I am looking to leverage ACL feature in my PBT ONT from GenieACS. Currently, it is in testing phase.
What i am attempting to accomplish here is to push ACL from TR server to onsite PBT ONT and this will populate following field in ACL above ACL page.
ACL Capacity → Enable ( Check box)
Enable → Checked
Interface to be auto selected based on LAN or WAN (parameter send)
Also, i am trying to create a script to just allow selected service that could be allowed while remotely managing ONT.
Example:
Source IP address / Subnet.
e.g 0.0.0.0 will allow connection to ONT from all remote source IPs. But i need to just keep 1-2 source IPs for that location.
Value Name="CWMP_ACL_ENABLE" Value="0"/>
chain chainName="OMCI_DM_MCAST_ACL_TBL">
I found following when i download router config as you suggested @rudymartin .
If i understand correctlt, we have to provision ACL parameters as well. But these config just gives me values. I assume i need correct parameter to place ACL.
not going to ask you to post the entire config file, but posting the entire line/s where the parameter appear might help a bit. IOW what you posted is a just a section of the attributes of a XML element. What you are looking for is a hint for a propper parameter name inside ACS tree data model. That’s how HW store it’s parameters.
text can be posted as is using the proper tag. Still not sure to understand but I would look for ACL_IP_TBL inside GenieACS ui. Perhaps you will have to manually refresh some paths until you find it.
if that does not work, another way would be to download two config files, one without the parameters you want and the other with obvious values. linux command diff might give you a clue where is it located.
I have both Huawei and PBT in my enviornment. How do i specify this fuction and parameters to just run on a PBT router during boot. Do i set some provision and put the above javascvript code with some preset.
However, in my Huawei router, it have all those ACL proprietary parameter.
I guess i am still little confuse. I am trying to send my whole config.xml file as this is my test server, but somehow i am not able to share xml file in this section and jpg/jpeg/txt format are big in size.
create a preset with the proper event, pointing to the provision you want, then evaluate manufacturer/model to decide if you want to run it, based on the data model, ie DeviceID.ProductClass or DeviceID.Manufacturer (I think it could be done from a preset but I tend to put my trust in the code).
If you don’t have the skills of a programmer then I recommend hiring one with experience on JavaScript/NodeJS and Linux. If you do, then I suggest to invest some time into learn and test how GenieACS works.
In my case I had to dedicate some months until I got it working the way we need it. YMMV.
I have looked into you suggestion and trying to use Manufacturer in code. I have name my provision ‘ACL_TEST_PBT’ and have set preset with weight of 100.
const now = Date.now();
const Manufacturer = declare(‘DeviceID.Manufacturer’, {value: 1}).value;
if (typeof Manufacturer !== ‘undefined’ && Manufacturer[0] === ‘PBT’) {
function procesar_boot_call() {
log(“boot call”);
Howver, i am not able to create a new provision for the specified parameter.
If i am not mistaken, this code is declaring a function called “procesar_boot_call” that sets values for various parameters in the PBT router configuration.
When called, this function sets the “AccessControlListEnable” parameter to the current time, and sets the “InternetGatewayDevice.X_HW_Security.AclServices.AccessControl.List.*” parameter to null with path “0”.
Then, the function builds a string called “cadena” with a specific format that includes settings for various access control list parameters, such as mode, priority, and service ports. Finally, the function calls declare() with the “cadena” string as the first parameter, the current time as the value, and path “1” as the options for this parameter.
I have tried to reboot the PBT router as well. However, i am not able to populate those proprietary parameter in PBT. Am i missing anything here.
