wifimngr: 17.4.0

libvoice-d2-1.1.14: Don't report DTMF events detected by DSP for DECT

bbfdm/Config_bbfdmd.in

@@ -1,7 +1,7 @@
-if PACKAGE_libbbfdm
-config BBF_VENDOR_LIST
-	string "Vendor List"
-	default "iopsys"
+if PACKAGE_bbfdmd
+config BBF_VENDOR_EXTENSION
+	bool "Enable Vendor Extension"
+	default y
 
 config BBF_VENDOR_PREFIX
 	string "Vendor Prefix"

bbfdm/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bbfdm
-PKG_VERSION:=1.9.5
+PKG_VERSION:=1.12.6
 
 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=6730d2784bbac93d87705db83a5157eaeb436f7d
+PKG_SOURCE_VERSION:=0a33d96b693ac5cc34ba57f6fd53417d6eaeac61
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -32,21 +32,28 @@ define Package/libbbfdm-api
   ABI_VERSION:=1.0
 endef
 
-define Package/libbbfdm
+define Package/libbbfdm-ubus
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
-  TITLE:=Library for broadband forum data model support
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libopenssl
-  MENU:=1
+  TITLE:=BBF datamodel ubus library, provides API to expose datamodel over ubus
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api
 endef
 
 define Package/bbfdmd
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
-  TITLE:=Datamodel ubus backend
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq +bbf_configmngr
+  TITLE:=Datamodel ubus backend to expose core tree
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libopenssl +libbbfdm-ubus +bbf_configmngr
+endef
+
+define Package/dm-service
+  SECTION:=utils
+  CATEGORY:=Utilities
+  SUBMENU:=TRx69
+  TITLE:=Datamodel ubus backend to expose micro-service tree
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libbbfdm-ubus +bbf_configmngr
 endef
 
 define Package/bbf_configmngr
@@ -55,11 +62,10 @@ define Package/bbf_configmngr
   SUBMENU:=TRx69
   TITLE:= BBF Config Manager
   DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
-  MENU:=1
 endef
 
-define Package/libbbfdm/config
-	source "$(SOURCE)/Config_bbfdm.in"
+define Package/bbfdmd/config
+	source "$(SOURCE)/Config_bbfdmd.in"
 endef
 
 define Package/bbf_configmngr/config
@@ -70,8 +76,16 @@ define Package/libbbfdm-api/description
  Library contains the API(UCI, UBUS, JSON, CLI and Browse) of libbbfdm
 endef
 
-define Package/libbbfdm/description
- Library contains the data model tree, It includes basic TR181 nodes.
+define Package/libbbfdm-ubus/description
+ Library contains the APIs to expose data model over ubus
+endef
+
+define Package/bbfdmd/description
+ Daemon to expose Datamodel core tree
+endef
+
+define Package/dm-service/description
+ Daemon to expose Datamodel micro-service tree
 endef
 
 define Package/bbf_configmngr/description
@@ -85,70 +99,68 @@ endef
 endif
 
 CMAKE_OPTIONS += \
-	-DBBF_TR181=ON
-
-CMAKE_OPTIONS += \
-	-DBBF_VENDOR_LIST:String="$(CONFIG_BBF_VENDOR_LIST)" \
 	-DBBF_VENDOR_PREFIX:String="$(CONFIG_BBF_VENDOR_PREFIX)" \
-	-DBBF_MAX_OBJECT_INSTANCES:Integer=$(CONFIG_BBF_MAX_OBJECT_INSTANCES)
-
-ifeq ($(CONFIG_PACKAGE_bbfdmd),y)
-CMAKE_OPTIONS += \
+	-DBBF_MAX_OBJECT_INSTANCES:Integer=$(CONFIG_BBF_MAX_OBJECT_INSTANCES) \
 	-DBBFDMD_MAX_MSG_LEN:Integer=10485760
-endif
 
 define Package/libbbfdm-api/install
 	$(INSTALL_DIR) $(1)/lib
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/lib/
+
 	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
 	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
 	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
-	$(INSTALL_DIR) $(1)/etc/bbfdm
+
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_api $(1)/usr/share/bbfdm/scripts/
+
 	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
 	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
 endef
 
-define Package/libbbfdm/install
+define Package/libbbfdm-ubus/install
 	$(INSTALL_DIR) $(1)/lib
-	$(INSTALL_DIR) $(1)/etc/bbfdm
-	$(INSTALL_DIR) $(1)/etc/bbfdm/dmmap
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/usr/share/bbfdm/libbbfdm.so
-	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
-	$(INSTALL_BIN) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/95-portmap-firewall
-	$(INSTALL_BIN) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/97-firewall-service
-	$(INSTALL_BIN) ./files/etc/uci-defaults/99-link-core-plugins $(1)/etc/uci-defaults/99-link-core-plugins
-	$(INSTALL_BIN) ./files/etc/uci-defaults/90-remove-nonexisting-microservices $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/firewall.portmap $(1)/etc/firewall.portmap
-	$(INSTALL_BIN) ./files/etc/firewall.service $(1)/etc/firewall.service
-ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
-	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/iopsys/libbbfdm_iopsys_ext.so $(1)
-endif
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm/scripts/
-endef
-
-define Package/libbbfdm/prerm
-	#!/bin/sh
-	rm -rf /etc/bbfdm/dmmap/*
-	exit 0
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-ubus/libbbfdm-ubus.so $(1)/lib/
 endef
 
 define Package/bbfdmd/install
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
+	$(INSTALL_DIR) $(1)/etc/bbfdm/dmmap
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm
+
 	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/bbfdm
+	$(INSTALL_CONF) ./files/etc/config/bbfdm $(1)/etc/config/bbfdm
+	$(INSTALL_CONF) ./files/etc/config/schedules $(1)/etc/config/schedules
+
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bbfdmd/ubus/bbfdmd $(1)/usr/sbin/
-	$(INSTALL_DATA) ./files/etc/bbfdm/input.json $(1)/etc/bbfdm/
+
+	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/etc/init.d/bbfdmd $(1)/etc/init.d/bbfdmd
-	$(INSTALL_BIN) ./files/etc/init.d/bbfdm.services $(1)/etc/init.d/
-	$(INSTALL_CONF) ./files/etc/config/bbfdm $(1)/etc/config/bbfdm
+
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
 	$(INSTALL_BIN) ./files/etc/hotplug.d/iface/85-bbfdm-sysctl $(1)/etc/hotplug.d/iface/85-bbfdm-sysctl
+	
+	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
+	
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
+
+ifeq ($(CONFIG_BBF_VENDOR_EXTENSION),y)
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/vendor/vendor.json $(1)
+endif
+
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_activate_handler.sh $(1)/usr/share/bbfdm/scripts/
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_check_idle.sh $(1)/usr/share/bbfdm/scripts/
+endef
+
+define Package/dm-service/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/etc/init.d/bbfdm.services $(1)/etc/init.d/
+
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dm-service/dm-service $(1)/usr/sbin/
 endef
 
 define Package/bbf_configmngr/install
@@ -164,15 +176,26 @@ ifeq ($(CONFIG_BBF_CONFIGMNGR_SCRIPT_BACKEND),y)
 endif
 endef
 
+define Package/bbfdmd/prerm
+	#!/bin/sh
+	rm -rf /etc/bbfdm/dmmap/*
+	exit 0
+endef
+
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/include/libbbfdm-api
+	$(INSTALL_DIR) $(1)/usr/include/libbbfdm-ubus
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbfdm-api/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-ubus/bbfdm-ubus.h $(1)/usr/include/libbbfdm-ubus/
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/*.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/usr/lib
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-ubus/libbbfdm-ubus.so $(1)/usr/lib
 endef
 
 $(eval $(call BuildPackage,bbf_configmngr))
 $(eval $(call BuildPackage,libbbfdm-api))
-$(eval $(call BuildPackage,libbbfdm))
+$(eval $(call BuildPackage,libbbfdm-ubus))
 $(eval $(call BuildPackage,bbfdmd))
+$(eval $(call BuildPackage,dm-service))

bbfdm/files/etc/bbfdm/input.json

@@ -1,28 +0,0 @@
-{
-        "daemon": {
-                "config": {
-                },
-                "input": {
-                        "type": "DotSo",
-                        "name": "/usr/share/bbfdm/libbbfdm.so",
-                        "plugin_dir": "/usr/share/bbfdm/plugins"
-                },
-                "output": {
-                        "type": "UBUS",
-                        "name": "bbfdm"
-                }
-        },
-        "cli": {
-                "config": {
-                        "proto": "both",
-                        "instance_mode": 0
-                },
-                "input": {
-                        "type": "UBUS",
-                        "name": "bbfdm"
-                },
-                "output": {
-                        "type": "CLI"
-                }
-        }
-}

bbfdm/files/etc/config/bbfdm

@@ -1,11 +1,8 @@
 config bbfdmd 'bbfdmd'
 	option enable '1'
-	option loglevel '1'
-	option refresh_time '120'
-	option transaction_timeout '30'
-	option subprocess_level '2'
+	option debug '0'
+	option loglevel '3'
 
 config micro_services 'micro_services'
 	option enable '1'
 	option enable_core '0'
-	option enable_respawn '1'

bbfdm/files/etc/config/schedules

@@ -0,0 +1,2 @@
+config global 'global'
+	option enable '1'

bbfdm/files/etc/init.d/bbf_configd

@@ -1,15 +1,25 @@
 #!/bin/sh /etc/rc.common
 
-START=64
+START=80
 STOP=10
 
 USE_PROCD=1
 PROG=/usr/sbin/bbf_configd
 
+create_needed_directories()
+{
+	mkdir -p /tmp/bbfdm/.cwmp
+	mkdir -p /tmp/bbfdm/.usp
+	mkdir -p /tmp/bbfdm/.bbfdm
+}
+
 start_service()
 {
+	create_needed_directories
+
 	procd_open_instance "bbf_configd"
 	procd_set_param command ${PROG}
+	#procd_append_param command -d
 	procd_set_param respawn
 	procd_close_instance "bbf_configd"
 }

bbfdm/files/etc/init.d/bbfdm.services

@@ -1,10 +1,10 @@
 #!/bin/sh /etc/rc.common
 
-START=40
+START=85
 STOP=8
 
 USE_PROCD=1
-PROG=/usr/sbin/bbfdmd
+PROG=/usr/sbin/dm-service
 
 BBFDM_MICROSERVICE_DIR="/etc/bbfdm/micro_services"
 
@@ -18,33 +18,38 @@ validate_bbfdm_micro_service_section()
 {
 	uci_validate_section bbfdm micro_services "micro_services" \
 		'enable:bool:true' \
-		'enable_core:bool:false' \
-		'enable_respawn:bool:true'
+		'enable_core:bool:false'
 }
 
 _add_microservice()
 {
-	local name path
-	local enable enable_core enable_respawn
+	local name path loglevel
+	local enable enable_core
 
 	# Check enable from micro-service
 	path="${1}"
-	enable_respawn="${2}"
-	enable_core="${3}"
+	enable_core="${2}"
 
 	name="$(basename ${path})"
 	name="${name//.json}"
 
-	enable="$(jq -r '.daemon.enable//1' ${path})"
+	json_load_file "${path}"
+	json_select daemon
+
+	json_get_var enable enable 1
 	if [ "${enable}" -eq "0" ]; then
 		log "datamodel micro-service ${name} not enabled"
 		return 0
 	fi
+	
+	json_select config
+	json_get_var loglevel loglevel 3
 
 	procd_open_instance "${name}"
 
 	procd_set_param command ${PROG}
 	procd_append_param command -m "${name}"
+	procd_append_param command -l "${loglevel}"
 
 	if [ "${enable_core}" -eq "1" ]; then
 		procd_set_param limits core="unlimited"
@@ -52,15 +57,13 @@ _add_microservice()
 		procd_set_param stderr 1
 	fi
 
-	if [ "${enable_respawn}" -eq "1" ]; then
-		procd_set_param respawn "3600" "5" "5"
-	fi
+	procd_set_param respawn
 	procd_close_instance "${name}"
 }
 
 configure_bbfdm_micro_services()
 {
-	local enable enable_core enable_respawn
+	local enable enable_core
 
 	config_load bbfdm
 	validate_bbfdm_micro_service_section || {
@@ -77,7 +80,7 @@ configure_bbfdm_micro_services()
 		do
 			[ -e "$file" ] || continue
 
-			_add_microservice $file "${enable_respawn}" "${enable_core}"
+			_add_microservice $file "${enable_core}"
 		done
 	fi
 }
@@ -92,7 +95,7 @@ _start_single_service()
 		file="$(ls -1 ${BBFDM_MICROSERVICE_DIR}/${service}.json)"
 		[ -e "$file" ] || return
 
-		_add_microservice $file "0" "0"
+		_add_microservice $file "0"
 	fi
 }
 

bbfdm/files/etc/init.d/bbfdmd

@@ -1,14 +1,11 @@
 #!/bin/sh /etc/rc.common
 
-START=65
+START=90
 STOP=10
 
 USE_PROCD=1
 PROG=/usr/sbin/bbfdmd
 
-BBFDM_JSON_INPUT="/etc/bbfdm/input.json"
-BBFDM_TEMP_DIR="/tmp/bbfdm"
-
 . /usr/share/libubox/jshn.sh
 
 log() {
@@ -19,17 +16,13 @@ validate_bbfdm_bbfdmd_section()
 {
 	uci_validate_section bbfdm bbfdmd "bbfdmd" \
 		'enable:bool:true' \
-		'sock:string' \
 		'debug:bool:false' \
-		'loglevel:uinteger:1' \
-		'refresh_time:uinteger:0' \
-		'transaction_timeout:uinteger:30' \
-		'subprocess_level:uinteger'
+		'loglevel:uinteger:3'
 }
 
 configure_bbfdmd()
 {
-	local enable debug sock
+	local enable debug
 	local jlog jrefresh jtimeout jlevel
 
 	config_load bbfdm
@@ -40,25 +33,17 @@ configure_bbfdmd()
 
 	[ "${enable}" -eq 0 ] && return 0
 
-	if [ -f "${BBFDM_JSON_INPUT}" ]; then
-		echo "$(jq --arg log ${loglevel} --arg tran ${transaction_timeout} --arg refresh ${refresh_time} --arg level ${subprocess_level} '.daemon.config += {"loglevel": $log, "refresh_time": $refresh, "transaction_timeout": $tran, "subprocess_level": $level}' ${BBFDM_JSON_INPUT})" > "${BBFDM_TEMP_DIR}/input.json"
-	fi
-
 	procd_set_param command ${PROG}
+	procd_append_param command -l "${loglevel}"
+
 	if [ "${debug}" -eq 1 ]; then
 		procd_set_param stdout 1
 		procd_set_param stderr 1
 	fi
-
-	if [ -f "${sock}" ]; then
-		procd_append_param command -s "${sock}"
-	fi
 }
 
 start_service()
 {
-	mkdir -p ${BBFDM_TEMP_DIR}
-
 	procd_open_instance "bbfdm"
 	configure_bbfdmd
 	procd_set_param respawn

bbfdm/files/etc/uci-defaults/90-remove-nonexisting-microservices

@@ -1,18 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-
-remove_nonexisting_microservice() {
-	local input_json
-
-	config_get input_json "$1" input_json ""
-
-	if [ -z "${input_json}" ]; then
-		uci_remove bbfdm "${1}"
-	fi
-}
-
-config_load bbfdm
-config_foreach remove_nonexisting_microservice "micro_service"
-
-exit 0
-

bbfdm/files/etc/uci-defaults/99-link-core-plugins

@@ -1,34 +0,0 @@
-#!/bin/sh
-
-UNIFIED_PATH="/usr/share/bbfdm/plugins/"
-
-log() {
-	echo "$@" | logger -t bbfdm.uci-default -p info
-}
-
-# Link JSON plugins
-for f in `ls -1 /etc/bbfdm/json/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link DotSo plugins
-for f in `ls -1 /usr/lib/bbfdm/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link JSON plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link DotSo plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-exit 0
-

bbfdm/tools/bbfdm.sh

@@ -2,7 +2,7 @@
 
 BBFDM_BASE_DM_PATH="usr/share/bbfdm"
 BBFDM_INPUT_PATH="etc/bbfdm/micro_services"
-INPUT_TEMPLATE='{"daemon":{"enable":"1","service_name":"template","config":{"loglevel":"1"}}}'
+INPUT_TEMPLATE='{"daemon":{"enable":"1","service_name":"template","config":{"loglevel":"3"}}}'
 OUT_NAME=""
 
 MICRO_SERVICE=0

bulkdata/Makefile

@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.10
+PKG_VERSION:=2.1.12
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=e472e90feec31d9f318ea8c732ab564002e25db1
+PKG_SOURCE_VERSION:=1c780a8a8f7b5b49aba394da5cfe5ccb10c28652
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

bulkdata/files/etc/init.d/bulkdatad

@@ -12,12 +12,21 @@ start_service() {
 	config_load bulkdata
 	config_get_bool enable bulkdata enable 1
 
