netmode: set default netmode

netmode: fix static mode
and improve other modes
2025-12-25 03:24:14 +08:00 · 2025-10-20 17:45:57 +02:00 · 2025-10-20 16:43:38 +02:00 · 2025-10-20 12:51:04 +02:00 · 2025-10-20 10:23:28 +02:00 · 2025-10-17 18:29:48 +05:30
227 changed files with 3516 additions and 5030 deletions
--- a/bbfdm/Makefile
+++ b/bbfdm/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bbfdm
-PKG_VERSION:=1.18.17
+PKG_VERSION:=1.16.6.2

 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=df25ff7ce0e42ea6a489cff2386774887a7dbd37
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=aa480554461c82e6f6f44ee6c23108d3e44fce21
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -55,7 +55,7 @@ define Package/dm-service
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=Datamodel ubus backend to expose micro-service tree
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libbbfdm-ubus +bbf_configmngr +libeasy
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libbbfdm-ubus +bbf_configmngr
 endef

 define Package/bbf_configmngr
@@ -107,7 +107,7 @@ endif

 CMAKE_OPTIONS += \
 	-DBBF_VENDOR_PREFIX:String="$(CONFIG_BBF_VENDOR_PREFIX)" \
-	-DBBFDMD_MAX_MSG_LEN:Integer=20971520 \
+	-DBBFDMD_MAX_MSG_LEN:Integer=10485760 \
 	-DCMAKE_BUILD_TYPE:String="Debug" \


@@ -183,7 +183,6 @@ define Package/bbf_configmngr/install

 	$(INSTALL_BIN) ./files/etc/init.d/bbf_configd $(1)/etc/init.d/bbf_configd
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_config_notify.sh $(1)/usr/share/bbfdm/scripts/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_default_reload.sh $(1)/etc/bbfdm/
 	$(INSTALL_DATA) ./files/etc/bbfdm/critical_services.json $(1)/etc/bbfdm/
 endef

--- a/bbfdm/files/etc/bbfdm/critical_services.json
+++ b/bbfdm/files/etc/bbfdm/critical_services.json
@@ -1,47 +1,23 @@
 {
 	"usp": [
-			"/etc/config/firewall",
-			"/etc/bbfdm/dmmap/dmmap_firewall",
-			"/etc/config/network",
-			"/etc/bbfdm/dmmap/IP",
-			"/etc/bbfdm/dmmap/Ethernet",
-			"/etc/bbfdm/dmmap/GRE",
-			"/etc/bbfdm/dmmap/IPv6rd",
-			"/etc/bbfdm/dmmap/PPP",
-			"/etc/bbfdm/dmmap/Routing",
-			"/etc/config/dhcp",
-			"/etc/bbfdm/dmmap/DHCPv4",
-			"/etc/bbfdm/dmmap/DHCPv6",
-			"/etc/config/time",
-			"/etc/bbfdm/dmmap/dmmap_time",
-			"/etc/config/mapcontroller",
-			"/etc/config/wireless",
-			"/etc/bbfdm/dmmap/WiFi",
-			"/etc/config/ieee1905",
-			"/etc/config/mosquitto",
-			"/etc/config/nginx",
-			"/etc/config/netmode",
-			"/etc/bbfdm/dmmap/dmmap_netmode"
+			"firewall",
+			"network",
+			"dhcp",
+			"time",
+			"wireless",
+			"ieee1905",
+			"mapcontroller",
+			"mosquitto",
+			"nginx",
+			"netmode"
 	],
 	"cwmp": [
-			"/etc/config/firewall",
-			"/etc/bbfdm/dmmap/dmmap_firewall",
-			"/etc/config/network",
-			"/etc/bbfdm/dmmap/IP",
-			"/etc/bbfdm/dmmap/Ethernet",
-			"/etc/bbfdm/dmmap/GRE",
-			"/etc/bbfdm/dmmap/IPv6rd",
-			"/etc/bbfdm/dmmap/PPP",
-			"/etc/bbfdm/dmmap/Routing",
-			"/etc/config/dhcp",
-			"/etc/bbfdm/dmmap/DHCPv4",
-			"/etc/bbfdm/dmmap/DHCPv6",
-			"/etc/config/mapcontroller",
-			"/etc/config/wireless",
-			"/etc/bbfdm/dmmap/WiFi",
-			"/etc/config/time",
-			"/etc/bbfdm/dmmap/dmmap_time",
-			"/etc/config/netmode",
-			"/etc/bbfdm/dmmap/dmmap_netmode"
+			"firewall",
+			"network",
+			"dhcp",
+			"mapcontroller",
+			"wireless",
+			"time",
+			"netmode"
 	]
 }
--- a/bbfdm/files/etc/init.d/bbf_configd
+++ b/bbfdm/files/etc/init.d/bbf_configd
@@ -10,10 +10,19 @@ log() {
 	echo "${@}"|logger -t bbf.config -p info
 }

+create_needed_directories()
+{
+	mkdir -p /tmp/bbfdm/.cwmp
+	mkdir -p /tmp/bbfdm/.usp
+	mkdir -p /tmp/bbfdm/.bbfdm
+}
+
 start_service()
 {
 	local log_level

+	create_needed_directories
+
 	config_load bbfdm
 	config_get log_level "reload_handler" log_level 2

@@ -27,6 +36,6 @@ start_service()
 service_triggers() {
 	for config_file in /etc/config/*; do
 		config_name=$(basename "$config_file")
-		procd_add_config_trigger "config.change" "$config_name" /usr/share/bbfdm/scripts/bbf_config_notify.sh "$config_name"
+		procd_add_config_trigger "config.change" "$config_name" /usr/share/bbfdm/scripts/bbf_config_notify.sh
 	done
 }
--- a/bbk_cli/Makefile
+++ b/bbk_cli/Makefile
@@ -9,7 +9,7 @@ PKG_SOURCE_VERSION:=7b810a696c78b746185c11282bdbe3fb7f8c5d4b
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/dotse/bbk.git

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)

--- a/bootchart2/Makefile
+++ b/bootchart2/Makefile
@@ -15,7 +15,7 @@ PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/mmeeks/bootchart.git
 PKG_SOURCE_VERSION:=3ab81137cafe25c2ca4bc3a5f322a63646f9ce8d

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)

 PKG_LICENSE:=GPLv2
--- a/bridgemngr/Config.in
+++ b/bridgemngr/Config.in
@@ -5,12 +5,6 @@ config BRIDGEMNGR_BRIDGE_VLAN
 	help
 	   Set this option to use bridge-vlan as backend for VLAN objects.

-config BRIDGEMNGR_COPY_PBITS
-	bool "Copy pbits from cvlan to svlan"
-	default y
-	help
-	   Set this option to copy cvlan pbits to svlan pbits by default (driver vlan).
-
 config BRIDGEMNGR_BRIDGE_VENDOR_EXT
 	bool "Use bridge BBF vendor extensions"
 	default y
@@ -20,9 +14,4 @@ config BRIDGEMNGR_BRIDGE_VENDOR_EXT
 config BRIDGEMNGR_BRIDGE_VENDOR_PREFIX
 	string "Package specific datamodel Vendor Prefix for TR181 extensions"
 	default ""
-
-config BRIDGEMNGR_USE_DM_FRAMEWORK
-	bool "Use new DM framework support"
-	default n
-
 endif
--- a/bridgemngr/Makefile
+++ b/bridgemngr/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bridgemngr
-PKG_VERSION:=1.1.6
+PKG_VERSION:=1.0.18.2

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr.git
-PKG_SOURCE_VERSION:=882f8c8cc9a97372297d192cc916c4f8ffe7c25a
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr
+PKG_SOURCE_VERSION:=71ed529be038392071b0399bcfe9d46e89d3cb46
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -20,39 +20,27 @@ PKG_LICENSE:=GPL-2.0-only
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-
-ifneq ($(CONFIG_BRIDGEMNGR_USE_DM_FRAMEWORK),y)
 include ../bbfdm/bbfdm.mk
-else
-include ../dm-framework/dm-framework.mk
-endif

 define Package/bridgemngr
-  CATEGORY:=Utilities
-  TITLE:=Bridge Manager
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
-ifeq ($(CONFIG_BRIDGEMNGR_USE_DM_FRAMEWORK),y)
-  DEPENDS+= +dm-framework
-  PKG_BUILD_DEPENDS:=dm-framework
-else
-  DEPENDS+= +libbbfdm-api +libbbfdm-ubus +dm-service
-endif
+ CATEGORY:=Utilities
+ TITLE:=Bridge Manager
+ DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
+ DEPENDS+=+libbbfdm-api +libbbfdm-ubus +dm-service
 endef

 define Package/bridgemngr/description
-  Package to add Device.Bridging. data model support.
+	Package to add Device.Bridging. data model support.
 endef

 define Package/$(PKG_NAME)/config
-  source "$(SOURCE)/Config.in"
+	source "$(SOURCE)/Config.in"
 endef

-ifneq ($(CONFIG_BRIDGEMNGR_USE_DM_FRAMEWORK),y)
 MAKE_PATH:=src
-endif

 ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VENDOR_PREFIX),"")
-VENDOR_PREFIX = $(if $(CONFIG_BBF_VENDOR_PREFIX),$(CONFIG_BBF_VENDOR_PREFIX),$(CONFIG_DM_FRAMEWORK_VENDOR_PREFIX))
+VENDOR_PREFIX = $(CONFIG_BBF_VENDOR_PREFIX)
 else
 VENDOR_PREFIX = $(CONFIG_BRIDGEMNGR_BRIDGE_VENDOR_PREFIX)
 endif
@@ -60,32 +48,18 @@ endif
 TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(VENDOR_PREFIX)\\\"

 ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VLAN),y)
-TARGET_CFLAGS += -DBRIDGE_VLAN_BACKEND
-endif
-
-ifeq ($(CONFIG_BRIDGEMNGR_COPY_PBITS),y)
-TARGET_CFLAGS += -DBRIDGEMNGR_COPY_PBITS
-endif
-
-ifeq ($(CONFIG_BRIDGEMNGR_USE_DM_FRAMEWORK),y)
-define Build/Compile
-	$(call Build/Compile/DM,./dm,$(PKG_BUILD_DIR)/dm_build,$(VENDOR_PREFIX))
-endef
+	TARGET_CFLAGS += -DBRIDGE_VLAN_BACKEND
 endif

 define Package/bridgemngr/install
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_DIR) $(1)/etc/config

-ifeq ($(CONFIG_BRIDGEMNGR_USE_DM_FRAMEWORK),y)
-	$(call Build/Install/DM,./dm,$(PKG_BUILD_DIR)/dm_build,$(1),bridgemngr)
-else
 	$(BBFDM_REGISTER_SERVICES) ./bbfdm_service.json $(1) $(PKG_NAME)
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libbridgemngr.so $(1) $(PKG_NAME)
 ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VENDOR_EXT), y)
 	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libbridgeext.so $(1) $(PKG_NAME) 10
 	$(BBFDM_INSTALL_MS_PLUGIN) -v ${VENDOR_PREFIX} ./files/VLAN_Filtering_Extension.json $(1) $(PKG_NAME) 11
-endif
 endif

