Reset UniFi to Factory Defaults – Command Line

SSH into the UniFi. Note that the UniFi username and password get updated from the controller. Refer to here to find username and password.

ssh ubnt@

run the script with the restore-default option restore-default

Once the device is reset, log in over ssh and reconfigure.

Note that the username and password will now be ubnt/ubnt

Cambium Routers Command Line Info

Helpful commands. Maybe?

  1. nvram_set
  2. nvram_get
  3. nvram_get 2860 Password

Looks like most of the configuration scripts are in /sbin

Web from the /etc_ro/web/admin/managment.php

                                                                                                                                                                                     <fieldset>                                                                                                                                                                                                                                           <legend><script type="text/javascript">Capture(management.Web_Access)</script></legend>                                                                                                                                                      <table class="setting_block">                                                                                                                                                                                                                        <tr>                                                                                                                                                                                                                                                 <td class="head" id="remoteWebLogin"><script>Capture(management.Remote_Web_Login)</script></td>                                                                                                                                              <td>                                                                                                                                                                                                                                                 <select name="remote_web_login">                                                                                                                                                                                                             <option value="0" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "1"); %>><script>Capture(share.disable)</script></option>                                                                                                                         <option value="1" <% getCfgSelected("DBID_LAN_LOGIN_ONLY", "0"); %>><script>Capture(share.enable)</script></option>                                                                                                                          </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr id="WirelessHostLogin_tr">                                                                                                                                                                                                                       <td class="head" id="WirelessHostLogin"><script>Capture(management.wireless_access_web)</script></td>                                                                                                                                        <td>                                                                                                                                                                                                                                                 <select name="wireless_access_web">                                                                                                                                                                                                          <option value="0" <% getCfgSelected("wireless_access_web", "0"); %>><script>Capture(share.disable)</script></option>                                                                                    <option value="1" <% getCfgSelected("wireless_access_web", "1"); %>><script>Capture(share.enable)</script></option>                                                                                                                          </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr  id="web_login_access">                                                                            <td class="head" id="WebLoginWay"><script>Capture(management.way_access_web)</script></td>                                                                                                                                                   <td>                                                                                                                                                                                                                                                 <select name="way_access_web">                                                                                    <!--                                                                                    <option value="https" selected = "selected" <% getCfgSelected("way_access_web", "https"); %>><script>Capture(management.https)</script></option>                                                                                             -->                                                                                                                                                                                                                                          <option value="http" <% getCfgSelected("way_access_web", "http"); %>><script>Capture(management.http)</script></option>                                                                                                                      <option value="http&https" <% gethttphttpsSelected("way_access_web", "http&https"); %>><script>Capture(management.http_https)</script></option>                                                                                              </select>                                                                                                                                                                                                                            </td>                                                                                                                                                                                                                                </tr>                                                                                                                                                                                                                                        <tr id="localport_tr">                                                                                                                                                                                                                               <td class="head"><script>Capture(management.localWeb_Port)</script></td>      

 nvram_get  nvram_set
   nvram_get  [] []
   rt2860_nvram_show - display rt2860 values in nvram
   rtdev_nvram_show   - display 2nd ralink device values in nvram
   show    - display values in nvram for 
   gen     - generate config file from nvram for 
   renew   - replace nvram values for  with 
   clear   - clear all entries in nvram for 
   2860    - rt2860
   rtdev    - 2nd ralink device
           - file name for renew command
 nvram_get show
 nvram_get show 2860

Trying to read data

nvram_get gen file tmp.txt
         nvram_get 2860 lan_ipaddr
 nvram_get 2860 lan_ipaddr
 nvram_get 2860 http_wanport
 nvram_get 2860 http
 nvram_get 2860 httpd
 nvram_get 2860 remote_mgt_https
 nvram_get 2860 remote_mgt
 nvram_get 2860 telnet
 nvram_get 2860 remote_mgt
 nvram_get 2860 remote_ip
 nvram_get 2860 wan_ip