-	[ "$enable" -eq "1" ] && {
+	if [ ! -f "/var/state/bulkdatad" ]; then
+		touch /var/state/bulkdatad
+		uci -q -c /var/state set bulkdatad.global='global'
+		uci -q -c /var/state commit bulkdatad
+	fi
+
+	if [ "$enable" -eq "1" ]; then
 		procd_open_instance "bulkdata"
 		procd_set_param command "$PROG"
 		procd_set_param respawn
 		procd_close_instance "bulkdata"
-	}
+	else
+		uci -q -c /var/state set bulkdatad.global.status='Disabled'
+		uci -q -c /var/state commit bulkdatad
+	fi
 }
 
 reload_service() {

ddnsmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ddnsmngr
-PKG_VERSION:=1.0.7
+PKG_VERSION:=1.0.8
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
-PKG_SOURCE_VERSION:=4b0c679c4dc3e3725de5c0c55ed60f24b87c6edd
+PKG_SOURCE_VERSION:=68c54ad5b537a7dfff7c939707bfe8f1a3023c46
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

decollector/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=decollector
-PKG_VERSION:=6.0.0.13
+PKG_VERSION:=6.1.0.0
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d75639d9ae82538103123b32fc0de9280e84cabb
+PKG_SOURCE_VERSION:=2efa50c2bb5b8d5ed3e72c27395a7f2516bcbd44
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

dectmngr/Makefile

@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dectmngr
 PKG_RELEASE:=3
-PKG_VERSION:=3.6.6
+PKG_VERSION:=3.6.9
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/dectmngr.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=85c173d1fac535726b2e750be8c282b74fb7dbca
+PKG_SOURCE_VERSION:=c5254120c2c8b43936e2f9f4f9a3827784d60a43
 PKG_MIRROR_HASH:=skip
 endif
 

dhcpmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dhcpmngr
-PKG_VERSION:=1.0.2
+PKG_VERSION:=1.0.3
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dhcpmngr.git
-PKG_SOURCE_VERSION:=4c89a3f12686343e3cca23819255744ac06dfb22
+PKG_SOURCE_VERSION:=93f756f80a9391afd9b01f2608e031c4db3ca48b
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -28,7 +28,9 @@ define Package/dhcpmngr
   SECTION:=net
   CATEGORY:=Network
   TITLE:=Package to add Device.DHCPv4 and v6 data model support.
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +dnsmasq
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +odhcpd
+  DEPENDS+=+DNSMNGR_DNS_SD:umdns
+  DEPENDS+=+DNSMNGR_BACKEND_DNSMASQ:dnsmasq
 endef
 
 define Package/dhcpmngr/description
@@ -44,6 +46,10 @@ endif
 define Package/dhcpmngr/install
 	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_lease_start_time.user $(1)/etc/udhcpc.user.d/udhcpc_lease_start_time.user
+ifeq ($(CONFIG_DNSMNGR_BACKEND_UNBOUND),y)
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(INSTALL_DATA) ./files/etc/uci-defaults/unbound.odhcpd.uci_default $(1)/etc/uci-defaults/16-set-unbound-as-odhcpd-leasetrigger
+endif
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdhcpmngr.so $(1) $(PKG_NAME)
 endef
 

dhcpmngr/files/etc/uci-defaults/unbound.odhcpd.uci_default

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+# update odhcpd uci to use unbound's script as leasetrigger
+uci -q get dhcp.odhcpd >/dev/null 2>&1 && {
+	maindhcp="$(uci -q get dhcp.odhcpd.maindhcp)"
+
+	# if odhcpd is the main dhcp
+	[ "$maindhcp" = "1" ] || [ "$maindhcp" = "true" ] || [ "$maindhcp" = "on" ] && {
+		# if unbound daemon and unbound script file is present
+		[ -e /usr/lib/unbound/odhcpd.sh ] && [ -e /usr/sbin/unbound ] && {
+			# then set unbound script as leasetrigger in dhcp UCI
+			uci -q set dhcp.odhcpd.leasetrigger='/usr/lib/unbound/odhcpd.sh'
+			uci commit dhcp
+		}
+	}
+}
+
+exit 0

dnsmngr/Config.in

@@ -0,0 +1,30 @@
+if PACKAGE_dnsmngr
+
+menu "Configuration"
+
+config DNSMNGR_DNS_SD
+	bool "Include Device.DNS.SD. TR-181 support"
+	default y
+	help
+	   Set this option to include support for TR-181 DNS.SD. object.
+
+choice
+	prompt "Select backend for DNS management"
+	default DNSMNGR_BACKEND_DNSMASQ
+	depends on PACKAGE_dnsmngr
+	help
+		Select which backend daemon to use for DNS
+
+config DNSMNGR_BACKEND_DNSMASQ
+	bool "Use dnsmasq for dns and dhcp"
+	help
+	   Enable this option to use dnsmasq + odhcpd for dns and dhcp.
+
+config DNSMNGR_BACKEND_UNBOUND
+	bool "Use unbound with odhcpd-full for dns and dhcp"
+	help
+	   Enable this option to use unbound + odhcpd for dns and dhcp.
+
+endchoice
+endmenu
+endif

dnsmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmngr
-PKG_VERSION:=1.0.6
+PKG_VERSION:=1.0.10
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dnsmngr.git
-PKG_SOURCE_VERSION:=03d8d79c1221adb92b5789c03e2489d26c6ae184
+PKG_SOURCE_VERSION:=dd7a285798b48e199f5e5d90d9c20cb5e0c14888
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -27,23 +27,47 @@ MAKE_PATH:=src
 define Package/dnsmngr
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +dnsmasq +umdns
-  TITLE:=Package to add Device.DNS. datamodel support
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +odhcpd
+  DEPENDS+=+DNSMNGR_DNS_SD:umdns
+  DEPENDS+=+DNSMNGR_BACKEND_DNSMASQ:dnsmasq
+  DEPENDS+=+DNSMNGR_BACKEND_UNBOUND:unbound-daemon +DNSMNGR_BACKEND_UNBOUND:unbound-control
+  TITLE:=Package to configure DNS backend and TR-181 support
 endef
 
 define Package/dnsmngr/description
-  Package to add Device.DNS. datamodel support.
+  Package to configure DNS backend and TR-181 support.
 endef
 
+define Package/$(PKG_NAME)/config
+	source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(CONFIG_DNSMNGR_DNS_SD),y)
+define Build/Compile
+	$(call Build/Compile/Default,all)
+endef
+else
+define Build/Compile
+	$(call Build/Compile/Default,dns)
+endef
+endif
+
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/dnsmngr/* $(PKG_BUILD_DIR)/
 endef
 endif
 
+ifeq ($(CONFIG_DNSMNGR_BACKEND_DNSMASQ),y)
+        TARGET_CFLAGS += -DDNSMASQ_BACKEND
+endif
+
 define Package/dnsmngr/install
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdnsmngr.so $(1) $(PKG_NAME)
 	$(BBFDM_INSTALL_SCRIPT) -d $(PKG_BUILD_DIR)/scripts/nslookup $(1)
+ifeq ($(CONFIG_DNSMNGR_DNS_SD),y)
+	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libdns_sd.so $(1) $(PKG_NAME)
+endif
 endef
 
 $(eval $(call BuildPackage,dnsmngr))

dslmngr/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dslmngr
-PKG_VERSION:=1.2.5
+PKG_VERSION:=1.2.8
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
-PKG_SOURCE_VERSION:=4a6f6f829006e481eeb20bcb121f7938d12c60ec
+PKG_SOURCE_VERSION:=5340cb31f759301f5aca3fd848fc3a63b0b4663f
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip

ebtables-extensions/Makefile

@@ -6,13 +6,13 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ebtables-extensions
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.4
 PKG_LICENSE:=GPL-2.0
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d3de8b0ac52ce9f96ef5a0a6277a6730879fc793
+PKG_SOURCE_VERSION:=35fb79f95c47d90e3791c7e126048b451f078f24
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ebtables-extensions.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

firewallmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=firewallmngr
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.5
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
-PKG_SOURCE_VERSION:=d4bdd162cf37b3373df2448a70dcb4fbc1113535
+PKG_SOURCE_VERSION:=94246676dc2e2db29b94fcffec1be3cee3ec8e9f
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -53,15 +53,21 @@ endif
 
 define Package/firewallmngr/install
 	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
 ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
 	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/lib/port-trigger
 
 	$(INSTALL_BIN) ./files/port-trigger/etc/init.d/port-trigger $(1)/etc/init.d/
 	$(INSTALL_DATA) ./files/port-trigger/etc/config/port-trigger $(1)/etc/config/
 	$(INSTALL_DATA) ./files/port-trigger/lib/port-trigger/port_trigger.sh $(1)/lib/port-trigger/
 endif
+	$(INSTALL_BIN) ./files/firewall.portmap $(1)/etc/
+	$(INSTALL_DATA) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/
+
+	$(INSTALL_BIN) ./files/firewall.service $(1)/etc/
+	$(INSTALL_DATA) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/
+
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
 endef
 

fluent-bit/Makefile

@@ -1,18 +1,19 @@
 #
-# Copright (C) 2018 The Internet Foundation In Sweden
+# Copyright (C) 2024 IOPSYS
 #
 
 include $(TOPDIR)/rules.mk
 
-PKG_NAME:=fluentbit
-PKG_VERSION:=1.0.0
-PKG_RELEASE:=1
+PKG_NAME:=fluent-bit
+PKG_VERSION:=3.1.0
+PKG_RELEASE:=$(AUTORELEASE)
 
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit.git
-PKG_SOURCE_VERSION:=v3.0.5
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit/archive/v$(PKG_VERSION)
+PKG_HASH:=7a49e110cf3050b6c29c911063494b8081f3c743274d1d95e52562d0476ba1eb
+endif
 
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE
@@ -20,25 +21,32 @@ PKG_LICENSE_FILES:=LICENSE
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 
-define Package/fluentbit
+define Package/fluent-bit
 	CATEGORY:=Utilities
-	DEPENDS:= +libyaml +libopenssl +libcurl +libatomic +musl-fts
-	TITLE:=FluentBit
+	DEPENDS:= +libyaml +libopenssl +libcurl +libatomic +musl-fts +flex +bison
+	TITLE:=Fluent-Bit
+	URL:=https://fluentbit.io/
 endef
 
-define Package/fluentbit/description
+define Package/fluent-bit/description
 	Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
 endef
 
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+        $(CP) -rf ./fluent-bit/* $(PKG_BUILD_DIR)/
+endef
+endif
+
 # General options
-TARGET_LDFLAGS+=-lfts -latomic
+TARGET_LDFLAGS +=-lfts -latomic
 
 CMAKE_OPTIONS+= \
 	-DFLB_RELEASE=Yes \
-	-DFLB_SMALL=Yes \
+	-DFLB_SMALL=No \
 	-DEXCLUDE_FROM_ALL=true \
-	-DBUILD_SHAREDD_LIBS=Yes \
-	-DFLB_DEBUG=No \
+	-DFLB_SHARED_LIBS=Yes \
+	-DFLB_DEBUG=Yes \
 	-DFLB_ALL=No \
 	-DFLB_JEMALLOC=No \
 	-DFLB_EXAMPLES=No \
@@ -156,10 +164,12 @@ CMAKE_OPTIONS += \
 	-DFLB_OUT_CHRONICLE=No \
 	-DFLB_OUT_PGSQL=No
 
-define Package/fluentbit/install
-	$(INSTALL_DIR) $(1)/etc/init.d
+define Package/fluent-bit/install
 	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/fluent-bit
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/fluent-bit $(1)/usr/sbin/
+	$(INSTALL_DATA) ./files/fluent-bit.conf $(1)/etc/fluent-bit/fluent-bit.conf
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/conf/parsers.conf $(1)/etc/fluent-bit/parsers.conf
 endef
 
-$(eval $(call BuildPackage,fluentbit))
+$(eval $(call BuildPackage,fluent-bit))

fluent-bit/files/fluent-bit.conf

@@ -0,0 +1,15 @@
+[SERVICE]
+    flush           3
+    daemon          Off
+    log_level       info
+    parsers_file    /etc/fluent-bit/parsers.conf
+
+[INPUT]
+    name            syslog
+    tag             syslog
+    path            /dev/log
+
+[OUTPUT]
+    name            null
+    match           *
+

fluent-bit/patches/0001-fix_out_file_plugin.patch

@@ -0,0 +1,14 @@
+diff --git a/plugins/out_file/file.c b/plugins/out_file/file.c
+index 2e47c9666..42ace24c6 100644
+--- a/plugins/out_file/file.c
++++ b/plugins/out_file/file.c
+@@ -45,6 +45,9 @@
+ #define NEWLINE "\n"
+ #endif
+ 
++#undef PATH_MAX
++#define PATH_MAX 256
++
+ struct flb_file_conf {
+     const char *out_path;
+     const char *out_file;

fluent-bit/patches/0002-add_hostname_to_log_dump.patch

@@ -0,0 +1,45 @@
+diff --git a/plugins/out_file/file.c b/plugins/out_file/file.c
+index 2e47c9666..95d28e438 100644
+--- a/plugins/out_file/file.c
++++ b/plugins/out_file/file.c
+@@ -27,6 +27,7 @@
+ #include <msgpack.h>
+ 
+ #include <stdio.h>
++#include <unistd.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>
+@@ -55,6 +56,7 @@ struct flb_file_conf {
+     int csv_column_names;
+     int mkdir;
+     struct flb_output_instance *ins;
++    char hostname[256];
+ };
+ 
+ static char *check_delimiter(const char *str)
+@@ -141,6 +143,9 @@ static int cb_file_init(struct flb_output_instance *ins,
+         }
+     }
+ 
++    if (gethostname(ctx->hostname, sizeof(ctx->hostname)) != 0)
++	    snprintf(ctx->hostname, sizeof(ctx->hostname), "%s", "localhost");
++
+     tmp = flb_output_get_property("delimiter", ins);
+     ret_str = check_delimiter(tmp);
+     if (ret_str != NULL) {
+@@ -233,12 +238,8 @@ static int template_output_write(struct flb_file_conf *ctx,
+     int i;
+     msgpack_object_kv *kv;
+ 
+-    /*
+-     * Right now we treat "{time}" specially and fill the placeholder
+-     * with the metadata timestamp (formatted as float).
+-     */
+-    if (!strncmp(key, "time", size)) {
+-        fprintf(fp, "%f", flb_time_to_double(tm));
++    if (!strncmp(key, "hostname", size)) {
++        fprintf(fp, "%s", ctx->hostname);
+         return 0;
+     }
+ 

icwmp/Config.in

@@ -0,0 +1,6 @@
+menu "Configuration"
+
+config ICWMP_MGMT_FROM_USP
+	bool "Support configuration of ManagementServer from USP"
+	default y
+endmenu

icwmp/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icwmp
-PKG_VERSION:=9.7.19
+PKG_VERSION:=9.8.13
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=db40cb6311003c9a49e78f0e2f740aae465266a8
+PKG_SOURCE_VERSION:=14f3375ab8f1a586da7c9fd94c46bd16e3ae0ac6
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -32,8 +32,21 @@ define Package/icwmp
   SUBMENU:=TRx69
   TITLE:=TR069 CWMP client
   DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api +libopenssl
+  MENU:=1
 endef
 
+define Package/icwmp/description
+ TR069 client implementation with bbfdm backend for TR181 support
+endef
+
+define Package/icwmp/config
+	source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(CONFIG_ICWMP_MGMT_FROM_USP),y)
+EXTRA_CFLAGS += -DCWMP_DUAL_SUPPORT=BBFDM_BOTH
+endif
+
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/icwmp/* $(PKG_BUILD_DIR)/
@@ -51,6 +64,7 @@ define Package/icwmp/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
 	$(INSTALL_BIN) ./files/etc/firewall.cwmp $(1)/etc/firewall.cwmp
+	$(INSTALL_BIN) ./files/etc/critical_services.json $(1)/etc/icwmpd/critical_services.json
 	$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/

icwmp/files/etc/config/cwmp

@@ -41,6 +41,7 @@ config cpe 'cpe'
 	option active_notif_throttle '0'
 	option disable_gatewayinfo '0'
 	option fw_upgrade_keep_settings '1'
+	option clock_sync_timeout '128'
 	
 config lwn 'lwn'
 	option enable '0'

icwmp/files/etc/critical_services.json

@@ -0,0 +1,11 @@
+{
+	"services_list": [
+			"firewall",
+			"network",
+			"dhcp",
+			"stunc",
+			"xmpp",
+			"wireless",
+			"time"
+	]
+}

icwmp/files/etc/firewall.cwmp

@@ -6,7 +6,7 @@ log() {
 }
 
 get_firewall_zone() {
-	zone="$(uci show firewall|grep network|grep ${1}|cut -d. -f 2)"
+	zone="$(uci show firewall|grep network|grep -w ${1}|cut -d. -f 2)"
 	zone="${zone:-wan}" # defaults to wan zone
 	echo "$zone"
 }

ieee1905/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ieee1905
-PKG_VERSION:=8.4.6
+PKG_VERSION:=8.5.7
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=e2f68a0ba54a6abf3481cdbb24d2dcc81e7f199c
+PKG_SOURCE_VERSION:=171fa1b3886547765b2c223edfe195c26fcda28d
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

iop/scripts/annexconfig.sh

@@ -1,72 +0,0 @@
-#!/bin/bash
-
-function disable_add_config () {
-	local COPTION="$1"
-
-	HAVE_OPTION=`grep $COPTION .config | wc -l`
-	HAVE_OPTION_DISABLED=`grep "# $COPTION" .config | wc -l`
-	if [ "$HAVE_OPTION" = "1" ]
-	then
-		if [ "$HAVE_OPTION_DISABLED" = "0" ]
-		then
-			sed -i -e "s,$COPTION=y,# $COPTION is not set,g" .config
-		fi
-	else
-		echo "# $COPTION is not set" >> .config
-	fi
-}
-
-function enable_option () {
-	local COPTION="$1"
-#	cat .config| grep DSL
-	sed -i -e "s,# $COPTION is not set,$COPTION=y,g" .config
-#	cat .config| grep DSL
-}
-
-function annexconfig {
-
-	v() {
-		[ "$VERBOSE" -ge 1 ] && echo "$@"
-	}
-
-	local ANNEX="$1"
-
-	disable_add_config CONFIG_TARGET_NO_DSL
-	disable_add_config CONFIG_TARGET_DSL_ANNEX_A
-	disable_add_config CONFIG_TARGET_DSL_ANNEX_B
-	disable_add_config CONFIG_TARGET_DSL_ANNEX_C
-	disable_add_config CONFIG_TARGET_DSL_SADSL
-	disable_add_config CONFIG_TARGET_DSL_GFAST
-
-
-	if [ "$ANNEX" = "no" ]
-	then
-		echo "No DSL"
-		enable_option CONFIG_TARGET_NO_DSL
-	elif [ "$ANNEX" = "a" ]
-	then
-		echo "Annex A"
-		enable_option CONFIG_TARGET_DSL_ANNEX_A
-	elif [ "$ANNEX" = "b" ]
-	then
-		echo "Annex B"
-		enable_option CONFIG_TARGET_DSL_ANNEX_B
-	elif [ "$ANNEX" = "c" ]
-	then
-		echo "Annex C"
-		enable_option CONFIG_TARGET_DSL_ANNEX_C
-	elif [ "$ANNEX" = "sadsl" ]
-	then
-		echo "sadsl"
-		enable_option CONFIG_TARGET_DSL_SADSL
-	elif [ "$ANNEX" = "gfast" ]
-	then
-		echo "G.fast"
-		enable_option CONFIG_TARGET_DSL_GFAST
-	else
-		echo "Only option no,a,b,c,sadsl,gfast supported"
-	fi
-
-}
-
-register_command "annexconfig" "Select configuration annex"

iop/scripts/cfe_upgrade.sh

@@ -1,42 +0,0 @@
-# this is a developer helper script to install firmware on a remote host running in CFE mode
-
-function usage {
-	echo "usage: $0 cfe_upgrade <host> <file>"
-}
-
-function cfe_upgrade {
-	if [ -z "$1" ] ; then
-		usage
-		echo "Error: host required"
-		exit 1
-	fi
-	if [ -z "$2" ] ; then
-		usage
-		echo "Error: firmware filename required"
-		exit 1
-	fi
-	if [ ! -e $2 ] ; then
-		usage
-		echo "Error: firmware file does not exist"
-		exit 1
-	fi
-	IMAGE=`basename $2`
-	echo "CFE upgrade host: $1 with file $IMAGE"
-	[ "$2" ] && [ -e "$2" ] &&  curl -i -F filedata=@$2  http://$1/upload.cgi && echo "upgrade done!"
-}
-
-register_command "cfe_upgrade" "<host> <file>  Install firmware on remote host in CFE mode"
-
-function cfe_upgrade_latest {
-	if [ -z "$1" ] ; then
-		echo "usage: $0 cfe_upgrade_latest <host>"
-		echo "Error: host required"
-		exit 1
-	fi
-	{ cd `dirname $0`
-		IMAGE=`ls -Art bin/*/*.w | tail -n1`
-		[ "$IMAGE" ] && [ -e "$IMAGE" ] && ./iop cfe_upgrade $1 $IMAGE
-	}
-}
-
-register_command "cfe_upgrade_latest" "<host>  Install latest firmware on remote host in CFE mode"