 	$(INSTALL_BIN) ./files/etc/init.d/bridging $(1)/etc/init.d/
--- a/bridgemngr/dm/VLANBridge.json
+++ b/bridgemngr/dm/VLANBridge.json
@@ -1,449 +0,0 @@
-[
-    {
-        "object": "Device.Bridging.",
-        "access": "readOnly",
-        "parameters": [
-            {
-                "name": "MaxBridgeEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt",
-                "const" : "4094"
-            },
-            {
-                "name": "MaxDBridgeEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt",
-                "const" : "4094"
-            },
-            {
-                "name": "MaxQBridgeEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt",
-                "const" : "4094"
-            },
-            {
-                "name": "MaxVLANEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt",
-                "const" : "4094"
-            },
-            {
-                "name": "BridgeNumberOfEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.",
-        "uniqueKeys": "Name,Alias",
-        "access": "readWrite",
-        "uci": "network.device",
-        "flags": [
-            "dmmap"
-        ],
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean",
-                "uci": "enabled",
-                "uci-default": "true"
-            },
-            {
-                "name": "Name",
-                "access": "readOnly",
-                "dataType": "string(:64)",
-                "set_on_create": "bridge_",
-                "db": true
-            },
-            {
-                "name": "Alias",
-                "access": "readWrite",
-                "dataType": "string(:64)"
-            },
-            {
-                "name": "Status",
-                "access": "readOnly",
-                "dataType": "enum",
-                "enum": [
-                    "Disabled",
-                    "Enabled",
-                    "Error"
-                ],
-                "default": "Disabled"
-            },
-            {
-                "name": "Standard",
-                "access": "readWrite",
-                "dataType": "enum",
-                "enum": [
-                    "802.1D-2004",
-                    "802.1Q-2005",
-                    "802.1Q-2011"
-                ],
-                "default": "802.1Q-2011"
-            },
-            {
-                "name": "PortNumberOfEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt"
-            },
-            {
-                "name": "VLANNumberOfEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt"
-            },
-            {
-                "name": "VLANPortNumberOfEntries",
-                "access": "readOnly",
-                "dataType": "unsignedInt"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.STP.",
-        "access": "readOnly",
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean",
-                "uci": "stp"
-            },
-            {
-                "name": "Status",
-                "access": "readOnly",
-                "dataType": "enum",
-                "enum": [
-                    "Disabled",
-                    "Enabled",
-                    "Error_Misconfigured",
-                    "Error"
-                ],
-                "default": "Disabled"
-            },
-            {
-                "name": "Protocol",
-                "access": "readWrite",
-                "dataType": "enum",
-                "enum": [
-                    "STP",
-                    "RSTP"
-                ]
-            },
-            {
-                "name": "BridgePriority",
-                "access": "readWrite",
-                "dataType": "unsignedInt(0:61440)",
-                "default": "32768"
-            },
-            {
-                "name": "HelloTime",
-                "access": "readWrite",
-                "dataType": "unsignedInt(100:1000)",
-                "default": "200"
-            },
-            {
-                "name": "MaxAge",
-                "access": "readWrite",
-                "dataType": "unsignedInt(600:4000)",
-                "default": "2000"
-            },
-            {
-                "name": "ForwardingDelay",
-                "access": "readWrite",
-                "dataType": "unsignedInt(4:30)",
-                "default": "15"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.Port.{i}.",
-        "uniqueKeys": "Alias,Name",
-        "access": "readWrite",
-        "flags": [
-            "dmmap"
-        ],
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean"
-            },
-            {
-                "name": "Status",
-                "access": "readOnly",
-                "dataType": "enum",
-                "enum": [
-                    "Up",
-                    "Down",
-                    "Unknown",
-                    "Dormant",
-                    "NotPresent",
-                    "LowerLayerDown",
-                    "Error"
-                ],
-                "default": "Down"
-            },
-            {
-                "name": "Alias",
-                "access": "readWrite",
-                "dataType": "string(:64)"
-            },
-            {
-                "name": "Name",
-                "access": "readOnly",
-                "dataType": "string(:64)",
-                "set_on_create": "port_",
-                "db": "true",
-                "flags": [
-                    "linker"
-                ],
-                "js-value": "ifname"
-            },
-            {
-                "name": "LastChange",
-                "access": "readOnly",
-                "dataType": "unsignedInt",
-                "const": "0"
-            },
-            {
-                "name": "LowerLayers",
-                "access": "readWrite",
-                "dataType": "pathRef[]",
-                "pathRef": [
-                    "Device.Bridging.Bridge.{i}.Port."
-                ],
-                "js-value": "ssidPath"
-            },
-            {
-                "name": "ManagementPort",
-                "access": "readWrite",
-                "dataType": "boolean"
-            },
-            {
-                "name": "PriorityRegeneration",
-                "access": "readWrite",
-                "dataType": "unsignedInt(0:7)[]",
-                "default": "0,1,2,3,4,5,6,7"
-            },
-            {
-                "name": "{BBF_VENDOR_PREFIX}EgressPriorityRegeneration",
-                "access": "readWrite",
-                "dataType": "unsignedInt(0:7)[]"
-            },
-            {
-                "name": "Type",
-                "access": "readWrite",
-                "dataType": "enum",
-                "enum": [
-                    "ProviderNetworkPort",
-                    "CustomerNetworkPort",
-                    "CustomerEdgePort",
-                    "CustomerVLANPort",
-                    "VLANUnawarePort"
-                ],
-                "default": "CustomerVLANPort"
-            },
-            {
-                "name": "PVID",
-                "access": "readWrite",
-                "dataType": "int(1:4094)",
-                "default": "1"
-            },
-            {
-                "name": "TPID",
-                "access": "readWrite",
-                "dataType": "unsignedInt",
-                "default": "33024"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.Port.{i}.Stats.",
-        "access": "readOnly",
-        "parameters": [
-            {
-                "name": "BytesSent",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "BytesReceived",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "PacketsSent",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "PacketsReceived",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "ErrorsSent",
-                "dataType": "StatsCounter32"
-            },
-            {
-                "name": "ErrorsReceived",
-                "dataType": "StatsCounter32"
-            },
-            {
-                "name": "UnicastPacketsSent",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "DiscardPacketsSent",
-                "dataType": "StatsCounter32"
-            },
-            {
-                "name": "DiscardPacketsReceived",
-                "dataType": "StatsCounter32"
-            },
-            {
-                "name": "MulticastPacketsSent",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "UnicastPacketsReceived",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "MulticastPacketsReceived",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "BroadcastPacketsSent",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "BroadcastPacketsReceived",
-                "dataType": "unsignedLong"
-            },
-            {
-                "name": "UnknownProtoPacketsReceived",
-                "dataType": "StatsCounter32"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.VLAN.{i}.",
-        "uniqueKeys": "Alias,VLANID",
-        "access": "readWrite",
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean"
-            },
-            {
-                "name": "Name",
-                "access": "readWrite",
-                "dataType": "string(:64)",
-                "set_on_create": "vlan_"
-            },
-            {
-                "name": "Alias",
-                "access": "readWrite",
-                "dataType": "string(:64)"
-            },
-            {
-                "name": "VLANID",
-                "access": "readWrite",
-                "dataType": "int(0:4094)"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.Bridge.{i}.VLANPort.{i}.",
-        "uniqueKeys": "Alias,VLAN",
-        "access": "readWrite",
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean"
-            },
-            {
-                "name": "Alias",
-                "access": "readWrite",
-                "dataType": "string(:64)"
-            },
-            {
-                "name": "VLAN",
-                "access": "readWrite",
-                "dataType": "pathRef",
-                "pathRef": [
-                    "Device.Bridging.Bridge.{i}.VLAN."
-                ]
-            },
-            {
-                "name": "Port",
-                "access": "readWrite",
-                "dataType": "pathRef",
-                "pathRef": [
-                    "Device.Bridging.Bridge.{i}.Port."
-                ]
-            },
-            {
-                "name": "Untagged",
-                "access": "readWrite",
-                "dataType": "boolean"
-            }
-        ]
-    },
-    {
-        "object": "Device.Bridging.ProviderBridge.{i}.",
-        "uniqueKeys": "Alias",
-        "access": "readWrite",
-        "parameters": [
-            {
-                "name": "Enable",
-                "access": "readWrite",
-                "dataType": "boolean"
-            },
-            {
-                "name": "Status",
-                "access": "readOnly",
-                "dataType": "enum",
-                "enum": [
-                    "Disabled",
-                    "Enabled",
-                    "Error_Misconfigured",
-                    "Error"
-                ],
-                "default": "Disabled"
-            },
-            {
-                "name": "Alias",
-                "access": "readWrite",
-                "dataType": "string(:64)"
-            },
-            {
-                "name": "Type",
-                "access": "readWrite",
-                "dataType": "enum",
-                "enum": [
-                    "S-VLAN",
-                    "PE"
-                ]
-            },
-            {
-                "name": "SVLANcomponent",
-                "access": "readWrite",
-                "dataType": "pathRef",
-                "pathRef": [
-                    "Device.Bridging.Bridge."
-                ]
-            },
-            {
-                "name": "CVLANcomponents",
-                "access": "readWrite",
-                "dataType": "pathRef[]",
-                "pathRef": [
-                    "Device.Bridging.Bridge."
-                ]
-            }
-        ]
-    }
-]
--- a/bridgemngr/dm/bridge-apply.js
+++ b/bridgemngr/dm/bridge-apply.js
@@ -1,343 +0,0 @@
-/*
- * Copyright (c) 2025 Genexis B.V. All rights reserved.
- *
- * This Software and its content are protected by the Dutch Copyright Act
- * ('Auteurswet'). All and any copying and distribution of the software
- * and its content without authorization by Genexis B.V. is
- * prohibited. The prohibition includes every form of reproduction and
- * distribution.
- *
- */
-
-import {
-    getUciOption, getUciByType, setUci, addUci, delUci
-} from '../uci.js';
-import { getParamValue, replaceArrayElement, isTrue } from '../utils.js';
-import * as dm from './dm_consts.js';
-import { getBridgeDeviceType, getTPIDFromDeviceType } from './common.js';
-
-function findVLANPort(vlanPort, VLANs, Ports) {
-    const [, vlanIndices] = _dm_node(vlanPort.VLAN);
-    const vlanIdx = vlanIndices[vlanIndices.length - 1];
-    const vlan = VLANs?.find(x => x['.index'] === vlanIdx);
-    if (!vlan) {
-        _log_error(`vlan not found for vlanPort: ${vlanPort.VLAN}`);
-        return;
-    }
-
-    const [, portIndices] = _dm_node(vlanPort.Port);
-    const portIdx = portIndices[portIndices.length - 1];
-    const port = Ports?.find(x => x['.index'] === portIdx);
-    if (!port) {
-        _log_error(`port not found for vlanPort: ${vlanPort.Port}`);
-        return;
-    }
-
-    return [vlan, port];
-}
-
-function createVLANDevice(devName, ifname, VLAN, Port) {
-    const ingress_qos_mapping = Port.PriorityRegeneration !== '0,1,2,3,4,5,6,7'
-            ? Port.PriorityRegeneration.split(',').map((p, i) => `${i}:${p}`)
-            : '';
-
-    const egress_qos_mapping = Port.X_IOPSYS_EU_EgressPriorityRegeneration !== ''
-        ? Port.X_IOPSYS_EU_EgressPriorityRegeneration.split(',').map((p, i) => `${i}:${p}`)
-        : '';
-
-    const uciConfigs = {
-        ifname: ifname,
-        vid: VLAN.VLANID,
-        name: ifname + '.' + VLAN.VLANID,
-        type: getBridgeDeviceType(Port.Type),
-        tpid: getTPIDFromDeviceType(Port.Type, Port.TPID),
-        ingress_qos_mapping,
-        egress_qos_mapping,
-    };
-    addUci('network', 'device', devName, uciConfigs);
-}
-
-function applyBridge(bri, Ports, VLANs, VLANPorts) {
-    deinitDeviceBridgingBridge(bri._key, false);
-
-    const ports = [];
-
-    for (const vlan of VLANs || []) {
-        vlan.ports = [];
-        vlan.hasUntagged = false;
-    }
-
-    for (const vlanPort of VLANPorts || []) {
-        if (!vlanPort.Enable || !vlanPort.Port || !vlanPort.VLAN) {
-            continue;
-        }
-
-        const [vlan, port] = findVLANPort(vlanPort, VLANs, Ports);
-        if (!vlan || !port || port.LowerLayers === '' || !port.Enable || !vlan.Enable || vlan.VLANID <= 0) {
-            continue;
-        }
-
-        port.used = true;
-
-        if (port.Type === 'ProviderNetworkPort') {
-            continue;
-        }
-
-        const devName = `br_${bri['.index']}_dev_${vlanPort['.index']}`;
-        if (!port.LowerLayers.startsWith('Device.Ethernet.Interface')) {
-            _log_error(`applyBridge, LowerLayers not found for port: ${port.LowerLayers}`);
-            continue;
-        }
-
-        const ifname = _dm_linker_value(port.LowerLayers);
-        if (!ifname) {
-            _log_error(`applyBridge, ifname not found for port: ${port.LowerLayers}`);
-            continue;
-        }
-
-        if (vlanPort.Untagged) {
-            ports.push(ifname);
-            vlan.hasUntagged = true;
-            vlan.ports.push(ifname + ':u' + (vlanPort.PVID === vlan.VLANID ? '*' : ''));
-            // vlan.ports.push(ifname + ':u*');
-        } else {
-            createVLANDevice(devName, ifname, vlan, port);
-            const vlanDevName = ifname + '.' + vlan.VLANID;
-            ports.push(vlanDevName);
-            vlan.ports.push(vlanDevName + ':u*');
-        }
-    }
-
-    for (const port of Ports || []) {
-        if (port.used || isTrue(port.ManagementPort)) {
-            continue;
-        }
-        if (port.LowerLayers.startsWith('Device.Ethernet.Interface')) {
-            const ifname = _dm_linker_value(port.LowerLayers);
-            if (!ifname) {
-                _log_error(`applyBridge, ifname not found for port: ${port.LowerLayers}`);
-                continue;
-            }
-            ports.push(ifname);
-        }
-    }
-
-    if (ports.length > 0) {
-        setUci('network', bri._key, { ports: ports });
-    }
-
-    // create the bridge-vlan for the untagged port
-    for (const vlan of VLANs || []) {
-        if (vlan.hasUntagged) {
-            addUci('network', 'bridge-vlan', `br_${bri['.index']}_bv_${vlan['.index']}`, {
-                device: bri.Name,
-                vlan: vlan.VLANID,
-                ports: vlan.ports,
-            });
-        }
-    }
-
-    applyProviderBridges();
-}
-
-function applyPEBridges(ifname, vlanID, portLowerLayers, cvlanBridgePath) {const vlanPorts = _dm_get(cvlanBridgePath + '.VLANPort.');
-    for (const vlanPort of vlanPorts || []) {
-        if (!vlanPort.Enable || !vlanPort.Port || !vlanPort.VLAN) {
-            continue;
-        }
-        const portVals = _dm_get(vlanPort.Port);
-        if (portVals?.LowerLayers !== portLowerLayers || portVals?.Type !== 'CustomerEdgePort') {
-            _log_error(`applyPEBridges, portVals not found for vlanPort: ${vlanPort.Port}`);
-            continue;
-        }
-
-        const vlan = _dm_get(vlanPort.VLAN);
-        if (!vlan || vlan.VLANID <= 0 || !vlan.Enable) {
-            _log_error(`applyPEBridges, vlan not found for vlanPort: ${vlanPort.VLAN}`);
-            continue;
-        }
-
-        const devName = ifname + '.' + vlan.VLANID;
-
-        const briName = getParamValue(cvlanBridgePath, '_key');
-        if (!briName) {
-            _log_error(`applyPEBridges, briName not found for cvlanBridgePath: ${cvlanBridgePath}`);
-            continue;
-        }
-
-        const ports = getUciOption('network', briName, 'ports') || [];
-        const devs = getUciByType('network', 'device', { match: { name: devName } });
-        if (devs.length === 0) {
-            _log_error(`applyPEBridges, device not found for devName: ${devName}`);
-            continue;
-        }
-
-        const newName = `${ifname}.${vlanID}.${vlan.VLANID}`;
-        setUci('network', devs[0]['.name'], {ifname: `${ifname}.${vlanID}`, name: newName});
-        replaceArrayElement(ports, devName, newName);
-        setUci('network', briName, { ports: ports });
-    }
-}
-
-function applyProviderBridge(pbridgeIndex, type, svlanBridgePath, cvlanBridgePaths) {
-    const vlanPorts = _dm_get(svlanBridgePath + '.VLANPort.');
-    const briName = getParamValue(svlanBridgePath, '_key');
-    if (briName) {
-        delUci('network', briName);
-    }
-    for (const vlanPort of vlanPorts || []) {
-        if (!vlanPort.Enable || !vlanPort.Port || !vlanPort.VLAN) {
-            continue;
-        }
-
-        const portVals = _dm_get(vlanPort.Port);
-        if (!portVals) {
-            _log_error(`applyProviderBridge, portVals not found for vlanPort: ${vlanPort.Port}`);
-            continue;
-        }
-
-        if (portVals.Type !== 'ProviderNetworkPort') {
-            _log_error(`applyProviderBridge, portVals.Type is not ProviderNetworkPort for vlanPort: ${vlanPort.Port}`);
-            continue;
-        }
-
-        const ifname = _dm_linker_value(portVals.LowerLayers);
-        if (!ifname) {
-            _log_error(`applyProviderBridge, ifname not found for port: ${portVals.LowerLayers}`);
-            continue;
-        }
-
-        const vlan = _dm_get(vlanPort.VLAN);
-        if (!vlan || !vlan.Enable || vlan.VLANID <= 0) {
-            _log_error(`applyProviderBridge, vlan invalid for vlanPort: ${vlanPort.VLAN}`);
-            continue;
-        }
-
-        const devName = `pb_${pbridgeIndex}_dev_${vlanPort['.index']}`;
-        createVLANDevice(devName, ifname, vlan, portVals);
-
-        cvlanBridgePaths.split(',').forEach(cvlanBridgePath => {
-            if (type === 'S-VLAN') {
-                const briName = getParamValue(cvlanBridgePath, '_key');
-                if (briName) {
-                    let ports = getUciOption('network', briName, 'ports') || [];
-                    ports = ports.filter(x => !x.startsWith(ifname));
-                    ports.push(ifname + '.' + vlan.VLANID);
-                    setUci('network', briName, { ports: ports });
-                } else {
-                    _log_error(`applyProviderBridge, briName not found for cvlanBridgePath: ${cvlanBridgePath}`);
-                }
-            } else {
-                applyPEBridges(ifname, vlan.VLANID, portVals.LowerLayers, cvlanBridgePath);
-            }
-        });
-
-    }
-}
-
-function applyProviderBridges() {
-    const pbridges = _dm_get(dm.DM_DEVICE_BRIDGING_PROVIDERBRIDGE);
-    for (const pbridge of pbridges || []) {
-        if (!pbridge.Enable || !pbridge.SVLANcomponent || !pbridge.CVLANcomponents || !pbridge.Type) {
-            continue;
-        }
-
-        applyProviderBridge(pbridge['.index'], pbridge.Type, pbridge.SVLANcomponent, pbridge.CVLANcomponents);
-    }
-}
-
-function applyAllBridges() {
-    const bridges = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE);
-    for (const bri of bridges || []) {
-        applyBridge(bri, bri.Port, bri.VLAN, bri.VLANPort);
-    }
-}
-
-export function applyDeviceBridgingProviderBridge() {
-    applyAllBridges();
-}
-
-function isProviderBridge(ports) {
-    return ports.some(port => port.Type === 'ProviderNetworkPort' || port.Type === 'CustomerEdgePort');
-}
-
-export function applyDeviceBridgingBridgePort(ports, bri) {
-    const vlans = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_VLAN, bri['.index']);
-    const vlanPorts = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_VLANPORT, bri['.index']);
-    if (isProviderBridge(ports)) {
-        applyAllBridges();
-        return;
-    }
-    applyBridge(bri, ports, vlans, vlanPorts);
-}
-
-export function applyDeviceBridgingBridgeVLAN(vlans, bri) {
-    const ports = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_PORT, bri['.index']);
-    if (isProviderBridge(ports)) {
-        applyAllBridges();
-        return;
-    }
-    const vlanPorts = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_VLANPORT, bri['.index']);
-    applyBridge(bri, ports, vlans, vlanPorts);
-}
-
-export function applyDeviceBridgingBridgeVLANPort(vlanPorts, bri) {
-    const ports = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_PORT, bri['.index']);
-    if (isProviderBridge(ports)) {
-        applyAllBridges();
-        return;
-    }
-    const vlans = _dm_get(dm.DM_DEVICE_BRIDGING_BRIDGE_VLAN, bri['.index']);
-    applyBridge(bri, ports, vlans, vlanPorts);
-}
-
-export function initDeviceBridgingBridge(bri) {
-    setUci('network', bri._key, {
-        type: 'bridge',
-        name: bri.Name,
-        enabled: '0',
-    });
-    // create empty interface for the bridge
-    addUci('network', 'interface', `itf_${bri._key}`, {
-        device: bri.Name,
-        bridge_empty: '1',
-    });
-}
-
-export const filterDeviceBridgingBridge = uci => uci.type === 'bridge';
-
-function delVLANDevice(devName, devices, ethPorts) {
-    if (ethPorts.find(x => x.name === devName))  {
-        return;
-    }
-
-    const dev = devices.find(x => x.name === devName);
-    if (!dev) {
-        return;
-    }
-
-    // delete possible vlan stack device
-    delVLANDevice(dev.ifname, devices, ethPorts);
-    delUci('network', dev['.name']);
-}
-
-export function deinitDeviceBridgingBridge(uci, removeInterface = true) {
-    const ports = getUciOption('network', uci, 'ports');
-    const devices = getUciByType('network', 'device');
-
-    const ethPorts = devices.filter(x => x.type === undefined && x.eee !== undefined);
-    ports?.forEach(port => {
-        delVLANDevice(port, devices, ethPorts);
-    });
-
-    const name = getUciOption('network', uci, 'name');
-    // delete related bridge-vlan devices (query first to avoid noisy "section missing" logs)
-    const bridgeVlans = getUciByType('network', 'bridge-vlan', { match: { device: name } }) || [];
-    bridgeVlans.forEach(vlan => delUci('network', vlan['.name']));
-
-    if (removeInterface) {
-        // delete the empty interface created for this bridge (query first)
-        const interfaces = getUciByType('network', 'interface', { match: { device: name, bridge_empty: '1' } }) || [];
-        interfaces.forEach(intf => delUci('network', intf['.name']));
-    }
-}
--- a/bridgemngr/dm/bridge-import.js
+++ b/bridgemngr/dm/bridge-import.js
@@ -1,268 +0,0 @@
-/*
- * Copyright (c) 2025 Genexis B.V. All rights reserved.
- *
- * This Software and its content are protected by the Dutch Copyright Act
- * ('Auteurswet'). All and any copying and distribution of the software
- * and its content without authorization by Genexis B.V. is
- * prohibited. The prohibition includes every form of reproduction and
- * distribution.
- *
- */
-
-import { getUciByType } from '../uci.js';
-import { getBridgePortType, getTPIDFromDeviceType } from './common.js';
-
-// find the port from bridge-vlan; returns [vlanId, isTagged, isPvid] or null
-function findPortFromBridgeVlan(bridgeVlans, portName) {
-    if (!bridgeVlans) return null;
-
-    for (const bridgeVlan of bridgeVlans) {
-        const port = bridgeVlan.ports?.find(x => x.split(':')[0] === portName);
-        if (port) {
-            const flags = port.includes(':') ? port.split(':')[1] : '';
-            return [bridgeVlan.vlan, flags.includes('t'), flags.includes('*')];
-        }
-    }
-    return null;
-}
-
-function isVLANSubInterface(portName, ethPorts) {
-    const names = portName.split('.');
-    if (names.length > 1) {
-        const baseIfname = names.slice(0, -1).join('.');
-        if (ethPorts.find(x => x.ifname === baseIfname)) {
-            return true;
-        }
-    }
-    return false;
-}
-
-function createProviderBridge(dev, type, ethIndex, bridges, providerBridges, cVLANBridgeIndex) {
-    const briIndex = bridges.length + 1;
-
-    let sVLANBridgeIndex = bridges.findIndex((x) => x['VLAN.']?.[0]?.VLANID === dev.vid && x['Port.']?.[0]?.LowerLayers === `Device.Ethernet.Interface.${ethIndex}`);
-    if (sVLANBridgeIndex < 0) {
-        // no management port needed for provider bridge
-        bridges.push({
-            Name: dev.name,
-            Alias: `cpe-${dev.name}`,
-            Standard: '802.1Q-2011',
-            Enable: 1,
-            'Port.': [{
-                Enable: 1,
-                Name: dev.name,
-                Alias: `cpe-${dev.name}`,
-                TPID: 34984,
-                PVID: 1,
-                Type: 'ProviderNetworkPort',
-                LowerLayers: `Device.Ethernet.Interface.${ethIndex}`,
-            }],
-            'VLAN.': [{
-                Enable: 1,
-                VLANID: dev.vid,
-            }],
-            'VLANPort.': [{
-                Enable: 1,
-                VLAN: `Device.Bridging.Bridge.${briIndex}.VLAN.1`,
-                Port: `Device.Bridging.Bridge.${briIndex}.Port.1`,
-                Untagged: 1,
-            }],
-            _key: dev['.name'],
-        });
-        sVLANBridgeIndex = bridges.length;
-    } else {
-        sVLANBridgeIndex = sVLANBridgeIndex + 1;
-        const pvBridge = providerBridges.find(x => x.SVLANcomponent === `Device.Bridging.Bridge.${sVLANBridgeIndex}`);
-        if (pvBridge) {
-            pvBridge.CVLANcomponents = pvBridge.CVLANcomponents + `,Device.Bridging.Bridge.${cVLANBridgeIndex}`;
-            return;
-        }
-    }
-
-    providerBridges.push({
-        Alias: `cpe-${dev.name}`,
-        Enable: 1,
-        Type: type,
-        SVLANcomponent: `Device.Bridging.Bridge.${sVLANBridgeIndex}`,
-        CVLANcomponents: `Device.Bridging.Bridge.${cVLANBridgeIndex}`,
-        _key: dev['.name'],
-    });
-}
-
-function addRegularEthernetPort(ethDevice, portIndex, briPorts) {
-    const tpid = getTPIDFromDeviceType(ethDevice.type, ethDevice.tpid);
-
-    briPorts.push({
-        Enable: 1,
-        Name: ethDevice['ifname'],
-        Alias: `cpe-${ethDevice['.name']}`,
-        TPID: tpid,
-        PVID: 1,
-        Type: 'VLANUnawarePort',
-        LowerLayers: `Device.Ethernet.Interface.${portIndex + 1}`,
-        _key: ethDevice['.name'],
-    });
-}
-
-
-function handleVlanDevice(bridgeIndex, device, ethPorts, devices, bridges, briPorts, briVLAN, briVLANPort, providerBridges) {
-    let qinqDev;
-    let ethIndex = ethPorts.findIndex(x => device.ifname === x.ifname);
-
-    if (device.type === '8021ad') {
-        if (ethIndex < 0) {
-            _log_error('base ethernet device not found', device.ifname);
-            return;
-        }
-        createProviderBridge(device, 'S-VLAN', ethIndex + 1, bridges, providerBridges, bridgeIndex);
-        return;
-    }
-
-    if (ethIndex < 0) {
-        qinqDev = devices.find(x => x.name === device.ifname);
-        if (!qinqDev || !qinqDev.ifname) {
-            _log_error('device ifname not found', device.ifname);
-            return;
-        }
-        if (qinqDev.type !== '8021ad' || device.type !== '8021q') {
-            _log_error('invalid qinq device type', qinqDev['.name'], device['.name']);
-            return;
-        }
-        device.ifname = qinqDev.ifname;
-        ethIndex = ethPorts.findIndex(x => device.ifname === x.ifname);
-        if (ethIndex < 0) {
-            _log_error('base ethernet device not found', device.ifname);
-            return;
-        }
-    }
-
-    if (device.type !== '8021q') {
-        _log_error('unsupported device type', device['.name'], device.type);
-        return;
-    }
-
-    let vlanIndex = briVLAN.findIndex(x => Number(x.VLANID) === Number(device.vid));
-    if (vlanIndex < 0) {
-        briVLAN.push({ Enable: 1, VLANID: Number(device.vid) });
-        vlanIndex = briVLAN.length;
-    } else {
-        vlanIndex += 1;
-    }
-
-    const portType = qinqDev ? 'CustomerEdgePort' : getBridgePortType(device.type);
-    const tpid = getTPIDFromDeviceType(device.type, device.tpid);
-
-    briPorts.push({
-        Enable: 1,
-        Name: device['ifname'],
-        Alias: `cpe-${device['.name']}`,
-        TPID: tpid,
-        PVID: device.pvid ? Number(device.vid): 1,
-        Type: portType,
-        LowerLayers: `Device.Ethernet.Interface.${ethIndex + 1}`,
-        _key: device['.name'],
-    });
-
-    briVLANPort.push({
-        Enable: 1,
-        VLAN: `Device.Bridging.Bridge.${bridgeIndex}.VLAN.${vlanIndex}`,
-        Port: `Device.Bridging.Bridge.${bridgeIndex}.Port.${briPorts.length}`,
-        Untagged: device.untagged ? 1 : 0,
-        _key: device['.name'],
-    });
-
-    if (qinqDev && qinqDev.vid) {
-        createProviderBridge(qinqDev, 'PE', ethIndex + 1, bridges, providerBridges, bridgeIndex);
-    }
-}
-
-function importBridge(dev, devices, bridges, bridgeVlans, providerBridges) {
-    const briPorts = [];
-    const briVLAN = [];
-    const briVLANPort = [];
-
-    // create the management port first
-    briPorts.push({
-        Alias: `cpe-${dev.name}`,
-        Enable: 1,
-        Name: dev.name,
-        ManagementPort: 1,
-        PVID: 1,
-        TPID: 37120,
-        Type: 'CustomerVLANPort',
-    });
-
-    bridges.push({
-        Name: dev.name,
-        Alias: `cpe-${dev.name}`,
-        Enable: 1,
-        'Port.': briPorts,
-        'VLAN.': briVLAN,
-        'VLANPort.': briVLANPort,
-        _key: dev['.name'],
-    });
-
-    const ethPorts = devices.filter(x => x.type === undefined && x.eee !== undefined);
-
-    for (const portName of (dev.ports || [])) {
-        let device;
-        const portIndex = ethPorts.findIndex(x => x.ifname === portName);
-        const briVLANInfo = findPortFromBridgeVlan(bridgeVlans, portName);
-        if (portIndex >= 0 && !briVLANInfo) {
-            // Regular ethernet port
-            const ethDevice = ethPorts[portIndex];
-            addRegularEthernetPort(ethDevice, portIndex, briPorts);
-            continue;
-        }
-
-        if (briVLANInfo && portIndex >= 0) {
-            // bridge-vlan device
-            device = {['.name']: portName, ifname: portName, type: '8021q', name: portName, vid: Number(briVLANInfo[0]), untagged: !briVLANInfo[1], pvid: briVLANInfo[2]};
-        } else {
-            // vlan device
-            device = devices.find(x => x.name === portName);
-            if (!device) {
-                // check if it is a valid sub-interface
-                if (isVLANSubInterface(portName, ethPorts)) {
-                    const ifname = portName.split('.').slice(0, -1).join('.');
-                    const vid = portName.split('.').pop();
-                    device = {['.name']: portName, ifname: ifname, type: '8021q', name: portName, vid: Number(vid)};
-                } else {
-                    _log_error('device not found', portName);
-                    return;
-                }
-            }
-        }
-
-        if (!device.ifname || !device.vid) {
-            _log_error('ifname or vid not found', device['.name']);
-            return;
-        }
-
-        handleVlanDevice(bridges.length, device, ethPorts, devices, bridges, briPorts, briVLAN, briVLANPort, providerBridges);
-    }
-
-    if (briPorts.length > 1) {
-        const indexes = Array.from({ length: briPorts.length - 1 }, (v, i) => i + 2);
-        briPorts[0].LowerLayers = indexes.map(i => `Device.Bridging.Bridge.${bridges.length}.Port.${i}`).join(',');
-    }
-}
-
-export function importDeviceBridgingBridge() {
-    const bridges = [];
-    const providerBridges = [];
-    const devices = getUciByType('network', 'device');
-    const bridgeVlans = getUciByType('network', 'bridge-vlan');
-    devices?.forEach(dev => {
-        if (dev.type === 'bridge') {
-            const bridgeVlan = bridgeVlans?.filter(x => x.device === dev.name);
-            importBridge(dev, devices, bridges, bridgeVlan, providerBridges);
-        }
-    });
-
-    if (providerBridges.length > 0) {
-        _dm_update('Device.Bridging.ProviderBridge.', providerBridges);
-    }
-
-    return bridges;
-}
--- a/bridgemngr/dm/bridge.js
+++ b/bridgemngr/dm/bridge.js
@@ -1,133 +0,0 @@
-/*
- * Copyright (c) 2025 Genexis B.V. All rights reserved.
- *
- * This Software and its content are protected by the Dutch Copyright Act
- * ('Auteurswet'). All and any copying and distribution of the software
- * and its content without authorization by Genexis B.V. is
- * prohibited. The prohibition includes every form of reproduction and
- * distribution.
- *
- */
-
-import * as std from 'std';
-import { isTrue } from '../utils.js';
-import { getUciByType } from '../uci.js';
-
-function setMgmtPortLowerLayers(bri) {
-    if (!bri) return 0;
-
-    const portPath = `Device.Bridging.Bridge.${bri['.index']}.Port.`;
-    const mgmtPort = _dm_instances(portPath, '(ManagementPort="true" OR ManagementPort=1)');
-    if (mgmtPort.length !== 1) return 0;
-
-    const nonMgmtPort = _dm_instances(portPath, '(ManagementPort="false" OR ManagementPort=0)');
-    _dm_update(`${mgmtPort[0]}.LowerLayers`, nonMgmtPort.join(','));
-    return 0;
-}
-
-export function changedDeviceBridgingBridgePort(bri) {
-    return setMgmtPortLowerLayers(bri);
-}
-
-export function changedDeviceBridgingBridgePortManagementPort(bri) {
-    return setMgmtPortLowerLayers(bri);
-}
-
-export function getDeviceBridgingBridgeStatus(bri) {
-    const enable = _dm_get(`Device.Bridging.Bridge.${bri['.index']}.Enable`);
-    return enable ? 'Enabled' : 'Disabled';
-}
-
-export function getDeviceBridgingBridgeSTPStatus(bri) {
-    const stpState = std.loadFile(`/sys/class/net/${bri.Name}/bridge/stp_state`)?.trim();
-    return stpState === '1' ? 'Enabled' : 'Disabled';
-}
-
-export function getDeviceBridgingBridgePortStatus(bri, port) {
-    if (!port['.db']) return 'Up';
-
-    const enable = _dm_get(`Device.Bridging.Bridge.${bri['.index']}.Port.${port['.index']}.Enable`);
-    return enable ? 'Up' : 'Down';
-}
-
-export function infoDeviceBridgingBridgePort(path, port) {
-    const mgmtPort = _dm_get(`${path}.ManagementPort`);
-    if (typeof mgmtPort === 'undefined' || mgmtPort) return;
-
-    const lower = _dm_get(`${path}.LowerLayers`);
-    if (lower) {
-        port.ifname = _dm_linker_value(lower);
-    }
-}
-
-// Helper function to read network statistics
-function getNetworkStat(port, statName) {
-    return std.loadFile(`/sys/class/net/${port.ifname}/statistics/${statName}`)?.trim();
-}
-
-export const getDeviceBridgingBridgePortStatsBytesSent = (bri, port) =>
-    getNetworkStat(port, 'tx_bytes');
-
-export const getDeviceBridgingBridgePortStatsBytesReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_bytes');
-
-export const getDeviceBridgingBridgePortStatsPacketsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_packets');
-
-export const getDeviceBridgingBridgePortStatsPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_packets');
-
-export const getDeviceBridgingBridgePortStatsErrorsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_errors');
-
-export const getDeviceBridgingBridgePortStatsErrorsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_errors');
-
-export const getDeviceBridgingBridgePortStatsDiscardPacketsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_dropped');
-
-export const getDeviceBridgingBridgePortStatsDiscardPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_dropped');
-
-export const getDeviceBridgingBridgePortStatsMulticastPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'multicast');
-
-export const getDeviceBridgingBridgePortStatsUnicastPacketsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_unicast_packets');
-
-export const getDeviceBridgingBridgePortStatsUnicastPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_unicast_packets');
-
-export const getDeviceBridgingBridgePortStatsMulticastPacketsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_multicast_packets');
-
-export const getDeviceBridgingBridgePortStatsBroadcastPacketsSent = (bri, port) =>
-    getNetworkStat(port, 'tx_broadcast_packets');
-
-export const getDeviceBridgingBridgePortStatsBroadcastPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_broadcast_packets');
-
-export const getDeviceBridgingBridgePortStatsUnknownProtoPacketsReceived = (bri, port) =>
-    getNetworkStat(port, 'rx_unknown_packets');
-
-export function getDeviceBridgingBridgePort(bri) {
-    const networkName = bri.Name.startsWith('br-') ? bri.Name.slice(3) : bri.Name;
-
-    const wifiIfaces = getUciByType('wireless', 'wifi-iface', { match: { multi_ap: '2', network: networkName } });
-    wifiIfaces?.forEach(x => {
-        const ssid = getUciByType('WiFi', 'SSID',
-            { match: { device: x.device, ssid: x.ssid}, confdir: '/etc/bbfdm/dmmap'});
-        if (Array.isArray(ssid) && ssid[0].__instance__) {
-            x.ssidPath = `Device.WiFi.SSID.${ssid[0].__instance__}`;
-        }
-    });
-
-    return wifiIfaces;
-}
-
-export function setDeviceBridgingBridgePortManagementPort(val, bri, port) {
-    if (isTrue(val)) {
-        _db_set(`Device.Bridging.Bridge.${bri['.index']}.Port.${port['.index']}.Name`, bri.Name);
-    }
-    return 1;
-}
--- a/bridgemngr/dm/common.js
+++ b/bridgemngr/dm/common.js
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 2025 Genexis B.V. All rights reserved.
- *
- * This Software and its content are protected by the Dutch Copyright Act
- * ('Auteurswet'). All and any copying and distribution of the software
- * and its content without authorization by Genexis B.V. is
- * prohibited. The prohibition includes every form of reproduction and
- * distribution.
- *
- */
-
-export const bridgePortTypeMap = [
-    { portType: 'ProviderNetworkPort', devType: '8021ad' },
-    { portType: 'CustomerVLANPort', devType: '8021q' },
-    { portType: 'CustomerEdgePort', devType: '8021q' },
-    { portType: 'CustomerNetworkPort', devType: '8021q' },
-    { portType: 'VLANUnawarePort', devType: '' }
-];
-
-export function getBridgePortType(devType) {
-    const mapping = bridgePortTypeMap.find(map => map.devType === devType);
-    return mapping ? mapping.portType : null;
-}
-
-export function getBridgeDeviceType(portType) {
-    const mapping = bridgePortTypeMap.find(map => map.portType === portType);
-    return mapping ? mapping.devType : '';
-}
-
-export function getDefaultTPID(deviceType) {
-    switch (deviceType) {
-        case '8021q':
-            return '33024';
-        case '8021ad':
-            return '34984';
-        default:
-            return '37120';
-    }
-}
-
-export function getTPIDFromDeviceType(deviceType, explicitTPID) {
-    // If explicit TPID is set, use it
-    if (explicitTPID && explicitTPID !== '') {
-        return parseInt(explicitTPID, 10);
-    }
-
-    // Default TPID based on device type
-    switch (deviceType) {
-        case '8021q':
-            return 33024;
-        case '8021ad':
-            return 34984;
-        default:
-            return 37120;
-    }
-}
--- a/bulkdata/Makefile
+++ b/bulkdata/Makefile
@@ -7,14 +7,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.23
+PKG_VERSION:=2.1.20

