        option 'secret' '/etc/openvpn/static.key'
        option 'ifconfig' '' #this device tun0 / remote device tun0
        option 'keepalive' '10 120'
        option 'comp_lzo' '1'
        option 'verb' '10'
        option 'float' '1'
        option 'local' ' 1195'
        option 'remote' ' 1194'

Add to  /etc/firewall.user

iptables -t nat -A prerouting_wan -p udp --dport 1195 -j ACCEPT
iptables -A input_wan -p udp --dport 1195 -j ACCEPT

iptables -I INPUT -i tun+ -j ACCEPT 
iptables -I FORWARD -i tun+ -j ACCEPT 
iptables -I OUTPUT -o tun+ -j ACCEPT 
iptables -I FORWARD -o tun+ -j ACCEPT


Add  a static route between the 2 LANs

route add -net  netmask gw

Router B


config 'openvpn' 'Site-to-site2'
	option 'enabled' '1'
	option 'dev' 'tun'
	option 'ifconfig' ''#this device tun0 / remote device tun0
	option 'secret' '/etc/openvpn/remote.key'
	option 'keepalive' '10 120'
        option 'comp_lzo' '1'
        option 'persist_key' '1'
        option 'persist_tun' '1'
        option 'verb' '3'

Add to /etc/firewall.user

iptables -t nat -A prerouting_wan -p udp --dport 1194 -j ACCEPT
iptables -A input_wan -p udp --dport 1194 -j ACCEPT

iptables -I INPUT -i tun+ -j ACCEPT 
iptables -I FORWARD -i tun+ -j ACCEPT 
iptables -I OUTPUT -o tun+ -j ACCEPT 
iptables -I FORWARD -o tun+ -j ACCEPT


Add a static route between the 2 LANs

route add -net   netmask gw