iop/scripts/genconfig_wrap.sh

@@ -1,29 +0,0 @@
-#!/bin/bash
-
-# Function to convert parameters to lowercase
-function to_lowercase {
-    local params=()
-    for param in "$@"; do
-        params+=("$(tr '[:upper:]' '[:lower:]' <<< "$param")")
-    done
-    echo "${params[@]}"
-}
-
-function genconfig {
-    target_script="./scripts/gen_config.py"
-
-    # First convert all to lowercase
-    args=$(to_lowercase "$@")
-
-    # Check if an option is provided
-    if [[ ${args[0]} == -* ]]; then
-      # Convert options for target script
-      if [[ ${args[0]}  == "-b" || ${args[0]}  == "--boards" ]]; then
-        args=("--list")
-      fi
-    fi
-
-    ${target_script} ${args[@]}
-}
-
-register_command "genconfig" "Generate configuration for board and customer"

iop/scripts/iopupgrade.sh

@@ -1,283 +0,0 @@
-# this is a developer helper script to install firmware on a remote host with SSH
-
-function upd_usage {
-	echo "usage: $0 ssh_upgrade [-t <host>] [-f <file>] [opts] "
-	echo ""
-	echo "   Default host is 192.168.1.1"
-	echo "   Default firmware file is the latest one (last.{itb,pkgtb})"
-	echo "   Default is to not keep configuration"
-	echo "opts:"
-	echo ""
-	echo "	-i	Interactive use, allows to select firmware file"
-	echo "	-n	Do not do the final reboot of the target board"
-	echo "	-c	Keep configuration"
-	echo "	-x	Force install even if firmware is not for this board"
-	echo "	-b	Force install of bootloader regardless of version installed"
-}
-
-function set_config_string {
-	eval $(grep $1 .config)
-}
-
-function upd_ask_ok {
-	echo "Will continue with the following settings:"
-	echo "-----------------------------------------"
-	printf "%20s: %s\n" "Firmware file" "$upd_fw_base"
-	printf "%20s: %s\n" "Host IP" "$upd_host"
-	printf "%20s: " "Reboot"
-	if [ "$upd_noreboot" == "0" ]; then printf "Yes\n"; else printf "No\n"; fi
-	printf "%20s: " "Keep config"
-	if [ "$upd_keepconf" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi
-	printf "%20s: " "Force bootloader"
-	if [ "$upd_forceboot" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi
-	printf "%20s: " "Force image upgrade"
-	if [ "$upd_forceimage" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi
-	echo "-----------------------------------------"
-
-	echo -n "Continue? [Y/n/q]:"
-	read answer
-
-	case $answer in
-	n | N)
-		return 1
-		;;
-	q | Q)
-		exit 1
-		;;
-	y | Y | *)
-		return 0
-		;;
-	esac
-}
-
-function upd_select_file {
-	dialog --keep-tite --title "To select a file, use TAB/ARROW to highlight then press SPACEBAR -> RETURN" \
-		--fselect "${upd_fw:-bin/targets/$CONFIG_TARGET_BOARD/$CONFIG_TARGET_SUBTARGET/}" \
-		$((lines - 10)) $((cols - 5)) \
-		2>$tempfile
-
-	new_file=$(cat $tempfile)
-	if [ -n "$new_file" ]; then
-		upd_fw="$new_file"
-		upd_fw_base=$(basename $upd_fw)
-	fi
-}
-
-function upd_select_target {
-	dialog --keep-tite --title "Input the hostname/IP of the target board" \
-		--inputbox "Name/IP" \
-		$((lines - 10)) $((cols - 5)) \
-		"$upd_host" \
-		2>$tempfile
-
-	new_file=$(cat $tempfile)
-	if [ -n "$new_file" ]; then
-		upd_host="$new_file"
-	fi
-}
-
-function upd_select_reboot {
-	dialog --keep-tite --radiolist "Should the board reboot after download finished" \
-		$((lines - 5)) $((cols - 5)) $((lines - 5 - 5)) \
-		"Reboot" "Restart board after done" $(if [ "$upd_noreboot" == "0" ]; then echo "ON"; else echo "OFF"; fi) \
-		"No reboot" "Continue running old system" $(if [ "$upd_noreboot" == "1" ]; then echo "ON"; else echo "OFF"; fi) \
-		2>$tempfile
-
-	res=$(cat $tempfile)
-	case $res in
-	"No reboot")
-		upd_noreboot=1
-		;;
-	"Reboot")
-		upd_noreboot=0
-		;;
-	esac
-}
-
-function upd_select_config {
-	dialog --keep-tite --radiolist "Should the configuration be kept" \
-		$((lines - 5)) $((cols - 5)) $((lines - 5 - 5)) \
-		"Keep" "Keep the config from old system" $(if [ "$upd_keepconf" == "1" ]; then echo "ON"; else echo "OFF"; fi) \
-		"Default" "Use default config for new system" $(if [ "$upd_keepconf" == "0" ]; then echo "ON"; else echo "OFF"; fi) \
-		2>$tempfile
-
-	res=$(cat $tempfile)
-	case $res in
-	"Keep")
-		upd_keepconf=1
-		;;
-	"Default")
-		upd_keepconf=0
-		;;
-	esac
-}
-
-function upd_select_forceboot {
-	dialog --keep-tite --radiolist "Should the boot loader be updated regardless of the version installed" \
-		$((lines - 5)) $((cols - 5)) $((lines - 5 - 5)) \
-		"Force" "Always update boot loader" $(if [ "$upd_forceboot" == "1" ]; then echo "ON"; else echo "OFF"; fi) \
-		"Version check" "Only upgrade if version is newer" $(if [ "$upd_forceboot" == "0" ]; then echo "ON"; else echo "OFF"; fi) \
-		2>$tempfile
-
-	res=$(cat $tempfile)
-	case $res in
-	"Force")
-		upd_forceboot=1
-		;;
-	"Version check")
-		upd_forceboot=0
-		;;
-	esac
-}
-
-function upd_select_forceimage {
-	dialog --keep-tite --radiolist "Should the image be stored in flash even if sanity checks would reject it" \
-		$((lines - 5)) $((cols - 5)) $((lines - 5 - 5)) \
-		"Force" "Disable sanity check and force use of image (dangerous)" $(if [ "$upd_forceimage" == "1" ]; then echo "ON"; else echo "OFF"; fi) \
-		"Only compatible" "Normal checks apply" $(if [ "$upd_forceimage" == "0" ]; then echo "ON"; else echo "OFF"; fi) \
-		2>$tempfile
-
-	res=$(cat $tempfile)
-	case $res in
-	"Force")
-		upd_forceimage=1
-		;;
-	"Only compatible")
-		upd_forceimage=0
-		;;
-	esac
-}
-
-function upd_select {
-	dialog --keep-tite --ok-label "Select" --cancel-label "Done" --menu "Select item to change" \
-		$((lines - 5)) $((cols - 5)) $((lines - 5 - 5)) \
-		"Firmware file" "$upd_fw_base" \
-		"Host IP" "$upd_host" \
-		"Reboot" $(if [ "$upd_noreboot" == "0" ]; then printf "Yes\n"; else printf "No\n"; fi) \
-		"Keep config" $(if [ "$upd_keepconf" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi) \
-		"Force bootloader" $(if [ "$upd_forceboot" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi) \
-		"Force image upgrade" $(if [ "$upd_forceimage" == "1" ]; then printf "Yes\n"; else printf "No\n"; fi) \
-		2>$tempfile
-
-	case $(cat $tempfile) in
-	"Firmware file")
-		upd_select_file
-		;;
-	"Host IP")
-		upd_select_target
-		;;
-	"Reboot")
-		upd_select_reboot
-		;;
-	"Keep config")
-		upd_select_config
-		;;
-	"Force bootloader")
-		upd_select_forceboot
-		;;
-	"Force image upgrade")
-		upd_select_forceimage
-		;;
-	*)
-		return
-		;;
-	esac
-	upd_select
-}
-function upd_select_start {
-	lines=$(tput lines)
-	cols=$(tput cols)
-	tempfile="$(mktemp)"
-	trap "rm -f $tempfile" 0 1 2 5 15
-	upd_select
-
-}
-
-function ssh_upgrade {
-	upd_noreboot=0
-	upd_forceboot=0
-	upd_keepconf=0
-	upd_forceimage=0
-	upd_fw_base=""
-	upd_fw=""
-	upd_host="192.168.1.1"
-	do_dialog=0
-
-	while getopts "f:hnxt:icb" opt; do
-		case $opt in
-		n)
-			upd_noreboot=1
-			;;
-		x)
-			upd_forceimage=1
-			;;
-		b)
-			upd_forceboot=1
-			;;
-		c)
-			upd_keepconf=1
-			;;
-		v)
-			verbose=$OPTARG
-			;;
-		f)
-			upd_fw=$OPTARG
-			;;
-		t)
-			upd_host=$OPTARG
-			;;
-		i)
-			do_dialog=1
-			;;
-		h)
-			upd_usage
-			exit 1
-			;;
-		\?)
-			echo "Invalid option: -$OPTARG" >&2
-			exit 1
-			;;
-		esac
-	done
-
-	if [ -z "$upd_fw" ]; then
-		set_config_string CONFIG_TARGET_BOARD
-		set_config_string CONFIG_TARGET_SUBTARGET
-		upd_fw="$(realpath -q --canonicalize-existing --relative-to=. "bin/targets/$CONFIG_TARGET_BOARD/$CONFIG_TARGET_SUBTARGET/"last.{pkgtb,itb})"
-		if [ -z "$upd_fw" ] && [ $do_dialog -eq 0 ]; then
-			echo "Could not find image. Check that last.{itb,pkgtb} exists or specify an image using -f <image> or -i (interactive)." >&2
-			return 1
-		fi
-	fi
-	upd_fw_base="$(basename "$upd_fw")"
-
-	[ $do_dialog -eq 1 ] && upd_select_start
-
-	if ! upd_ask_ok; then
-		upd_select_start
-		if ! upd_ask_ok; then
-			exit 1
-		fi
-	fi
-
-	if [ ! -f $upd_fw ]; then
-		echo "Firmware file $firmware does not exist."
-		exit 1
-	fi
-
-	extra_args=""
-	[ $upd_noreboot -eq 1 ] && extra_args="$extra_args --no-reboot"
-	[ $upd_forceimage -eq 1 ] && extra_args="$extra_args --force"
-	[ $upd_keepconf -eq 0 ] && extra_args="$extra_args -n"
-	[ $upd_forceboot -eq 1 ] && extra_args="$extra_args --force-loader-upgrade"
-
-	pv "$upd_fw" |
-		ssh \
-			-o ConnectTimeout=60 \
-			-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
-			root@"$upd_host" \
-			sh -c "cat > '/tmp/$upd_fw_base' && (set -x && sysupgrade -v $extra_args /tmp/$upd_fw_base)" ||
-		echo "Sysupgrade failed" >&2 && return 1
-}
-
-register_command "ssh_upgrade" "-t <host> -f <file> [opts]  Install firmware on remote host with SSH"

iop/scripts/taas.sh

@@ -1,89 +0,0 @@
-
-# Shorthand command for doing a HIL runtime smoketest on the
-# latest built image. Does the image boot up correctly?
-# More info here:
-# https://dev.iopsys.eu/iopsys/iopsys-taas
-
-
-#--------------------------------------------------------------
-function taas-init() {
-	local f
-
-	# Path to TaaS binarys. Try some likely ones.
-	if ! which taas-smoketest >/dev/null; then
-		PATH="${PATH}:${PWD}/../iopsys-taas/bin"
-		PATH="${PATH}:${PWD}/../taas/bin"
-		PATH="${PATH}:${HOME}/iopsys-taas/bin"
-		PATH="${PATH}:${HOME}/taas/bin"
-		PATH="${PATH}:${HOME}/bin"
-		PATH="${PATH}:/opt/iopsys-taas/bin"
-		PATH="${PATH}:/opt/taas/bin"
-	fi
-
-	if ! which taas-smoketest >/dev/null; then
-		echo "Error; TaaS is missing! Install it with:"
-		echo "git clone git@dev.iopsys.eu:iopsys/iopsys-taas.git ../iopsys-taas"
-		exit 1
-	fi
-
-	# Create a list of all images which might be of use.
-	for f in ${PWD}/bin/targets/iopsys-*/generic/last.*; do
-		[[ -s "$f" ]] && images+=("$f")
-	done
-
-	# Convert Iopsys target name to the TaaS product name format
-	# according to what is available in the remote lab for HIL.
-	# Also find a suitable image.
-	product=$(grep CONFIG_TARGET_PROFILE .config | \
-		tr -s "=\"" " " | cut -d " " -f 2) || exit
-	case "$product" in
-		smarthub3)
-			export product="SmartHub3a"
-			;;
-		dg400prime|eg400|ex600)
-			export product=$(echo -n "$product" | tr [[:lower:]] [[:upper:]])
-			;;
-		*)
-			echo "Unsupported target; skipping!"
-			exit 0
-			;;
-	esac
-
-	if [[ ${#images[@]} -eq 0 ]]; then
-		echo "No image found"
-		exit 1
-	fi
-}
-
-
-
-#--------------------------------------------------------------
-function taas-smoketest {
-	declare -a images
-
-	taas-init || return
-	echo "Testing a $product with ${images[@]}..."
-	command taas-smoketest "${images[@]}" "$product" "$@"
-}
-
-
-
-#--------------------------------------------------------------
-function taas-bootstrap {
-	declare -a images
-
-	if [[ -n "$1" ]]; then
-		taas-init || return
-		echo "Flashing $1..."
-		command taas-bootstrap "${images[@]}" "$@"
-	else
-		echo "Usage: ./iop taas-bootstrap dutX"
-		exit 1
-	fi
-}
-
-
-
-register_command "taas-bootstrap" "Write image to a remote lab device."
-register_command "taas-smoketest" "Write image to a remote lab device and test it."
-

iopsys-analytics/Makefile

@@ -4,7 +4,7 @@ PKG_NAME:=iopsys-analytics
 PKG_RELEASE:=$(COMMITCOUNT)
 PKG_LICENSE:=PROPRIETARY
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=fb84c1019a8a0fbfb624d9df8eb3604806645510
+PKG_SOURCE_VERSION:=f448cfe9264b4079f616b065244c4be24b516aba
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/iopsys-analytics.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

libdpp/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libdpp
-PKG_VERSION:=2.1.0
+PKG_VERSION:=2.1.1
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=1f82436531d4bb094b0b74e99613e0dfc84eada3
+PKG_SOURCE_VERSION:=6024efd3db9dd490c07465ea9b0c15120063165c
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/libdpp.git
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz

libdsl/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libdsl
-PKG_VERSION:=7.2.99
+PKG_VERSION:=7.2.100
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=f9f3fcd0f4140540db5bd41059bcca7ded083024
-PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libdsl.git
+PKG_SOURCE_VERSION:=20875ec79fcc7c546c2f1253c867d6afbc8bff75
+PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/libdsl.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif
@@ -27,6 +27,8 @@ ifeq ($(CONFIG_TARGET_brcmbca),y)
   CONFIG_ID=$(SUBTARGET:bcm%=BCM%)
   CHIP_ID=$(CONFIG_ID:BCM9%=%)
   TARGET_CFLAGS +=-DIOPSYS_BROADCOM -DCHIP_$(CHIP_ID) -DCONFIG_$(CONFIG_ID) \
+	-I$(STAGING_DIR)/usr/include/bcm963xx/bcmdrivers/broadcom/include/bcm963xx \
+	-I$(STAGING_DIR)/usr/include/bcm963xx/shared/opensource/include/bcm963xx \
 	-I$(STAGING_DIR)/usr/include/bcm963xx/bcmdrivers/opensource/include/bcm963xx \
 	-I$(STAGING_DIR)/usr/include/bcm963xx/userspace/public/include
 else ifeq ($(CONFIG_TARGET_x86),y)
@@ -55,12 +57,19 @@ define Package/libdsl
   SUBMENU:=IOPSYS HAL libs
   MENU:=1
   TITLE:= xDSL library (libdsl)
+  DEPENDS+=TARGET_brcmbca:bcm963xx-bsp
 endef
 
 define Package/libdsl/description
   Library provides xDSL/GFAST HAL APIs
 endef
 
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+        $(CP) -rf ./libdsl/* $(PKG_BUILD_DIR)/
+endef
+endif
+
 define Package/libdsl/config
   if PACKAGE_libdsl
 	  config LIBDSL_DEBUG

libethernet/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libethernet
-PKG_VERSION:=7.2.109
+PKG_VERSION:=7.2.111
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=cc72f5ab0171cd0fc29bb48dafff6751ab2f0d9c
+PKG_SOURCE_VERSION:=6e7216e657dfb59e869e393ef58e6b4593c16fc7
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libethernet.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

libvoice-broadcom/Makefile

@@ -38,7 +38,7 @@ define Package/$(PKG_NAME)
 	CATEGORY:=Utilities
 	TITLE:=IOPSYS libvoice for Broadcom
 	URL:=
-	DEPENDS:=
+	DEPENDS:=+bcm963xx-voice
 endef
 
 define Package/$(PKG_NAME)/description
@@ -56,4 +56,3 @@ define Package/$(PKG_NAME)/install
 endef
 
 $(eval $(call BuildPackage,$(PKG_NAME)))
-

libvoice-d2/Makefile

@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libvoice-d2
 PKG_RELEASE:=1
-PKG_VERSION:=1.1.12
+PKG_VERSION:=1.1.14
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE
 