grep “nvram_get 2860” * | grep -i web

grep "nvram_get 2860" * | grep -i web 2860 DBID_WEB_PORT  local webport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  local web_remote_ip=nvram_get 2860 WebRemoteLegalIP  wireless_access_web=nvram_get 2860 wireless_access_web  wanwebport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  lanwebport=nvram_get 2860 lan_webport  local webport=nvram_get 2860 DBID_WEB_PORT  local webhttpsport=nvram_get 2860 DBID_WEB_SSL_PORT  local web_remote_ip=nvram_get 2860 WebRemoteLegalIP            local teluserpwd=nvram_get 2860 DBID_SUPER_WEB_PASSWORD 2860 WebInit    pass=nvram_get 2860 DBID_SUPER_WEB_PASSWORD 2860 lan_gateway #for debug, so remote host can access web route from another device in lan port 2860 DBID_WEB_PORT       local pinglegaip=nvram_get 2860 WebAclList     admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD     admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD     admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORD             admPW=nvram_get 2860 DBID_SUPER_WEB_PASSWORD             admPW=nvram_get 2860 DBID_NORMAL_WEB_PASSWORD         url=nvram_get 2860 websURLFilters         host=nvram_get 2860 websHostFilters


Not exactly sure if this does work, but seems like it should.


Default status



After running above command

Commit changes

nvram_get commit



Change password

Seems like I am missing a step. Seems to change the password in the nvram, but does not actually change it permanently

Get current password

nvram_get 2860 Password

Set Password

nvram_set Password newpassword

Commit Changes and reboot

nvram_set commit

Helpful links

Uses some of the commands (i.e. nvram_get 2860 HostName )

Ubiquiti set DHCP from command line

Edit the “/tmp/system.cfg”

Change the line that contains “dhcpc.status=disabled” to


add the following lines


Save and exit and save changes

/usr/etc/rc.d/rc.softrestart save

Log into the GUI and verify everything looks correct. Under the network tab it was still showing that it had a static address, although it pulled a DHCP IP.

Ubiquiti AirMax – Set radio to use DHCP from command line

Gain access to radio via ssh

ssh ubnt@

open up the /tmp/system.cfg

vi /tmp/system.cfg

Delete the following line. To move the cursor to the following line and type “dd” and vi will delete the whole line.


Add the following 5 lines. Hit “i” to enter vi insert mode.
br0 should be correct interface in most scenarios.


Save the file by hitting esc and then “:wq” followed by Return/Enter

Save the config changes and reboot the radio so it pulls an address.

/usr/etc/rc.d/rc.softrestart save && reboot

LibreNMS bulk delete

There is a php script in /opt/librenms/ that lets you delete a host from the command line.

sudo /opt/librenms/delhost.php

Replace with the hostname/ip address of the host you want to delete.

Delete Multiple Hosts

First you’ll need to get a list of devices you want to remove.  You can do this by viewing the devices in the LibreNMS MySQL database;


$ mysql -u librenms -p librenms
MariaDB [librenms]> select hostname from devices;
| hostname |
| |
| |
| |
| |
4 rows in set (0.00 sec)
MariaDB [librenms]> exit

Put all the IP addresses you want to remove into a file and run the following for loop.  Replace “remove_ip.lst” with the name of your ip list file.

for i in `cat ~/remove_ip.lst`; do sudo /opt/librenms/delhost.php $i; done

Add, List, and Delete iptable rules

Add iptable rule

The following rule rejects access to port 22 on all devices except ones on the network.  Note the “!”.  This command can be useful for a WHM/cPanel server to limit ssh access.

iptables -A INPUT ! -s -p tcp --dport 22 -j REJECT

List iptable rules with line numbers

iptables -L --line-numbers

Example output

root@localhost [~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 REJECT tcp -- ! anywhere tcp dpt:ssh reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner GID match mailman
2 cpanel-dovecot-solr all -- anywhere anywhere

Chain cpanel-dovecot-solr (1 references)
num target prot opt source destination
1 ACCEPT tcp -- anywhere anywhere multiport sports 8984,7984 owner UID match cpanelsolr