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=f54550f2d587a701c0a8d5cac4a0910a99ce92cf
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=a5e57962938ca143ede65d92be90b6e9fce66e15
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/bulut/Makefile
+++ b/bulut/Makefile
@@ -11,7 +11,7 @@ PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bulut/bulut-gw-client.git
 PKG_SOURCE_VERSION:=227700c44817afa2c392fa08bf4cf70fa6177f01

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
--- a/ddnsmngr/Makefile
+++ b/ddnsmngr/Makefile
@@ -12,7 +12,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
 PKG_SOURCE_VERSION:=44af9a7b3fec3929f8554af9633a5b8068189b48
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/decollector/Config.in
+++ b/decollector/Config.in
@@ -4,16 +4,4 @@ config DECOLLECTOR_EASYMESH_VERSION
 	int "Support Easymesh version"
 	default 6

-config DECOLLECTOR_BUILD_TR181_PLUGIN
-	bool "Build TR-181 mapping module (responsible for Device.WiFi.DataElements.)"
-	default y
-
-config DECOLLECTOR_VENDOR_EXTENSIONS
-	bool "Iopsys vendor extensions for Device.WiFi.DataElements."
-	default y
-
-config DECOLLECTOR_VENDOR_PREFIX
-	string "Package specific datamodel Vendor Prefix for TR181 extensions"
-	default ""
-
 endmenu
--- a/decollector/Makefile
+++ b/decollector/Makefile
@@ -6,14 +6,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=decollector
-PKG_VERSION:=6.2.3.9
+PKG_VERSION:=6.2.1.8

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d1d948a48952fe2091e84af1293a6e77857439cf
+PKG_SOURCE_VERSION:=b7e294d7c610adfd80cf40a0628c189695dc5156
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
@@ -24,7 +24,6 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk

 define Package/decollector
  SECTION:=utils
@@ -67,18 +66,6 @@ MAKE_PATH:=src

 TARGET_CFLAGS += -DEASYMESH_VERSION=$(CONFIG_DECOLLECTOR_EASYMESH_VERSION)

-ifeq ($(CONFIG_DECOLLECTOR_BUILD_TR181_PLUGIN),y)
-MAKE_FLAGS += DECOLLECTOR_BUILD_TR181_PLUGIN=y
-ifeq ($(CONFIG_DECOLLECTOR_VENDOR_EXTENSIONS),y)
-TARGET_CFLAGS += -DDECOLLECTOR_VENDOR_EXTENSIONS
-ifeq ($(CONFIG_DECOLLECTOR_VENDOR_PREFIX),"")
-TARGET_CFLAGS += -DCUSTOM_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
-else
-TARGET_CFLAGS += -DCUSTOM_PREFIX=\\\"$(CONFIG_DECOLLECTOR_VENDOR_PREFIX)\\\"
-endif
-endif
-endif
-
 EXECS := \
 	$(if $(CONFIG_PACKAGE_decollector),decollector)

@@ -89,7 +76,6 @@ define Package/decollector/install
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) ./files/decollector.init $(1)/etc/init.d/decollector
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/decollector $(1)/usr/sbin/
-	$(BBFDM_REGISTER_SERVICES) ./bbfdm_service.json $(1) $(PKG_NAME)
 endef

 $(eval $(call BuildPackage,decollector))
--- a/decollector/bbfdm_service.json
+++ b/decollector/bbfdm_service.json
@@ -1,26 +0,0 @@
-{
-  "daemon": {
-    "enable": "1",
-    "service_name": "decollector",
-    "unified_daemon": true,
-    "services": [
-      {
-        "parent_dm": "Device.WiFi.",
-        "object": "DataElements"
-      }
-    ],
-    "config": {
-      "loglevel": "3"
-    },
-    "apply_handler": {
-      "uci": [
-        {
-          "file": [
-            "mapcontroller"
-          ],
-          "external_handler": "/etc/wifidmd/bbf_config_reload.sh"
-        }
-      ]
-    }
-  }
-}
--- a/dectmngr/Makefile
+++ b/dectmngr/Makefile
@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=dectmngr
 PKG_RELEASE:=3
-PKG_VERSION:=3.7.13
+PKG_VERSION:=3.7.10

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/dectmngr.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=5c2720563b3ed889e9d4de6fdb9b0f6a9d584094
+PKG_SOURCE_VERSION:=1f851980a6ba616df54f79930225f8bcd563b711
 PKG_MIRROR_HASH:=skip
 endif

@@ -20,7 +20,7 @@ export BUILD_DIR

 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_PARALLEL:=1

 include $(INCLUDE_DIR)/package.mk
--- a/dhcpmngr/Config.in
+++ b/dhcpmngr/Config.in
@@ -1,12 +0,0 @@
-if PACKAGE_dhcpmngr
-
-config DHCPMNGR_ENABLE_VENDOR_EXT
-	bool "Use datamodel vendor extensions"
-	default y
-	help
-	   Set this option to use bridge BBF vendor extensions.
-
-config DHCPMNGR_VENDOR_PREFIX
-	string "Package specific datamodel Vendor Prefix for TR181 extensions"
-	default ""
-endif
--- a/dhcpmngr/Makefile
+++ b/dhcpmngr/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=dhcpmngr
-PKG_VERSION:=1.1.6
+PKG_VERSION:=1.0.6

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dhcpmngr.git
-PKG_SOURCE_VERSION:=74d96cd70119e4ea08767d68b45b4922162d0328
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=986f66608959f4f589009d580b046e250d8c620d
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -39,22 +39,6 @@ define Package/dhcpmngr/description
  Package to add Device.DHCPv4. and Device.DHCPv6. data model support.
 endef