@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=772955d814af8bbf91cf5c76f128cd1d17755625
+PKG_SOURCE_VERSION:=0b2bef862fb5aea0b285e339459f46779224e2d0
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

libwifi/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libwifi
-PKG_VERSION:=7.5.0
+PKG_VERSION:=7.6.3
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b85c43cca01d001a90604e11c7cf9286a5332c33
+PKG_SOURCE_VERSION:=34d9fca18002b08f135805c7bc3cb00024943784
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
@@ -51,10 +51,6 @@ else ifeq ($(CONFIG_TARGET_ipq53xx),y)
   TARGET_PLATFORM=IPQ53XX
   TARGET_WIFI_TYPE=QUALCOMM MAC80211
   TARGET_CFLAGS +=-DIPQ53XX
-else ifeq ($(CONFIG_TARGET_mediatek),y)
-  TARGET_PLATFORM=LINUX
-  TARGET_WIFI_TYPE=MEDIATEK MAC80211
-  TARGET_CFLAGS +=-DIOPSYS_LINUX
 else
   $(info Unexpected CONFIG_TARGET, use default MAC80211)
   TARGET_PLATFORM=MAC80211

logmngr/Config.in

@@ -0,0 +1,26 @@
+if PACKAGE_logmngr
+choice
+	prompt "Select backend for syslog management"
+	default LOGMNGR_BACKEND_FLUENTBIT
+	depends on PACKAGE_logmngr
+	help
+		Select which backend daemon to use for syslog management
+
+config LOGMNGR_BACKEND_FLUENTBIT
+	bool "Use fluent-bit for log management"
+	help
+		Enable this option to use fluent-bit for log management.
+
+config LOGMNGR_BACKEND_SYSLOG_NG
+	bool "Use syslog-ng for log management"
+	help
+		Enable this option to use syslog-ng for log management.
+
+endchoice
+config LOGMNGR_LOGROTATE
+	bool "Logrotate support"
+	depends on PACKAGE_logmngr
+	default y
+	help
+		It adds support for logrotate functionality.
+endif

logmngr/Makefile

@@ -0,0 +1,74 @@
+#
+# Copyright (C) 2024 iopsys
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=logmngr
+PKG_VERSION:=1.0.1
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/system/logmngr.git
+PKG_SOURCE_VERSION:=ec10abb3cc0f3b96eb806c9c67e18d9d134287e9
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+MAKE_PATH:=bbf_plugin
+
+define Package/logmngr
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Logging Manager
+ DEPENDS:=+libbbfdm-api +LOGMNGR_BACKEND_FLUENTBIT:fluent-bit +LOGMNGR_LOGROTATE:logrotate
+ DEPENDS+=+LOGMNGR_BACKEND_SYSLOG_NG:syslog-ng
+endef
+
+define Package/logmngr/description
+	Configure log management. This package has the datamodel as well as the
+	the backend implementation for handling syslog.
+endef
+
+define Package/$(PKG_NAME)/config
+        source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) -rf ./logmngr/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+define Package/logmngr/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/logmngr.init $(1)/etc/init.d/logmngr
+
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) ./files/logread $(1)/usr/sbin
+
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(INSTALL_BIN) ./files/10-logmngr_config_generate $(1)/etc/uci-defaults/
+
+	$(INSTALL_DIR) $(1)/lib/logmngr
+ifeq ($(CONFIG_LOGMNGR_BACKEND_FLUENTBIT),y)
+	$(INSTALL_DATA) ./files/lib/logmngr/fluent-bit.sh $(1)/lib/logmngr/.
+endif
+ifeq ($(CONFIG_LOGMNGR_BACKEND_SYSLOG_NG),y)
+	$(INSTALL_DATA) ./files/lib/logmngr/syslog-ng.sh $(1)/lib/logmngr/.
+endif
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/bbf_plugin/libbbfsyslog.so $(1)
+ifeq ($(CONFIG_LOGMNGR_LOGROTATE),y)
+	$(INSTALL_BIN) ./files/11-logmngr_logrotate_config_generate $(1)/etc/uci-defaults/
+	$(INSTALL_DATA) ./files/lib/logmngr/logrotate.sh $(1)/lib/logmngr/.
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/bbf_plugin/libbbflogrotate.so $(1)
+endif
+endef
+
+$(eval $(call BuildPackage,logmngr))

logmngr/files/10-logmngr_config_generate

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+if [ -s "/etc/config/logmngr" ]; then
+	if uci -q get logmngr.@globals[0] >/dev/null; then
+		# return if there is any valid content
+		exit
+	else
+		rm -f /etc/config/logmngr
+	fi
+fi
+touch /etc/config/logmngr
+
+uci set logmngr.globals=globals
+uci set logmngr.globals.enable=1
+
+uci set logmngr.a1=action
+uci set logmngr.a1.name="ac1"
+
+uci set logmngr.lf1=log_file
+uci set logmngr.lf1.enable=1
+uci set logmngr.lf1.action="ac1"
+uci set logmngr.lf1.file="/var/log/messages"
+uci commit logmngr

logmngr/files/11-logmngr_logrotate_config_generate

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -s "/etc/config/logmngr" ]; then
+	if uci -q get logmngr.@log_rotate[0] >/dev/null; then
+		# return if there is any valid content
+		exit
+	fi
+	uci set logmngr.lro1=log_rotate
+	uci set logmngr.lro1.enable=1
+	uci set logmngr.lro1.file_name="/var/log/messages"
+	uci set logmngr.lro1.file_count=1
+	uci set logmngr.lro1.max_file_size=1000000
+	uci commit logmngr
+fi

logmngr/files/lib/logmngr/fluent-bit.sh

@@ -0,0 +1,321 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/logmngr/logrotate.sh
+
+CONF_FILE=/etc/fluent-bit/fluent-bit.conf
+TMP_CONF_FILE=/tmp/fluent-bit/fluent-bit.conf
+
+create_config_file() {
+	mkdir -p /tmp/fluent-bit
+	rm -f ${TMP_CONF_FILE}
+	touch ${TMP_CONF_FILE}
+}
+
+create_service_section() {
+	# the service section of the fluent-bit.conf file has hardcoded values,
+	# no need to lookup any uci section to configure this section
+	echo "[SERVICE]" >> ${TMP_CONF_FILE}
+	echo "    flush        3" >> ${TMP_CONF_FILE}
+	echo "    daemon       off" >> ${TMP_CONF_FILE}
+	echo "    log_level    info" >> ${TMP_CONF_FILE}
+	echo "    parsers_file /etc/fluent-bit/parsers.conf" >> ${TMP_CONF_FILE}
+}
+
+create_input_section() {
+	local tag="$1"
+	# the input in our case is always syslog, hence, this section of the
+	# fluent-bit.conf file has hardcoded values as well that do not depend
+	# on any uci value
+	echo "[INPUT]" >> ${TMP_CONF_FILE}
+	echo "    name        syslog" >> ${TMP_CONF_FILE}
+	echo "    tag         $tag" >> ${TMP_CONF_FILE}
+	echo "    path        /dev/log" >> ${TMP_CONF_FILE}
+}
+
+generate_facility_regex() {
+	local facility_level=$1
+	local pri=0
+
+	if [ "$facility_level" == "24" ]; then
+		# value 24 means all facility level, which is as good as not
+		# generating a filter section, so return
+		return
+	fi
+
+	# facility_level is a list value, hence, generate regex for
+	# each value
+	IFS=" "
+	for val in $facility_level; do
+		# as per rfc 5424 and 3164, pri in syslog msg is
+		# facility*8+severity. Severity value can range from 0-7 hence
+		# generate regex for each.
+		for sval in 0 1 2 3 4 5 6 7; do
+			pri=`expr $val \* 8 + $sval`
+			echo "    regex        pri $pri" >> ${TMP_CONF_FILE}
+		done
+	done
+
+}
+
+generate_severity_regex() {
+	local sev_level="$1"
+	local sev_compare="$2"
+	local sev_action="$3"
+
+	local pri=0
+	local param="exclude"
+
+	if [ "$sev_action" == "0" ]; then
+		param="regex"
+	fi
+
+	local fval=0
+	if [ "$sev_compare" == "0" ]; then
+		# generate regex for all facility values, with severity=sev_level
+		while [ $fval -le 23 ] ; do
+			pri=`expr $fval \* 8 + $sev_level`
+			echo "    $param        pri $pri" >> ${TMP_CONF_FILE}
+			fval=$((fval + 1))
+		done
+	elif [ "$sev_compare" == "1" ]; then
+		# generate regex for all severity value greater than or equal to
+		# sev_level. please, lower value have higher precedence, so sev_level
+		# 0 which is emergency has higher precedence than error which is 3
+		while [ $fval -le 23 ] ; do
+			sval=0
+			while [ $sev_level -ge $sval ]; do
+				pri=`expr $fval \* 8 + $sval`
+				echo "    $param        pri $pri" >> ${TMP_CONF_FILE}
+				sval=$((sval + 1))
+			done
+			fval=$((fval + 1))
+		done
+	fi
+}
+
+handle_filter_conf() {
+	local section="$1" # config filter
+	local filter_name="$2"
+	local name
+
+	# no need to proceed if name of filter section is not one of the values
+	# listed in option filter in config action section
+	config_get name $section name
+	if [ "$name" != "$filter_name" ]; then
+		return
+	fi
+
+	# as per data model, at a time either facility_level or severity_level can
+	# be specified along with pattern_match. hence, first process and generate
+	# regex for pattern_match which is common in both condition. Next, we will
+	# process facility_level and return if facility level is defined and not
+	# process severity related params at all.
+
+	local pattern_match
+	config_get pattern_match $section pattern_match
+	if [ -n "$pattern_match" ]; then
+		echo "    regex        $pattern_match" >> ${TMP_CONF_FILE}
+	fi
+
+	local facility_level
+	config_get facility_level $section facility_level
+
+	if [ -n "$facility_level" ]; then
+		generate_facility_regex $facility_level
+		# return from here since if facility_level is defined, then no
+		# need to process severity_level
+		return
+	fi
+
+	local sev_level
+	local sev_compare
+	local sev_action
+	config_get sev_level $section severity_level
+
+	if [ -n "$sev_level" ]; then
+		# value 1 of severity compare corresponds to data model
+		# and system default which is EqualorHigher
+		config_get sev_compare $section severity_compare 1
+		# value 0 of severity action corresponds to data model
+		# and system default that is log
+		config_get sev_action $section severity_action 0
+
+		generate_severity_regex $sev_level $sev_compare $sev_action
+	fi
+}
+
+create_filter_section() {
+	local match="$1"
+
+	echo "[FILTER]" >> ${TMP_CONF_FILE}
+	echo "    name        grep" >> ${TMP_CONF_FILE}
+	echo "    match       $match" >> ${TMP_CONF_FILE}
+	echo "    logical_op  or" >> ${TMP_CONF_FILE} # handle multiple filters
+}
+
+handle_filter_ref() {
+	local filter_name="$1"
+	config_foreach handle_filter_conf filter "$filter_name"
+}
+
+handle_log_file() {
+	local section="$1" # out_file section
+	local match="$2"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+	echo "[OUTPUT]" >> ${TMP_CONF_FILE}
+	echo "    name         file" >> ${TMP_CONF_FILE}
+	echo "    match        $match" >> ${TMP_CONF_FILE}
+	echo "    file         $file" >> ${TMP_CONF_FILE}
+	echo "    format       template" >> ${TMP_CONF_FILE}
+	echo "    template     {time} {hostname} {ident}: {message}" >> ${TMP_CONF_FILE}
+}
+
+handle_log_remote() {
+	local section="$1"
+	local match="$2"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+
+	local address
+	config_get address $section log_ip
+	if [ -z "$address" ]; then
+		return
+	fi
+
+	echo "[OUTPUT]" >> ${TMP_CONF_FILE}
+	echo "    name         syslog" >> ${TMP_CONF_FILE}
+	echo "    match        $match" >> ${TMP_CONF_FILE}
+	echo "    host         $address" >> ${TMP_CONF_FILE}
+
+	local proto # holds value tcp or udp
+	config_get proto $section proto
+	if [ -n "$proto" ]; then
+		if [ "$proto" == "tls" ]; then
+			echo "    mode         tcp" >> ${TMP_CONF_FILE}
+			echo "    tls          on" >> ${TMP_CONF_FILE}
+		else
+			echo "    mode         $proto" >> ${TMP_CONF_FILE}
+		fi
+	fi
+
+	local port
+	config_get port $section port
+	if [ -n "$port" ]; then
+		echo "    port         $port" >> ${TMP_CONF_FILE}
+	fi
+
+	local cert
+	local peer_verify
+	config_get cert $section cert
+	if [ -n "$cert" ]; then
+		echo "    tls.crt_file $cert" >> ${TMP_CONF_FILE}
+
+		config_get peer_verify $section peer_verify
+		if [ "$peer_verify" == "1" ]; then
+			echo "    tls.verify     on" >> ${TMP_CONF_FILE}
+		fi
+	fi
+}
+
+handle_action() {
+	local section="$1"
+
+	local filter
+	config_get filter $section filter
+
+	# use config action option name as tag for input
+	local tag
+	config_get tag $section name
+	if [ -z "$tag" ]; then
+		return
+	fi
+
+	create_input_section $tag
+	if [ -n "$filter" ]; then
+		# the only fluentbit filter that is useful for the datamodel is
+		# grep. Also, fluentbit does not seem to handle multiple instances
+		# of FILTER of same kind. Hence, each filter section corresponding
+		# to an action entry in the uci would translate for us into a set of
+		# regex/exclude values instead of individual FILTER section per uci
+		# section filter is a list, treat according
+		create_filter_section $tag
+
+		IFS=" "
+		for finst in $filter; do
+			handle_filter_ref $finst
+		done
+	fi
+
+	# handle output, each action can be associated with a out_log and out_syslog
+	# section so figure out if any out_log or out_syslog section is associated
+	# with this and action and setup output accordingly.
+	config_foreach handle_log_file log_file "$tag"
+	config_foreach handle_log_remote log_remote "$tag"
+
+
+}
+
+handle_action_section() {
+	config_foreach handle_action action
+}
+
+apply_config_file() {
+	cp ${TMP_CONF_FILE} ${CONF_FILE}
+}
+
+PROG=/usr/sbin/fluent-bit
+logmngr_init() {
+	create_config_file
+
+	config_load logmngr
+	local enabled
+	config_get enabled globals enable
+
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	create_service_section
+	handle_action_section
+	apply_config_file
+
+	if [ -f /lib/logmngr/logrotate.sh ]; then
+		logrotate_init
+	fi
+
+	procd_open_instance logmngr
+	procd_set_param command $PROG -c $CONF_FILE
+	procd_set_param file $CONF_FILE
+	procd_set_param respawn
+	procd_close_instance
+}

logmngr/files/lib/logmngr/logrotate.sh

@@ -0,0 +1,96 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+LOGROTATE_FILE=/etc/logrotate.conf
+LOGROTATE_TMP_FILE=/tmp/logrotate/logrotate.conf
+
+create_logrotate_file() {
+	mkdir -p /tmp/logrotate
+	rm -f ${LOGROTATE_TMP_FILE}
+	touch ${LOGROTATE_FILE}
+}
+
+
+handle_logrotate() {
+	local section="$1"
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	local file_name
+	config_get file_name $section file_name
+	if [ -z "$file_name" ]; then
+		# no file to rotate, return
+		return
+	fi
+
+	echo -e "$file_name {" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tcreate" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tmissingok" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tnotifempty" >> ${LOGROTATE_TMP_FILE}
+
+	local file_count
+	config_get file_count $section file_count
+	if [ -n "$file_count" ]; then
+		echo -e "\trotate $file_count" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local max_file_size
+	config_get max_file_size $section max_file_size
+	if [ -n "$max_file_size" ]; then
+		echo -e "\tmaxsize $max_file_size" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local duration
+	config_get duration $section duration
+	if [ -n "$duration" ]; then
+		echo -e "\tminutes $duration" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local retention
+	config_get retention $section retention
+	if [ -n "$retention" ]; then
+		echo -e "\tmaxage $retention" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local compression
+	config_get compression $section compression
+	if [ -n "$compression" ]; then
+		echo -e "\tcompress" >> ${LOGROTATE_TMP_FILE}
+		echo -e "\tcompresscmd $compression" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	echo -e "\tpostrotate" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\t\tservice logmngr restart" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\t\tsleep 1" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tendscript" >> ${LOGROTATE_TMP_FILE}
+	echo -e "}" >> ${LOGROTATE_TMP_FILE} # close the logfile section
+}
+
+apply_logrotate_file() {
+	cp ${LOGROTATE_TMP_FILE} ${LOGROTATE_FILE}
+}
+
+config_cron_job() {
+	# taking the liberty to configure the cron job hourly, that is, at the end
+	# of each hour, check if logrotation is needed. The logrotate daemon, when
+	# triggered hourly, will still honour the configure log rotation duration,
+	# the only slight different being that if the minutes for log rotation
+	# are configured in such a way that it falls within the hour, then the
+	# log rotation will be done at the completion of hour and not before. I do
+	# not think this is a drawback in the interest of keeping things simple.
+	sed -i '/logrotate/d' /etc/crontabs/root
+	echo "0 * * * * logrotate ${LOGROTATE_FILE}" >> /etc/crontabs/root
+	/etc/init.d/cron restart
+}
+
+logrotate_init() {
+	create_logrotate_file
+	config_foreach handle_logrotate log_rotate
+	apply_logrotate_file
+	config_cron_job
+}