Remove iptable rule

To delete a rule use the -D option with the Chain and the line number.  So to delete the first rule in the example output above, we would specify the INPUT chain and the the line number 1

 iptables -D INPUT 1


Upgrade Firmware on Ubiquiti Airmax Equipment from the Command Line/SSH

Upgrading the firmware via the command line is super easy.  Basic steps are

  1. Upload firmware file to radio using ftp, scp, or download directly to radio using wget
  2. Move the firmware the /tmp and rename to fwupdate.bin
  3. Upgrade the firmware by running
ubntbox fwupdate.real -m fwupdate.bin

More Detail explanation

Downloading Firmware to Radio

There are a couple of ways to get the firmware uploaded to the radio

  1. Download from Ubiquiti’s website and upload via ftp, scp, filezilla or like
  2. Download directly to the radio using wget

Using wget

ssh into the radio.  Change username and ip address as needed.

ssh ubnt@

cd to the /tmp directory

cd /tmp

Find the firmware file on Ubiquiti’s website, accept the terms, copy the link and paste the link in the terminal after wget.  Replace the below link with the appropriate firmware link.


Installing Firmware

Rename firmware

mv *.bin fwupdate.bin

Start the upgrade

ubntbox fwupdate.real -m fwupdate.bin

The radio will now upgrade and reboot

Another Method.  Using the script

Another way to upgrade a radios firmware from the command line is to use the UBNTMOD tool.  More info on the UBNTMOD script is available here.

Make sure you have the firmware downloaded to your computer and run with the “-U” upgrade option.


bob@localhost:~$ ./ -i -U WA.v8.4.2.35930.171017.1722.bin

Moving emails to new host with imapsync

More info about imapsync here

Install imapsync

CentOS 7, Works on cPanel servers too

yum install epel-release && yum install imapsync

Once installed check and make sure it works.

imapsync --version

If it gives you the version number you should be good to go.

Move email account

imapsync --host1 --user1 --password1  "password1" --host2 --user2 --password2  "password2"

Example :

imapsync --host1 --user1 --password1  "password1" --host2 --user2 --password2  "password2"

Moving Multiple accounts

Best way to move multiple accounts is to use a script and and a list that contains all the usernames and passwords to the accounts you want to move.

example scripts can be found on the imapsync website here is a script example and here is the example file.txt

Example script.

# $Id:,v 1.6 2015/11/04 18:23:04 gilles Exp gilles $

# Example for imapsync massive migration on Unix systems.
# See also
# Data is supposed to be in file.txt in the following format:
# host001_1;user001_1;password001_1;host001_2;user001_2;password001_2;
# ...
# Separator is character semi-colon ";" it can be changed by any character changing IFS=';' 
# in the while loop below.
# # Each line contains 6 columns, columns are parameter values for 
# --host1 --user1 --password1 --host2 --user2 --password2
# and a trailing empty fake column to avaid CR LF part going 
# in the 6th parameter password2. Don't forget the last semicolon.
# You can add extra options after the variable "$@" 
# Use character backslash \ at the end of each suplementary line, except for the last one.
# You can also pass extra options via the parameters of this script since
# they will be in "$@"

# The credentials filename "file.txt" used for the loop can be renamed 
# by changing "file.txt" below.

echo Looping on account credentials found in file.txt

{ while IFS=';' read  h1 u1 p1 h2 u2 p2 fake
        { echo "$h1" | egrep "^#" ; } > /dev/null && continue # this skip commented lines in file.txt
        echo "==== Starting imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
        imapsync --host1 "$h1" --user1 "$u1" --password1 "$p1" \
                 --host2 "$h2" --user2 "$u2" --password2 "$p2" \
        echo "==== Ended imapsync from host1 $h1 user1 $u1 to host2 $h2 user2 $u2 ===="
} < file.txt

Example list of accounts to;;password1;;;password2;


How to use,

You can run these command from a Linux computer

Download script


Make the script executable

chmod +x

Create a text file named “imapsync_list.txt”

This file will contain the mail server to transfer from, username, and password, and then the mail server to transfer to, username and password.  Add one line per account.


Execute the script to start moving mail



In the username you may need to use the username@domainname.tld, so if the username is bob, and the mail domain is, use for the username in the imapsync_list.txt.