Re: [ALUG] BT Home Hub
Please, please, anyone using a BT Home hub do yourself a big favour and stop right now. Go out and buy a decent router that BT don't control. I spent some long time earlier this year playing with the hub and everything that I found bothered me (and others with whom I corresponded). The is a crippled Thomson router which is locked to BT's network. They routinely update the software remotely without your agreement. You can lock it down to prevent this, but frankly why bother - just buy a decent router. I documented this at http://baldric.net/2007/01/22/bt-home-hub-and-the-gpl/. That post also points to comments from me (and many others with similar experiences - see Kai Robinson in particular) on a good site called homehubblog. See for example http://www.homehubblog.com/2006/12/23/christmas-present-from-bt/. Mick
Ill have a look when I get home, but Ive done exactly the same thing as you and I can access my apache webserver ok. The only slight difference is that I use dydns name instead of IP address but this is the same. Also I had no idea it was possible to access the BT home hub management interface from the internet. That is rather worrying considering how often it resets itself and port forwarding rules disappear,
Hi On 21/11/2007, mbm <mbm@rlogin.net> wrote:
Please, please, anyone using a BT Home hub do yourself a big favour and stop right now. Go out and buy a decent router that BT don't control.
I dont care that much about BT control, but what does annoy me is the white cheapo iPod plastic. I also seem to have a lot of disconnects. Couldn't care about the web interface. What I really do care about is the hardcore access to the device. I want to be able to change things. I would like a real Linux system, with a real shell and iptables that I could tinker with, and something that expect would run on (tried expect on a telnet session to the BTHomeHub and things didn't work well). I'd also like this to be in one device, not having to use 2 power plugs for a modem and a separate router. So, which router would be right for me? Thanks Surge
The home hub is designed as a box for the 99% of people who just want access to the internet, and don't know things about IP ports, NAT, QoS, etc. If you want a box that you can play with or configure then get something else the Home Hub is not for you. Personally, I run IP cop on an old 500Mhz AMD K6-2, and it runs great :-) I can tweak it to do loads of different things, it does NAT, QoS, Port forwarding, IPsec, VPN tunnels, multiple domains (I have a green(lan), blue(wireless) and orange(dmz) domain), IPsec, Squid and lots more. Matt -----Original Message----- From: main-bounces@lists.alug.org.uk [mailto:main-bounces@lists.alug.org.uk] On Behalf Of mbm Sent: 21 November 2007 21:46 To: main@lists.alug.org.uk Subject: Re: [ALUG] BT Home Hub Please, please, anyone using a BT Home hub do yourself a big favour and stop right now. Go out and buy a decent router that BT don't control. I spent some long time earlier this year playing with the hub and everything that I found bothered me (and others with whom I corresponded). The is a crippled Thomson router which is locked to BT's network. They routinely update the software remotely without your agreement. You can lock it down to prevent this, but frankly why bother - just buy a decent router. I documented this at http://baldric.net/2007/01/22/bt-home-hub-and-the-gpl/. That post also points to comments from me (and many others with similar experiences - see Kai Robinson in particular) on a good site called homehubblog. See for example http://www.homehubblog.com/2006/12/23/christmas-present-from-bt/. Mick
Ill have a look when I get home, but Ive done exactly the same thing as you and I can access my apache webserver ok. The only slight difference is that I use dydns name instead of IP address but this is the same. Also I had no idea it was possible to access the BT home hub management interface from the internet. That is rather worrying considering how often it resets itself and port forwarding rules disappear,
_______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
On Thu, Nov 22, 2007 at 09:00:00PM -0000, mephi wrote:
Personally, I run IP cop on an old 500Mhz AMD K6-2, and it runs great :-) I can tweak it to do loads of different things, it does NAT, QoS, Port forwarding, IPsec, VPN tunnels, multiple domains (I have a green(lan), blue(wireless) and orange(dmz) domain), IPsec, Squid and lots more.
http://www.openwrt.org/ ftrw! Adam -- jabberid = quinophex@jabber.earth.li
What does ftrw stand for? Matt -----Original Message----- From: main-bounces@lists.alug.org.uk [mailto:main-bounces@lists.alug.org.uk] On Behalf Of Adam Bower Sent: 22 November 2007 22:11 To: main@lists.alug.org.uk Subject: Re: [ALUG] BT Home Hub On Thu, Nov 22, 2007 at 09:00:00PM -0000, mephi wrote:
Personally, I run IP cop on an old 500Mhz AMD K6-2, and it runs great :-) I can tweak it to do loads of different things, it does NAT, QoS, Port forwarding, IPsec, VPN tunnels, multiple domains (I have a green(lan), blue(wireless) and orange(dmz) domain), IPsec, Squid and lots more.
http://www.openwrt.org/ ftrw! Adam -- jabberid = quinophex@jabber.earth.li _______________________________________________ main@lists.alug.org.uk http://www.alug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!