logmngr/files/lib/logmngr/syslog-ng.sh

@@ -0,0 +1,345 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/logmngr/logrotate.sh
+
+CONF_FILE=/etc/syslog-ng.conf
+TMP_CONF_FILE=/tmp/syslog-ng/syslog-ng.conf
+
+create_config_file() {
+	mkdir -p /tmp/syslog-ng
+	rm -f ${TMP_CONF_FILE}
+	touch ${TMP_CONF_FILE}
+}
+
+create_option_section() {
+	# the option section of the syslog-ng.conf file has hardcoded values,
+	# no need to lookup any uci section to configure this section
+	echo -e "@version: 4.4" >> ${TMP_CONF_FILE}
+	echo -e '@include "scl.conf"' >> ${TMP_CONF_FILE}
+	echo -e "options {" >> ${TMP_CONF_FILE}
+	echo -e "\tchain_hostnames(no);" >> ${TMP_CONF_FILE}
+	echo -e "\tcreate_dirs(yes);" >> ${TMP_CONF_FILE}
+	echo -e "\tkeep_hostname(yes);" >> ${TMP_CONF_FILE}
+	echo -e "\tlog_fifo_size(256);" >> ${TMP_CONF_FILE}
+	echo -e "\tlog_msg_size(1024);" >> ${TMP_CONF_FILE}
+	echo -e "\tstats(freq(0));" >> ${TMP_CONF_FILE}
+	echo -e "\tflush_lines(0);" >> ${TMP_CONF_FILE}
+	echo -e "\tuse_fqdn(no);" >> ${TMP_CONF_FILE}
+	echo "};" >> ${TMP_CONF_FILE}
+
+}
+
+create_input_section() {
+	local tag="$1"
+	# the input in our case is always syslog, hence, this section of the
+	# fluent-bit.conf file has hardcoded values as well that do not depend
+	# on any uci value
+	echo -e "source $tag {" >> ${TMP_CONF_FILE}
+	echo -e "\tinternal();" >> ${TMP_CONF_FILE}
+	echo -e "\tunix-dgram("/dev/log");" >> ${TMP_CONF_FILE}
+	echo "};" >> ${TMP_CONF_FILE}
+}
+
+generate_facility_regex() {
+	local facility_level=$1
+
+	if [ "$facility_level" == "24" ]; then
+		# value 24 means all facility level, which is as good as not
+		# generating a filter section, so return
+		return
+	fi
+
+	# facility_level is a list value, hence, generate regex for
+	# each value
+	IFS=" "
+	for val in $facility_level; do
+		echo -e "\tfacility($val);" >> ${TMP_CONF_FILE}
+	done
+
+}
+
+generate_severity_regex() {
+	local sev_level="$1"
+	local sev_compare="$2"
+	local sev_action="$3"
+
+	if [ "$sev_compare" == "0" ]; then
+		case $sev_level in
+		"0") echo -e "\tlevel(emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"1") echo -e "\tlevel(alert)" >> ${TMP_CONF_FILE}
+		;;
+		"2") echo -e "\tlevel(crit)" >> ${TMP_CONF_FILE}
+		;;
+		"3") echo -e "\tlevel(err)" >> ${TMP_CONF_FILE}
+		;;
+		"4") echo -e "\tlevel(warning)" >> ${TMP_CONF_FILE}
+		;;
+		"5") echo -e "\tlevel(notice)" >> ${TMP_CONF_FILE}
+		;;
+		"6") echo -e "\tlevel(info)" >> ${TMP_CONF_FILE}
+		;;
+		"7") echo -e "\tlevel(debug)" >> ${TMP_CONF_FILE}
+		;;
+		esac
+	elif [ "$sev_compare" == "1" ]; then
+		# generate regex for all severity value greater than or equal to
+		# sev_level
+		case $sev_level in
+		"0") echo -e "\tlevel(emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"1") echo -e "\tlevel(alert..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"2") echo -e "\tlevel(crit..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"3") echo -e "\tlevel(err..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"4") echo -e "\tlevel(warning..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"5") echo -e "\tlevel(notice..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"6") echo -e "\tlevel(info..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"7") echo -e "\tlevel(debug..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		esac
+	fi
+}
+
+handle_filter_conf() {
+	local section="$1" # config filter
+	local filter_name="$2"
+	local name
+
+	# no need to proceed if name of filter section is not one of the values
+	# listed in option filter in config action section
+	config_get name $section name
+	if [ "$name" != "$filter_name" ]; then
+		return
+	fi
+	echo -e "filter $name {" >> ${TMP_CONF_FILE}
+
+	# as per data model, at a time either facility_level or severity_level can
+	# be specified along with pattern_match. hence, first process and generate
+	# regex for pattern_match which is common in both condition. Next, we will
+	# process facility_level and return if facility level is defined and not
+	# process severity related params at all.
+
+	local pattern_match
+	config_get pattern_match $section pattern_match
+	if [ -n "$pattern_match" ]; then
+		# the pattern here is in tag=>value pair, hence, break the pattern
+		# and fill this filed
+		local tag=$(echo $pattern_match | awk '{print $1}')
+		local value=$(echo $pattern_match | awk '{print $2}')
+		echo -e "\tmatch("$value" value("$tag"))" >> ${TMP_CONF_FILE}
+	fi
+
+	local facility_level
+	config_get facility_level $section facility_level
+
+	if [ -n "$facility_level" ]; then
+		generate_facility_regex $facility_level
+		# return from here since if facility_level is defined, then no
+		# need to process severity_level
+		echo "};" >> ${TMP_CONF_FILE}
+		return
+	fi
+
+	local sev_level
+	local sev_compare
+	local sev_action
+	config_get sev_level $section severity_level
+
+	if [ -n "$sev_level" ]; then
+		# value 1 of severity compare corresponds to data model
+		# and system default which is EqualorHigher
+		config_get sev_compare $section severity_compare 1
+		# value 0 of severity action corresponds to data model
+		# and system default that is log
+		config_get sev_action $section severity_action 0
+
+		generate_severity_regex $sev_level $sev_compare $sev_action
+	fi
+	echo "};" >> ${TMP_CONF_FILE}
+}
+
+handle_filter_ref() {
+	local filter_name="$1"
+	config_foreach handle_filter_conf filter "$filter_name"
+}
+
+handle_log_file() {
+	local section="$1" # out_file section
+	local match="$2"
+	local filter="$3"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+
+	echo -e "destination file_$match {" >> ${TMP_CONF_FILE}
+	echo -e "\tfile("$file");" >> ${TMP_CONF_FILE}
+	echo -e "};" >> ${TMP_CONF_FILE}
+
+	# now generate the log section for each action section to bring into effect
+	# the filter, destination, source sections create above
+	echo -e "log {" >> ${TMP_CONF_FILE}
+	echo -e "\tsource($tag);" >> ${TMP_CONF_FILE}
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			echo -e "\tfilter($finst);" >> ${TMP_CONF_FILE}
+		done
+	fi
+	echo -e "\tdestination(file_$match);" >> ${TMP_CONF_FILE} # log_file
+	echo -e "};" >> ${TMP_CONF_FILE} # close log section
+}
+
+handle_log_remote() {
+	local section="$1"
+	local match="$2"
+	local filter="$3"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+
+	local address
+	config_get address $section log_ip
+	if [ -z "$address" ]; then
+		return
+	fi
+
+	echo -e "destination remote_$match {" >> ${TMP_CONF_FILE}
+	echo -e "\tsyslog(" >> ${TMP_CONF_FILE}
+	echo -e "\t\t"$address"" >> ${TMP_CONF_FILE}
+
+	local proto # holds value tcp or udp
+	config_get proto $section proto
+	if [ -n "$proto" ]; then
+		echo -e "\t\ttransport($proto)" >> ${TMP_CONF_FILE}
+	fi
+
+	local port
+	config_get port $section port
+	if [ -n "$port" ]; then
+		echo -e "\t\tport($port)" >> ${TMP_CONF_FILE}
+	fi
+
+	local cert
+	local peer_verify
+	config_get cert $section cert
+	if [ -n "$cert" ]; then
+		echo -e "\t\ttls(" >> ${TMP_CONF_FILE}
+		echo -e "\t\t\tcert-file($cert)" >> ${TMP_CONF_FILE}
+
+		config_get peer_verify $section peer_verify
+		if [ "$peer_verify" == "1" ]; then
+			echo -e "\t\t\tpeer-verify(required-trusted)" >> ${TMP_CONF_FILE}
+		fi
+		echo -e "\t\t)" >> ${TMP_CONF_FILE} # close tls section
+	fi
+	echo -e "\t);" >> ${TMP_CONF_FILE} # close syslog section
+	echo -e "};" >> ${TMP_CONF_FILE} # close destination section
+
+	# now generate the log section for each action section to bring into effect
+	# the filter, destination, source sections create above
+	echo -e "log {" >> ${TMP_CONF_FILE}
+	echo -e "\tsource($tag);" >> ${TMP_CONF_FILE}
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			echo -e "\tfilter($finst);" >> ${TMP_CONF_FILE}
+		done
+	fi
+	echo -e "\tdestination(remote_$match);" >> ${TMP_CONF_FILE} # log_file
+	echo -e "};" >> ${TMP_CONF_FILE} # close log section
+}
+
+handle_action() {
+	local section="$1"
+
+	local filter
+	config_get filter $section filter
+
+	# use config action option name as tag for input
+	local tag
+	config_get tag $section name
+	if [ -z "$tag" ]; then
+		return
+	fi
+
+	create_input_section $tag
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			handle_filter_ref $finst
+		done
+	fi
+
+	# handle output, each action can be associated with a out_log and out_syslog
+	# section so figure out if any out_log or out_syslog section is associated
+	# with this and action and setup output accordingly.
+	config_foreach handle_log_file log_file "$tag" "$filter"
+	config_foreach handle_log_remote log_remote "$tag" "$filter"
+}
+
+handle_action_section() {
+	config_foreach handle_action action
+}
+
+apply_config_file() {
+	cp ${TMP_CONF_FILE} ${CONF_FILE}
+}
+
+PROG=/usr/sbin/syslog-ng-ctl
+
+logmngr_init() {
+	create_config_file
+
+	config_load logmngr
+	local enabled
+	config_get enabled globals enable
+
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	create_option_section
+	handle_action_section
+	apply_config_file
+
+	if [ -f /lib/logmngr/logrotate.sh ]; then
+		logrotate_init
+	fi
+
+	procd_open_instance logmngr
+	procd_set_param command $PROG reload
+	procd_close_instance
+}

logmngr/files/logmngr.init

@@ -0,0 +1,16 @@
+#!/bin/sh /etc/rc.common
+
+START=12
+STOP=89
+USE_PROCD=1
+
+. /lib/functions.sh
+include /lib/logmngr
+
+start_service() {
+	logmngr_init
+}
+
+service_triggers() {
+	procd_add_reload_trigger logmngr
+}

logmngr/files/logread

@@ -0,0 +1,108 @@
+#!/bin/sh
+# Shell script compatibility wrapper for /sbin/logread
+#
+# Copyright (C) 2019 Dirk Brenken <dev@brenken.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+. /lib/functions.sh
+
+# use /var/log/messages as default
+logfile="/var/log/messages"
+
+
+handle_log_file() {
+	local section="$1"
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+	logfile="$file"
+}
+
+config_load logmngr
+config_get logmngr_enabled globals enable
+if [ "$logmngr_enabled" == "0" ]; then
+	printf "%s\n" "Error: logmngr is not enabled!"
+	exit 2
+fi
+
+# treat the last enabled log_file as logfile
+config_foreach handle_log_file log_file
+
+if [ ! -f "${logfile}" ]
+then
+	printf "%s\n" "Error: logfile $logfile not found!"
+	exit 2
+fi
+
+usage()
+{
+	printf "%s\n" "Usage: logread [options]"
+	printf "%s\n" "Options:"
+	printf "%5s %-10s%s\n" "-l" "<count>" "Got only the last 'count' messages"
+	printf "%5s %-10s%s\n" "-e" "<pattern>" "Filter messages with a regexp"
+	printf "%5s %-10s%s\n" "-f" "" "Follow log messages"
+	printf "%5s %-10s%s\n" "-h" "" "Print this help message"
+}
+
+if [ -z "${1}" ]
+then
+	cat "${logfile}"
+	exit 0
+else
+	while [ "${1}" ]
+	do
+		case "${1}" in
+			-l)
+				shift
+				count="${1//[^0-9]/}"
+				tail -n "${count:-50}" "${logfile}"
+				exit 0
+				;;
+			-e)
+				shift
+				pattern="${1}"
+				grep -E "${pattern}" "${logfile}"
+				exit 0
+				;;
+			-f)
+				tail -f "${logfile}"
+				exit 0
+				;;
+			-fe)
+				shift
+				pattern="${1}"
+				tail -f "${logfile}" | grep -E "${pattern}"
+				exit 0
+				;;
+			-h|*)
+				usage
+				exit 1
+				;;
+		esac
+		shift
+	done
+fi

map-agent/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-agent
-PKG_VERSION:=6.1.1.5
+PKG_VERSION:=6.2.1.0
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=b2584b103bdd62427c0afb0a9be2d47de9a0301a
+PKG_SOURCE_VERSION:=f02e84b263659cf1cdd377597f976abe151bc5cd
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 PKG_LICENSE:=BSD-3-Clause

map-controller/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-controller
-PKG_VERSION:=6.1.1.5
+PKG_VERSION:=6.1.2.1
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=cb27de727b787bdb58bc4bf42fdef8732cb78134
+PKG_SOURCE_VERSION:=3251215d020cb27ab86504d847b3b45900582b57
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 LOCAL_DEV=0

map-controller/files/etc/config/mapcontroller

@@ -27,6 +27,9 @@ config sta_steering
 	option report_rcpi_threshold_2g '80'
 	option report_rcpi_threshold_5g '96'
 	option report_rcpi_threshold_6g '96'
+	option steer_retry_int '30'
+	option steer_int '180'
+	option steer_disable_int '600'
 
 ###################
 # Default AP sections credentials will by updated

mcastmngr/Makefile

@@ -6,14 +6,14 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=mcastmngr
-PKG_VERSION:=1.2.3
+PKG_VERSION:=1.2.5
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/mcastmngr.git
-PKG_SOURCE_VERSION:=117acf7a29e3a343756aab9b0ae330022892c15b
+PKG_SOURCE_VERSION:=7e114a0313a61f967324ac9f89cacafdbffe74aa
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

mcastmngr/files/broadcom/lib/mcast/broadcom.sh

@@ -128,14 +128,14 @@ configure_mcpd_snooping() {
 		config_snooping_common_params $protocol $igmp_s_version $igmp_s_robustness $igmp_s_mode
 		config_mcast_querier_params $protocol $igmp_s_query_interval $igmp_s_q_resp_interval $igmp_s_last_mem_q_int
 		config_snooping_upstream_interface "$igmp_s_iface"
-		config_snooping_on_bridge $protocol $igmp_s_iface $igmp_s_mode
+		config_snooping_on_bridge $protocol "$igmp_s_iface" $igmp_s_mode
 		exceptions=$igmp_s_exceptions
 		fast_leave=$igmp_s_fast_leave
 	elif [ "$protocol" == "mld" ]; then
 		config_snooping_common_params $protocol $mld_s_version $mld_s_robustness $mld_s_mode
 		config_mcast_querier_params $protocol $mld_s_query_interval $mld_s_q_resp_interval $mld_s_last_mem_q_int
 		config_snooping_upstream_interface "$mld_s_iface"
-		config_snooping_on_bridge $protocol $mld_s_iface $mld_s_mode
+		config_snooping_on_bridge $protocol "$mld_s_iface" $mld_s_mode
 		exceptions=$mld_s_exceptions
 		fast_leave=$mld_s_fast_leave
 	fi
@@ -171,14 +171,14 @@ configure_mcpd_proxy() {
 		config_snooping_common_params $protocol $igmp_p_version $igmp_p_robustness $igmp_p_mode
 		config_mcast_querier_params $protocol $igmp_query_interval $igmp_q_resp_interval $igmp_last_mem_q_int
 		config_mcast_proxy_interface $protocol "$igmp_p_up_interfaces"
-		config_snooping_on_bridge $protocol $igmp_p_down_interfaces $igmp_p_mode
+		config_snooping_on_bridge $protocol "$igmp_p_down_interfaces" $igmp_p_mode
 		fast_leave=$igmp_fast_leave
 		exceptions=$igmp_p_exceptions
 	elif [ "$protocol" == "mld" ]; then
 		config_snooping_common_params $protocol $mld_p_version $mld_p_robustness $mld_p_mode
 		config_mcast_querier_params $protocol $mld_query_interval $mld_q_resp_interval $mld_last_mem_q_int
 		config_mcast_proxy_interface $protocol "$mld_p_up_interfaces"
-		config_snooping_on_bridge $protocol $mld_p_down_interfaces $mld_p_mode
+		config_snooping_on_bridge $protocol "$mld_p_down_interfaces" $mld_p_mode
 		fast_leave=$mld_fast_leave
 		exceptions=$mld_p_exceptions
 	fi

mcastmngr/files/broadcom/usr/libexec/rpcd/mcast

@@ -64,23 +64,11 @@ read_mcast_stats() {
 
 	json_init
 	json_add_array "snooping"
-	json_add_object ""
 	IFS=" "
 	for intf in $ifaces; do
-		while read line; do
-		# reading each line
-			case $line in
-			br-*)
-				snoop_iface="$(echo $line | awk -F ' ' '{ print $1 }')"
-				if [ "$snoop_iface" != "$intf" ]; then
-					continue
-				fi
-				json_add_string "interface" "$intf"
-				json_add_array "groups"
-				break
-				;;
-			esac
-		done < /tmp/igmp_stats
+		json_add_object ""
+		json_add_string "interface" "$intf"
+		json_add_array "groups"
 		IFS=" "
 		for gip_addr in $mcast_addrs; do
 			grp_obj_added=0
@@ -116,12 +104,14 @@ read_mcast_stats() {
 					;;
 				esac
 			done < /tmp/igmp_stats
-			json_close_array #close the associated devices array
-			json_close_object # close the groups object
+			if [ $grp_obj_added -eq 1 ]; then
+				json_close_array #close the associated devices array
+				json_close_object # close the groups object
+			fi
 		done # close the loop for group addresses
 		json_close_array #close the groups array
+		json_close_object # close the snooping object
 	done # close the loop for interfaces
-	json_close_object # close the snooping object
 	json_close_array # close the snooping array
 	json_dump
 
@@ -135,7 +125,12 @@ case "$1" in
 	call)
 		case "$2" in
 			stats)
-				read_mcast_stats
+				out="$(read_mcast_stats)"
+				if [ -z "${out}" ]; then
+					echo '{}'
+				else
+					echo ${out}
+				fi
 				;;
 		esac
 		;;

mcastmngr/files/linux/lib/mcast/linux.sh

@@ -85,9 +85,8 @@ config_mcproxy_interfaces() {
 
 	echo -e "pinstance main:$str_up ==>$str_down;\n" >> $CONFFILE
 
+	local filter=""
 	for excp in $exceptions; do
-		local filter=""
-
 		case $excp in
 		*/*)
 			ip_start="$(ipcalc.sh $excp | grep IP | awk '{print substr($0,4)}')"
@@ -98,16 +97,16 @@ config_mcproxy_interfaces() {
 			filter="$filter ($excp | *)"
 			;;
 		esac
+	done
 
-		for upstream in $str_up; do
-			echo "pinstance main upstream $upstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main upstream $upstream out blacklist table{$filter };" >> $CONFFILE
-		done
+	for upstream in $str_up; do
+		echo "pinstance main upstream $upstream in blacklist table{$filter };" >> $CONFFILE
+		echo "pinstance main upstream $upstream out blacklist table{$filter };" >> $CONFFILE
+	done
 
-		for downstream in $str_down; do
-			echo "pinstance main downstream $downstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main downstream $downstream out blacklist table{$filter };" >> $CONFFILE
-		done
+	for downstream in $str_down; do
+		echo "pinstance main downstream $downstream in blacklist table{$filter };" >> $CONFFILE
+		echo "pinstance main downstream $downstream out blacklist table{$filter };" >> $CONFFILE
 	done
 }
 

mcastmngr/files/linux/usr/libexec/rpcd/mcast

@@ -85,23 +85,11 @@ read_mcast_stats() {
 
 	json_init
 	json_add_array "snooping"
-	json_add_object ""
 	IFS=" "
 	for intf in $ifaces; do
-		while read line; do
-		# reading each line
-			case $line in
-			br-*)
-				snoop_iface="$(echo $line | awk -F ' ' '{ print $1 }')"
-				if [ "$snoop_iface" != "$intf" ]; then
-					continue
-				fi
-				json_add_string "interface" "$intf"
-				json_add_array "groups"
-				break
-				;;
-			esac
-		done < "$temp_igmp_file"
+		json_add_object ""
+		json_add_string "interface" "$intf"
+		json_add_array "groups"
 		IFS=" "
 		for gip_addr in $mcast_addrs; do
 			grp_obj_added=0
@@ -137,12 +125,14 @@ read_mcast_stats() {
 					;;
 				esac
 			done < "$temp_igmp_file"
-			json_close_array #close the associated devices array
-			json_close_object # close the groups object
+			if [ $grp_obj_added -eq 1 ]; then
+				json_close_array #close the associated devices array
+				json_close_object # close the groups object
+			fi
 		done # close the loop for group addresses
 		json_close_array #close the groups array
+		json_close_object # close the snooping object
 	done # close the loop for interfaces
-	json_close_object # close the snooping object
 	json_close_array # close the snooping array
 	json_dump
 
