I have a QNAP QSW-M408-4C and I was wondering what the serial console port was used for, especially since it wasn’t documented anywhere. Well it turns out it’s a full TTY in LEDE Linux. Thanks to u/sinisterpisces’s post who inspired me to find out more about it.
- You will need a Cisco compatible RJ45 Console Port to Serial/USB adapter
Connecting via Serial
- Install PuTTY, this is probably also possible to do with PowerShell, but I don’t know how.
- In PuTTY, set the ‘Connection Type’ to “Serial”
- Find the COM port in Device Manager under ‘Ports (COM & LPT)’
- Back to PuTTY, set the ‘Serial Line’ to the COM port you found
- Set the ‘Speed’ to 115200
- Install screen (It’s often already installed)
ls /dev/tty*to find the Serial Adapter (usually starts with /dev/ttyUSB or /dev/ttyS)
screen [adapter path] 115200to connect
- Press enter then enter the same username and password used for the web interface
- When logging out type
exitto quit the session
There’s multiple scripts just lying around on the switch that can be used for various things. You can find them all with
find / -name *.sh.
Here’s a clean list:
[email protected]:/admin# ls /usr/bin/*.sh /bin/*.sh /sbin/*.sh /etc/*.sh /bin/ipcalc.sh /usr/bin/firmware_update.sh /etc/diag.sh /usr/bin/genenvs.sh /etc/reg_boardinfo.sh /usr/bin/isscli.sh /etc/setvlans.sh /usr/bin/issip.sh /etc/start_service.sh /usr/bin/issnet2tap.sh /sbin/fan_ctrl.sh /usr/bin/isspass.sh /sbin/led.sh /usr/bin/issswname.sh /sbin/prepare_system.sh /usr/bin/luacli.sh /sbin/qsw_fwupgrade.sh /usr/bin/runisscmd.sh /usr/bin/evdisp.sh /usr/bin/setmode.sh /usr/bin/event.sh /usr/bin/sys_stat.sh
Here’s a few of the ones I’ve looked at:
sys_stat.shGets/sets fan speeds, temp, rtc, leds, memory, reset, i2c, and mode (
isscli.shUses some hidden API on tcp://localhost:6023 (Blocked by iptables)
isspass.shSets the UI Password using said API using the MAC Address as the old password
reg_boardinfo.shSets MAC, Serial and Model (I think)
led.shSelf explanatory but doesn’t seem to work
The switch seems to have SSH enabled by default but it’s blocked by
iptables, here’s how to unblock it:
iptables -L INPUT 2and you should get
DROP tcp -- anywhere anywhere tcp dpt:ssh
- If you do type
iptables -D INPUT 2
- If you don’t type
iptables -L INPUT --line-numbers | grep sshthen
iptables -D INPUT [line number]
- I don’t believe this will unblock it permanently but tell me if it does
Enabling the API
The switch uses this API on port 6023 internally but unless you want to create your own management interface on another computer there isn’t much point, in fact this is kind of a security hole so don’t do it unless you have a good reason:
- Do the same as SSH but grep port 6023, it’s line 3 for me.
To install packages with
opkg install <package>I installed htop since it wasn’t installed for me
There’s also some extra VLAN config in
/etc/iss_vlan.txt that might let you tag VLAN 1.