@FOR ALL: there is a lot of knowledge on packetinspector - anyone want to setup a wiki with me to retain it?

I'll help!

Just a suggestion to all.  It may be a good idea to cycle through all three configurations (bridge, router, gateway) and perform the system update (sh /sbin/fw_update via putty or via web gui) and back up your configuration under "system | backup config" for archiving just in case your shield gets corrupted somehow.  Thanks everyone for taking the initiative in moving as much data over to this new forum.  It will come in handy in the future.

corrupted file following update

roadrunnere42

Whist testing the beta program my Shield stopped working, Itus kindly gave my a new one after some technical support.
Now after closer looking i think i can fix it, the problem is that the Itusrouterimage is corrupt and i need to copy a new image back but this is only possible from the serial cable and no ssh.
The Shield starts it's boot process, then says can't read ItusRouterImage file, has anybody got any idea how to copy the file back using the very limited command available.
Ps it's the same for the other two modes bridge and gateway.
The problem started after an firmware update requested a factory restart which result in something get corrupted along the way.

#################################################################################################################

Wisiwyg

Can you get into it with a console cable? Do you have a sd card slot on yours? If so, you may be able to copy the image to the SD card and boot from the card. I'm about to post administrative handbook over at the other forum. There may be instructions that would help there.
Shield Pro v1, FW 1.51 SP1, Bridge Mode
Bridge Speedtest: Ping 11, Download 110 Mbps, Upload 12.4 Mbps, Site: speedtest.comcast.net
Wisiwyg on https://forum.OpenWRT.org/

#################################################################################################################
roadrunnere42

Great I have a sd card slot, will tomorrow copy from working shield to card then try booting broken shield. Did not think about the sd slot.

I can get into the Shield with the console cable, the shield stops before loading the image, it does have a prompt which only has about 20 commands.

#################################################################################################################
Wisiwyg

Please capture this and post it over at OpenWRT! This will happen to others, and I for one would like to know how to do this.

You have the images, right? If not, they're attached in the zip package posted in OpenWRT forum post 1.
Shield Pro v1, FW 1.51 SP1, Bridge Mode
Bridge Speedtest: Ping 11, Download 110 Mbps, Upload 12.4 Mbps, Site: speedtest.comcast.net
Wisiwyg on https://forum.OpenWRT.org/

Thank you. I actually didn't notice the status screen has info on updates! Great stuff.

corrupted file following update

Following on from previous posts of my shield not booting after firmware update, i have 2 Shields. I have found a very interest thing.
On my good working Shield running 1.51 sp1 firmware, I placed a formatted sd card into the shield and reboot, it then boots into rc2 firmware, take card out, reboot and hay presto 1.51 sp1 firmware.
Just thought I would share.

Andy

Hello all,
Just joined and have also posted this error on the ITUS forum,

Can anyone help with this error? Shield does not start up.

Setting IP address...
Done.
Reserving first 1MB of memory
Initializing stdio...
Initializing jump table...
Initializing console...
Console initialized
Setting stdin, stdout and stderr to serial port
Setting load address...
Configuring misc...
MMC: Octeon MMC/SD0: 1
Doing late board init...
Setting serial number to
Entering main loop.
Hit any key to stop autoboot: 0
No bootable FAT partition found
bootstage3 - Load and execute the stage 3 bootloader
Octeon sff7000# (left at this prompt in the console after the last line!)

Is there a image that I can load via console from this prompt and also the instructions please?

Please Help!
Regards,
Craig

(Last edited by hocking.craig on 31 Jan 2016, 11:55)

For Reference: Cron job to reboot

Searching further, OpenWRT doesn't have the shutdown command as sk3ch points out (Thanks sk3ch!), but has a reboot command instead...

Looking through the OpenWRT documentation, it appears there are additional considerations like no RTC. So there is a recommendation to use this:

# Reboot at 4:30am every day
# Note: To avoid infinite reboot loop, wait 70 seconds
# and touch a file in /etc so clock will be set
# properly to 4:31 on reboot before cron starts.
30 4 * * * sleep 70 && touch /etc/banner && reboot

(source: https://wiki.openwrt.org/doc/howto/cron?s[]=reboot)

But, since I only want to reboot once a week, I've changed my chron to do this:
0 4 * * 0 sleep 70 && touch /etc/banner && reboot

This *should* reboot on Sunday night at 4 am. Note that I confirmed /etc/banner *does* exist in the Shield's structure.