@@ -156,7 +146,12 @@ case "$1" in
 	call)
 		case "$2" in
 			stats)
-				read_mcast_stats
+				out="$(read_mcast_stats)"
+				if [ -z "${out}" ]; then
+					echo '{}'
+				else
+					echo "${out}"
+				fi
 				;;
 		esac
 		;;

netmngr/Makefile

@@ -0,0 +1,50 @@
+#
+# Copyright (C) 2020-2024 iopsys
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=netmngr
+PKG_VERSION:=1.0.4
+
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/netmngr.git
+PKG_SOURCE_VERSION:=ad4825bc6349d1cd68680aaaa6c5b217227c90fe
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+define Package/netmngr
+ CATEGORY:=Utilities
+ TITLE:=Network Data Model Support
+ DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api
+endef
+
+define Package/netmngr/description
+	Package to add Network data model support.
+endef
+
+MAKE_PATH:=src
+
+TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=$(CONFIG_BBF_VENDOR_PREFIX)
+
+define Package/netmngr/install
+	$(BBFDM_INSTALL_MS_DM) -u Network $(PKG_BUILD_DIR)/src/libnetmngr.so $(1) $(PKG_NAME)
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/src/libinterface_stack.so $(1)
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) ~/git/netmngr/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+$(eval $(call BuildPackage,netmngr))

