Posted by hans2 on Apr 20, 2016; 6:47pm
URL: https://itus.accessinnov.com/Shield-Beginners-guide-tp754.html

hi

if you're new to Shield / haven't used it for a while, please read this:

Documentation

In the Tutorials section, there are a bunch of original Itus documents/guides that you should read, especially the Shield Admin Guide.

Below you will find links to instructions how to upgrade your shield. My recommendation is to
1) setup shield following the admin guide in either Router or Bridge mode.
2) make sure to activate the "advanced mode".
3) have a working SSH connection (dropbear instance setup)
4) and a working internet connection

before you upgrade Shield.

Working with Shield will require some basic Linux/OpenWRT knowledge. Please check these sites: OpenWRT CLI and Linux for beginners 

Do NOT use Shield in [G]ateway mode - Itus has never fully developed this setup and not many users have reported it to work successfully!

Software & tools

While the browser interface (sometimes called LuCI) can handle most actions, you will probably need to transfer files or have command line access (also called CLI) using a SSH connection.

Please check the custom tools section on some commonly used software in combination with Shield.

Putty   : Access to the command line (CLI)
WinSCP : Transfer files from/to shield, change access rights and file ownership

Terminal cable

The development of Shield is not as mature as the over-the-counter solutions for a router/firewall/wifi that you can buy in Walmart or on Amazon. Sometimes Shield won't fully boot at all (= no web interface available), in that case a terminal cable in combination with Putty will help solving your problem.
Here is a link on how to buy a terminal cable: http://itus.accessinnov.com/Console-cable-411-td140.html

Upgrading Shield software

Originally ITUS released version 1.0 or RC2 on shipped devices. However they released a more stable version in November 2015, namely 1.51SP1. This should be your starting point for Shield.

To check your version, connect to shield (https://10.10.10.10 (switch in [R]outer) or https://x.y.z.111 (switch in [B]ridge) or https://shield.lan (both) . On the bottom of the page, it will show you the major software version.

If it is not 1.51 SP1 - please check http://itus.accessinnov.com/Upgrade-to-1-51SP1-td10.html for instructions how to upgrade.

Updating shield detection filters

The final key step is make sure that the detection filters are updated regularly. This is done via a script called fw_upgrade which needs to be replaced with a version that works without Itus. Please check fw_upgrade v8.2 for the latest version.

(Note: the link above may change due to active development. Please check for FW_Upgrade version 8.x recent postings by Roadrunner42 )

Scheduled Tasks

Shield has several tasks scheduled to update the time and the ISP filter definitions. Some of these tasks are scheduled too often (every 10 minutes) for no reason. These tasks are scheduled using a cronjob, if you want to learn more, please check here.

In LuCI go to System > Scheduled tasks you can replace it with the following:

# daily at 01:00 - upgrade IPS rules
0 1 * * * sh /sbin/fw_upgrade
# daily at 00:00 - sync clock
0 0 * * * /usr/sbin/ntpclient -s -p 123 -h 0.us.pool.ntp.org || /etc/init.d/ntpclient restart

press save&apply when done.

The "sync.clock" task is now using an US based time clock. Check NTP.ORG for more localized servers in your area.

What is next?

 Great, at this point your Shield is at 1.51SP1 and you have the latest upgrade script. Internet should be working now with Shield in either router or gateway mode.  

If you want you can install hotfixes to solve or improve minor things.

Problems

 If you have problems, don't hesitate to ask for help on this forum. Probably some of us has encountered your problem before.