For future reference, cron information from the LuCI GUI is stored in the file "/etc/crontabs/root".

edit: Based on positive feedback from sk3ch, I'm going to try running daily. The code for that is:

0 4 * * * sleep 70 && touch /etc/banner && reboot

(Last edited by Wisiwyg on 31 Jan 2016, 19:09)

Hi Craig, have you tried what Andy described in the post just above yours? If you can get your shield to boot to RC2, you could go through the update procedure to reinstall the SP1 firmware.

(Last edited by Wisiwyg on 31 Jan 2016, 18:49)

Is the firmware download site down or do I need some kind of GUID or auth in order to grab these files in the upgrade script?

Source: https://itus.io/wp-content/uploads/2015 … pgrade.txt

Code:

#!/bin/sh
RESTORE_PART=/dev/mmcblk0p1
MOUNT=/overlay
URL="https://api.itusnetworks.net/free/v1/ITUS-BETA?file="
UPDATES="ItusrestoreImage router.tar.gz"
RESET_FILES="ItusrestoreImage router.tar.gz"


error(){
        echo "Shield Update Failed - Please try again and if issues persist please contact support (https://itus.io/support/#Help)"
        exit 1
}

mount_filesystem(){
        [[ -n "`mount | grep ${MOUNT}`" ]] && umount $MOUNT > /dev/null 2>&1
                mkdir -p ${MOUNT}
        if [ -z "`mount | grep ${MOUNT}`" ]; then
                mount -o rw $RESTORE_PART $MOUNT
                [[ "$?" != "0" ]] && echo "Unable to mount restore partition! Aborting ...." && error
        fi
}

download_updates() {
        echo "Fetching md5sums ...."
        curl -o /tmp/md5sum ${URL}md5sum -k
        [[ "$?" != "0" ]] && echo "Unable to download new md5sums! Aborting ...." && error
        sed -i '/^$/d' /tmp/md5sum

                echo "Downloading updates ...."
        mkdir -p ${MOUNT}/updates
        for file in $UPDATES
        do
                echo "Downloading: $file"
                curl -o ${MOUNT}/updates/$file ${URL}$file -k
                        [[ "$?" != "0" ]] && echo "Unable to download $file!  Aborting firmware updates." && error
        done

                echo "Validating downloads ...."
                for file in `find ${MOUNT}/updates/ -type f`; do
                        CHECKSUM=""
                        CHECKSUM=`md5sum $file | awk '{print $1}'`
                        [[ -z "`grep ${CHECKSUM} /tmp/md5sum`" ]] && echo "Validation of downloaded updates failed! Aborting ...." && error
                done
}

update(){
        echo "Updating ...."
        [[ -f ${MOUNT}/updates/ItusrestoreImage ]] && cp -v /overlay/updates/ItusrestoreImage /overlay/ItusrestoreImage && cp -v /overlay/updates/ItusrestoreImage /overlay/ItusrouterImage
        [[ -f ${MOUNT}/updates/router.tar.gz ]] && cp -v /overlay/updates/router.tar.gz /overlay/restore/router.tar.gz
        echo "FIRMWARE DOWNLOAD COMPLETE, PLEASE RUN A FACTORY RESET TO COMPLETE UPGRADE" >> /tmp/snort/alert.fast
}

cleanup(){
        rm -f /tmp/md5sum
        rm -rf /overlay/updates/*
        umount $MOUNT
        echo "FIRMWARE DOWNLOAD COMPLETE, PLEASE REBOOT YOUR SHIELD TO COMPLETE THE UPGRADE."
        echo "****THE UPGRADE PROCESS WILL TAKE ABOUT 10 MINUTES TO COMPLETE*****."
    echo "WARNING: DO NOT DISCONNECT POWER FROM YOUR SHIELD DURING THE UPGRADE"
}

mount_filesystem
download_updates
update
cleanup

change
UPDATES="ItusrestoreImage router.tar.gz"
RESET_FILES="ItusrestoreImage router.tar.gz"
to
UPDATES="ItusrestoreImage"
RESET_FILES="ItusrestoreImage"

and it should work.