netmode/README.md

@@ -0,0 +1,109 @@
+# Creating Custom Netmodes in IOWRT
+
+This guide provides developers with detailed instructions on how to create and manage custom network modes (netmodes) in IOWRT. The `netmode` script allows for flexible network configuration, and developers can define their own modes by structuring the necessary files and scripts within the `/etc/netmodes/` directory.
+
+## Table of Contents
+1. [Overview of Netmodes](#overview-of-netmodes)
+2. [Directory Structure](#directory-structure)
+3. [Creating a Custom Netmode](#creating-a-custom-netmode)
+   - [Step 1: Pre-Execution Scripts](#step-1-pre-execution-scripts)
+   - [Step 2: UCI Configuration Files](#step-2-uci-configuration-files)
+   - [Step 3: Custom Execution Scripts](#step-3-custom-execution-scripts)
+   - [Step 4: Post-Execution Scripts](#step-4-post-execution-scripts)
+4. [Enabling and Switching Netmodes](#enabling-and-switching-netmodes)
+
+## Overview of Netmodes
+
+Netmodes in IOWRT provide a way to switch between different network configurations based on the needs of the environment. Developers can create custom netmodes by organizing scripts and configuration files in specific directories under `/etc/netmodes/<NETMODE_NAME>`.
+
+## Directory Structure
+
+A custom netmode is defined within the `/etc/netmodes/<NETMODE_NAME>` directory, which should contain the following subdirectories:
+
+- **/lib/netmode/pre/**: Generic scripts executed before the netmode-specific configurations are applied.
+- **/etc/netmodes/<NETMODE_NAME>/uci/**: Contains UCI configuration files that will be copied to `/etc/config/` during the application of the netmode.
+- **/etc/netmodes/<NETMODE_NAME>/scripts/**: Custom scripts specific to the netmode that are executed after the UCI configurations are applied.
+- **/lib/netmode/post/**: Generic scripts executed after the netmode-specific configurations are completed.
+
+## Creating a Custom Netmode
+
+To create a new netmode, follow these steps:
+
+### Step 1: Pre-Execution Scripts
+
+Scripts located in `/lib/netmode/pre/` are executed before any mode-specific actions. These are typically used for preparing the system or cleaning up configurations from the previous netmode.
+
+- **Create Pre-Execution Scripts**:
+  - Place your generic pre-execution scripts in `/lib/netmode/pre/`.
+  - Example script (`/lib/netmode/pre/cleanup.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Cleaning up old network configurations..."
+    # Add commands here
+    ```
+
+### Step 2: UCI Configuration Files
+
+The UCI configuration files stored in `/etc/netmodes/<NETMODE_NAME>/uci/` will be copied to `/etc/config/`, effectively applying the desired network configuration.
+
+- **Place UCI Config Files**:
+  - Create UCI configuration files under `/etc/netmodes/<NETMODE_NAME>/uci/`.
+  - Example (`/etc/netmodes/bridge/uci/network`):
+````bash
+config device 'br_lan'
+        option name 'br-lan'
+        option type 'bridge'
+        option multicast_to_unicast '0'
+        option bridge_empty '1'
+        list ports 'eth1'
+        list ports 'eth3'
+        list ports 'eth4'
+
+config interface 'lan'
+        option proto 'dhcp'
+        option device 'br-lan'
+        option force_link '1'
+        option reqopts '43 125'
+````
+
+### Step 3: Custom Execution Scripts
+
+After the UCI files are applied, any scripts in `/etc/netmodes/<NETMODE_NAME>/scripts/` are executed. These can be used to perform additional configuration tasks that are specific to the netmode.
+
+- **Create Custom Scripts**:
+  - Add scripts to `/etc/netmodes/<NETMODE_NAME>/scripts/`.
+  - Example (`/etc/netmodes/bridge/scripts/setup_bridge.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Setting up bridge mode..."
+    # Additional configuration commands here
+    ```
+
+### Step 4: Post-Execution Scripts
+
+Finally, the generic scripts in `/lib/netmode/post/` are executed. These scripts typically finalize the setup or perform any necessary cleanups.
+
+- **Create Post-Execution Scripts**:
+  - Place scripts in `/lib/netmode/post/`.
+  - Example script (`/lib/netmode/post/restart_services.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Restarting network services..."
+    # Add commands here
+    ```
+
+## Enabling and Switching Netmodes
+
+The netmode mechanism can be enabled or disabled via the UCI configuration, and you can switch between netmodes using UCI commands.
+
+- **Enable Netmode**:
+  ```bash
+  uci set netmode.global.enabled=1
+  uci commit netmode
+    ```
+    
+- **Switch Netmode**:
+  ```bash
+  uci set netmode.global.mode='<NETMODE_NAME>'
+  uci commit netmode
+    ```

obuspa/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=obuspa
-PKG_VERSION:=8.0.1.11
+PKG_VERSION:=9.0.0.2
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=cfa6c48dea74707e098b09745b2c9f989accd714
+PKG_SOURCE_VERSION:=b56fa3b8ce8d33239cbda3156d936a8d6f73cd0b
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -34,7 +34,7 @@ define Package/obuspa
   MENU:=1
   DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl +ca-certificates \
 		+OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-ssl +OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-client-ssl \
-		+OBUSPA_ENABLE_TEST_CONTROLLER:mosquitto-auth-shadow
+		+OBUSPA_ENABLE_TEST_CONTROLLER:mosquitto-auth-shadow +libbbfdm-api +libjson-c
 endef
 
 define Package/obuspa/description
@@ -127,7 +127,7 @@ define Package/obuspa/install
 	$(INSTALL_BIN) ./files/etc/uci-defaults/obuspa-set-dhcp-option $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user
 	$(INSTALL_BIN) ./files/obuspa.hotplug $(1)/etc/hotplug.d/iface/21-obuspa
-	$(BBFDM_INSTALL_CORE_PLUGIN) ./files/etc/bbfdm/json/USPAgent.json $(1)
+	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libuspagentdm.so $(1) $(PKG_NAME)
 ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER),y)
 	$(INSTALL_BIN) ./files/etc/uci-defaults/54-test-usp-remote $(1)/etc/uci-defaults/
 endif

obuspa/files/etc/config/obuspa

@@ -2,9 +2,12 @@ config obuspa 'global'
 	option enabled '1'
 	option debug '1'
 	option dhcp_discovery '1'
-	option log_level '2'
+	option log_level '3'
 	option prototrace '0'
 	option db_file '/etc/obuspa/usp.db'
+	option max_group_sep '2'
+	option ipc_timeout '30'
+	option max_cache_time '600'
 	option dm_caching_exclude '/etc/obuspa/dmcaching_exclude.json'
 	#option trust_cert '/etc/obuspa/ca.pem'
 	#option client_cert '/etc/obuspa/client.pem'

obuspa/files/etc/init.d/obuspa

@@ -352,9 +352,9 @@ configure_controller()
 		db_set "${BASEPATH}.PeriodicNotifInterval" "${PeriodicNotifInterval}"
 	fi
 
-	#if [ -n "${SessionMode}" ]; then
-	#	db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
-	#fi
+	if [ -n "${SessionMode}" ]; then
+		db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
+	fi
 
 	if [ -n "${assigned_role_name}" ]; then
 		AssignedRole=$(get_role_index "${assigned_role_name}")

obuspa/files/etc/obuspa/dmcaching_exclude.json

@@ -2,6 +2,7 @@
   "dmcaching_exclude": [
     "Device.Hosts.Host.",
     "Device.IEEE1905.",
-    "Device.WiFi.DataElements."
+    "Device.WiFi.DataElements.",
+    "Device.NAT.InterfaceSetting."
   ]
 }

obuspa/files/obuspa.hotplug

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+log() {
+	echo "$*"|logger -t obuspa.hotplug -p debug
+}
+
 get_access_role() {
 	local mode lan_proto
 
@@ -34,6 +38,7 @@ fi
 
 [ "$ACTION" = "ifup" -a "${intf}" = "${INTERFACE}" ] && {
 	sleep 1
+	log "Sending WakeUp event, due to [${ACTION}] on ${intf}"
 	obuspa -c event Device.LocalAgent.WakeUp!
 }
 

obuspa/patches/0001-validate-controller-mtp.patch

@@ -1,23 +1,19 @@
-diff --git a/src/core/device.h b/src/core/device.h
-index 5e367b7..db154a5 100644
 --- a/src/core/device.h
 +++ b/src/core/device.h
-@@ -330,6 +330,10 @@ int DEVICE_MTP_ValidateMqttReference(dm_req_t *req, char *value);
- void DEVICE_CONTROLLER_SetRolesFromMqtt(int mqtt_instance, int role_instance);
- char *DEVICE_CONTROLLER_GetControllerTopic(int mqtt_instance);
+@@ -336,6 +336,10 @@ void DEVICE_CONTROLLER_SetInheritedRole(
+ int DEVICE_CONTROLLER_CountEnabledWebsockClientConnections(void);
+ #endif
  
 +#ifdef OBUSPA_CONTROLLER_MTP_VERIFY
-+bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_reply_to_t *mrt);
++bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_conn_t *mpc);
 +#endif
 +
  #ifndef REMOVE_USP_BROKER
  int DEVICE_SUBSCRIPTION_RouteNotification(Usp__Msg *usp, int instance);
  bool DEVICE_SUBSCRIPTION_MarkVendorLayerSubs(int broker_instance, subs_notify_t notify_type, char *path, int group_id);
-diff --git a/src/core/device_controller.c b/src/core/device_controller.c
-index 97ca11d..19c91f1 100644
 --- a/src/core/device_controller.c
 +++ b/src/core/device_controller.c
-@@ -952,6 +952,78 @@ int DEVICE_CONTROLLER_QueueBinaryMessage(mtp_send_item_t *msi, char *endpoint_id
+@@ -967,6 +967,78 @@ int DEVICE_CONTROLLER_QueueBinaryMessage
      return USP_ERR_OK;
  }
  
@@ -30,12 +26,12 @@ index 97ca11d..19c91f1 100644
 +** This function is used by ValidateUspRecord() to determine whether to process a received USP message
 +**
 +** \param   endpoint_id - Endpoint ID of controller that sent a USP message
-+** \param   mrt - pointer to structure specifying on which MTP the message was received
++** \param   mpc - pointer to structure specifying on which MTP the message was received
 +**
 +** \return  true if the MTP is allowed, false otherwise
 +**
 +**************************************************************************/
-+bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_reply_to_t *mrt)
++bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_conn_t *mpc)
 +{
 +    controller_t *cont = FindEnabledControllerByEndpointId(endpoint_id);
 +    controller_mtp_t *mtp;
@@ -46,18 +42,18 @@ index 97ca11d..19c91f1 100644
 +        return false;
 +    }
 +
-+    mtp = FindFirstEnabledMtp(cont, mrt->protocol);
++    mtp = FindFirstEnabledMtp(cont, mpc->protocol);
 +
 +#ifdef ENABLE_WEBSOCKETS
 +    // Allow websocket server if no other MTP is configured
-+    if ((mrt->protocol == kMtpProtocol_WebSockets) && (mrt->wsserv_conn_id != INVALID))
++    if ((mpc->protocol == kMtpProtocol_WebSockets) && (mpc->ws.serv_conn_id != INVALID))
 +    {
 +        return mtp == NULL;
 +    }
 +#endif
 +
 +    // Disallow if there is no MTP configured with matching protocol
-+    if ((mtp == NULL) || (mtp->protocol != mrt->protocol))
++    if ((mtp == NULL) || (mtp->protocol != mpc->protocol))
 +    {
 +        return false;
 +    }
@@ -67,7 +63,7 @@ index 97ca11d..19c91f1 100644
 +    {
 +#ifndef DISABLE_STOMP
 +        case kMtpProtocol_STOMP:
-+            return mtp->stomp_connection_instance == mrt->stomp_instance;
++            return mtp->stomp_connection_instance == mpc->stomp.instance;
 +#endif
 +
 +#ifdef ENABLE_COAP
@@ -77,12 +73,12 @@ index 97ca11d..19c91f1 100644
 +
 +#ifdef ENABLE_MQTT
 +        case kMtpProtocol_MQTT:
-+            return mtp->mqtt_connection_instance == mrt->mqtt_instance;
++            return mtp->mqtt_connection_instance == mpc->mqtt.instance;
 +#endif
 +
 +#ifdef ENABLE_WEBSOCKETS
 +        case kMtpProtocol_WebSockets:
-+            return (mrt->wsclient_cont_instance == cont->instance) && (mrt->wsclient_mtp_instance == mtp->instance);
++            return (mpc->ws.client_cont_instance == cont->instance) && (mpc->ws.client_mtp_instance == mtp->instance);
 +#endif
 +        default:
 +            TERMINATE_BAD_CASE(mtp->protocol);
@@ -96,17 +92,15 @@ index 97ca11d..19c91f1 100644
  /*********************************************************************//**
  **
  ** DEVICE_CONTROLLER_IsMTPConfigured
-diff --git a/src/core/msg_handler.c b/src/core/msg_handler.c
-index 2a04d39..0b3074b 100644
 --- a/src/core/msg_handler.c
 +++ b/src/core/msg_handler.c
-@@ -1206,6 +1206,15 @@ int ValidateUspRecord(UspRecord__Record *rec, mtp_conn_t *mtpc)
+@@ -1210,6 +1210,15 @@ int ValidateUspRecord(UspRecord__Record
      usp_service_instance = USP_BROKER_GetUspServiceInstance(rec->from_id, 0);
  #endif
  
 +#ifdef OBUSPA_CONTROLLER_MTP_VERIFY
 +    // Exit if the controller is not allowed to use the MTP on which the message was received
-+    if (DEVICE_CONTROLLER_IsMTPAllowed(rec->from_id, mrt) == false)
++    if (DEVICE_CONTROLLER_IsMTPAllowed(rec->from_id, mtpc) == false)
 +    {
 +        USP_ERR_SetMessage("%s: Ignoring message from endpoint_id=%s (unauthorized MTP)", __FUNCTION__, rec->from_id);
 +        return USP_ERR_PERMISSION_DENIED;

obuspa/patches/0002-supress-group-get-error.patch

@@ -1,6 +1,6 @@
 --- a/src/core/cli_server.c
 +++ b/src/core/cli_server.c
-@@ -758,10 +758,6 @@ int ExecuteCli_Get(char *arg1, char *arg
+@@ -785,10 +785,6 @@ int ExecuteCli_Get(char *arg1, char *arg
              USP_ASSERT(gge->value != NULL);
              SendCliResponse("%s => %s\n", gge->path, gge->value);
          }
@@ -11,36 +11,3 @@
      }
  
      GROUP_GET_VECTOR_Destroy(&ggv);
---- a/src/core/handle_get.c
-+++ b/src/core/handle_get.c
-@@ -260,26 +260,16 @@ void FormPathExprResponse(int get_expr_i
-         return;
-     }
- 
--    // If there was an error in getting any of the parameters associated with the path expression,
--    // then just add the first error, without any of the parameter values, for this path expression result
--    for (i=0; i < gi->num_entries; i++)
--    {
--        gge = &ggv->vector[gi->index + i];
--        if (gge->err_code != USP_ERR_OK)
--        {
--            (void)AddGetResp_ReqPathRes(resp, path_expr, gge->err_code, gge->err_msg);
--            return;
--        }
--    }
--
-     // If the code gets here, then the value of all parameters were retrieved successfully, so add their values to the result_params
-     req_path_result = AddGetResp_ReqPathRes(resp, path_expr, USP_ERR_OK, "");
-     for (i=0; i < gi->num_entries; i++)
-     {
-         gge = &ggv->vector[gi->index + i];
- 
--        // Simple format contains a resolved_path_result for every object (and sub object)
--        AddResolvedPathResult(req_path_result, gge->path, gge->value);
-+        if (gge->err_code == USP_ERR_OK) {
-+            // Simple format contains a resolved_path_result for every object (and sub object)
-+            AddResolvedPathResult(req_path_result, gge->path, gge->value);
-+	}
-     }
- }
- 

obuspa/patches/0008-fix_cmake_warning.patch

@@ -1,10 +0,0 @@
---- a/src/protobuf-c/protobuf-c.c
-+++ b/src/protobuf-c/protobuf-c.c
-@@ -1926,6 +1926,7 @@ repeated_field_pack_to_buffer(const Prot
- 		buffer->append(buffer, rv, scratch);
- 		tmp = pack_buffer_packed_payload(field, count, array, buffer);
- 		assert(tmp == payload_len);
-+		(void)tmp; // Keep cmake production build happy
- 		return rv + payload_len;
- 	} else {
- 		size_t siz;

obuspa/patches/0011-max_controllers.patch

@@ -1,6 +1,6 @@
 --- a/src/core/mqtt.c
 +++ b/src/core/mqtt.c
-@@ -233,6 +233,8 @@ void HandleMqttDisconnect(mqtt_client_t
+@@ -254,6 +254,8 @@ void QueueUspRecord_MQTT(mqtt_client_t *
  #define DEFINE_MQTT_TrustCertVerifyCallbackIndex(index) \
  int MQTT_TrustCertVerifyCallback_##index (int preverify_ok, X509_STORE_CTX *x509_ctx) \
  {\
@@ -9,7 +9,7 @@
      return DEVICE_SECURITY_TrustCertVerifyCallbackWithCertChain(preverify_ok, x509_ctx, &mqtt_clients[index].cert_chain);\
  }
  
-@@ -243,6 +245,11 @@ DEFINE_MQTT_TrustCertVerifyCallbackIndex
+@@ -264,6 +266,11 @@ DEFINE_MQTT_TrustCertVerifyCallbackIndex
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(2);
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(3);
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(4);
@@ -21,7 +21,7 @@
  // Add more, with incrementing indexes here, if you change MAX_MQTT_CLIENTS
  
  //------------------------------------------------------------------------------------
-@@ -253,10 +260,15 @@ ssl_verify_callback_t* mqtt_verify_callb
+@@ -274,10 +281,15 @@ ssl_verify_callback_t* mqtt_verify_callb
      MQTT_TrustCertVerifyCallbackIndex(2),
      MQTT_TrustCertVerifyCallbackIndex(3),
      MQTT_TrustCertVerifyCallbackIndex(4),

obuspa/patches/0012-check_mqtt_host_alive.patch

@@ -1,102 +0,0 @@
---- a/src/core/mqtt.c
-+++ b/src/core/mqtt.c
-@@ -63,6 +63,8 @@
- 
- #include <mosquitto.h>
- 
-+#include <curl/curl.h>
-+
- // Defines for MQTT Property Values
- #define PUBLISH 0x30
- #define CONTENT_TYPE 3
-@@ -2192,6 +2194,75 @@ exit:
-     }
- }
- 
-+static int _check_host_rechability(CURL *handle, curl_infotype type, char *data, size_t size, void *userp)
-+{
-+    bool *palive = (bool *)userp;
-+
-+    USP_ASSERT(palive != NULL);
-+    switch(type) {
-+        case CURLINFO_HEADER_OUT:
-+        case CURLINFO_HEADER_IN:
-+            *palive = true;
-+            break;
-+        case CURLINFO_TEXT:
-+        {
-+            USP_LOG_Debug("CURL DATA:: [%s]", data);
-+            if (strstr(data, "Connected to ") != NULL) {
-+                *palive = true;
-+            }
-+            break;
-+        }
-+        default:
-+            break;
-+    }
-+
-+    return 0;
-+}
-+
-+int check_mqtt_host_reachability(mqtt_client_t *client)
-+{
-+    CURL *curl;
-+    mqtt_conn_params_t *cparam = &client->conn_params;
-+    char buffer[128] = {0};
-+    int ret = USP_ERR_INTERNAL_ERROR;
-+    bool is_alive = false;
-+
-+    curl = curl_easy_init();
-+    if(curl) {
-+        USP_SNPRINTF(buffer, 128, "mqtt://%s:%d", cparam->host, cparam->port);
-+        curl_easy_setopt(curl, CURLOPT_URL, buffer);
-+
-+        if (strlen(cparam->username) > 0) {
-+            curl_easy_setopt(curl, CURLOPT_USERNAME, cparam->username);
-+        }
-+
-+        if (strlen(cparam->password) > 0) {
-+            curl_easy_setopt(curl, CURLOPT_PASSWORD, cparam->password);
-+        }
-+
-+        curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
-+        curl_easy_setopt(curl, CURLOPT_DEBUGDATA, &is_alive);
-+        curl_easy_setopt(curl, CURLOPT_DEBUGFUNCTION, _check_host_rechability);
-+
-+        /* complete within 2 seconds */
-+        curl_easy_setopt(curl, CURLOPT_TIMEOUT, 2L);
-+
-+        ret = curl_easy_perform(curl);
-+        /* Check for errors */
-+        if(ret == CURLE_OK || ret == CURLE_URL_MALFORMAT || is_alive == true) {
-+            USP_LOG_Debug("CURL MQTT host %s, ret %d, alive %d ...", buffer, ret, is_alive);
-+            ret = USP_ERR_OK;
-+        } else {
-+            USP_LOG_Info("# CURL MQTT host %s unreachable: %d=>%s ...", buffer, ret, curl_easy_strerror(ret));
-+        }
-+
-+        /* always cleanup */
-+        curl_easy_cleanup(curl);
-+    }
-+
-+    return ret;
-+}
-+
- /*********************************************************************//**
- **
- ** PerformMqttClientConnect
-@@ -2261,6 +2332,14 @@ int PerformMqttClientConnect(mqtt_client
-         keep_alive = 5;
-     }
- 
-+    // Below function is a workaround to check the host reachability with a timeout
-+    // mosquitto_connect_* API block the thread for 2 mins if host is not reachable,
-+    // which halts other clients connectivity
-+    err = check_mqtt_host_reachability(client);
-+    if (err != USP_ERR_OK) {
-+        err = USP_ERR_INTERNAL_ERROR;
-+        goto exit;
-+    }
-     // Release the access mutex temporarily whilst performing the connect call
-     // We do this to prevent the data model thread from potentially being blocked, whilst the connect call is taking place
-     OS_UTILS_UnlockMutex(&mqtt_access_mutex);

obuspa/patches/0013-mqtt-retry-param-change.patch

@@ -1,76 +0,0 @@
-diff --git a/src/core/device_mqtt.c b/src/core/device_mqtt.c
-index 7438e59..231d941 100755
---- a/src/core/device_mqtt.c
-+++ b/src/core/device_mqtt.c
-@@ -1612,14 +1612,23 @@ int NotifyChange_MQTTRequestProblemInfo(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryTime(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-     // Set the new value.
-+    if ((mp->retry.connect_retrytime != val_uint) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     mp->retry.connect_retrytime = val_uint;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 
-@@ -1638,14 +1647,23 @@ int NotifyChange_MQTTConnectRetryTime(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryIntervalMultiplier(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-+    if ((mp->retry.interval_multiplier != val_int) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     // Set the new value.
-     mp->retry.interval_multiplier = val_int;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 
-@@ -1664,14 +1682,23 @@ int NotifyChange_MQTTConnectRetryIntervalMultiplier(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryMaxInterval(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-+    if ((mp->retry.max_interval != val_uint) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     // Set the new value.
-     mp->retry.max_interval = val_uint;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 

obuspa/patches/0014-persist-connack-clientid.patch

@@ -1,78 +0,0 @@
---- a/src/core/mqtt.c
-+++ b/src/core/mqtt.c
-@@ -55,6 +55,8 @@
- #include "retry_wait.h"
- #include "text_utils.h"
- #include "msg_handler.h"
-+#include "data_model.h"
-+#include "usp_api.h"
- 
- #include <openssl/ssl.h>
- #include <openssl/bio.h>
-@@ -2517,6 +2519,37 @@ exit:
- 
- /*********************************************************************//**
- **
-+** handle_db_set_client_id
-+**
-+** Allows the caller to set client Id in DB from the data model thread
-+**
-+** \param   arg1 - pointer to the client id path
-+** \param   arg2 - pointer to the client id value
-+**
-+** \return  None
-+**
-+**************************************************************************/
-+void handle_db_set_client_id(void *arg1, void *arg2)
-+{
-+    if ((arg1 == NULL) || (arg2 == NULL)) {
-+        USP_SAFE_FREE(arg1);
-+        USP_SAFE_FREE(arg2);
-+        return;
-+    }
-+
-+    char *param_path = (char *)arg1;
-+    char *param_val = (char *)arg2;
-+
-+    if (USP_ERR_OK != DATA_MODEL_SetParameterInDatabase(param_path, param_val)) {
-+        USP_LOG_Debug("%s: Failed to set %s=>%s from CONNACK", __FUNCTION__, param_path, param_val);
-+    }
-+
-+    USP_SAFE_FREE(param_path);
-+    USP_SAFE_FREE(param_val);
-+}
-+
-+/*********************************************************************//**
-+**
- ** ConnectV5Callback
- **
- ** Called by Libmosquitto when the CONNACK packet is received on an MQTTv5 connection
-@@ -2590,8 +2623,26 @@ void ConnectV5Callback(struct mosquitto
-               &client_id_ptr, false /* skip first */) != NULL)
-         {
-             USP_LOG_Debug("%s: Received client_id: \"%s\"", __FUNCTION__, client_id_ptr);
--            USP_SAFE_FREE(client->conn_params.client_id);
--            client->conn_params.client_id = USP_STRDUP(client_id_ptr);
-+
-+            if (client->conn_params.client_id == NULL || strcmp(client->conn_params.client_id, client_id_ptr) != 0) {
-+                USP_SAFE_FREE(client->conn_params.client_id);
-+                client->conn_params.client_id = USP_STRDUP(client_id_ptr);
-+
-+                // Persist client id from CONNACK in DB
-+                char buf[128] = {0}, *param_path = NULL, *param_val = NULL;
-+
-+                snprintf(buf, 128, "Device.MQTT.Client.%d.ClientID", instance);
-+
-+                param_path = USP_STRDUP(buf);
-+                param_val = USP_STRDUP(client_id_ptr);
-+
-+                if (USP_ERR_OK != USP_PROCESS_DoWork(handle_db_set_client_id, param_path, param_val)) {
-+                    USP_LOG_Debug("%s: Failed to schedule set in data model thread for client id from CONNACK", __FUNCTION__);
-+                    USP_SAFE_FREE(param_path);
-+                    USP_SAFE_FREE(param_val);
-+                }
-+            }
-+
-             free(client_id_ptr);
-         }
- 

obuspa/patches/0021-fix_e2e_session_init.patch

@@ -0,0 +1,32 @@
+--- a/src/core/device_controller.c	2024-08-23 18:22:55.378560809 +0530