On Fri, Nov 23, 2007 at 01:59:05PM +0000, Adam Bower wrote:
On Fri, Nov 23, 2007 at 01:42:07PM +0000, Brett Parker wrote:
On Fri, Nov 23, 2007 at 01:36:15PM -0000, mephi wrote:
What does ftrw stand for?
At a guess, For The Real World
For Teh Router Win!
All Your Router Are Belong To Us. I'm seeing my cat tonight. I wonder if I can get him to sit on the Cisco in the rack in the garage. J. -- jid: noodles@jabber.earth.li Do you believe in happy endings?
I agree with Mephi and had this discussion with someone at work on the newsgroups. The BT HomeHub is designed as a consumer device - for those people who want the internet to be as easy to use as a DVD player. Although you may own the physical device, when you get a HomeHub you relinquish the router administration role to BT. Recent case in point being the security flaw associated with the backup and restore functionality. BT decided to release an immediate update to disable the functionality, rather than leave it vulnerable until a proper fix could be released. As a user, you lose that functionality and there's nothing you can do about it. Hopefully, they'll re-instate it when they have a secure fix. The point is - BT takes away all that responsibility from you, so that you just get on with using the internet. However, if you want something that you can administer and maintain, you need another product. Running a complete PC with Smoothwall, IPCop or your home-brew linux distro is the most customisable solution (with either an ADSL modem or an internal ADSL card) ... A happy medium for those comfortable with the command line is an off-the-shelf router flashed with openwrt.org or, if you'd prefer a decent web GUI, then dd-wrt.org is an alternative open source firmware distro. It is a shame that BT hasn't completely open-sourced the firmware for the HomeHub. Commercial reasons, I suppose. That would have built up a really good open source project, I think, though. Oh, and my first hit for FTRW would make my mum blush ... Peter.
On Sat, Nov 24, 2007 at 01:42:35PM +0000, samwise wrote:
A happy medium for those comfortable with the command line is an off-the-shelf router flashed with openwrt.org or, if you'd prefer a decent web GUI, then dd-wrt.org is an alternative open source firmware distro.
AIUI dd-wrt (still) = evil. They released a commercial version and won't supply GPL sources (AIUI) you'd still be much better off (imho) with a copy of openwrt and use x-wrt as the web interface. Adam -- jabberid = quinophex@jabber.earth.li
On 24/11/2007, Adam Bower <adam@thebowery.co.uk> wrote:
On Sat, Nov 24, 2007 at 01:42:35PM +0000, samwise wrote:
A happy medium for those comfortable with the command line is an off-the-shelf router flashed with openwrt.org or, if you'd prefer a decent web GUI, then dd-wrt.org is an alternative open source firmware distro.
AIUI dd-wrt (still) = evil. They released a commercial version and won't supply GPL sources (AIUI) you'd still be much better off (imho) with a copy of openwrt and use x-wrt as the web interface.
Adam
The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises. DD-WRT sources are here: http://svn.dd-wrt.com:8000/dd-wrt/browser There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet. Peter.
On Sat, Nov 24, 2007 at 02:44:08PM +0000, samwise wrote:
On 24/11/2007, Adam Bower <adam@thebowery.co.uk> wrote:
On Sat, Nov 24, 2007 at 01:42:35PM +0000, samwise wrote:
A happy medium for those comfortable with the command line is an off-the-shelf router flashed with openwrt.org or, if you'd prefer a decent web GUI, then dd-wrt.org is an alternative open source firmware distro.
AIUI dd-wrt (still) = evil. They released a commercial version and won't supply GPL sources (AIUI) you'd still be much better off (imho) with a copy of openwrt and use x-wrt as the web interface.