-define Package/$(PKG_NAME)/config
-        source "$(SOURCE)/Config.in"
-endef
-
-ifeq ($(CONFIG_DHCPMNGR_ENABLE_VENDOR_EXT),y)
-MAKE_FLAGS += DHCPMNGR_ENABLE_VENDOR_EXT=y
-endif
-
-ifeq ($(CONFIG_DHCPMNGR_VENDOR_PREFIX),"")
-VENDOR_PREFIX = $(CONFIG_BBF_VENDOR_PREFIX)
-else
-VENDOR_PREFIX = $(CONFIG_DHCPMNGR_VENDOR_PREFIX)
-endif
-
-TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(VENDOR_PREFIX)\\\"
-
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/dhcpmngr/* $(PKG_BUILD_DIR)/
--- a/dm-framework/Makefile
+++ b/dm-framework/Makefile
@@ -1,170 +0,0 @@
-#
-# Copyright (c) 2023 Genexis B.V. All rights reserved.
-# This Software and its content are protected by the Dutch Copyright Act
-# ('Auteurswet'). All and any copying and distribution of the software
-# and its content without authorization by Genexis B.V. is
-# prohibited. The prohibition includes every form of reproduction and
-# distribution.
-#
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dm-framework
-PKG_VERSION:=1.0.0
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/lcm/dm-framework.git
-PKG_SOURCE_VERSION:=ba2ec403f08cc0d5401a1610517f17490c94a978
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-
-# Build directories for each component
-DMAPI_BUILD_DIR:=$(PKG_BUILD_DIR)/dm-api-build
-DMAGENT_BUILD_DIR:=$(PKG_BUILD_DIR)/dm-agent-build
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-#
-# DM-API Package Definition
-#
-define Package/dm-api
-  CATEGORY:=Genexis
-  TITLE:=dm-api
-  DEPENDS:=+libsqlite3 \
-        +libjson-c +libstdcpp +quickjs \
-        +libubus +libubox +libuci
-  URL:=http://www.genexis.eu
-  PKG_LICENSE:=GENEXIS
-  PKG_LICENSE_URL:=
-endef
-
-define Package/dm-api/description
- This package contains api for the dm-framework
-endef
-
-#
-# DM-Agent Package Definition
-#
-define Package/dm-agent
-  DEPENDS:=+dm-api +libubox +libubus +ubus
-  CATEGORY:=Genexis
-  TITLE:=dm-framework agent
-  URL:=http://www.genexis.eu
-  PKG_LICENSE:=GENEXIS
-  PKG_LICENSE_URL:=
-endef
-
-define Package/dm-agent/description
- This package contains dm-framework agent.
-endef
-
-#
-# Build Preparation
-#
-define Build/Prepare
-	$(call Build/Prepare/Default)
-
-	# Prepare dm-api
-	mkdir -p $(DMAPI_BUILD_DIR)
-	$(CP) -rf $(PKG_BUILD_DIR)/dm-api/* $(DMAPI_BUILD_DIR)/
-
-	# Prepare dm-agent
-	mkdir -p $(DMAGENT_BUILD_DIR)
-	$(CP) -rf $(PKG_BUILD_DIR)/dm-agent/* $(DMAGENT_BUILD_DIR)/
-endef
-
-TARGET_CFLAGS += $(FPIC)
-
-#
-# Build Compilation
-#
-define Build/Compile
-	# Build dm-api
-	$(MAKE) -C $(DMAPI_BUILD_DIR)\
-		PROJECT_ROOT="$(DMAPI_BUILD_DIR)" \
-		CROSS_COMPILE="$(TARGET_CROSS)" \
-		ARCH="$(LINUX_KARCH)" \
-		EXTRA_CFLAGS="$(TARGET_CFLAGS) -I$(DMAPI_BUILD_DIR)" \
-		all
-
-	# Build dm-agent (depends on dm-api)
-	$(MAKE) -C $(DMAGENT_BUILD_DIR)\
-		PROJECT_ROOT="$(DMAGENT_BUILD_DIR)" \
-		CROSS_COMPILE="$(TARGET_CROSS)" \
-		ARCH="$(LINUX_KARCH)" \
-		EXTRA_CFLAGS="$(TARGET_CFLAGS) -I$(DMAGENT_BUILD_DIR)" \
-		all
-endef
-
-#
-# Development Installation (headers and libraries)
-#
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/usr/include
-	$(INSTALL_DIR) $(1)/usr/lib
-
-	# DM-API development files - headers are now in dm-api/include/
-	$(CP) $(DMAPI_BUILD_DIR)/include/dm_types.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/include/dm_node.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/core/dm_api.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/core/dm_linker.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/core/dbmgr.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/include/dm_log.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/utils/dm_list.h $(1)/usr/include/
-	$(CP) $(DMAPI_BUILD_DIR)/libdmapi.so $(1)/usr/lib/
-
-	# Install json2code.js script and package.json to staging for other packages to use
-	$(INSTALL_DIR) $(1)/usr/lib/dm-framework/scripts
-	$(CP) $(PKG_BUILD_DIR)/scripts/json2code.js $(1)/usr/lib/dm-framework/scripts/
-	$(CP) $(PKG_BUILD_DIR)/scripts/package.json $(1)/usr/lib/dm-framework/scripts/
-endef
-
-#
-# Package Installation - DM-API
-#
-define Package/dm-api/install
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(INSTALL_DIR) $(1)/sbin/
-	$(INSTALL_DIR) $(1)/etc/bbfdm/dmf
-
-	$(INSTALL_BIN) $(DMAPI_BUILD_DIR)/libdmapi.so $(1)/usr/lib/
-	$(CP) $(DMAPI_BUILD_DIR)/quickjs/uci.js $(1)/etc/bbfdm/dmf/
-	$(CP) $(DMAPI_BUILD_DIR)/quickjs/utils.js $(1)/etc/bbfdm/dmf/
-endef
-
-#
-# Package Installation - DM-Agent
-#
-define Package/dm-agent/install
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/config
-	$(BBFDM_REGISTER_SERVICES) ./dmf_service.json $(1) $(PKG_NAME)
-	$(INSTALL_BIN) $(DMAGENT_BUILD_DIR)/dm-agent $(1)/usr/sbin
-endef
-
-define Package/dm-framework
-  CATEGORY:=Genexis
-  TITLE:=DM Framework Meta Package
-  DEPENDS:=+dm-api +dm-agent
-  URL:=http://www.genexis.eu
-  PKG_LICENSE:=GENEXIS
-endef
-
-define Package/dm-framework/description
- This is a meta package that pulls in dm-api and dm-agent.
-endef
-
-define Package/dm-framework/install
-	true
-endef
-
-# Register all three packages
-$(eval $(call BuildPackage,dm-api))
-$(eval $(call BuildPackage,dm-agent))
-$(eval $(call BuildPackage,dm-framework))
--- a/dm-framework/dm-framework.mk
+++ b/dm-framework/dm-framework.mk
@@ -1,33 +0,0 @@
-# dm-framework.mk - Common rules for DM Framework
-
-DM_SCRIPT_DIR ?= $(STAGING_DIR)/usr/lib/dm-framework/scripts
-JSON2CODE = $(DM_SCRIPT_DIR)/json2code.js
-
-# Macro to generate code
-# $(1): Input directory (datamodels)
-# $(2): Output directory (where generated files go)
-# $(3): Vendor Prefix (optional)
-define Build/Compile/DM
-	$(INSTALL_DIR) $(2)
-	@# Install npm dependencies if not already installed
-	@if [ ! -d "$(DM_SCRIPT_DIR)/node_modules" ]; then \
-		cd $(DM_SCRIPT_DIR) && npm install --production; \
-	fi
-	node $(JSON2CODE) -i $(1) -o $(2) $(if $(3),--vendor-prefix $(3))
-	$(TARGET_CC) $(TARGET_CFLAGS) -I$(2) -I$(STAGING_DIR)/usr/include/ -fPIC -c $(2)/dm.c -o $(2)/dm.o
-	$(TARGET_CC) $(TARGET_LDFLAGS) -shared -o $(2)/lib$(PKG_NAME).so $(2)/dm.o
-endef
-
-# Macro to install DM
-# $(1): Input directory (datamodels)
-# $(2): Output directory (build dir)
-# $(3): Destination directory (rootfs)
-# $(4): Package Name (subdir in /etc/bbfdm/dmf)
-define Build/Install/DM
-	$(INSTALL_DIR) $(3)/etc/bbfdm/dmf/$(4)
-	$(CP) $(2)/lib$(PKG_NAME).so $(3)/etc/bbfdm/dmf/$(4)/
-	$(CP) $(1)/*.js $(3)/etc/bbfdm/dmf/$(4)/
-	$(CP) $(2)/default.db $(3)/etc/bbfdm/dmf/default_dm.db
-	$(CP) $(2)/exports.js $(3)/etc/bbfdm/dmf/$(4)/exports.js
-	$(CP) $(2)/dm_consts.js $(3)/etc/bbfdm/dmf/$(4)/dm_consts.js
-endef
--- a/dmcli-plugins/Makefile
+++ b/dmcli-plugins/Makefile
@@ -1,48 +0,0 @@
-#
-# Copyright (c) 2023 Genexis Netherlands B.V. All rights reserved.
-# This Software and its content are protected by the Dutch Copyright Act
-# ('Auteurswet'). All and any copying and distribution of the software
-# and its content without authorization by Genexis Netherlands B.V. is
-# prohibited. The prohibition includes every form of reproduction and
-# distribution.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dmcli-plugins
-PKG_LICENSE:=PROPRIETARY GENEXIS
-PKG_VERSION:=2.2.6
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/gnx/dmcli-plugin-easydm.git
-PKG_SOURCE_VERSION:=bc8b8527e8a41bdba73cb277a3c6c3b42b045153
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_HASH:=skip
-
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/dmcli-plugins
-  SECTION:=tools
-  CATEGORY:=Genexis
-  TITLE:=Easy-to-use data model on top of TR181
-  URL:=http://genexis.eu
-  DEPENDS:=+dmcli
-endef
-
-define Package/dmcli-plugins/description
-  EasyDM offers a user-friendly approach to configuring TR-181
-  simplifying the process with its intuitive interface.
-endef
-
-define Build/Compile
-	true
-endef
-
-define Package/dmcli-plugins/install
-	$(INSTALL_DIR) $(1)/usr/lib/dmcli/plugins
-	$(CP) $(PKG_BUILD_DIR)/src/*.js $(1)/usr/lib/dmcli/plugins/
-endef
-
-$(eval $(call BuildPackage,dmcli-plugins))
--- a/dmcli/Config.in
+++ b/dmcli/Config.in
@@ -1,9 +0,0 @@
-if PACKAGE_dmcli
-
-config DMCLI_REMOTE_CONNECTION
-        bool "Add dmcli remote controller configuration"
-        default n
-        help
-                This adds a usp controller configuration for dmcli remote connection from different machine/laptop/server.
-
-endif
--- a/dmcli/Makefile
+++ b/dmcli/Makefile
@@ -1,76 +0,0 @@
-#
-# Copyright (c) 2021 Genexis Netherlands B.V. All rights reserved.
-# This Software and its content are protected by the Dutch Copyright Act
-# ('Auteurswet'). All and any copying and distribution of the software
-# and its content without authorization by Genexis Netherlands B.V. is
-# prohibited. The prohibition includes every form of reproduction and
-# distribution.
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dmcli
-PKG_LICENSE:=PROPRIETARY GENEXIS
-PKG_VERSION:=1.9.6
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/gnx/dmcli.git
-PKG_SOURCE_VERSION:=f03188eff6c2cab59e4c8f18a435c940ff5043f5
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_HASH:=skip
-
-PKG_BUILD_PARALLEL:=1
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/dmcli
-  SECTION:=tools
-  CATEGORY:=Genexis
-  TITLE:=DMCLI (datamodel-based CLI)
-  URL:=http://genexis.eu
-  DEPENDS:=+usp-js +DMCLI_REMOTE_CONNECTION:mosquitto-auth-plugin +shadow-utils +@BUSYBOX_CONFIG_ADDUSER
-endef
-
-define Package/dmcli/description
-  CLI to view and configure datamodels of CPE
-endef
-
-define Package/dmcli/conffiles
-/etc/dmcli/dmcli.conf
-endef
-
-define Package/dmcli/config
-	source "$(SOURCE)/Config.in"
-endef
-
-define Package/dmcli/install
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dmcli $(1)/usr/bin/
-
-	$(INSTALL_DIR) $(1)/usr/lib/dmcli
-	$(CP) $(PKG_BUILD_DIR)/common $(1)/usr/lib/dmcli/
-	mv $(1)/usr/lib/dmcli/common/os_qjs.js $(1)/usr/lib/dmcli/common/os.js
-	rm $(1)/usr/lib/dmcli/common/os_node.js
-	$(CP) $(PKG_BUILD_DIR)/core $(1)/usr/lib/dmcli/
-	$(CP) $(PKG_BUILD_DIR)/cli $(1)/usr/lib/dmcli/
-	$(CP) $(PKG_BUILD_DIR)/data $(1)/usr/lib/dmcli/
-	$(CP) $(PKG_BUILD_DIR)/plugins $(1)/usr/lib/dmcli/
-
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DATA) ./files/etc/uci-defaults/36-dmcli $(1)/etc/uci-defaults/
-ifeq ($(CONFIG_DMCLI_REMOTE_CONNECTION),y)
-	$(INSTALL_DATA) ./files/etc/uci-defaults/36-dmcli-remote $(1)/etc/uci-defaults/
-else
-	$(INSTALL_DATA) ./files/etc/uci-defaults/36-dmcli-remote-remove $(1)/etc/uci-defaults/
-endif
-
-	$(INSTALL_DIR) $(1)/etc/dmcli
-	$(CP) ./files/etc/dmcli/dmcli.acl $(1)/etc/dmcli/
-	$(CP) ./files/etc/dmcli/dmcli.conf $(1)/etc/dmcli/
-
-	$(INSTALL_DIR) $(1)/etc/users/roles/
-	$(INSTALL_DATA) ./files/etc/users/roles/operator.json $(1)/etc/users/roles/
-endef
-
-$(eval $(call BuildPackage,dmcli))
--- a/dmcli/files/etc/dmcli/dmcli.acl
+++ b/dmcli/files/etc/dmcli/dmcli.acl
@@ -1,4 +0,0 @@
-user operator
-topic read /usp/operator/controller/reply-to
-topic read /usp/operator/controller
-topic write /usp/operator/endpoint
--- a/dmcli/files/etc/dmcli/dmcli.conf
+++ b/dmcli/files/etc/dmcli/dmcli.conf
@@ -1,45 +0,0 @@
-{
-   "Settings": {
-      "USP": {
-         "ActiveConnectionProfile": "local",
-         "ConnectionProfile": [
-            {
-               "Name": "local",
-               "Host": "127.0.0.1",
-               "Port": 9002,
-               "Username": "operator",
-               "Protocol": "ws",
-               "FromId": "oui:000F94:device-controller-operator",
-               "PublishEndpoint": "/usp/operator/endpoint",
-               "SubscribeEndpoint": "/usp/operator/controller"
-            }
-         ],
-         "Session": {
-            "AutoStart": false
-         },
-         "Notification": {
-            "LogTo": "console",
-            "Format": "brief",
-            "LogFile": "usp-notification.log"
-         }
-      },
-      "CLI": {
-         "Home": "/",
-         "Color": "true",
-         "Mode": "Command",
-         "ShowCommandTime": false,
-         "SortDMTree": false
-      },
-      "Prompt": {
-         "Auto": true,
-         "Color": "default",
-         "SelectedBackgroundColor": "yellow",
-         "PageSize": "3",
-         "AutoPromptOnEmptyCommand": false,
-         "AutoPromptInstanceNumbers": false
-      },
-      "Log": {
-         "Level": "Error"
-      }
-   }
-}
--- a/dmcli/files/etc/uci-defaults/36-dmcli
+++ b/dmcli/files/etc/uci-defaults/36-dmcli
@@ -1,120 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-. /lib/functions/iopsys-environment.sh
-. /usr/share/libubox/jshn.sh
-
-DMCLI_CONF="/etc/dmcli/dmcli.conf"
-CONTROLLER_ID='oui:000F94:device-controller-operator'
-DMCLI_RESP_TOPIC="/usp/operator/endpoint"
-DMCLI_CTRL_TOPIC="/usp/operator/controller"
-DMCLI_PORT="9002"
-
-grep -q "^operator:" /etc/passwd || {
-	adduser -g 'Operator' -D -H -s /usr/bin/dmcli --home '/usr/lib/dmcli' 'operator'
-	hash=""
-	if type get_operator_password_hash > /dev/null 2>&1; then
-		hash=$(get_operator_password_hash)
-	fi
-	if [ -z "$hash" ]; then
-		hash='$6$zP4Wk/VQJOLwwofC$teuhnYFQBcA8YUZo/Q0quDMi4SsOHmfBcyvt5VNchPnzgwF1nfNNliC3yBVW22NwmwttPEWeBEBfnMTBB0rYs/'
-	fi
-	echo "operator:${hash}" | chpasswd -e
-}
-
-grep -q "^/usr/bin/dmcli$" /etc/shells || {
-	echo '/usr/bin/dmcli' >> /etc/shells
-}
-
-uci -q del_list sshd.@sshd[0].AllowUsers='operator'
-uci -q add_list sshd.@sshd[0].AllowUsers='operator'
-
-uci -q delete users.operator
-uci -q set users.operator=user
-uci -q set users.operator.enabled=1
-uci -q set users.operator.shell='dmcli'
-uci -q set users.operator.member_roles='operator'
-
-if [ -f "/etc/config/mosquitto" ]; then
-	uci_add mosquitto listener dmcli_local
-	uci_set mosquitto dmcli_local enabled 1
-	uci_set mosquitto dmcli_local port "${DMCLI_PORT}"
-	uci_set mosquitto dmcli_local protocol 'websockets'
-	uci_set mosquitto dmcli_local acl_file '/etc/dmcli/dmcli.acl'
-	uci_set mosquitto dmcli_local no_remote_access '1'
-	uci_set mosquitto dmcli_local allow_anonymous '1'
-fi
-
-if [ -f "/etc/config/obuspa" ]; then
-	uci_add obuspa mqtt mqtt_operator
-	uci_set obuspa mqtt_operator BrokerAddress '127.0.0.1'
-	uci_set obuspa mqtt_operator BrokerPort '1883'
-	uci_set obuspa mqtt_operator TransportProtocol 'TCP/IP'
-
-	uci_add obuspa mtp mtp_operator
-	uci_set obuspa mtp_operator Protocol 'MQTT'
-	uci_set obuspa mtp_operator ResponseTopicConfigured "${DMCLI_RESP_TOPIC}"
-	uci_set obuspa mtp_operator mqtt 'mqtt_operator'
-
-	uci_add obuspa controller controller_operator
-	uci_set obuspa controller_operator EndpointID "${CONTROLLER_ID}"
-	uci_set obuspa controller_operator Protocol 'MQTT'
-	uci_set obuspa controller_operator Topic "${DMCLI_CTRL_TOPIC}"
-	uci_set obuspa controller_operator mqtt 'mqtt_operator'
-	uci_set obuspa controller_operator assigned_role_name 'operator'
-fi
-
-_get_endpoint_id() {
-	local id serial oui
-
-	id="$(uci -q get obuspa.localagent.EndpointID)"
-	if [ -n "${id}" ]; then
-		echo "${id}"
-		return 0
-	fi
-
-	serial="$(db -q get device.deviceinfo.SerialNumber)"
-	oui="$(db -q get device.deviceinfo.ManufacturerOUI)"
-
-	echo "os::${oui}-${serial//+/%2B}"
-}
-
-update_dmcli_conf() {
-	local endpointid confTmpFile
-	local port fromid publish subscribe toid
-
-	if [ -f "${DMCLI_CONF}" ]; then
-		endpointid="$(_get_endpoint_id)"
-		json_load_file "${DMCLI_CONF}" || return
-		json_select "Settings" || return
-			json_select "USP" || return
-				json_select "ConnectionProfile" || return
-					json_select "1" || return
-						json_get_var port "Port"
-						json_get_var fromid "FromId"
-						json_get_var publish "PublishEndpoint"
-						json_get_var subscribe "SubscribeEndpoint"
-						json_get_var toid "ToId"
-
-						json_add_int "Port" "${DMCLI_PORT}"
-						json_add_string "FromId" "${CONTROLLER_ID}"
-						json_add_string "PublishEndpoint" "${DMCLI_RESP_TOPIC}"
-						json_add_string "SubscribeEndpoint" "${DMCLI_CTRL_TOPIC}"
-						json_add_string "ToId" "${endpointid}"
-					json_select ..
-				json_select ..
-			json_select ..
-		json_select ..
-
-		if [ "${port}" != "${DMCLI_PORT}" ] || [ "${fromid}" != "${CONTROLLER_ID}" ] || \
-			[ "${publish}" != "${DMCLI_RESP_TOPIC}" ] || [ "${subscribe}" != "${DMCLI_CTRL_TOPIC}" ] || \
-			[ "${toid}" != "${endpointid}" ]; then
-			confTmpFile="$(mktemp -u -p "$(dirname "$DMCLI_CONF")" "$(basename "$DMCLI_CONF").XXXXXXX")"
-			json_pretty
-			json_dump > "${confTmpFile}" || return
-			mv -f "${confTmpFile}" "${DMCLI_CONF}" || return
-		fi
-	fi
-}
-
-update_dmcli_conf || exit
--- a/dmcli/files/etc/uci-defaults/36-dmcli-remote
+++ b/dmcli/files/etc/uci-defaults/36-dmcli-remote
@@ -1,14 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-if [ -f "/etc/config/mosquitto" ]; then
-	uci_add mosquitto listener dmcli
-	uci_set mosquitto dmcli enabled 1
-	uci_set mosquitto dmcli port '9003'
-	uci_set mosquitto dmcli protocol 'websockets'
-	uci_set mosquitto dmcli auth_plugin '/usr/lib/mosquitto_auth_plugin.so'
-	uci_set mosquitto dmcli acl_file '/etc/dmcli/dmcli.acl'
-fi
-
-exit 0
--- a/dmcli/files/etc/uci-defaults/36-dmcli-remote-remove
+++ b/dmcli/files/etc/uci-defaults/36-dmcli-remote-remove
@@ -1,9 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-if [ -f "/etc/config/mosquitto" ]; then
-	uci_remove mosquitto dmcli
-fi
-
-exit 0
--- a/dmcli/files/etc/users/roles/operator.json
+++ b/dmcli/files/etc/users/roles/operator.json
@@ -1,14 +0,0 @@
-{
-  "tr181": {
-    "name": "operator",
-    "instance": 6,
-    "permission": [
-      {
-        "object": "Device.",
-        "perm": [
-          "PERMIT_ALL"
-        ]
-      }
-    ]
-  }
-}
--- a/dmcli/src/Makefile
+++ b/dmcli/src/Makefile
@@ -1,7 +0,0 @@
-all: dmcli
-
-dmcli: main.c
-	$(CC) $(CFLAGS) -Wall -Werror -o $@ $^
-
-clean:
-	rm -f dmcli
--- a/dmcli/src/main.c
+++ b/dmcli/src/main.c
@@ -1,32 +0,0 @@
-/*
-* Copyright (c) 2021 Genexis Netherlands B.V. All rights reserved.
-* This Software and its content are protected by the Dutch Copyright Act
-* ('Auteurswet'). All and any copying and distribution of the software
-* and its content without authorization by Genexis Netherlands B.V. is
-* prohibited. The prohibition includes every form of reproduction and
-* distribution.
-*/
-
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-
-/* C Wrapper for operator to login to the CLI via ssh: the shell in
- * the passwd file cannot be a script that requires an interpreter. */
-int main(int argc, char *argv[])
-{
-	char *cmd[3 + (argc > 1 ? argc - 1 : 0)];
-
-	cmd[0] = "/usr/bin/qjs";
-	cmd[1] = "/usr/lib/dmcli/cli/main.js";
-	cmd[2] = NULL;
-
-	if (argc > 1) {
-		memcpy(&cmd[2], &argv[1], (argc - 1) * sizeof(char *));
-		cmd[2 + argc - 1] = NULL;
-	}
-
-	execv(cmd[0], cmd);
-	fprintf(stderr, "%s: command not found\n", cmd[0]);
-	return 127;
-}
--- a/dnsmngr/Makefile
+++ b/dnsmngr/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=dnsmngr
-PKG_VERSION:=1.0.20
+PKG_VERSION:=1.0.18