++++ b/src/core/device_controller.c	2024-08-23 19:09:07.130278193 +0530
+@@ -4282,6 +4282,14 @@
+         goto exit;
+     }
+ 
++#if defined(E2ESESSION_EXPERIMENTAL_USP_V_1_2)
++    err = ProcessControllerE2ESessionAdded(cont);
++    if (err != USP_ERR_OK)
++    {
++        goto exit;
++    }
++#endif
++
+     // Exit if unable to get the object instance numbers present in this controller's MTP table
+     USP_SNPRINTF(path, sizeof(path), "%s.%d.MTP", device_cont_root, cont_instance);
+     err = DATA_MODEL_GetInstances(path, &iv);
+@@ -4323,14 +4331,6 @@
+     DEVICE_MQTT_UpdateControllerTopics();
+ #endif
+ 
+-#if defined(E2ESESSION_EXPERIMENTAL_USP_V_1_2)
+-    err = ProcessControllerE2ESessionAdded(cont);
+-    if (err != USP_ERR_OK)
+-    {
+-        goto exit;
+-    }
+-#endif
+-
+     // If the code gets here, then we successfully retrieved all data about the controller (even if some of the MTPs were not added)
+     err = USP_ERR_OK;
+ 

obuspc/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=obuspc
-PKG_VERSION:=1.0.1.7
+PKG_VERSION:=1.0.1.8
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa-test-controller.git
-PKG_SOURCE_VERSION:=61f14c5a1fba8c251cf1cfb18c163eab62d5674d
+PKG_SOURCE_VERSION:=1cf32fa4cb5c07906b1e061a394cf0413a6ad750
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

packet-capture-diagnostics/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=packet-capture-diagnostics
-PKG_VERSION:=1.0.0
+PKG_VERSION:=1.0.2
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/packet-capture-diagnostics.git
-PKG_SOURCE_VERSION:=a47189b5faa9f678f1a27475c474cc1524d777f4
+PKG_SOURCE_VERSION:=d1115ed0c129614192b9c4e68e7b81b52e08ea4f
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

periodicstats/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=periodicstats
-PKG_VERSION:=1.5.11
+PKG_VERSION:=1.5.13
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/periodicstats.git
-PKG_SOURCE_VERSION:=0bfe78ce9daf1cfbe9453e2cb08327dc7885cea2
+PKG_SOURCE_VERSION:=72974d0e22a64b2cec51857c3f17dc239fec079f
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

qosmngr/Makefile

@@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=qosmngr
-PKG_VERSION:=1.0.14
+PKG_VERSION:=1.0.15
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=c4db530aae2392f94494814eefc977118519089b
+PKG_SOURCE_VERSION:=f6b77d16d2103b7336a476e710a10f1dd28274f6
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/qosmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

qosmngr/files/airoha/lib/qos/airoha.sh

@@ -26,7 +26,17 @@ hw_intf_init() {
 
 # Initialize the hardware setup library
 hw_init_all() {
+    local tc=0
+
     export TMP_HW_QUEUE_LIST=""
+    echo clear > /proc/ifc_debug
+    echo reinit > /proc/ifc_debug
+
+    for tc in $(seq 0 7); do
+        rm -rf "/tmp/qos/dscp_values_${tc}_4"
+        rm -rf "/tmp/qos/dscp_values_${tc}_6"
+    done
+
     return 0
 }
 
@@ -150,6 +160,8 @@ hw_commit_all() {
     local shape_rate="$TMP_HW_SHAPE_RATE"
     local q_count="0"
     local mac_qos_flag=""
+    local pbit=0
+    local tc=0
 
     # Reorder queues
     for q in ${sorted_list} ; do
@@ -205,4 +217,33 @@ hw_commit_all() {
     else
         /userfs/bin/qosrule discpline Enable 0
     fi
+
+    if [ -x /userfs/bin/blapi_cmd ]; then
+        echo 1 > /proc/ifc_send_to_ppe
+        for tc in $(seq 0 7); do
+            if [ -s "/tmp/qos/dscp_values_${tc}_4" ]; then
+                sort -un "/tmp/qos/dscp_values_${tc}_4" | awk 'NR==1{first=$1;last=$1;next}
+                                                               $1 == last+1 {last=$1;next}
+                                                               {system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 1");first=$1;last=first}
+                                                               END{system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 1")}'
+            fi
+            if [ -s "/tmp/qos/dscp_values_${tc}_6" ]; then
+                [ -s "/tmp/qos/dscp_values_${tc}_4" ] && sort -un "/tmp/qos/dscp_values_${tc}_6" | awk 'NR==1{first=$1;last=$1;next}
+                                                                                                        $1 == last+1 {last=$1;next}
+                                                                                                        {system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 0");first=$1;last=first}
+                                                                                                        END{system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 0")}'
+                sort -un "/tmp/qos/dscp_values_${tc}_6" | awk 'NR==1{first=$1;last=$1;next}
+                                                               $1 == last+1 {last=$1;next}
+                                                               {system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 1");first=$1;last=first}
+                                                               END{system("/userfs/bin/blapi_cmd traffic set_traffic_class DSCP " first*4 " " or(last*4, 0x3) " 1")}'
+            fi
+        done
+    fi
+
+    if [ -x /userfs/bin/ifc ]; then
+        echo 1 > /proc/ifc_send_to_ppe
+        for pbit in $(seq 0 7); do
+            /userfs/bin/ifc add vip pbit $pbit
+        done
+    fi
 }

qosmngr/files/airoha/lib/qos/chains.ebtables.sh

@@ -26,6 +26,7 @@ broute_ipv4_rule_options()
     config_get protocol "$cid" "proto"
     config_get dscp_filter "$cid" "dscp_filter"
     config_get icmp_type "$cid" "icmp_type"
+    config_get traffic_class "$cid" "traffic_class"
 
     set_ip_addr "$cid" ebt_match_src_ip ebt_match_dst_ip
 
@@ -36,6 +37,7 @@ broute_ipv4_rule_options()
         tos_val=$((dscp_filter<<2))
         tos_hex=$(printf "%x" $tos_val)
         broute_filter_on_dscp "$tos_hex"
+        [ -n "$traffic_class" -a "$dscp_filter" != "0" ] && echo "$((dscp_filter))" >> "/tmp/qos/dscp_values_${traffic_class}_4"
     fi
 
     if [ -n "$protocol" ]; then
@@ -57,6 +59,7 @@ broute_ipv6_rule_options()
     config_get protocol "$cid" "proto"
     config_get dscp_filter "$cid" "dscp_filter"
     config_get icmp_type "$cid" "icmp_type"
+    config_get traffic_class "$cid" "traffic_class"
 
     set_ip_addr "$cid" ebt_match_ipv6_src_ip ebt_match_ipv6_dst_ip
 
@@ -67,6 +70,7 @@ broute_ipv6_rule_options()
         tos_val=$((dscp_filter<<2))
         tos_hex=$(printf "%x" $tos_val)
         ebt_match_ipv6_dscp "$tos_hex"
+        [ -n "$traffic_class" -a "$dscp_filter" != "0" ] && echo "$((dscp_filter))" >> "/tmp/qos/dscp_values_${traffic_class}_6"
     fi
 
     if [ -n "$protocol" ]; then

qosmngr/files/common/lib/qos/ebtables.sh

@@ -150,6 +150,15 @@ broute_filter_on_vid() {
 }
 
 broute_append_rule() {
+    # if src_if is loopback, then add the rule to OUTPUT(qos_output) chain of nat table
+    if [ "$src_if" = "lo" ]; then
+        echo "ebtables --concurrent -t nat -A qos_output $BR_RULE" >> /tmp/qos/classify.ebtables
+        if [ -n "$BR6_RULE" ]; then
+            echo "ebtables --concurrent -t nat -A qos_output $BR6_RULE" >> /tmp/qos/classify.ebtables
+        fi
+	return
+    fi
+
     local broute_chain="$1"
     #when ethertype is not configured by user then both proto rules of ipv4
     #and ipv6 to be installed otherwise install ipv6 proto rule only.
@@ -449,9 +458,9 @@ handle_ebtables_rules() {
 
     if [ -n "$BR_RULE" ]; then
         if [ -n "$vid_mark" ] || [ -n "$pcp_mark" ]; then
-            broute_append_rule "prevlanxlate"
+            broute_append_rule "prevlanxlate" "$src_if"
         else
-            broute_append_rule "qos"
+            broute_append_rule "qos" "$src_if"
         fi
     fi
 }
@@ -501,6 +510,15 @@ handle_ebtables_dscp2pbit() {
 
 create_ebtables_chains() {
 
+    ebtables --concurrent -t nat -N qos_output -P RETURN 2> /dev/null
+    ret=$?
+    if [ $ret -eq 0 ]; then
+        ebtables --concurrent -t nat -A OUTPUT -j qos_output
+    else
+        ebtables --concurrent -t nat -D OUTPUT -j qos_output
+        ebtables --concurrent -t nat -A OUTPUT -j qos_output
+    fi
+
     ebtables --concurrent -t broute -N dscp2pbits -P RETURN 2> /dev/null
     ret=$?
     if [ $ret -eq 0 ]; then
@@ -531,8 +549,9 @@ create_ebtables_chains() {
 }
 
 flush_ebtables_chains() {
-    echo "ebtables -t broute -F qos" > /tmp/qos/classify.ebtables
-    echo "ebtables -t broute -F dscp2pbits" >> /tmp/qos/classify.ebtables
-    echo "ebtables -t broute -F prevlanxlate" >> /tmp/qos/classify.ebtables
+    echo "ebtables --concurrent -t nat -F qos_output" > /tmp/qos/classify.ebtables
+    echo "ebtables --concurrent -t broute -F qos" > /tmp/qos/classify.ebtables
+    echo "ebtables --concurrent -t broute -F dscp2pbits" >> /tmp/qos/classify.ebtables
+    echo "ebtables --concurrent -t broute -F prevlanxlate" >> /tmp/qos/classify.ebtables
 }
 

self-diagnostics/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=self-diagnostics
-PKG_VERSION:=1.0.6
+PKG_VERSION:=1.0.9
 PKG_RELEASE:=1
 
 PKG_LICENSE:=GPL-2.0-only

self-diagnostics/files/usr/libexec/rpcd/self-diagnostics

@@ -11,17 +11,28 @@ case "$1" in
 		case "$2" in
 			generate)
 				read -t 1 -r input
+				local out
 
 				json_load "${input}"
 				json_get_var modules modules
 				if [ -z "${modules}" ]; then
-					${BIN} -j
+					out="$(${BIN} -j)"
 				else
-					${BIN} -j -m "${modules}"
+					out="$(${BIN} -j -m "${modules}")"
+				fi
+				if [ -z "${out}" ]; then
+					echo '{}'
+				else
+					echo "${out}"
 				fi
 			;;
 			list)
-				${BIN} -j -l
+				out="$(${BIN} -j -l)"
+				if [ -z "${out}" ]; then
+					echo '{}'
+				else
+					echo "${out}"
+				fi
 			;;
 		esac
 	;;

self-diagnostics/files/usr/share/self-diagnostics/spec/network.json

@@ -62,12 +62,8 @@
 			"cmd": "bridge fdb"
 		},
 		{
-			"description": "TCP listened ports",
-			"cmd": "netstat -tlnp"
-		},
-		{
-			"description": "UDP listened ports",
-			"cmd": "netstat -ulnp"
+			"description": "TCP/UDP/Raw ports/Sockets",
+			"cmd": "netstat -anp"
 		},
 		{
 			"description": "MAC layer firewall status list",

self-diagnostics/src/selftest.c

@@ -78,8 +78,8 @@ int operate_Device_SelfTest(char *refparam, struct dmctx *ctx, void *data, char
 	/* Get self test log instance */
 	char *result = get_selftest_log_instance(ctx);
 
-	add_list_parameter(ctx, dmstrdup("Status"), dmstrdup("Complete"), DMT_TYPE[DMT_STRING], NULL);
-	add_list_parameter(ctx, dmstrdup("Results"), result, DMT_TYPE[DMT_STRING], NULL);
+	fill_blob_param(&ctx->bb, "Status", "Complete", DMT_TYPE[DMT_STRING], 0);
+	fill_blob_param(&ctx->bb, "Results", result, DMT_TYPE[DMT_STRING], 0);
 
 	if (ctx->dm_type != BBFDM_USP) {
 		diagnostics_set_option("selftest", "DiagnosticState", "Complete");
@@ -89,7 +89,7 @@ int operate_Device_SelfTest(char *refparam, struct dmctx *ctx, void *data, char
 	return 0;
 
 err:
-	add_list_parameter(ctx, dmstrdup("Status"), dmstrdup("Error_Internal"), DMT_TYPE[DMT_STRING], NULL);
+	fill_blob_param(&ctx->bb, "Status", "Error_Internal", DMT_TYPE[DMT_STRING], 0);
 	if (ctx->dm_type != BBFDM_USP) {
 		diagnostics_set_option("selftest", "DiagnosticState", "Error");
 		dmuci_commit_package_bbfdm(DMMAP_DIAGNOSTIGS);

sshmngr/Makefile

@@ -5,7 +5,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sshmngr
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.4
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
@@ -63,6 +63,18 @@ else
 	$(INSTALL_DATA) ./files/openssh_backend/lib/sshmngr/backend.sh $(1)/lib/sshmngr/
 endif
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libsshmngr.so $(1) $(PKG_NAME)
+
+ifeq ($(CONFIG_PACKAGE_fail2ban),y)
+	$(INSTALL_DIR) $(1)/etc/fail2ban/jail.d
+	$(INSTALL_DIR) $(1)/etc/fail2ban/filter.d/
+ifeq ($(CONFIG_SSHMNGR_BACKEND_DROPBEAR),y)
+	$(INSTALL_CONF) ./files/dropbear_backend/fail2ban/sshmngr.local $(1)/etc/fail2ban/jail.d/
+	$(INSTALL_DATA) ./files/dropbear_backend/fail2ban/sshmngr.conf $(1)/etc/fail2ban/filter.d/
+else
+	$(INSTALL_CONF) ./files/openssh_backend/fail2ban/sshmngr.local $(1)/etc/fail2ban/jail.d/
+	$(INSTALL_DATA) ./files/openssh_backend/fail2ban/sshmngr.conf $(1)/etc/fail2ban/filter.d/
+endif
+endif
 endef
 
 $(eval $(call BuildPackage,sshmngr))

sshmngr/files/common/usr/libexec/rpcd/sshmngr

@@ -69,7 +69,7 @@ case "$1" in
 					server_pid="$(get_pid "$server")"
 
 					if [ "$server_pid" -eq 0 ]; then
-						return
+						break
 					fi
 
 					# get all current sessions
@@ -119,7 +119,10 @@ case "$1" in
 				if [ "$session_pid" -gt 0 ]; then
 					kill -15 "$session_pid"
 				else
-					[ -n "$server_name" ] || return
+					if [ -z "$server_name" ]; then
+						echo '{}'
+						exit 0
+					fi
 
 					# if server_name is present
 					# get all current sessions
@@ -127,7 +130,8 @@ case "$1" in
 					server_pid="$(get_pid "$server_name")"
 
 					if [ "$server_pid" -eq 0 ]; then
-						return
+						echo '{}'
+						exit 0
 					fi
 
 					# get all current sessions
@@ -146,6 +150,7 @@ case "$1" in
 						fi
 					done
 				fi
+				echo '{}'
 			;;
 
 			list_keys)
@@ -191,6 +196,7 @@ case "$1" in
 						echo "${new_key}" >> ${KEY_FILE}
 					fi
 				fi
+				echo '{}'
 			;;
 
 			remove_pubkey)
@@ -216,6 +222,7 @@ case "$1" in
 
 					mv TEMP_KEY_FILE "$KEY_FILE"
 				fi
+				echo '{}'
 			;;
 		esac
 	;;

sshmngr/files/dropbear_backend/fail2ban/sshmngr.conf

@@ -0,0 +1,52 @@
+# Fail2Ban filter for dropbear
+#
+# NOTE: The regex below is ONLY intended to work with a patched
+# version of Dropbear as described here:
+# http://www.unchartedbackwaters.co.uk/pyblosxom/static/patches
+#            ^%(__prefix_line)sexit before auth from <HOST>.*\s*$
+#
+# The standard Dropbear output doesn't provide enough information to
+# ban all types of attack.  The Dropbear patch adds IP address
+# information to the 'exit before auth' message which is always
+# produced for any form of non-successful login. It is that message
+# which this file matches.
+#
+# More information: http://bugs.debian.org/546913
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[Definition]
+
+datepattern = ^%%b %%d %%H:%%M:%%S
+
+_daemon = dropbear
+
+prefregex = ^%(__prefix_line)s<F-CONTENT>(?:[Ll]ogin|[Bb]ad|[Ee]xit).+</F-CONTENT>$
+
+failregex = ^[Ll]ogin attempt for nonexistent user ('.*' )?from <HOST>:\d+$
+            ^[Bb]ad (PAM )?password attempt for .+ from <HOST>(:\d+)?$
+            ^[Ee]xit before auth \(user '.+', \d+ fails\): Max auth tries reached - user '.+' from <HOST>:\d+\s*$
+
+ignoreregex = 
+
+# DEV Notes:
+#
+# The first two regexs here match the unmodified dropbear messages. It isn't
+# possible to match the source of the 'exit before auth' messages from dropbear
+# as they don't include the "from <HOST>" bit.
+#
+# The second last failregex line we need to match with the modified dropbear.
+#
+# For the second regex the following apply:
+#
+# http://www.netmite.com/android/mydroid/external/dropbear/svr-authpam.c
+# http://svn.dd-wrt.com/changeset/16642#file64
+#
+# http://svn.dd-wrt.com/changeset/16642/src/router/dropbear/svr-authpasswd.c
+#
+# Author: Francis Russell
+#         Zak B. Elep

sshmngr/files/dropbear_backend/fail2ban/sshmngr.local

@@ -0,0 +1,9 @@
+[dropbear]
+enabled = true
+port = ssh
+filter = sshmngr
+logpath = /var/log/messages
+maxretry = 3
+findtime = 10
+bantime = 120
+ignoreip = 127.0.0.1

sshmngr/files/openssh_backend/fail2ban/sshmngr.conf

@@ -0,0 +1,138 @@
+# Fail2Ban filter for openssh
+#
+# If you want to protect OpenSSH from being bruteforced by password
+# authentication then get public key authentication working before disabling
+# PasswordAuthentication in sshd_config.
+#
+#
+# "Connection from <HOST> port \d+" requires LogLevel VERBOSE in sshd_config
+#
+
+[INCLUDES]
+
+# Read common prefixes. If any customizations available -- read them from
+# common.local
+before = common.conf
+
+[DEFAULT]
+
+_daemon = sshd
+
+# optional prefix (logged from several ssh versions) like "error: ", "error: PAM: " or "fatal: "
+__pref = (?:(?:error|fatal): (?:PAM: )?)?
+# optional suffix (logged from several ssh versions) like " [preauth]"
+#__suff = (?: port \d+)?(?: \[preauth\])?\s*
+__suff = (?: (?:port \d+|on \S+|\[preauth\])){0,3}\s*
+__on_port_opt = (?: (?:port \d+|on \S+)){0,2}
+# close by authenticating user:
+__authng_user = (?: (?:invalid|authenticating) user <F-USER>\S+|.*?</F-USER>)?
+
+# for all possible (also future) forms of "no matching (cipher|mac|MAC|compression method|key exchange method|host key type) found",
+# see ssherr.c for all possible SSH_ERR_..._ALG_MATCH errors.
+__alg_match = (?:(?:\w+ (?!found\b)){0,2}\w+)
+
+# PAM authentication mechanism, can be overridden, e. g. `filter = sshd[__pam_auth='pam_ldap']`:
+__pam_auth = pam_[a-z]+
+
+[Definition]
+
+datepattern = ^%%b %%d %%H:%%M:%%S
+
+prefregex = ^<F-MLFID>%(__prefix_line)s</F-MLFID>%(__pref)s<F-CONTENT>.+</F-CONTENT>$
+
+cmnfailre = ^[aA]uthentication (?:failure|error|failed) for <F-USER>.*</F-USER> from <HOST>( via \S+)?%(__suff)s$
+            ^User not known to the underlying authentication module for <F-USER>.*</F-USER> from <HOST>%(__suff)s$
+            <cmnfailre-failed-pub-<publickey>>
+            ^Failed <cmnfailed> for (?P<cond_inv>invalid user )?<F-USER>(?P<cond_user>\S+)|(?(cond_inv)(?:(?! from ).)*?|[^:]+)</F-USER> from <HOST>%(__on_port_opt)s(?: ssh\d*)?(?(cond_user): |(?:(?:(?! from ).)*)$)
+            ^<F-USER>ROOT</F-USER> LOGIN REFUSED FROM <HOST>
+            ^[iI](?:llegal|nvalid) user <F-USER>.*?</F-USER> from <HOST>%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> from <HOST> not allowed because not listed in AllowUsers%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> from <HOST> not allowed because listed in DenyUsers%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> from <HOST> not allowed because not in any group%(__suff)s$
+            ^refused connect from \S+ \(<HOST>\)
+            ^Received <F-MLFFORGET>disconnect</F-MLFFORGET> from <HOST>%(__on_port_opt)s:\s*3: .*: Auth fail%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> from <HOST> not allowed because a group is listed in DenyGroups%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> from <HOST> not allowed because none of user's groups are listed in AllowGroups%(__suff)s$
+            ^<F-NOFAIL>%(__pam_auth)s\(sshd:auth\):\s+authentication failure;</F-NOFAIL>(?:\s+(?:(?:logname|e?uid|tty)=\S*)){0,4}\s+ruser=<F-ALT_USER>\S*</F-ALT_USER>\s+rhost=<HOST>(?:\s+user=<F-USER>\S*</F-USER>)?%(__suff)s$
+            ^maximum authentication attempts exceeded for <F-USER>.*</F-USER> from <HOST>%(__on_port_opt)s(?: ssh\d*)?%(__suff)s$
+            ^User <F-USER>\S+|.*?</F-USER> not allowed because account is locked%(__suff)s
+            ^<F-MLFFORGET>Disconnecting</F-MLFFORGET>(?: from)?(?: (?:invalid|authenticating)) user <F-USER>\S+</F-USER> <HOST>%(__on_port_opt)s:\s*Change of username or service not allowed:\s*.*\[preauth\]\s*$
+            ^Disconnecting: Too many authentication failures(?: for <F-USER>\S+|.*?</F-USER>)?%(__suff)s$
+            ^<F-NOFAIL>Received <F-MLFFORGET>disconnect</F-MLFFORGET></F-NOFAIL> from <HOST>%(__on_port_opt)s:\s*11:
+            <mdre-<mode>-other>
+            ^<F-MLFFORGET><F-MLFGAINED>Accepted \w+</F-MLFGAINED></F-MLFFORGET> for <F-USER>\S+</F-USER> from <HOST>(?:\s|$)
+
+cmnfailed-any = \S+
+cmnfailed-ignore = \b(?!publickey)\S+
+cmnfailed-invalid = <cmnfailed-ignore>
+cmnfailed-nofail = (?:<F-NOFAIL>publickey</F-NOFAIL>|\S+)
+cmnfailed = <cmnfailed-<publickey>>
+
+mdre-normal =
+# used to differentiate "connection closed" with and without `[preauth]` (fail/nofail cases in ddos mode)
+mdre-normal-other = ^<F-NOFAIL><F-MLFFORGET>(Connection closed|Disconnected)</F-MLFFORGET></F-NOFAIL> (?:by|from)%(__authng_user)s <HOST>(?:%(__suff)s|\s*)$
+
+mdre-ddos = ^Did not receive identification string from <HOST>
+            ^kex_exchange_identification: (?:[Cc]lient sent invalid protocol identifier|[Cc]onnection closed by remote host)
+            ^Bad protocol version identification '.*' from <HOST>
+            ^<F-NOFAIL>SSH: Server;Ltype:</F-NOFAIL> (?:Authname|Version|Kex);Remote: <HOST>-\d+;[A-Z]\w+:
+            ^Read from socket failed: Connection <F-MLFFORGET>reset</F-MLFFORGET> by peer
+# same as mdre-normal-other, but as failure (without <F-NOFAIL>) and [preauth] only:
+mdre-ddos-other = ^<F-MLFFORGET>(Connection (?:closed|reset)|Disconnected)</F-MLFFORGET> (?:by|from)%(__authng_user)s <HOST>%(__on_port_opt)s\s+\[preauth\]\s*$
+
+mdre-extra = ^Received <F-MLFFORGET>disconnect</F-MLFFORGET> from <HOST>%(__on_port_opt)s:\s*14: No(?: supported)? authentication methods available
+            ^Unable to negotiate with <HOST>%(__on_port_opt)s: no matching <__alg_match> found.
+            ^Unable to negotiate a <__alg_match>
+            ^no matching <__alg_match> found:
+# part of mdre-ddos-other, but user name is supplied (invalid/authenticating) on [preauth] phase only:
+mdre-extra-other = ^<F-MLFFORGET>Disconnected</F-MLFFORGET>(?: from)?(?: (?:invalid|authenticating)) user <F-USER>\S+|.*?</F-USER> <HOST>%(__on_port_opt)s \[preauth\]\s*$
+
+mdre-aggressive = %(mdre-ddos)s
+                  %(mdre-extra)s
+# mdre-extra-other is fully included within mdre-ddos-other:
+mdre-aggressive-other = %(mdre-ddos-other)s
+
+# Parameter "publickey": nofail (default), invalid, any, ignore
+publickey = nofail
+# consider failed publickey for invalid users only:
+cmnfailre-failed-pub-invalid = ^Failed publickey for invalid user <F-USER>(?P<cond_user>\S+)|(?:(?! from ).)*?</F-USER> from <HOST>%(__on_port_opt)s(?: ssh\d*)?(?(cond_user): |(?:(?:(?! from ).)*)$)
+# consider failed publickey for valid users too (don't need RE, see cmnfailed):
+cmnfailre-failed-pub-any =
+# same as invalid, but consider failed publickey for valid users too, just as no failure (helper to get IP and user-name only, see cmnfailed):
+cmnfailre-failed-pub-nofail = <cmnfailre-failed-pub-invalid>
+# don't consider failed publickey as failures (don't need RE, see cmnfailed):
+cmnfailre-failed-pub-ignore =
+
+cfooterre = ^<F-NOFAIL>Connection from</F-NOFAIL> <HOST>
+
+failregex = %(cmnfailre)s
+            <mdre-<mode>>
+            %(cfooterre)s
+
+# Parameter "mode": normal (default), ddos, extra or aggressive (combines all)
+# Usage example (for jail.local):
+#   [sshd]
+#   mode = extra
+#   # or another jail (rewrite filter parameters of jail):
+#   [sshd-aggressive]
+#   filter = sshd[mode=aggressive]
+#
+mode = normal
+
+#filter = sshd[mode=aggressive]
+
+ignoreregex = 
+
+maxlines = 1
+
+journalmatch = _SYSTEMD_UNIT=sshd.service + _COMM=sshd
+
+# DEV Notes:
+#
+#   "Failed \S+ for .*? from <HOST>..." failregex uses non-greedy catch-all because
+#   it is coming before use of <HOST> which is not hard-anchored at the end as well,
+#   and later catch-all's could contain user-provided input, which need to be greedily
+#   matched away first.
+#
+# Author: Cyril Jaquier, Yaroslav Halchenko, Petr Voralek, Daniel Black and Sergey Brester aka sebres
+# Rewritten using prefregex (and introduced "mode" parameter) by Serg G. Brester.

sshmngr/files/openssh_backend/fail2ban/sshmngr.local

@@ -0,0 +1,9 @@
+[sshd]
+enabled = true
+port = ssh
+filter = sshmngr
+logpath = /var/log/messages
+maxretry = 3
+findtime = 10
+bantime = 120
+ignoreip = 127.0.0.1

stunc/Makefile

@@ -7,14 +7,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=stunc
-PKG_VERSION:=1.4.3
+PKG_VERSION:=1.4.4
 PKG_RELEASE:=1
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/stunc.git
-PKG_SOURCE_VERSION:=92fd3d9d59b3c660266b0411b653fee9dcfda1ed
+PKG_SOURCE_VERSION:=7dfe9ae494cb74d24d0264b6870fc4b84eca7860
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -36,7 +36,6 @@ define Package/stunc
 endef
 
 TARGET_CFLAGS += \
-	-D_GNU_SOURCE \
 	-Wall -Werror
 
 ifeq ($(LOCAL_DEV),1)