Adam
The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises.
DD-WRT sources are here: http://svn.dd-wrt.com:8000/dd-wrt/browser
There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet.
telnet?! TELNET?! What?! Who would leave an openwrt router running telnet... first thing you do is replace that with an ssh daemon. Sheesh. People these days. I still don't understand why people want to configure a router via a web browser... then I'm not entirely sure that I understand why one would be running a webserver capable of CGI on a router... security risk! Run as few services as possible... that's what routers are for, routing... Cheers, -- Brett Parker
On Sat, Nov 24, 2007 at 03:00:05PM +0000, Brett Parker wrote:
On Sat, Nov 24, 2007 at 02:44:08PM +0000, samwise wrote:
On 24/11/2007, Adam Bower <adam@thebowery.co.uk> wrote:
On Sat, Nov 24, 2007 at 01:42:35PM +0000, samwise wrote:
A happy medium for those comfortable with the command line is an off-the-shelf router flashed with openwrt.org or, if you'd prefer a decent web GUI, then dd-wrt.org is an alternative open source firmware distro.
AIUI dd-wrt (still) = evil. They released a commercial version and won't supply GPL sources (AIUI) you'd still be much better off (imho) with a copy of openwrt and use x-wrt as the web interface.
Adam
The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises.
DD-WRT sources are here: http://svn.dd-wrt.com:8000/dd-wrt/browser
There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet.
telnet?! TELNET?! What?! Who would leave an openwrt router running telnet... first thing you do is replace that with an ssh daemon. Sheesh. People these days.
It still appears to be be norm for many routers, as long as it only allows connections from 'inside' (i.e. from the local subnet and not from the outside world) then I don't really see a problem. That's certainly the way my Speedtouch is (and I think it defaults to this). OK, you're talking about a PC running as a router I assume but the same applies doesn't it?
I still don't understand why people want to configure a router via a web browser... then I'm not entirely sure that I understand why one would be running a webserver capable of CGI on a router... security risk! Run as few services as possible... that's what routers are for, routing...
Because configuring via a CLI frightens some people off? Again talking of my Speedtouch the Web interface provides the basic 'home user' setup facilities and the CLI offers *everything* you could possibly want. -- Chris Green
On Sat, Nov 24, 2007 at 02:44:08PM +0000, samwise wrote:
There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet.
On Sat, Nov 24, 2007 at 03:00:05PM +0000, Brett Parker wrote:
telnet?! TELNET?! What?! Who would leave an openwrt router running telnet... first thing you do is replace that with an ssh daemon. Sheesh. People these days.
OK, 1-0. Yes, openwrt comes with SSH out of the box - slip of the keyboard fingers. In my own defence, even if it were running telnet, that should only be accessible from the internal LAN, so an attacker would need physical access to your house to make use of it anyway. Game over by then.
On 24/11/2007, Chris G <cl@isbd.net> wrote:
It still appears to be be norm for many routers, as long as it only allows connections from 'inside' (i.e. from the local subnet and not from the outside world) then I don't really see a problem. That's certainly the way my Speedtouch is (and I think it defaults to this).
OK, you're talking about a PC running as a router I assume but the same applies doesn't it?
Yep.
On Sat, Nov 24, 2007 at 03:00:05PM +0000, Brett Parker wrote:
I still don't understand why people want to configure a router via a web browser... then I'm not entirely sure that I understand why one would be running a webserver capable of CGI on a router... security risk! Run as few services as possible... that's what routers are for, routing...
On 24/11/2007, Chris G <cl@isbd.net> wrote:
Because configuring via a CLI frightens some people off? Again talking of my Speedtouch the Web interface provides the basic 'home user' setup facilities and the CLI offers *everything* you could possibly want.
Exactly. I was describing the range of options available ... and, heaven forbid, there are some people who don't want to have to look through a an erratic docu-wiki for a couple of hours, just to work out how to add a simple firewall rule. DD-WRT works for these people much better than openwrt ... Let's not forget there's a rainbow of users out there, ppl! ;) Peter.
On Sat, Nov 24, 2007 at 03:41:58PM +0000, samwise wrote:
Exactly. I was describing the range of options available ... and, heaven forbid, there are some people who don't want to have to look through a an erratic docu-wiki for a couple of hours, just to work out how to add a simple firewall rule. DD-WRT works for these people much better than openwrt ...
