Use tcpdump to save wireless bridge

For campGND we need to extend a wireless network about 500m from the farm down to the site. We have been trying to salvage some equipment but where having trouble getting control of a pair of Senao wireless bridges (Senao Long Rage Multi-Client Bridge).

The devices has previously been configured by someone else to bridge a network between two buildings. Problem being we have no idea how these boxes have been setup. Looking online there was nothing helpful about factory resetting these boxes unless you already had access.

I decided to put a box on our ethernet and use tcpdump to scan for any traffic coming from the MAC Address on the bottom of the bridge.

# tcpdump -e -i en0 ether src 00:02:6F:45:C9:83

After a reboot of bridge the following appeared in my terminal.

115:48:15.741750 00:02:6f:45:c9:83 (oui Unknown) > Broadcast, ethertype ARP (0x0806), length 60: Request who-has 10.0.2.66 tell 10.0.2.1, length 46

Bingo, exactly what I was looking for. That arp request tells us where the bridge thinks it is 10.0.2.1 .

Now I could navigate to the bridges web interface, but I was still locked out. I read through the manufactures guide for the bridge, but I still couldn't see anything that looked like a factory reset. The guide did mention that the default ip for the bridge was 192.168.1.1 and it used a admin:admin as the login.

I decided to try powering on the bridge with the hardware button held down. I left tcpdump running so if there was any change on the bridges interface. I held down the reset switch and powered the bridge on, counting to 30 seconds. I then toggled the power and finally saw

15:48:17.750222 00:02:6f:45:c9:83 (oui Unknown) > Broadcast, ethertype ARP (0x0806), length 60: Request who-has 192.168.1.66 tell 192.168.1.1, length 46

The bridge had reset to the factory default.