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dnsmngr.git
-PKG_SOURCE_VERSION:=83e485fae8905f9061257264cf43ea41e47743a6
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=80fa147e6f1f0d9c1a62a62a693ff3adaef45363
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/dslmngr/Makefile
+++ b/dslmngr/Makefile
@@ -15,7 +15,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
 PKG_SOURCE_VERSION:=8fb4093b4d26b3cb06603e110d424005e33cf5d6
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip
 endif
--- a/ebtables-extensions/Makefile
+++ b/ebtables-extensions/Makefile
@@ -14,7 +14,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ebtables-extensions.git
 PKG_SOURCE_VERSION:=7357622d806833d93d317164dc6673fbf5fd1629
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/ethmngr/Makefile
+++ b/ethmngr/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ethmngr
-PKG_VERSION:=3.1.4
+PKG_VERSION:=3.0.8

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/ethmngr.git
-PKG_SOURCE_VERSION:=0283fb5cb74a7baca46c4360da680757c57c86ac
+PKG_SOURCE_VERSION:=c73e5b15718ca40b2740bbe6151dfbb2bcca16df
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif
--- a/fatrace/Makefile
+++ b/fatrace/Makefile
@@ -16,7 +16,7 @@ PKG_SOURCE_VERSION:=98af6019a4a1b478a6fa35f74528cb3cd404ae40
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://git.launchpad.net/fatrace

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)

--- a/fdtextract/Makefile
+++ b/fdtextract/Makefile
@@ -10,15 +10,20 @@ PKG_NAME:=fdtextract
 PKG_RELEASE:=1
 PKG_VERSION:=1.0

-PKG_SOURCE_URL:=https://dev.iopsys.eu/system/fdtextract.git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/fdtextract.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=7917dbcb29724476cd46164eec29848df1e5fb67
+PKG_SOURCE_VERSION:=e3cefda3b26c9aea3021b20725ce7b31b33eebc4
 PKG_MIRROR_HASH:=skip

 PKG_LICENSE:=GPLv2
 PKG_LICENSE_FILES:=LICENSE

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+RSTRIP:=true
+export BUILD_DIR
+
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_PARALLEL:=1

 include $(INCLUDE_DIR)/package.mk
@@ -35,7 +40,9 @@ endef

 define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/usr/sbin
+
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/fdtextract $(1)/usr/sbin/
+	$(STRIP) $(1)/usr/sbin/fdtextract
 endef

 $(eval $(call BuildPackage,$(PKG_NAME)))
--- a/firewallmngr/Config.in
+++ b/firewallmngr/Config.in
@@ -8,5 +8,11 @@ config FIREWALLMNGR_PORT_TRIGGER
 	help
 	   Set this option to include support for PortTrigger object.

+config FIREWALLMNGR_NAT_INTERFACE_SETTING
+	bool "Include Device.NAT.InterfaceSetting"
+	default y
+	help
+	   Set this option to include support for NAT InterfaceSetting object.
+
 endmenu
 endif
--- a/firewallmngr/Makefile
+++ b/firewallmngr/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=firewallmngr
-PKG_VERSION:=1.0.12
+PKG_VERSION:=1.0.9.2

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
-PKG_SOURCE_VERSION:=30319c67fb4db285a2bcd272b1c10bc040eecf19
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=fdabd33cf42ac02adadbdf43bd8bf86a62d7d1e3
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -52,6 +52,10 @@ ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
 	TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
 endif

+ifeq ($(CONFIG_FIREWALLMNGR_NAT_INTERFACE_SETTING),y)
+	TARGET_CFLAGS += -DINCLUDE_NAT_IF_SETTING
+endif
+
 define Package/firewallmngr/install
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
--- a/fluent-bit/Makefile
+++ b/fluent-bit/Makefile
@@ -13,7 +13,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit.git
 PKG_SOURCE_VERSION=v$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/gateway-info/Makefile
+++ b/gateway-info/Makefile
@@ -15,7 +15,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/gateway-info.git
 PKG_SOURCE_VERSION:=dd15893a8291e556a8c49ff9e143c763db0379b5
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/gateway-info/files/etc/uci-defaults/86-set-gateway-device-info
+++ b/gateway-info/files/etc/uci-defaults/86-set-gateway-device-info
@@ -110,7 +110,7 @@ configure_send_op125() {


 	if [ "${uci}" = "network" ]; then
-		[ -n "${sendopt}" ] && new_send_opt="$sendopt $opt125" || new_send_opt="$opt125"
+		new_send_opt="$sendopt $opt125"
 		uci -q set network."${intf}".sendopts="$new_send_opt"
 	else
 		new_send_opt="$sendopt$opt125"
@@ -228,7 +228,7 @@ enable_dhcp_option125() {

 	if [ "${proto}" = "dhcp" ]; then
 		if [ ${req125_present} -eq 0 ]; then
-			[ -n "${reqopts}" ] && newreqopts="$reqopts 125" || newreqopts="125"
+			newreqopts="$reqopts 125"
 			uci -q set network."${wan}".reqopts="$newreqopts"
 		fi

--- a/gateway-info/files/etc/udhcpc.user.d/udhcpc_gateway_info.user
+++ b/gateway-info/files/etc/udhcpc.user.d/udhcpc_gateway_info.user
@@ -40,22 +40,22 @@ get_vivsoi() {

 	#hex-string 2 character=1 Byte
 	# length in hex string will be twice of actual Byte length
-	[ "${len}" -gt 8 ] || return
+	[ "$len" -gt "8" ] || return

 	data="${opt125}"
 	rem_len="${len}"
-	while [ "${rem_len}" -gt 0 ]; do
+	while [ $rem_len -gt 0 ]; do
 		ent_id=${data:0:8}
 		ent_id=$(printf "%d\n" "0x$ent_id")

-		if [ "${ent_id}" -ne  3561 ]; then
+		if [ $ent_id -ne  3561 ]; then
 			len_val=${data:8:2}
 			data_len=$(printf "%d\n" "0x$len_val")
 			# add 4 byte for ent_id and 1 byte for len
 			data_len=$(( data_len * 2 + 10 ))
 			# move ahead data to next enterprise id
 			data=${data:"${data_len}":"${rem_len}"}
-			rem_len=$(( rem_len - data_len ))
+			rem_len=$(( rem_len - $data_len ))
 			continue
 		fi

@@ -66,7 +66,7 @@ get_vivsoi() {
 		data_len=$(( data_len * 2 + 10 ))

 		opt_len=$(printf "%d\n" "0x$len_val")
-		[ "${opt_len}" -eq 0 ] && return
+		[ $opt_len -eq 0 ] && return

 		# populate the option data of enterprise id
 		sub_data_len=$(( opt_len * 2))
@@ -74,7 +74,7 @@ get_vivsoi() {
 		sub_data=${data:10:"${sub_data_len}"}

 		# parsing of suboption of option 125
-		while [ "${sub_data_len}" -gt 0 ]; do
+		while [ $sub_data_len -gt 0 ]; do
 			# get the suboption id
 			sub_opt_id=${sub_data:0:2}
 			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
@@ -85,20 +85,20 @@ get_vivsoi() {
 			sub_opt_len=$(( sub_opt_len * 2 ))

 			# get the value of sub option starting 4 means starting after length
-			sub_opt_val=${sub_data:4:"${sub_opt_len}"}
+			sub_opt_val=${sub_data:4:${sub_opt_len}}

 			# assign the value found in sub option
 			case "${sub_opt_id}" in
 				"4")
-				OUI=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				OUI=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				GW_DISCOVERED=1
 				;;
 				"5")
-				SERIAL=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				SERIAL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				GW_DISCOVERED=1
 				;;
 				"6")
-				CLASS=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				CLASS=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				GW_DISCOVERED=1
 				;;
 			esac
@@ -110,7 +110,7 @@ get_vivsoi() {
 			sub_data_len=$((sub_data_len - sub_opt_end))

 			# fetch next sub option hex string
-			sub_data=${sub_data:"${sub_opt_end}":"${sub_data_len}"}
+			sub_data=${sub_data:${sub_opt_end}:${sub_data_len}}
 		done

 		# move ahead data to next enterprise id
@@ -131,13 +131,15 @@ send_host_query() {
 		sleep 5

 		json_load "$(ubus call umdns browse)"
-		if ! json_select discovered_services; then
+		json_select discovered_services
+		if [ "${?}" -ne 0 ]; then
 			json_cleanup
 			loop=$(( loop - 1 ))
 			continue
 		fi

-		if ! json_select _usp-agt-mqtt._tcp; then
+		json_select _usp-agt-mqtt._tcp
+		if [ "${?}" -ne 0 ]; then
 			json_cleanup
 			loop=$(( loop - 1 ))
 			continue
@@ -154,7 +156,7 @@ send_host_query() {

 	json_get_keys keys
 	for key in $keys; do
-		json_select "${key}"
+		json_select $key
 		json_get_var _host host ""

 		if [ -z "${_host}" ] || [[ "${sent_host}" =~ " ${_host}" ]]; then
@@ -164,10 +166,9 @@ send_host_query() {

 		sent_host="${sent_host} ${_host}"
 		cmd="ubus call umdns query '{\"question\":\"$_host\",\"interface\":\"$intf\"}'"
-		sh -c "${cmd}"
+		eval $cmd
 		resp=0
 		json_select ..
-		sleep 2 # umdns query sometime takes time to resolve so adding some sleep
 	done

 	json_cleanup
@@ -184,29 +185,32 @@ get_usp_agent_id() {
 	fi

 	json_load "$(ubus call umdns browse)"
-	if ! json_select discovered_services; then
+	json_select discovered_services
+	if [ "${?}" -ne 0 ]; then
 		json_cleanup
-		echo "${ID}"
+		echo ${ID}
 		return 0
 	fi

-	if ! json_select _usp-agt-mqtt._tcp; then
+	json_select _usp-agt-mqtt._tcp
+	if [ "${?}" -ne 0 ]; then
 		json_cleanup
-		echo "${ID}"
+		echo ${ID}
 		return 0
 	fi

 	json_get_keys keys
 	for key in $keys; do
-		json_select "${key}"
-		if ! json_select "${family}"; then
+		json_select $key
+		json_select $family
+		if [ "${?}" -ne 0 ]; then
 			json_select ..
 			continue
 		fi

 		json_get_keys ips
 		for ip in $ips; do
-			json_get_var ip_val "${ip}"
+			json_get_var ip_val $ip
 			if [ "${ip_val}" != "${dhcp_ip}" ]; then
 				continue
 			fi
@@ -215,8 +219,8 @@ get_usp_agent_id() {
 			json_select txt
 			json_get_keys txts
 			for _txt in $txts; do
-				json_get_var text_val "${_txt}"
-				if [[ "${text_val:0:3}" = "ID=" ]]; then
+				json_get_var text_val $_txt
+				if [[ "${text_val:0:3}" == "ID=" ]]; then
 					ID="${text_val:3}"
 					break
 				fi
@@ -234,16 +238,16 @@ get_usp_agent_id() {
 	done

 	json_cleanup
-	echo "${ID}"
+	echo ${ID}
 }

 get_mac_address() {
 	ip="${1}"
 	device="${2}"

-	mac=$(grep "${ip}" /proc/net/arp | awk '{print $4}')
+	mac="$(cat /proc/net/arp | grep $ip | awk '{print $4}')"
 	if [ -z "${mac}" ]; then
-		arp_resp=$(arping -b -f -c 5 -I "${device}" "${ip}" | grep 'Unicast reply from' | awk '{print $5}')
+		arp_resp="$(arping -b -f -c 5 -I $device $ip | grep 'Unicast reply from' | awk '{print $5}')"
 		if [ -n "${arp_resp}" ]; then
 			mac=${arp_resp:1:-1}
 		fi
@@ -256,7 +260,7 @@ send_unknown_gw_event() {
 	mac="${1}"

 	cmd="ubus -t 5 send gateway-info.gateway.unknown '{\"hwaddr\":\"$mac\"}'"
-	sh -c "${cmd}"
+	eval $cmd
 }

 send_cwmp_gw_event() {
@@ -265,14 +269,14 @@ send_cwmp_gw_event() {
 	serial="${3}"

 	cmd="ubus -t 5 send gateway-info.gateway.cwmp '{\"oui\":\"$oui\",\"class\":\"$class\",\"serial\":\"$serial\"}'"
-	sh -c "${cmd}"
+	eval $cmd
 }

 send_usp_gw_event() {
 	endpoint="${1}"

 	cmd="ubus -t 5 send gateway-info.gateway.usp '{\"endpoint\":\"$endpoint\"}'"
-	sh -c "${cmd}"
+	eval $cmd
 }

 config_load gateway
@@ -283,13 +287,13 @@ if [ "${enable}" -eq 0 ]; then
 	return 0
 fi

-if [ "${wan_intf}" = "${INTERFACE}" ]; then
-	if [ "${1}" = "deconfig" ]; then
+if [ "${wan_intf}" == "${INTERFACE}" ]; then
+	if [ "${1}" == "deconfig" ]; then
 		rm -rf /var/state/gwinfo
 		return 0
 	fi

-	json_load "$(ifstatus "${INTERFACE}")"
+	json_load "$(ifstatus ${INTERFACE})"
 	json_get_var dev_name device ""
 	json_select data
 	json_get_var dhcp_ip dhcpserver ""
@@ -299,7 +303,7 @@ if [ "${wan_intf}" = "${INTERFACE}" ]; then
 		return 0
 	fi

-	MAC=$(get_mac_address "${dhcp_ip}" "${dev_name}")
+	MAC="$(get_mac_address $dhcp_ip $dev_name)"

 	mkdir -p /var/state
 	touch /var/state/gwinfo
@@ -322,8 +326,8 @@ if [ "${wan_intf}" = "${INTERFACE}" ]; then
 		return 0
 	fi

-	len=$(echo -n "${opt125}" | wc -c)
-	get_vivsoi "${opt125}" "${len}"
+	len=$(printf "$opt125"|wc -c)
+	get_vivsoi "$opt125" "$len"

 	if [ "${GW_DISCOVERED}" -eq 0 ]; then
 		send_unknown_gw_event "${MAC}"
@@ -337,18 +341,19 @@ if [ "${wan_intf}" = "${INTERFACE}" ]; then
 	uci -q -c /var/state commit gwinfo

 	# Check for USP parameters
-	if ! ubus -t 15 wait_for umdns; then
+	ubus -t 15 wait_for umdns
+	if [ "${?}" -ne 0 ]; then
 		send_cwmp_gw_event "${OUI}" "${CLASS}" "${SERIAL}"
 		return 0
 	fi