#!/bin/sh
#
# This script updates Shield from RC1 / BETA to 1.51SP1. It asumes that source files are available on itusnetworks.net
# If this is not the case, update the URL or copy the images directly to Shield temp folder
#
#
RESTORE_PART=/dev/mmcblk0p1
MOUNT=/overlay
URL="https://api.itusnetworks.net/free/v1/ITUS-BETA?file="
#UPDATES="ItusrestoreImage router.tar.gz"
#RESET_FILES="ItusrestoreImage router.tar.gz"
UPDATES="ItusrestoreImage"
RESET_FILES="ItusrestoreImage"

error(){
        echo "Shield Update Failed - Please try again and if issues persist please contact support (https://itus.io/support/#Help)"
        exit 1
}

mount_filesystem(){
        [[ -n "`mount | grep ${MOUNT}`" ]] && umount $MOUNT > /dev/null 2>&1
                mkdir -p ${MOUNT}
        if [ -z "`mount | grep ${MOUNT}`" ]; then
                mount -o rw $RESTORE_PART $MOUNT
                [[ "$?" != "0" ]] && echo "Unable to mount restore partition! Aborting ...." && error
        fi
}

download_updates() {
        echo "Fetching md5sums ...."
        curl -o /tmp/md5sum ${URL}md5sum -k
        [[ "$?" != "0" ]] && echo "Unable to download new md5sums! Aborting ...." && error
        sed -i '/^$/d' /tmp/md5sum

                echo "Downloading updates ...."
        mkdir -p ${MOUNT}/updates
        for file in $UPDATES
        do
                echo "Downloading: $file"
                #
                # This line below downloads the file
                #
                curl -o ${MOUNT}/updates/$file ${URL}$file -k
                        [[ "$?" != "0" ]] && echo "Unable to download $file!  Aborting firmware updates." && error
        done

                echo "Validating downloads ...."
                for file in `find ${MOUNT}/updates/ -type f`; do
                        CHECKSUM=""
                        CHECKSUM=`md5sum $file | awk '{print $1}'`
                        [[ -z "`grep ${CHECKSUM} /tmp/md5sum`" ]] && echo "Validation of downloaded updates failed! Aborting ...." && error
                done
}

update(){
        echo "Updating ...."
        [[ -f ${MOUNT}/updates/ItusrestoreImage ]] && cp -v /overlay/updates/ItusrestoreImage /overlay/ItusrestoreImage && cp -v /overlay/updates/ItusrestoreImage /overlay/ItusrouterImage
        [[ -f ${MOUNT}/updates/router.tar.gz ]] && cp -v /overlay/updates/router.tar.gz /overlay/restore/router.tar.gz
        echo "FIRMWARE DOWNLOAD COMPLETE, PLEASE RUN A FACTORY RESET TO COMPLETE UPGRADE" >> /tmp/snort/alert.fast
}

cleanup(){
        rm -f /tmp/md5sum
        rm -rf /overlay/updates/*
        umount $MOUNT
        echo "FIRMWARE DOWNLOAD COMPLETE, PLEASE REBOOT YOUR SHIELD TO COMPLETE THE UPGRADE."
        echo "****THE UPGRADE PROCESS WILL TAKE ABOUT 10 MINUTES TO COMPLETE*****."
    echo "WARNING: DO NOT DISCONNECT POWER FROM YOUR SHIELD DURING THE UPGRADE"
}

mount_filesystem
download_updates
update
cleanup

worked for me on my 2nd shield - you have to perform factory reset afterwards.

Thanks! URL for those that want to download the latest firmware: https://api.itusnetworks.net/free/v1/IT … storeImage

Where can I buy the iTus Shield Pro?

Check eBay... Itus is no longer offering them it seems. But they are starting to show up on eBay. Prices are high ATM, but they should come down once news about Itus spreads.

At least one is listed there as of this post, $175 with BIN $225.

