FireBrick

FireBrick - Firewalls, Bonding ADSL, Routers, Traffic Shaping...

FireBrick FB2900
FireBrick FB2900

Bootloader

The FireBrick series include a boot loader. This is a separate part of the software which runs when the unit is powered on, and is responsible for selecting which version of software to run. The boot loader also monitors any problems with the operation of new software installed on the FireBrick, and can automatically run older software if there are repeated issues.

Normally you do not notice the bootloader operating as the FireBrick can start and be running within a few seconds of power on.

However, there is a way to access the bootloader command interface if you need to. This allows you to perform a number of operations including clearing the configuration or removing versions of software or selecting alternative software versions to run. Normally this is a last resort because of some major problem such as making a configuration with incorrect settings which stop you accessing the normal web interface.

Serial access

On the FB6000 series there is a serial port. This is a normal 9 pin D connector which you can use with a straight through male to female serial cable to a PC. You need to set the PC to :-

  • 9600 bps
  • 8 bit
  • 1 stop bit
  • No parity

To use the serial interface, connect the PC and run a suitable application such putty on windows, or cu on linux. Power on the FireBrick and prompt is displayed on the screen. Press RETURN quickly to stop the bootloader automatically continuing with the software start-up. You can then run bootloader commands.

Note: There is a bootloader command to change these initial serial port settings. We recommend not changing them as changes are permanently recorded, so you will have to know the correct details to use the serial interface in future.

UDP network access

On the FB6000, FB2900, FB2700 and FB2500 series you can also access the bootloader via the network. You will need a BOOTP or DHCP server, and a machine which can operate a UDP console. We recommend using the nc command on linux or MAC or (using cygwin) windows.

  • On your PC, run nc -u -l 60001 which will start the PC listening for UDP packets to port 60001.
  • Configure your BOOTP server to allocate an IP address on your network. If you can restrict this to a MAC address starting 000397 then this will only apply to a FireBrick.
  • Configure the BOOTP/DHCP server to provide the next server address (boot server) to be the IP address of your PC on which you will run nc.
  • Configure the BOOTP/DHCP server to provide a boot filename of # (just a single hash symbol).
  • Connect port 1 of the FireBrick FB2900, FB2500 or FB2700, or port 0 of the FB6000 to your network with the BOOTP or DHCP server.
  • Power up the FireBrick. It should send several text UDP packets which will be visible on your nc command.
  • Quickly press RETURN to stop it continuing to load the application. You can in fact press RETURN before seeing the prompt and nc will wait for the prompt before sending the RETURN.

You are then able to send bootloader commands and see the replies from your nc command.

If you are using a FireBrick FB105 as your DHCP server, you can create a subnet for the DHCP, copying details from your normal LAN subnet but setting Restrict to 000397, BOOTP server IP to your PC IP, and BOOTP filename to #. The Status viw log (recent) option will show that the FireBrick is obtaining an IP when you power on.

Note: When you have finished, you may want to remove the BOOTP settings or disable them. It may be sensible to also lock them down to the specific MAC address for the FireBrick to avoid any problems on your network.

Bootload commands

The boot loader has several commands. They are all one letter and optional parameters. The ? command shows what are available.

The Q command will quit and continue with normal booting.


Feature check
SerialUDPModel
YesYesFB6000, all models
NoYesFB2900, all models
NoYesFB2700, all models
NoYesFB2500, all models