-	resp=$(send_host_query "${dev_name}")
+	resp=$(send_host_query $dev_name)
 	if [ "${resp}" -ne 0 ]; then
 		send_cwmp_gw_event "${OUI}" "${CLASS}" "${SERIAL}"
 		return 0
 	fi

-	ID=$(get_usp_agent_id "${dhcp_ip}")
+	ID="$(get_usp_agent_id $dhcp_ip)"
 	if [ -z "${ID}" ]; then
 		send_cwmp_gw_event "${OUI}" "${CLASS}" "${SERIAL}"
 		return 0
--- a/hostmngr/Makefile
+++ b/hostmngr/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=hostmngr
-PKG_VERSION:=1.4.3
+PKG_VERSION:=1.3.3

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=667866b8149d3df83a05536319eac02aee0b6d75
+PKG_SOURCE_VERSION:=fee5bd0067fc1f30498bc2b81e893d170796b459
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/icwmp/Makefile
+++ b/icwmp/Makefile
@@ -8,14 +8,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=icwmp
-PKG_VERSION:=9.10.11
+PKG_VERSION:=9.9.9.5

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=e672f84d95803e3047bba9e242afd38452f045e2
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=f3d5843c54a4c1c3e74629f0953a3bf144c2fa8e
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -84,7 +84,6 @@ define Package/icwmp/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
 	$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
-	$(INSTALL_BIN) ./files/etc/uci-defaults/50-cwmp-align-keep-config $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/95-set-random-inform-time $(1)/etc/uci-defaults/
--- a/icwmp/files/etc/config/cwmp
+++ b/icwmp/files/etc/config/cwmp
@@ -31,6 +31,7 @@ config cpe 'cpe'
 	option bind_retries '5'
 	option userid '' #$OUI-$SER
 	option passwd ''
+	option port '7547'
 	option provisioning_code ''
 	option amd_version '5'
 	# compression possible configs: InstanceNumber, InstanceAlias
@@ -42,9 +43,7 @@ config cpe 'cpe'
 	option periodic_notify_interval '10'
 	option incoming_rule 'Port_Only'
 	option active_notif_throttle '0'
-	#option KeepConfig '1'
-	#option KeepOpConf '1'
-	#option ConfigScope 'UserOnly'
+	option fw_upgrade_keep_settings '1'
 	option clock_sync_timeout '128'
 	option disable_datatype_check '0'
 	#list allowed_cr_ip '10.5.1.0/24'
--- a/icwmp/files/etc/icwmpd/firewall.cwmp
+++ b/icwmp/files/etc/icwmpd/firewall.cwmp
@@ -133,56 +133,9 @@ add_firewall_rule() {
 	fi
 }

-remove_port_protection() {
-	local enabled chain rule rule_num
-
-	config_get enabled "${1}" "${2}"
-
-	if [ "${enabled}" -eq 1 ]; then
-		config_get zonename "$1" name
-		[ -n "$zonename" ] || return 0
-
-		chain='prerouting_'$zonename'_rule'
-
-		while rule=$(iptables -w -t nat -nL "$chain" --line-numbers | grep -m 1 -w CWMP_Port_protection); do
-			rule_num=${rule%%[$' \t']*}
-			iptables -w -t nat -D "$chain" "$rule_num"
-		done
-	fi
-}
-
-cleanup_port_protection() {
-	config_load firewall
-	config_foreach remove_port_protection zone masq
-}
-
-install_port_protection() {
-	local PORT="${3}"
-	local enabled zonename chain
-
-	config_get enabled "${1}" "${2}"
-
-	if [ "${enabled}" -eq 1 ]; then
-		config_get zonename "${1}" name
-		[ -n "$zonename" ] || return 0
-
-		chain='prerouting_'$zonename'_rule'
-
-		iptables -w -t nat -I "$chain" -p tcp --dport "$PORT" -j ACCEPT -m comment --comment=CWMP_Port_protection
-		iptables -w -t nat -I "$chain" -p udp --dport "$PORT" -j ACCEPT -m comment --comment=CWMP_Port_protection
-	fi
-}
-
-add_port_protection() {
-	config_load firewall
-	config_foreach install_port_protection zone masq "${1}"
-}
-
 configure_connection_req_rules() {
 	app="${1}"

-	cleanup_port_protection
-
 	wan="$(uci -q get cwmp.cpe.default_wan_interface)"
 	wan="${wan:-wan}"

@@ -222,11 +175,8 @@ configure_connection_req_rules() {
 		fi
 	fi

-	port=$(uci -q -c /var/state get icwmp.cpe.port)
-	if [ -z "${port}" ]; then
-		log "cwmp cpe port not configured"
-		exit 0
-	fi
+	port=$(uci -q get cwmp.cpe.port)
+	port="${port:-7547}"

 	ipaddr=$(uci -q get cwmp.cpe.allowed_cr_ip)
 	if [ -n "${ipaddr}" ]; then
@@ -247,8 +197,6 @@ configure_connection_req_rules() {
 		# Close the ACS port at Lan side
 		close_downstream_acs_port "${lan}" "${port}"
 	fi
-
-	add_port_protection "${port}"
 }

 load_zone_names
--- a/icwmp/files/etc/init.d/icwmpd
+++ b/icwmp/files/etc/init.d/icwmpd
@@ -97,9 +97,7 @@ validate_cpe_section()
 		'periodic_notify_enable:bool' \
 		'enable:bool:1' \
 		'periodic_notify_interval:uinteger' \
-		'KeepConfig:bool' \
-		'KeepOpConf:bool' \
-		'ConfigScope:string'
+		'fw_upgrade_keep_settings:bool'
 }

 validate_defaults() {
@@ -170,21 +168,13 @@ start_service() {

 stop_service()
 {
-	local switch_bank KeepConfig KeepOpConf ConfigScope
+	local switch_bank

 	copy_cwmp_varstate_files_to_etc
+	
 	switch_bank=$(uci -q -c /var/state/ get icwmp.cpe.switch_bank)
-	if [ "$switch_bank" = "1" ] && [ -x /etc/sysmngr/fwbank ]; then
-		KeepConfig="$(uci -q get cwmp.cpe.KeepConfig)"
-		KeepOpConf="$(uci -q get cwmp.cpe.KeepOpConf)"
-		ConfigScope="$(uci -q get cwmp.cpe.ConfigScope)"
-
-		json_init
-		[ -n "${KeepConfig}" ] && json_add_boolean "keep_config" "${KeepConfig}"
-		[ -n "${KeepOpConf}" ] && json_add_boolean "keep_opconf" "${KeepOpConf}"
-		[ -n "${ConfigScope}" ] && json_add_string "config_scope" "${ConfigScope}"
-
-		json_dump| /etc/sysmngr/fwbank call copy_config
+	if [ -n "$switch_bank" ] && [ "$switch_bank" = "1" ]; then
+		[ -x /etc/sysmngr/fwbank ] && /etc/sysmngr/fwbank call copy_config
 	fi
 }

--- a/icwmp/files/etc/uci-defaults/50-cwmp-align-keep-config
+++ b/icwmp/files/etc/uci-defaults/50-cwmp-align-keep-config
@@ -1,7 +0,0 @@
-#!/bin/sh
-
-keep_settings="$(uci -q get cwmp.cpe.fw_upgrade_keep_settings)"
-if [ -n "${keep_settings}" ]; then
-	uci -q delete cwmp.cpe.fw_upgrade_keep_settings
-	uci -q set cwmp.cpe.KeepConfig="${keep_settings}"
-fi
--- a/icwmp/files/etc/uci-defaults/90-cwmpfirewall
+++ b/icwmp/files/etc/uci-defaults/90-cwmpfirewall
@@ -5,6 +5,7 @@ uci -q batch <<-EOT
        set firewall.cwmp=include
        set firewall.cwmp.path=/etc/icwmpd/firewall.cwmp
        set firewall.cwmp.reload=1
+        commit firewall
 EOT

 exit 0
--- a/icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
+++ b/icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
@@ -16,12 +16,12 @@ get_opt43() {
 	local opt43="$1"
 	local len="$2"

-	[ "${len}" -gt 2 ] || return
+	[ "$len" -gt "2" ] || return

 	first_byte=${opt43:0:2}
 	first_byte=$(printf "%d\n" "0x$first_byte")

-	if [ "${len}" -ge 4 ] && [ "${first_byte}" -ge 1 ] && [ "${first_byte}" -le 4 ]; then
+	if [ $len -ge 4 ] && [ $first_byte -ge 1 ] && [ $first_byte -le 4 ]; then
 		# it is in encapsulated form
 		# opt43 encapsulated vendor-specific option has data in below format
 		#  Code   Len   Data item        Code   Len   Data item        Code
@@ -35,7 +35,7 @@ get_opt43() {
 		data="${opt43}"
 		rem_len="${len}"
 		# parsing of suboption of option 43
-		while [ "${rem_len}" -gt 0 ]; do
+		while [ $rem_len -gt 0 ]; do
 			# get the suboption id
 			sub_opt_id=${data:0:2}
 			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
@@ -50,13 +50,13 @@ get_opt43() {

 			# assign the value found in sub option
 			case "${sub_opt_id}" in
-				"1") DHCP_ACS_URL=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				"1") DHCP_ACS_URL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				;;
-				"2") DHCP_PROV_CODE=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				"2") DHCP_PROV_CODE=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				;;
-				"3") MIN_WAIT_INVL=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				"3") MIN_WAIT_INVL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				;;
-				"4") INVL_MULTIPLIER=$(echo -n "${sub_opt_val}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+				"4") INVL_MULTIPLIER=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 				;;
 			esac

@@ -70,14 +70,13 @@ get_opt43() {
 			rem_len=$((rem_len - sub_opt_end))
 		done
 	else
-		DHCP_ACS_URL=$(echo -n "${opt43}" | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
+		DHCP_ACS_URL=$(echo -n $opt43 | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
 	fi
 }

 config_load cwmp
 config_get wan_intf cpe default_wan_interface "wan"
 config_get dhcp_discovery acs dhcp_discovery "0"
-config_get_bool insecure_enable acs insecure_enable "0"
 config_get dhcp_url acs dhcp_url ""
 config_get min_wait_intvl acs dhcp_retry_min_wait_interval "0"
 config_get intvl_multi acs dhcp_retry_interval_multiplier "0"
@@ -93,9 +92,9 @@ if [ "$discovery_enable" = "0" ]; then
 	return 0
 fi

-if [ "${wan_intf}" = "${INTERFACE}" ]; then
+if [ "${wan_intf}" == "${INTERFACE}" ]; then
 	if [ -n "$opt43" ]; then
-		len=$(echo -n "$opt43"|wc -c)
+		len=$(printf "$opt43"|wc -c)
 		get_opt43 "$opt43" "$len"
 	fi

@@ -103,17 +102,6 @@ if [ "${wan_intf}" = "${INTERFACE}" ]; then
 		return 0
 	fi

-	if [ "${insecure_enable}" -eq "0" ]; then
-		case $DHCP_ACS_URL in
-		https://*)
-			log "ACS url $DHCP_ACS_URL has https"
-			;;
-		*)
-			return 0
-			;;
-		esac
-	fi
-
 	sec=$(uci -q get cwmp.acs)

 	if [ -z "${sec}" ]; then
--- a/ieee1905/Makefile
+++ b/ieee1905/Makefile
@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ieee1905
-PKG_VERSION:=8.7.44
+PKG_VERSION:=8.7.33

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=29ba8f04dc6bd7e77683352c0c71988f51fbadf8
+PKG_SOURCE_VERSION:=f28f1c04cae008d7d6448ba02b992506af28448c
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -116,7 +116,7 @@ MAKE_PATH:=src


 define Package/ieee1905/install
-	$(CP) ./files/etc $(1)/
+	$(CP) ./files/* $(1)/
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(INSTALL_DIR) $(1)/usr/sbin
--- a/ieee1905/files/datamodel_description.json
+++ b/ieee1905/files/datamodel_description.json
@@ -1,23 +0,0 @@
-{
-	"Device.IEEE1905.AL.": {
-		"type": "object",
-		"protocols": [
-			"cwmp",
-			"usp"
-		],
-		"access": false,
-		"array": false,
-		"{BBF_VENDOR_PREFIX}LocalOnlyMode": {
-			"type": "boolean",
-			"read": true,
-			"write": true,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"description": "Enable or disable interfaces from ieee1905.",
-			"datatype": "boolean"
-		}
-	}
-}
-
--- a/imonitor/Makefile
+++ b/imonitor/Makefile
@@ -13,7 +13,7 @@ PKG_INSTALL:=1
 PKG_SOURCE_PROTO=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/imonitor.git
 PKG_SOURCE_VERSION:=4beb1d5d6925507f1850a84c0b83aaf12a082f7f
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 PKG_SOURCE_SUBDIR:=${PKG_NAME}-${PKG_VERSION}
 PKG_INSTALL:=1
--- a/iopsys-analytics/Makefile
+++ b/iopsys-analytics/Makefile
@@ -4,7 +4,7 @@ PKG_NAME:=iopsys-analytics
 PKG_RELEASE:=$(COMMITCOUNT)
 PKG_LICENSE:=PROPRIETARY
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=5ad41ca8eb5de887487feb7148b5dce44943218c
+PKG_SOURCE_VERSION:=25e32ac5a860aec6e53e3449565b71595073e014
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/iopsys-analytics.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -34,9 +34,6 @@ define Package/$(PKG_NAME)
    +@PACKAGE_syslog-ng:SYSLOGNG_LOGROTATE              \
    +PACKAGE_fluent-bit:logrotate                       \
    +@DMCLI_REMOTE_CONNECTION
-  # tools used in development/testing
-  DEPENDS+=                                             \
-    +iperf3

 endef

--- a/ipt-trigger/Makefile
+++ b/ipt-trigger/Makefile
@@ -14,7 +14,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_VERSION:=ac1beae4794f99533b28db7d0e6e80f4c268a3e8
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ipt-trigger.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/libdpp/Makefile
+++ b/libdpp/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libdpp
-PKG_VERSION:=2.1.3
+PKG_VERSION:=2.1.2

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=fdfe23e51ff77ca6d2661ad6208d097758524147
+PKG_SOURCE_VERSION:=5f1184c52be19f3bfd3bc7e9bc582ef09b0a2b1c
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/libdpp.git
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
--- a/libeasy/Makefile
+++ b/libeasy/Makefile
@@ -1,28 +1,32 @@
 #
-# Copyright (C) 2025 Genexis Sweden AB
+# Copyright (C) 2020-2023 Iopsys
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=libeasy
-PKG_VERSION:=7.5.1
+PKG_VERSION:=7.4.6

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b981f7e1bd51f66041cd0c25d15af74ae1e3bc75
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/libeasy.git
+PKG_SOURCE_VERSION:=ca7b20068c9d373e41045a2e899a9c697576262c
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libeasy.git
+PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=LGPL-2.1-only
-PKG_LICENSE_FILES:=
-PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@genexis.eu>
+PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/cmake.mk
+
+TARGET_CFLAGS += \
+	-I$(STAGING_DIR)/usr/include \
+	-I$(STAGING_DIR)/usr/include/openssl \
+	-I$(STAGING_DIR)/usr/include/libnl3

 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
@@ -30,6 +34,9 @@ define Build/Prepare
 endef
 endif

+MAKE_FLAGS += \
+	CFLAGS="$(TARGET_CFLAGS) -Wall"
+
 define Package/libeasy
  SECTION:=libs
  CATEGORY:=Libraries
@@ -40,7 +47,7 @@ define Package/libeasy
 endef

 define Package/libeasy/description
-  This package provides libeasy.so for common utility functions.
+  Library provides common utility functions
 endef

 define Build/InstallDev/libeasy
@@ -60,7 +67,6 @@ define Build/InstallDev/libeasy
 endef

 define Build/InstallDev
-	$(call Build/InstallDev/cmake,$(1))
 	$(call Build/InstallDev/libeasy,$(1),$(2))
 endef

--- a/libpicoevent-bcm/Makefile
+++ b/libpicoevent-bcm/Makefile
@@ -17,7 +17,7 @@ PKG_NAME:=libpicoevent-bcm
 PKG_LICENSE:=LGPL-2.1-only
 PKG_LICENSE_FILES:=LICENSE
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

 include $(INCLUDE_DIR)/package.mk
--- a/libpicoevent/Makefile
+++ b/libpicoevent/Makefile
@@ -17,7 +17,7 @@ PKG_NAME:=libpicoevent
 PKG_LICENSE:=LGPL-2.1-only
 PKG_LICENSE_FILES:=LICENSE
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

 include $(INCLUDE_DIR)/package.mk
--- a/libqos/Makefile
+++ b/libqos/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libqos
-PKG_VERSION:=7.2.111
+PKG_VERSION:=7.2.109

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libqos.git
-PKG_SOURCE_VERSION:=2e4c6a9c27e0f4f68dfe7a5c930afefd8dc7119a
+PKG_SOURCE_VERSION:=4948d372c3d7e43a0ba9aee517dbb83b94bba3dc
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif
@@ -65,7 +65,7 @@ define Package/libqos
  SUBMENU:=IOPSYS HAL libs
  MENU:=1
  TITLE:= QoS library (libqos)
-  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_brcmbca:bcm963xx-bsp +TARGET_airoha:libuci
+  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_brcmbca:bcm963xx-bsp
 endef

 define Package/libqos/config
--- a/libtrace/Makefile
+++ b/libtrace/Makefile
@@ -6,7 +6,7 @@ PKG_RELEASE:=1

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/apietila/libtrace.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_VERSION:=e4b4c5cce35a52da152776a00532aa0b80879c5b
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)

--- a/libvoice-airoha/Makefile
+++ b/libvoice-airoha/Makefile
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=libvoice-airoha
 PKG_RELEASE:=1
-PKG_VERSION:=1.1.8
+PKG_VERSION:=1.1.7
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE

@@ -17,8 +17,8 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=9763c574ec69e2aa492db4f1296d4bcd53776fba
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=3a30086a68a3409f0396acb01380f91daabf7a2f
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/libvoice-airoha/files/etc/uci-defaults/991-libvoice-airoha
+++ b/libvoice-airoha/files/etc/uci-defaults/991-libvoice-airoha
@@ -25,5 +25,6 @@ db commit
 # configure the PCM for DECT/DCX81
 [ -f "/proc/device-tree/aliases/dcx81-uart" ] && {
    uci set dect.global.pcm_fsync='SHORT_LF'
+    uci set dect.global.pcm_slot_start='8'
    uci set dect.global.dect_channel_start='3'
 }
--- a/libvoice-broadcom/Makefile
+++ b/libvoice-broadcom/Makefile
@@ -18,7 +18,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
 PKG_SOURCE_VERSION:=baf5ebfb45404714bbfcc3068080f93265934d8a
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/libvoice-d2/Makefile
+++ b/libvoice-d2/Makefile
@@ -18,7 +18,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
 PKG_SOURCE_VERSION:=0b2bef862fb5aea0b285e339459f46779224e2d0
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/libwifi/Makefile
+++ b/libwifi/Makefile
@@ -1,32 +1,27 @@
 #
-# Copyright (C) 2019-2024 Iopsys
-# Copyright (C) 2025 Genexis Sweden AB
+# Copyright (C) 2020-2023 Iopsys
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=libwifi
-PKG_VERSION:=7.22.10
+PKG_VERSION:=7.13.7