(Last edited by Wisiwyg on 1 Feb 2016, 16:06)

You can download router.tar.gz the same way if needed...
https://api.itusnetworks.net/free/v1/IT … ter.tar.gz

Thanks
after searching in ebay, it seems the shield pro is not available anymore, the only item I saw was posted last July 2015

Hi Wisiwyg --  thanks again for your kind efforts to bail me out, and keep the community going. Looking at the admin interface via 10.10.10.10, I'm on v1.51. However, the last time the unit indicates update was Nov 28! Yeesh. I assumed it had been updating itself, but apparently not.  So perhaps I'm three steps behind being able to use the above!  Other suggestions would be most welcome. Thank you!

I am not keeping track with the discussion here. I sure would like to know if the company ever did release its firmware source to include all the in-house (proprietary) drivers and/or software packages. If so, I would not know if anyone here has ever tried to successfully compile OpenwRT firmware from the source released by the company for the ITUs Shield Pro product.

This is the listing that he is talking about:
http://www.ebay.com/itm/ITUS-NETWORKS-S … 1512870106

Sometimes I notice that my laptop mentions "No internet connection" (wired/wireless) when I am working on internet.
Here's how it works: Windows checks automatically for IP/DNS and responses from www.msftncsi.com for both IPV4 and IPV6.

Source: http://answers.microsoft.com/en-us/wind … amp;auth=1

So the exact list of websites to check by Windows can be found in the registry: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet]

I had to add www.msftncsi.com to the webfilter white list to solve this nuisance.

BTW: If you want to change the default diagnostics (now: itusnetworks.com), edit the file /usr/lib/lua/luci/view/admin_network/diagnostics.htm

robj wrote:

    Hi all -- I just joined. I'm really sad to hear about Itus going under. Great people and a great product idea. And now I'm having technical issues with my shield and cannot solve them on my own after many hours trying. I searched and didn't see a good place to post problems on this forum for possible help. Forgive my ignorance if I'm posting in the wrong place.

    My shield (router mode) stopped working two days ago. No reason, just stopped. I tried all the suggestions in other forum posts about rebooting, resetting, restarting my modem, router, and shield. No dice. Tested cables too, and not the problem. Waited the prescribed timeframes for each bootup, including 15 min for Shield

    When modem is connected to router without Shield between, everything works great. So problem is isolated to the Shield.

    Lights are on, so the Shield appears to be working, and I can access its admin interface. But I can never get the internet connected with Shield in place. So obviously something is wrong

    thanks for your insights and kind regards,
    -Rob
############################################################################################################

Hi Rob

I have found that if I do a factory reset and run the update command from the gui my Shield do not connect to the internet, this seem to be on the last updated script.

My solution was -

do factory reset in router mode.
log in via ssh
cd to sbin
run this command sh fw_upgrade
you will get a short list basically saying its downloaded a file
then rerun the command sh fw_upgrade
this time a load more update are downloaded, it will say cant remove ads or malicious  folder ( don't worry about these)
no reboot the Shield with the command
reboot -f
hopefully this will work, I had found that if i did only the first update of the fw_upgrade, my shield would not connect to internet  afterwards ,i'm thinking that people would only run the update from the gui only once before rebooting they Shield causing lack of internet.

Andy

Great find, had notice this on my Windows computers, but had not got around to investigating . Have put http://www.msftncsi.com into my web filter allow list.

Andy

I'm pretty sure that is one of the Win 10 telemetry sites. If you have telemetry blocking on - and I do - you can't get to that site.

I'm using Spybot Anti-Beacon to block telemetry (The same people who made Spybot Search & Destroy anti-malware). https://www.safer-networking.org/spybot-anti-beacon/

(Last edited by Wisiwyg on 3 Feb 2016, 00:22)

The alternative is to disable the polling.

Go to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet] and set Dword EnableActiveProbing to zero. But you have to do this on every computer.

Hello All....

I want to add DNSCrypt to my shield box. I see that DNSCrypt and libsodium (a dependency) are both in the repository for Octeon but I keep getting an error saying I'm missing the libssp dependency when trying to install libsodium. I don't see a LIBSSP package anywhere... is it part of something else? I can't find any info on it.

Thanks,
"user8446" on packetinspector.org but already had this OpenWRT account