DD-WRT works for *some* people better than openwrt. I ditched DD-wrt because A. it was crap. B. it was infringing the gpl at the time. and C. I don't think you've used X-wrt before ;)
Let's not forget there's a rainbow of users out there, ppl! ;)
I think you might be the one forgetting that ;) Adam -- jabberid = quinophex@jabber.earth.li
DD-WRT works for *some* people better than openwrt.
And so we're bickering about it because ... ??
I ditched DD-wrt because A. it was crap. B. it was infringing the gpl at the time. and C. I don't think you've used X-wrt before ;)
If you have actual evidence of B, then let the Software Freedom Law Center and Free Software Foundation Europe know so they can do something about it. I'm sure they'd love to get involved ... and really? I'm running x-wrt, right now. Or at least I would be, if it would forward ports as it's supposed to ... except it doesn't, even if I configure it through the openwrt command interface (because the GUI is so under developed at this point it gets confused when editing the rules it created itself). I'll get it fixed eventually, but even the denizens of the x-wrt IRC channel were stumped ... and that's AFTER I had to debug it's PPPoE problems and then update the online documentation appropriately. I have also run dd-wrt for some time and I *never* encountered any serious bugs with such core features, let alone had to spend this much time fixing them. Don't get me wrong, I like openwrt and it's obviously a very capable and customisable operating system but recommending it as suitable for every user out there, makes about as much sense as recommending Windows for all.
Let's not forget there's a rainbow of users out there, ppl! ;)
I think you might be the one forgetting that ;)
Adam
How so? You called me out for suggesting dd-wrt might serve a certain class of user better than openwrt. If you don't think openwrt fits all, what were you drawing attention to? Peter.
On Sat, Nov 24, 2007 at 06:32:45PM +0000, samwise wrote:
How so? You called me out for suggesting dd-wrt might serve a certain class of user better than openwrt. If you don't think openwrt fits all, what were you drawing attention to?
Err no, you said a few things about DD-WRT, and I quote: "The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises." My experience with DD-WRT was the opposite, therefore your statement isn't always true. "There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet." I found it hard to customise and tbh a pain in the arse to use, hence why I went to openwrt as I wanted something that works, rather than something which didn't work, had a dubious license and a hostile user base. You are the one who jumped in suggesting it as the "better" option, and it seems you are the one forgetting the "rainbow" of users. Adam -- jabberid = quinophex@jabber.earth.li
Err no, you said a few things about DD-WRT, and I quote:
"The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises."
My experience with DD-WRT was the opposite, therefore your statement isn't always true.
That's just fact. Draw up a list of what X-wrt (the GUI) is capable of and compare it with DD-WRT. X-wrt is simply not as developed as DD-WRT at this moment. End of. Now, because you can get down to openwrt underneath then, yes, openwrt can be more customisable than dd-wrt - but that's not functionality accessible through the GUI and I'll be very surprised if you achieved the level of customisation you were after without resorting to usnig the command line.
"There's a lot of FUD around DD-WRT, I think - IMHO, it's a better bet for those who want to be able to customise a lot, without resorting to telnet."
I found it hard to customise and tbh a pain in the arse to use, hence why I went to openwrt as I wanted something that works, rather than something which didn't work, had a dubious license and a hostile user base. You are the one who jumped in suggesting it as the "better" option, and it seems you are the one forgetting the "rainbow" of users.
By customise, I was referring to the out-of-the-box functionality available for those who want to customise their home network but, crucially, who don't want to use a command prompt. DD-WRT's license is clear - GPL v2. Why is the userbase hostile? They have a forum, wiki, IRC channel, bug tracker. If you've had a personal, bad experience with someone in their community, that's just life - every project has it's unhelpful zealots, unfortunately. For someone who doesn't want to configure through a command line, I stand by my statement that DD-WRT is easily the better option, offering more functionality. I'm happy to be convinced otherwise, but I have yet to hear any practical reasons so far as to why you're sure I'm wrong.
You are the one who jumped in suggesting it as the "better" option, and it seems you are the one forgetting the "rainbow" of users.
Man, that is such a lame phrase. Really wish I'd thought harder about it. :) Seriously, though, can you honestly not see the difference between poking around dd-wrt's web interface and being plonked in front of openwrt's command interface for a newbie? Peter.