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=4759a74db66dd0b4bfa6707683129a317ae42779
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/libwifi.git
+PKG_SOURCE_VERSION:=0b3cc45334c167d164c2c79e82522f13698abf92
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
+PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=LGPL-2.1-only
-PKG_LICENSE_FILES:=
-PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@genexis.eu>
-
-MAKE_VERBOSE := 1
+PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/kernel.mk
-include $(INCLUDE_DIR)/cmake.mk

 ifeq ($(CONFIG_TARGET_brcmbca),y)
  TARGET_PLATFORM=BROADCOM
@@ -47,20 +42,10 @@ else ifeq ($(CONFIG_TARGET_armvirt),y)
 else ifeq ($(CONFIG_TARGET_airoha),y)
  TARGET_PLATFORM=ECONET
  TARGET_WIFI_TYPE=MEDIATEK
-  TARGET_CFLAGS +=-DIOPSYS_ECONET -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
+  TARGET_CFLAGS +=-DIOPSYS_ECONET
  ifeq ($(CONFIG_TARGET_airoha_an7581),y)
    TARGET_CFLAGS +=-DCONFIG_MTK
  endif
-else ifeq ($(CONFIG_TARGET_mediatek),y)
-  TARGET_PLATFORM=MEDIATEK
-  TARGET_WIFI_TYPE=MAC80211
-  ifeq ($(CONFIG_TARGET_DEVICE_mediatek_filogic_DEVICE_cx750),y)
-    TARGET_WIFI_TYPE=MEDIATEK
-    TARGET_CFLAGS +=-DCONFIG_MTK -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
-  else ifeq ($(CONFIG_TARGET_DEVICE_mediatek_filogic_DEVICE_mediatek_mt7987a-spim-nand-an8801sb),y)
-    TARGET_WIFI_TYPE=MEDIATEK
-    TARGET_CFLAGS +=-DCONFIG_MTK -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
-  endif
 else ifeq ($(CONFIG_TARGET_ipq95xx),y)
  TARGET_PLATFORM=IPQ95XX
  TARGET_WIFI_TYPE=QUALCOMM
@@ -82,7 +67,7 @@ endif
 PKG_BUILD_DEPENDS:=PACKAGE_kmod-mt7915e_en7523:mt76_en7523

 ifneq ($(CONFIG_PACKAGE_libwifi),)
-  CMAKE_OPTIONS +=-DHAS_WIFI=ON
+TARGET_CFLAGS +=-DHAS_WIFI
 endif

 ifeq ($(CONFIG_LIBWIFI_USE_CTRL_IFACE),y)
@@ -93,8 +78,18 @@ ifeq ($(CONFIG_LIBWIFI_SKIP_PROBES),y)
  TARGET_CFLAGS +=-DLIBWIFI_BRCM_SKIP_PROBES
 endif

+TARGET_CFLAGS += \
+	-I$(STAGING_DIR)/usr/include \
+	-I$(STAGING_DIR)/usr/include/openssl \
+	-I$(STAGING_DIR)/usr/include/libnl3

-CMAKE_OPTIONS += -DPLATFORM=$(TARGET_PLATFORM) -DWIFI_TYPE=$(TARGET_WIFI_TYPE)
+MAKE_FLAGS += \
+	CFLAGS="$(TARGET_CFLAGS) -Wall -I./" \
+	LDFLAGS="$(TARGET_LDFLAGS)" \
+	FPIC="$(FPIC)" \
+	PLATFORM="$(TARGET_PLATFORM)" \
+	WIFI_TYPE="$(TARGET_WIFI_TYPE)" \
+	subdirs="$(subdirs)"

 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
@@ -102,39 +97,43 @@ define Build/Prepare
 endef
 endif

-define Package/libwifiutils
-	SECTION:=libs
-	CATEGORY:=Libraries
-	TITLE:= WiFi utility library (libwifiutils.so)
-	DEPENDS+=+libnl +libnl-route +libeasy +libopenssl
-endef
-
-define Package/libwifiutils/description
-	Library provides WiFi utility functions
-endef
-
-define Package/libwifi
-	SECTION:=libs
-	CATEGORY:=Libraries
-	TITLE:= WiFi HAL library (libwifi-7.so.m)
-	DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcm963xx-bsp
+define Package/libwifi-common
+  SECTION:=libs
+  CATEGORY:=Libraries
+  TITLE:=libwifi
+  SUBMENU:=IOPSYS HAL libs
+  DEPENDS:=+libopenssl
+  MENU:=1
 endef

 define Package/libwifi/description
-	Library provides WiFi HAL APIs
+  Library provides WiFi HAL APIs and WiFi common utility functions
+endef
+
+define Package/libwifiutils
+  $(call Package/libwifi-common)
+  TITLE:= WiFi utility library (libwifiutils.so)
+  DEPENDS+=+libnl +libnl-route +libeasy
 endef

 define Build/InstallDev/libwifiutils
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/wifidefs.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/wifiutils.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/libwifiutils*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/wifidefs.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/wifiutils.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/libwifiutils*.so* $(1)/usr/lib/
 endef

 define Package/libwifiutils/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/libwifiutils*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/libwifiutils*.so* $(1)/usr/lib/
+endef
+
+
+define Package/libwifi
+  $(call Package/libwifi-common)
+  TITLE:= WiFi library (libwifi)
+  DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcm963xx-bsp
 endef

 define Package/libwifi/config
@@ -155,12 +154,13 @@ define Package/libwifi/config
  endif
 endef

+
 define Build/InstallDev/libwifi
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifi/wifiops.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifi/wifi.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifi/libwifi-7*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/wifiops.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/wifi.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/libwifi-7*.so* $(1)/usr/lib/
 endef


@@ -173,7 +173,7 @@ endef

 define Package/libwifi/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifi/libwifi-7*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/libwifi-7*.so* $(1)/usr/lib/
 endef

 $(eval $(call BuildPackage,libwifiutils))
--- a/logmngr/Makefile
+++ b/logmngr/Makefile
@@ -12,7 +12,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/system/logmngr.git
 PKG_SOURCE_VERSION:=62441fdfe14a39bff8fff7c62307bd7b54d7240f
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

@@ -65,10 +65,8 @@ define Package/logmngr/install
 	$(INSTALL_DIR) $(1)/lib/logmngr
 ifeq ($(CONFIG_LOGMNGR_BACKEND_FLUENTBIT),y)
 	$(INSTALL_DIR) $(1)/sbin
-	$(INSTALL_DIR) $(1)/etc/hotplug.d/ntp/
 	$(INSTALL_BIN) ./files/logread $(1)/sbin/
 	$(INSTALL_DATA) ./files/lib/logmngr/fluent-bit.sh $(1)/lib/logmngr/
-	$(INSTALL_BIN) ./files/etc/hotplug.d/ntp/20-reload_fluent_bit $(1)/etc/hotplug.d/ntp/
 else ifeq ($(CONFIG_LOGMNGR_BACKEND_SYSLOG_NG),y)
 	$(INSTALL_DATA) ./files/lib/logmngr/syslog-ng.sh $(1)/lib/logmngr/
 endif
--- a/logmngr/files/etc/hotplug.d/ntp/20-reload_fluent_bit
+++ b/logmngr/files/etc/hotplug.d/ntp/20-reload_fluent_bit
@@ -1,14 +0,0 @@
-#!/bin/sh
-# This hotplug script reloads fluent-bit, so that kmsg logs' timestamp gets in sync
-
-[ "$ACTION" = stratum ] || exit 0
-
-# only once
-if ! uci -q get time.global.first_use_date > /dev/null 2>&1; then
-	flb_pid="$(pidof fluent-bit)"
-
-	if [ -n "$flb_pid" ]; then
-		logger -t "logmngr.hotplug" -p info "reload fluent-bit due to ntp sync"
-		kill -SIGHUP "$flb_pid"
-	fi
-fi
--- a/logmngr/files/etc/init.d/logmngr
+++ b/logmngr/files/etc/init.d/logmngr
@@ -1,6 +1,6 @@
 #!/bin/sh /etc/rc.common

-START=09
+START=12

 USE_PROCD=1

--- a/logmngr/files/lib/logmngr/fluent-bit.sh
+++ b/logmngr/files/lib/logmngr/fluent-bit.sh
@@ -63,7 +63,7 @@ create_service_section() {
 	append_conf "    flush        1"
 	append_conf "    daemon       off"
 	append_conf "    log_level    info"
-	append_conf "    coro_stack_size    1048576"
+	append_conf "    coro_stack_size    24576"
 	append_conf "    parsers_file /etc/fluent-bit/parsers.conf"
 	append_conf "    hot_reload        on"
 	append_conf ""
@@ -77,12 +77,6 @@ create_default_filters() {
 	append_conf "    rename          msg     message"
 	append_conf ""

-	append_conf "[FILTER]"
-	append_conf "    name            modify"
-	append_conf "    match           *"
-	append_conf "    add             pid     0"
-	append_conf ""
-
 	append_conf "[FILTER]"
 	append_conf "    name            sysinfo"
 	append_conf "    match           *"
--- a/loop-detector/Makefile
+++ b/loop-detector/Makefile
@@ -13,7 +13,7 @@ PKG_SOURCE_VERSION:=d0fb770eacd6691b98df138b60f5116e02f71a9b
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/loop-detector

-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
--- a/map-agent/Config.in
+++ b/map-agent/Config.in
@@ -63,12 +63,8 @@ config AGENT_CHECK_PARTIAL_WIFI_RELOAD
 	bool "Option that allow SSID/PSK simple reload"
 	default y

-config DYNBH
-	bool "Enable map-agent dynamic Ethernet backhaul management"
-	default n
-
-config DYNBH_DYNAMICALLY_PERSIST_CONTROLLER
-	bool "Let map-agent through AP-Autoconfiguration Search and DHCP Discovery determine the controller or agent role"
+config DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER
+	bool "Let dynbhd through AP-Autoconfiguration Search and DHCP Discovery determine the controller or agent role"

 config AGENT_UNASSOC_STA_CONT_MONITOR
 	bool "Enable continuos monitoring of unassociated clients"
--- a/map-agent/Makefile
+++ b/map-agent/Makefile
@@ -6,9 +6,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-agent
-PKG_VERSION:=6.5.0.10
+PKG_VERSION:=6.3.7.0
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=1a9763bd4e520975e6951f77e85f369487cf1318
+PKG_SOURCE_VERSION:=ab9fa6ffc6978c84ab9a3b410d31c71c3b185430
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>

 PKG_LICENSE:=BSD-3-Clause
@@ -38,6 +38,14 @@ ifeq ($(CONFIG_AGENT_USE_LIBDPP),y)
  TARGET_CFLAGS += -DUSE_LIBDPP
 endif

+define Package/dynbhd
+  SECTION:=utils
+  CATEGORY:=Utilities
+  TITLE:=Dynamic Backhaul Daemon
+  DEPENDS:=+libwifi +libuci +libubox +ubus +libeasy +libieee1905 +ieee1905 \
+	  +ieee1905-map-plugin +map-agent
+endef
+
 ifeq ($(CONFIG_AGENT_ZEROTOUCH_DPP),y)
  TARGET_CFLAGS += -DZEROTOUCH_DPP
 endif
@@ -46,6 +54,10 @@ define Package/map-agent/description
  This package provides EasyMesh R6 compliant Wi-Fi Multi-AP Agent.
 endef

+define Package/dynbhd/description
+ Dyanmic LAN/WAN port detection and loop avoidance.
+endef
+
 define Package/map-agent/config
 	source "$(SOURCE)/Config.in"
 endef
@@ -103,11 +115,7 @@ ifeq ($(CONFIG_AGENT_CHECK_PARTIAL_WIFI_RELOAD),y)
 TARGET_CFLAGS += -DCHECK_PARTIAL_WIFI_RELOAD
 endif

-ifeq ($(CONFIG_DYNBH),y)
-TARGET_CFLAGS += -DDYNBH
-endif
-
-ifeq ($(CONFIG_DYNBH_DYNAMICALLY_PERSIST_CONTROLLER),y)
+ifeq ($(CONFIG_DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER),y)
 TARGET_CFLAGS += -DPERSIST_CONTROLLER
 endif

@@ -120,10 +128,6 @@ MAKE_PATH:=src
 define Package/map-agent/install
 	$(INSTALL_DIR) $(1)/etc
 	$(CP) ./files/* $(1)/
-ifeq ($(CONFIG_DYNBH),y)
-	$(RM) $(1)/etc/hotplug.d/ethernet/map-dynamic-backhaul
-	$(RM) $(1)/etc/hotplug.d/ethernet/map-topology-discovery
-endif
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_DIR) $(1)/lib/wifi
@@ -131,6 +135,15 @@ endif
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/mapagent $(1)/usr/sbin/
 endef

+define Package/dynbhd/install
+	$(INSTALL_DIR) $(1)/etc
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/lib/wifi/dynbhd
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/ethernet
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/dynbh/dynbhd $(1)/usr/sbin/dynbhd
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/dynbh/api $(1)/lib/wifi/dynbhd/api
+#	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/dynbh/map-dynamic-backhaul $(1)/etc/hotplug.d/ethernet/map-dynamic-backhaul
+endef

 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
@@ -139,3 +152,4 @@ endef
 endif

 $(eval $(call BuildPackage,map-agent))
+$(eval $(call BuildPackage,dynbhd))
--- a/map-agent/files/etc/config/mapagent
+++ b/map-agent/files/etc/config/mapagent
@@ -17,7 +17,7 @@ config dynamic_backhaul
 	option missing_bh_reconfig_timer '1800'

 config controller_select
-	option mode 'auto'
+	option id 'auto'
 	option probe_int '20'
 	option retry_int '9'
 	option autostart '1'
--- a/map-agent/files/etc/hotplug.d/ethernet/map-dynamic-backhaul
+++ b/map-agent/files/etc/hotplug.d/ethernet/map-dynamic-backhaul
@@ -27,6 +27,11 @@ done
 al_brnet="${al_bridge:3}"
 [ "$(uci -q get network.${al_brnet}.proto)" == "dhcp" ] || exit 0

+############## Dynamic Backhaul Daemon ##############
+if [ -n "$(which dynbhd)" ]; then
+	exit 0
+fi
+########################################################

 ################ Dedicated ETH WAN Port ################
 wanport="$(jsonfilter -i /etc/board.json -e @.network.wan.device)"
@@ -90,8 +95,7 @@ if [ "$LINK" = "up" ]; then
 	config_foreach remove_from_bridge bsta
 	config_foreach update_bstas bsta down

-	hwaddr="$(ifconfig $PORT | grep -i hwaddr | awk '{print $5}' | awk '{print tolower($0)}')"
-	/lib/wifi/multiap set_uplink "eth" "$PORT" "$hwaddr"
+	/lib/wifi/multiap set_uplink "eth" "$PORT"
 else
 	/lib/wifi/multiap unset_uplink "eth"
 	#rm -f "$map_bh_file"
--- a/map-agent/files/etc/init.d/mapagent
+++ b/map-agent/files/etc/init.d/mapagent
@@ -1,12 +1,26 @@
 #!/bin/sh /etc/rc.common

-START=97
+START=98
 STOP=20

 USE_PROCD=1

 IS_CFG_VALID=1

+MAP_DEV="map_dev"
+MAP_IF="map"
+
+
+start_dynbhd_service() {
+	rm -f /var/run/multiap/multiap.backhaul
+	procd_open_instance
+	procd_set_param command "/usr/sbin/dynbhd"
+	procd_set_param respawn
+#	procd_set_param stdout 1
+#	procd_set_param stderr 1
+	procd_close_instance
+}
+
 validate_agent_section() {
 	uci_validate_section mapagent agent "agent" \
 		'enabled:bool:true' \
@@ -37,7 +51,7 @@ validate_cs_section() {

 	uci_validate_section mapagent $section "${section}" \
 		'local:bool:false' \
-		'mode:string' \
+		'id:string' \
 		'probe_int:range(0,1000):20' \
 		'retry_int:range(0,255):3' \
 		'autostart:bool:false'
@@ -165,6 +179,17 @@ create_dir() {
 }

 start_service() {
+	if [ -f /usr/sbin/dynbhd ]; then
+		# Start dynbhd only if the device is operating in extender/repeater mode
+		al_bridge="$(uci -q get mapagent.agent.al_bridge)"
+		if [ "${al_bridge:0:3}" = "br-" ]; then
+			al_brnet="${al_bridge:3}"
+			if [ "$(uci -q get network.${al_brnet}.proto)" == "dhcp" ]; then
+				start_dynbhd_service
+			fi
+		fi
+	fi
+
 	config_load "mapagent"
 	validate_agent_config || return 1;

--- a/map-agent/files/etc/uci-defaults/994-map-set-cntlr-sel-mode
+++ b/map-agent/files/etc/uci-defaults/994-map-set-cntlr-sel-mode
@@ -1,15 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-adapt_cntlr_sel() {
-	local section=$1
-        id=$(uci -q get mapagent.@controller_select[0].id)
-
-        uci -q del mapagent.@controller_select[0].id
-
-        # re-apply any custom value
-        [ -z "${id}" ] || uci -q set mapagent.@controller_select[0].mode="${id}"
-}
-
-adapt_cntlr_sel
--- a/map-agent/files/lib/multiap/map_genconfig
+++ b/map-agent/files/lib/multiap/map_genconfig
@@ -10,11 +10,6 @@ network_mode="$(fw_printenv -n netmode)" # default is layer3
 multiap_mode="$(fw_printenv -n multiap_mode)" # default is full
 disable_mlo="$(fw_printenv -n disable_mlo)"

