Baicells – nmap scan of eNodeB shows connected subscribers

Doing a port scan on the 50000-59999 port range reveals all the connected subscriber modules.

Alfred@localhost:~$ nmap -p 1-65535 10.0.0.2
 Starting Nmap 7.60 ( https://nmap.org ) at 2019-09-30 23:55 CDT
 Nmap scan report for 10.0.0.2
 Host is up (0.026s latency).
 Not shown: 65520 closed ports
 PORT      STATE    SERVICE
 80/tcp    open     http
 7547/tcp  open     cwmp
 27149/tcp open     unknown
 59423/tcp open     unknown
 54984/tcp open     unknown
 51241/tcp open     unknown
 Nmap done: 1 IP address (1 host up) scanned in 19.18 seconds

Should be able to access the login page for the subscriber module by going to https://enodb-ip:xxxxx

Where xxxxx is the port number from the scan. Should be 5 with the last four IMSI numbers of the subscriber unit.

Turn Your Raspberry Pi into a Wireless Hotspot

Goal:

The goal of this guide is to turn a Raspberry Pi into a wireless home/mobile router.

Equipment:

  1. Raspberry Pi with raspbian
  2. Wireless USB device.  The guide uses a Edimax Nano USB Wifi (EW-7811Un) adapter
  3. Ethernet cat5 cable to connect to the Internet

Lets get started.

Install the following packages.

sudo apt-get install hostapd dnsmasq iptables

Open up “/etc/network/interfaces” and add the following lines.  If there is a line for wlan0 you can comment it out with a “#”.

iface wlan0 inet static
address 192.168.42.17
netmask 255.255.255.0

Configure Hostapd

Edit the following file “/etc/default/hostapd” so it looks like this.

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Now edit the hostapd config file “/etc/hostapd/hostapd.conf” and configure the wireless access point.

interface=wlan0
driver=rtl871xdrv
bridge=br0
ssid=MC
channel=1
wmm_enabled=0
wpa=1
wpa_passphrase=min3cr@ft
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
auth_algs=1
macaddr_acl=0 

 Configure the DHCP Server

For the DHCP server we just need to add the following lines to “/etc/dnsmasq.conf”

interface=wlan0
dhcp-range=192.168.42.20,192.168.42.152,255.255.255.0,12h
dhcp-option=3,192.168.42.17

Configure Iptables

Now we need to set it up so the pi can forward traffic from wlan0 to eth0.

Edit “/etc/sysctl.conf” and uncomment the following line

net.ipv4.ip_forward=1

then execute

sysctl -p

Next create an iptables “config” file.

sudo touch /etc/network/if-up.d/router.sh
sudo chmod +x /etc/network/if-up.d/router.sh
sudo su -c "echo '/etc/network/if-up.d/router.sh' >> /etc/rc.local"

Add the following line to the file.

sudo iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
sudo iptables --append FORWARD --in-interface wlan0 -j ACCEPT

If you are using the same wireless adapter that is used in this guide then you will need to execute the following commands to replace the hostapd binary.  You can find more info here.

wget http://www.daveconroy.com/wp3/wp-content/uploads/2013/07/hostapd.zip
unzip hostapd.zip
sudo mv /usr/sbin/hostapd /usr/sbin/hostapd.bak
sudo mv hostapd /usr/sbin/hostapd.edimax
sudo ln -sf /usr/sbin/hostapd.edimax /usr/sbin/hostapd
sudo chown root.root /usr/sbin/hostapd
sudo chmod 755 /usr/sbin/hostapd

That should do it. Plug in the Ethernet cable and reboot  your pi and you should be good to go.