On Sat, Nov 24, 2007 at 08:01:34PM +0000, samwise wrote:
Seriously, though, can you honestly not see the difference between poking around dd-wrt's web interface and being plonked in front of openwrt's command interface for a newbie?
*SIGH* which is why I suggested x-wrt in the first place, I don't care how good you think dd-wrt is it didn't work for me and the gui was slow and parts of it didn't work, not to mention the networking problems I had with DD-WRT. Now, openwrt out the box would be a pain for some users which is *precisely* why I mentioned x-wrt. Do you see why i'm trying to give a variety of options to everyone that might work better for them? If a newbie had the same problems with DD-WRT that I had then they wouldn't be on the internet but they might at least get a chance of having a working setup with openwrt. Adam -- jabberid = quinophex@jabber.earth.li
*SIGH* which is why I suggested x-wrt in the first place, I don't care how good you think dd-wrt is it didn't work for me and the gui was slow and parts of it didn't work, not to mention the networking problems I had with DD-WRT.
Well, let's call it a draw - because my experience was the complete opposite. DD-WRT was far more mature, stable and worked out of the box for me. So far, x-wrt has been a complete pain. 1-1. :) Peter.
On Sat, Nov 24, 2007 at 02:44:08PM +0000, samwise wrote:
The X-wrt GUI interface is really not in the same league as DD-WRT yet, unfortunately. Probably won't be, until a while after Kamikaze stablises.
Blimey, you must work for BT or something? the DD-WRT web interface is awful. Adam -- jabberid = quinophex@jabber.earth.li
The home hub is designed as a box for the 99% of people who just want access to the internet, and don't know things about IP ports, NAT, QoS, etc.
If you want a box that you can play with or configure then get something else the Home Hub is not for you.
Sad to say, I have a HH at the moment, and it's tempting to put my old Linux box back in place. I bought (sometime ago) a super cheap Connexant (I think) PCI ADSL card, and it worked a treat with Linux. This may be the full control you are looking for. Either that, or buy yourself a cheap ADSL modem, and use your Linux box as a router to do PPPoE, also works very well, mainly I suppose because you can configure it exactly as you want it. Don't think that the wife would want a desktop PC on the table in the hallway though. The choice is yours! Good luck! :) -Mark ----------------------------------------------------------- This message may contain confidential and/or privileged information. This information is intended to be read only by the individual or entity to whom it is addressed. If you are not the intended recipient, you are on notice that any review, disclosure, copying, distribution or use of the contents of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately and delete or destroy any copy of this message.
On Fri, Nov 23, 2007 at 12:25:20AM -0000, mark@webb-heath.com wrote:
The home hub is designed as a box for the 99% of people who just want access to the internet, and don't know things about IP ports, NAT, QoS, etc.
If you want a box that you can play with or configure then get something else the Home Hub is not for you.
Sad to say, I have a HH at the moment, and it's tempting to put my old Linux box back in place. I bought (sometime ago) a super cheap Connexant (I think) PCI ADSL card, and it worked a treat with Linux. This may be the full control you are looking for.
Either that, or buy yourself a cheap ADSL modem, and use your Linux box as a router to do PPPoE, also works very well, mainly I suppose because you can configure it exactly as you want it.
Replace "cheap ADSL modem" with "cheap ADSL router" and then the "Linux box as a router" is redundant. As long as you get a router with a proper firewall and the ability to set it up, of which there are many available now, it's a much neater and tidier route to go than an actual PC as a router.
Don't think that the wife would want a desktop PC on the table in the hallway though.
... but you can hide a router under the table. :-)
----------------------------------------------------------- This message may contain confidential and/or privileged information. This information is intended to be read only by the individual or entity to whom it is addressed. If you are not the intended recipient, you are on notice that any review, disclosure, copying, distribution or use of the contents of this message is strictly prohibited.
Well in that case I must ignore this bit as well then! :-)
If you have received this message in error, please notify the sender immediately and delete or destroy any copy of this message.
-- Chris Green
participants (9)
-
Adam Bower -
Brett Parker -
Chris G -
Jonathan McDowell -
mark@webb-heath.com -
mbm -
mephi -
samwise -
Srdjan Todorovic