-is_logan() {
-	[ -d /sys/module/mt_wifi ] && return 0
-	return 1
-}
-
 is_airoha() {
 	[ -f /proc/device-tree/compatible ] || return
 	strings /proc/device-tree/compatible | grep -qE '^(econet,|airoha,)'; return
@@ -69,45 +64,45 @@ generate_multiap_config() {
 		device="$dev"

 		ifprefix_radio=""
-		if is_logan; then
-			uci set mapagent.agent.mld_ap_prefix="bss"
-			uci set mapagent.agent.mld_sta_prefix="sta"
-			ifname_sta=""
-			case "$band" in
-				2g)
-					ifprefix="ra%"
-					ifname="ra0"
-					ifname_bh="ra1"
-					ifname_sta="apcli0"
-				;;
-				5g)
-					ifprefix="rai%"
-					ifname="rai0"
-					ifname_bh="rai1"
-					ifname_sta="apclii0"
-				;;
-				6g)
-					ifprefix="rax%"
-					ifname="rax0"
-					ifname_bh="rax1"
-					ifname_sta="apclix0"
-				;;
-			esac
-			ifprefix_radio="${ifprefix}"
-			if [ "${network_mode}" == "extender" ]; then
-				ifname="${ifname_sta}"
-			fi
-
-			[ "$disable_mlo" == "1" ] || {
-				uci set wireless.$dev.mlo="1"
-				uci set wireless.$dev.mlo_capable="1"
-			}
-		elif is_airoha; then
+		if is_airoha; then
 			if [ -d "/sys/module/mt76" ]; then
 				ifprefix="wlan%_%"
 				ifname="wlan${devidx}_0"
 				ifname_bh="wlan${devidx}_1"
+			else
+				uci set mapagent.agent.mld_prefix="bss"
+				ifname_sta=""
+				case "$band" in
+					2g)
+						ifprefix="ra%"
+						ifname="ra0"
+						ifname_bh="ra1"
+						ifname_sta="apcli0"
+					;;
+					5g)
+						ifprefix="rai%"
+						ifname="rai0"
+						ifname_bh="rai1"
+						ifname_sta="apclii0"
+					;;
+					6g)
+						ifprefix="rax%"
+						ifname="rax0"
+						ifname_bh="rax1"
+						ifname_sta="apclix0"
+					;;
+				esac
+				ifprefix_radio="${ifprefix}"
+				if [ "${network_mode}" == "extender" ]; then
+					ifname="${ifname_sta}"
+				fi
+
+				[ "$disable_mlo" == "1" ] || {
+					uci set wireless.$dev.mlo="1"
+					uci set wireless.$dev.mlo_capable="1"
+				}
 			fi
+
 			uci set wireless.$dev.channels="$channels"
 			uci commit wireless
 		elif is_broadcom; then
--- a/map-controller/Makefile
+++ b/map-controller/Makefile
@@ -6,9 +6,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-controller
-PKG_VERSION:=6.4.5.0
+PKG_VERSION:=6.4.4.0
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=f335cf5bfdf700843173fcdd5d61d1900cc0aa8a
+PKG_SOURCE_VERSION:=d2e91ca156dbe0b44f0fc551b0a353137343fdf1
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@genexis.eu>

 LOCAL_DEV=0
--- a/map-controller/files/etc/config/mapcontroller
+++ b/map-controller/files/etc/config/mapcontroller
@@ -4,16 +4,17 @@ config controller 'controller'
 	option registrar '2 5 6'
 	option debug '2'
 	option bcn_metrics_max_num '10'
+	option initial_channel_scan '0'
 	option enable_ts '0'
 	option primary_vid '1'
 	option primary_pcp '0'
-	option stale_sta_timeout '20d'
+	option stale_sta_timeout '30d'
 	option de_collect_interval '60'
 	list plugin 'zerotouch'

 config sta_steering 'sta_steering'
 	option enable_sta_steer '1'
-	option enable_bsta_steer '1'
+	option enable_bsta_steer '0'
 	option rcpi_threshold_2g '70'
 	option rcpi_threshold_5g '86'
 	option rcpi_threshold_6g '86'
--- a/map-controller/files/etc/init.d/mapcontroller
+++ b/map-controller/files/etc/init.d/mapcontroller
@@ -20,6 +20,7 @@ validate_controller_section() {
 		'registrar:string' \
 		'debug:range(0,16)' \
 		'bcn_metrics_max_num:range(1,256)' \
+		'initial_channel_scan:bool:true' \
 		'resend_num:uinteger:0' \
 		'allow_bgdfs:range(0,2629744)' \
 		'stale_sta_timeout:string' \
--- a/map-controller/files/etc/uci-defaults/99-mapcntlr-add-qos-rule-id
+++ b/map-controller/files/etc/uci-defaults/99-mapcntlr-add-qos-rule-id
@@ -1,66 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-cfg="mapcontroller"
-config_load "$cfg"
-
-used_ids=""
-
-collect_used_ids() {
-	local section="$1"
-	local id
-
-	id=$(uci -q get ${cfg}.${section}.id)
-	if [ -n "$id" ] && printf "%s" "$id" | grep -qE '^[0-9]+$'; then
-		used_ids="$used_ids $id"
-	fi
-}
-
-# Find first available ID from 0 to INT32_MAX
-find_first_available_id() {
-	local max_int=2147483647
-	local expected=0
-	local id
-
-	# Convert list to sorted unique list
-	sorted_ids=$(printf "%s\n" $used_ids | sort -n | uniq)
-
-	for id in $sorted_ids; do
-		if [ "$id" -eq "$expected" ]; then
-			expected=$((expected + 1))
-		elif [ "$id" -gt "$expected" ]; then
-			# Found a gap -> return the gap
-			echo "$expected"
-			return
-		fi
-	done
-
-	# If no gaps, next available is `expected`
-	if [ "$expected" -le "$max_int" ]; then
-		echo "$expected"
-	else
-		echo -1
-	fi
-}
-
-# Assign ID if missing
-add_qos_rule_id() {
-	local section="$1"
-	local id
-
-	id=$(uci -q get ${cfg}.${section}.id)
-	if [ -z "$id" ]; then
-		new_id=$(find_first_available_id)
-		[ "$new_id" -ge 0 ] || return # No available ID
-		uci -q set ${cfg}.${section}.id="$new_id"
-
-		used_ids="$used_ids $new_id"
-	fi
-}
-
-# Step 1: Collect all existing IDs
-config_foreach collect_used_ids qos_rule
-
-# Step 2: Assign IDs to rules missing them
-config_foreach add_qos_rule_id qos_rule
--- a/map-controller/files/etc/uci-defaults/99-mapcntlr-uci-rename-singletons
+++ b/map-controller/files/etc/uci-defaults/99-mapcntlr-uci-rename-singletons
@@ -14,3 +14,5 @@ for sec in $sections; do

    uci rename $cfg.$s=$sec
 done
+
+uci commit $cfg
--- a/map-plugins/Makefile
+++ b/map-plugins/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-plugins
-PKG_VERSION:=1.2.7
+PKG_VERSION:=1.1.2

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=dd873ca4e2cb321302dae1955da24d1be271b2b1
+PKG_SOURCE_VERSION:=a76610182366cf05ed7e8f5fbac26890b709eeb4
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/map-plugins.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -59,8 +59,7 @@ define Package/map-plugins
 endef

 define Package/map-plugins/description
-	Provides extra Multi-AP services viz. steering, channel-planning,
-	self-organizing network, zero-touch onboarding etc.
+	Provides extra Multi-AP services viz. steering, channel-planning, self-organizing network etc.
 endef

 define Package/map-plugins/install
@@ -71,11 +70,5 @@ define Build/Compile
 	$(foreach p,$(plugins),$(call Build/Compile/map-plugins-$(p), $(1)))
 endef

-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-        rsync -r --exclude=.* ~/git/map-plugins/ $(PKG_BUILD_DIR)/
-endef
-endif
-
 $(eval $(call BuildPackage,map-plugins))
 $(eval $(foreach p,$(ppkg),$(call BuildPackage,$(p))))
--- a/mcastmngr/Makefile
+++ b/mcastmngr/Makefile
@@ -14,7 +14,7 @@ ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/mcastmngr.git
 PKG_SOURCE_VERSION:=17d73b8f1947823a0d32ed589a240a2642904fe1
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/mosquitto-auth-plugin/src/mosquitto_auth_plugin.c
+++ b/mosquitto-auth-plugin/src/mosquitto_auth_plugin.c
@@ -1,670 +0,0 @@
-/*
- * Copyright (c) 2022 Genexis B.V.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License 2.0 which is available at
- * https://www.eclipse.org/legal/epl-2.0/
- *
- * SPDX-License-Identifier: EPL-2.0
- *
- * Contributors:
- *   Erik Karlsson - initial implementation
- */
-
-#define _GNU_SOURCE
-#include <stdio.h>
-#include <string.h>
-#include <shadow.h>
-#include <crypt.h>
-#include <stdlib.h>
-#include <arpa/inet.h>
-#include <mosquitto.h>
-#include <mosquitto_broker.h>
-#include <mosquitto_plugin.h>
-
-#ifdef ENABLE_PAM_SUPPORT
-#include <security/pam_appl.h>
-#endif
-
-#define MAX_USERS 256
-#define MAX_SUBNETS_PER_USER 32
-
-typedef struct {
-	union {
-		uint32_t ipv4_network;
-		uint8_t ipv6_network[16];
-	};
-	union {
-		uint32_t ipv4_netmask;
-		uint8_t ipv6_netmask[16];
-	};
-	int is_ipv6;
-} subnet_t;
-
-typedef struct {
-	char username[64];
-	subnet_t allow_subnets[MAX_SUBNETS_PER_USER];
-	int allow_count;
-	subnet_t deny_subnets[MAX_SUBNETS_PER_USER];
-	int deny_count;
-} user_acl_t;
-
-typedef struct {
-	user_acl_t users[MAX_USERS];
-	int user_count;
-	mosquitto_plugin_id_t *identifier;
-	char *config_file;
-} plugin_data_t;
-
-/* Parse CIDR notation for IPv4 or IPv6 (e.g., "192.168.1.0/24" or "2001:db8::/32") */
-static int parse_subnet(const char *cidr, subnet_t *subnet)
-{
-	char ip_str[128];
-	char *slash;
-	int prefix_len;
-	struct in_addr addr4;
-	struct in6_addr addr6;
-
-	strncpy(ip_str, cidr, sizeof(ip_str) - 1);
-	ip_str[sizeof(ip_str) - 1] = '\0';
-
-	slash = strchr(ip_str, '/');
-	if (slash != NULL) {
-		*slash = '\0';
-		prefix_len = atoi(slash + 1);
-	}
-
-	/* Try IPv4 first */
-	if (inet_pton(AF_INET, ip_str, &addr4) == 1) {
-		subnet->is_ipv6 = 0;
-		if (slash == NULL)
-			prefix_len = 32;
-		if (prefix_len < 0 || prefix_len > 32)
-			return -1;
-
-		subnet->ipv4_network = ntohl(addr4.s_addr);
-		subnet->ipv4_netmask = prefix_len == 0 ? 0 : (~0U << (32 - prefix_len));
-		subnet->ipv4_network &= subnet->ipv4_netmask;
-		return 0;
-	}
-
-	/* Try IPv6 */
-	if (inet_pton(AF_INET6, ip_str, &addr6) == 1) {
-		subnet->is_ipv6 = 1;
-		if (slash == NULL)
-			prefix_len = 128;
-		if (prefix_len < 0 || prefix_len > 128)
-			return -1;
-
-		/* Copy network address */
-		memcpy(subnet->ipv6_network, addr6.s6_addr, 16);
-
-		/* Generate netmask */
-		memset(subnet->ipv6_netmask, 0, 16);
-		for (int i = 0; i < prefix_len / 8; i++)
-			subnet->ipv6_netmask[i] = 0xff;
-		if (prefix_len % 8)
-			subnet->ipv6_netmask[prefix_len / 8] = ~((1 << (8 - (prefix_len % 8))) - 1);
-
-		/* Apply netmask to network address */
-		for (int i = 0; i < 16; i++)
-			subnet->ipv6_network[i] &= subnet->ipv6_netmask[i];
-
-		return 0;
-	}
-
-	return -1;
-}
-
-/* Check if IPv4 address is in subnet */
-static int ipv4_in_subnet(uint32_t ip, const subnet_t *subnet)
-{
-	if (subnet->is_ipv6)
-		return 0;
-	return (ip & subnet->ipv4_netmask) == subnet->ipv4_network;
-}
-
-/* Check if IPv6 address is in subnet */
-static int ipv6_in_subnet(const uint8_t *ip, const subnet_t *subnet)
-{
-	if (!subnet->is_ipv6)
-		return 0;
-	for (int i = 0; i < 16; i++) {
-		if ((ip[i] & subnet->ipv6_netmask[i]) != subnet->ipv6_network[i])
-			return 0;
-	}
-	return 1;
-}
-
-/* Check if IP is in any subnet in the list */
-static int ip_in_subnet_list(const char *client_address, const subnet_t *subnets, int count)
-{
-	struct in_addr addr4;
-	struct in6_addr addr6;
-	uint32_t ipv4;
-
-	/* Try IPv4 */
-	if (inet_pton(AF_INET, client_address, &addr4) == 1) {
-		ipv4 = ntohl(addr4.s_addr);
-		for (int i = 0; i < count; i++) {
-			if (ipv4_in_subnet(ipv4, &subnets[i]))
-				return 1;
-		}
-		return 0;
-	}
-
-	/* Try IPv6 */
-	if (inet_pton(AF_INET6, client_address, &addr6) == 1) {
-		for (int i = 0; i < count; i++) {
-			if (ipv6_in_subnet(addr6.s6_addr, &subnets[i]))
-				return 1;
-		}
-		return 0;
-	}
-
-	return 0;
-}
-
-/* Find or create user ACL entry */
-static user_acl_t* find_or_create_user_acl(plugin_data_t *pdata, const char *username)
-{
-	user_acl_t *user;
-
-	/* Find existing user */
-	for (int i = 0; i < pdata->user_count; i++) {
-		if (strcmp(pdata->users[i].username, username) == 0)
-			return &pdata->users[i];
-	}
-
-	/* Create new user if not found */
-	if (pdata->user_count >= MAX_USERS) {
-		mosquitto_log_printf(MOSQ_LOG_ERR,
-			"subnet_acl: Max users exceeded");
-		return NULL;
-	}
-
-	user = &pdata->users[pdata->user_count];
-	strncpy(user->username, username, sizeof(user->username) - 1);
-	user->username[sizeof(user->username) - 1] = '\0';
-	user->allow_count = 0;
-	user->deny_count = 0;
-	pdata->user_count++;
-
-	return user;
-}
-
-/* Parse subnet ACL file with simplified format
- * Format:
- * # Comment lines
- * subnet allow <username> <cidr>
- * subnet deny <username> <cidr>
- */
-static int load_subnet_acl_config(plugin_data_t *pdata, const char *config_file)
-{
-	FILE *fp;
-	char line[512];
-	int line_num = 0;
-
-	/* Initialize user count */
-	pdata->user_count = 0;
-
-	/* Config file is optional - if not provided, no subnet filtering */
-	if (config_file == NULL) {
-		mosquitto_log_printf(MOSQ_LOG_INFO,
-			"subnet_acl: No subnet ACL file specified, subnet filtering disabled");
-		return 0;
-	}
-
-	/* If config file is specified but cannot be opened, this is a fatal error */
-	fp = fopen(config_file, "r");
-	if (fp == NULL) {
-		mosquitto_log_printf(MOSQ_LOG_ERR,
-			"subnet_acl: Failed to open subnet ACL file '%s'", config_file);
-		return -1;
-	}
-
-	while (fgets(line, sizeof(line), fp) != NULL) {
-		char *token, *saveptr;
-		char *action, *username, *cidr;
-		user_acl_t *user;
-		subnet_t subnet;
-
-		line_num++;
-
-		/* Remove newline and comments */
-		line[strcspn(line, "\r\n")] = '\0';
-		char *comment = strchr(line, '#');
-		if (comment)
-			*comment = '\0';
-
-		/* Trim leading whitespace */
-		char *line_start = line;
-		while (*line_start == ' ' || *line_start == '\t')
-			line_start++;
-
-		/* Skip empty lines */
-		if (*line_start == '\0')
-			continue;
-
-		/* Parse: subnet allow|deny <username> <cidr> */
-		token = strtok_r(line_start, " \t", &saveptr);
-		if (token == NULL)
-			continue;
-
-		/* Must start with "subnet" */
-		if (strcmp(token, "subnet") != 0) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Invalid directive '%s' at line %d (expected 'subnet')",
-				token, line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Get allow/deny */
-		action = strtok_r(NULL, " \t", &saveptr);
-		if (action == NULL) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Missing allow/deny at line %d", line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		if (strcmp(action, "allow") != 0 && strcmp(action, "deny") != 0) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Invalid action '%s' at line %d (use 'allow' or 'deny')",
-				action, line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Get username */
-		username = strtok_r(NULL, " \t", &saveptr);
-		if (username == NULL) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Missing username at line %d", line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Get CIDR */
-		cidr = strtok_r(NULL, " \t", &saveptr);
-		if (cidr == NULL) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Missing CIDR at line %d", line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Parse subnet */
-		if (parse_subnet(cidr, &subnet) != 0) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Invalid CIDR '%s' at line %d", cidr, line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Find or create user */
-		user = find_or_create_user_acl(pdata, username);
-		if (user == NULL) {
-			mosquitto_log_printf(MOSQ_LOG_ERR,
-				"subnet_acl: Max users (%d) exceeded at line %d", MAX_USERS, line_num);
-			fclose(fp);
-			return -1;
-		}
-
-		/* Add to appropriate list */
-		if (strcmp(action, "allow") == 0) {
-			if (user->allow_count >= MAX_SUBNETS_PER_USER) {
-				mosquitto_log_printf(MOSQ_LOG_ERR,
-					"subnet_acl: Max allow subnets (%d) exceeded for user '%s' at line %d",
-					MAX_SUBNETS_PER_USER, user->username, line_num);
-				fclose(fp);
-				return -1;
-			}
-			user->allow_subnets[user->allow_count] = subnet;
-			user->allow_count++;
-
-			mosquitto_log_printf(MOSQ_LOG_DEBUG,
-				"subnet_acl: User '%s' allow subnet %s",
-				user->username, cidr);
-
-		} else { /* deny */
-			if (user->deny_count >= MAX_SUBNETS_PER_USER) {
-				mosquitto_log_printf(MOSQ_LOG_ERR,
-					"subnet_acl: Max deny subnets (%d) exceeded for user '%s' at line %d",
-					MAX_SUBNETS_PER_USER, user->username, line_num);
-				fclose(fp);
-				return -1;
-			}
-			user->deny_subnets[user->deny_count] = subnet;
-			user->deny_count++;
-
-			mosquitto_log_printf(MOSQ_LOG_DEBUG,
-				"subnet_acl: User '%s' deny subnet %s",
-				user->username, cidr);
-		}
-	}
-
-	fclose(fp);
-
-	/* Log summary */
-	for (int i = 0; i < pdata->user_count; i++) {
-		user_acl_t *user = &pdata->users[i];
-		if (user->allow_count > 0 || user->deny_count > 0) {
-			mosquitto_log_printf(MOSQ_LOG_INFO,
-				"subnet_acl: User '%s' has %d allow and %d deny subnet rules",
-				user->username, user->allow_count, user->deny_count);
-		}
-	}
-
-	mosquitto_log_printf(MOSQ_LOG_NOTICE,
-		"subnet_acl: Loaded subnet restrictions for %d user(s)", pdata->user_count);
-
-	return 0;
-}
-
-/* Find user ACL entry */
-static const user_acl_t* find_user_acl(const plugin_data_t *pdata, const char *username)
-{
-	for (int i = 0; i < pdata->user_count; i++) {
-		if (strcmp(pdata->users[i].username, username) == 0)
-			return &pdata->users[i];
-	}
-	return NULL;
-}
-
-/* Check subnet access on authentication (connection time)
- * Returns: MOSQ_ERR_SUCCESS if allowed, MOSQ_ERR_AUTH if denied
- */
-static int check_subnet_on_auth(plugin_data_t *pdata, struct mosquitto_evt_basic_auth *ed)
-{
-	const user_acl_t *user_acl;
-	const char *client_address;
-
-	/* Skip if no subnet config loaded */
-	if (pdata == NULL || pdata->user_count == 0)
-		return MOSQ_ERR_SUCCESS;
-
-	/* Skip anonymous users */
-	if (ed->username == NULL)
-		return MOSQ_ERR_SUCCESS;
-
-	/* Find user's subnet ACL */
-	user_acl = find_user_acl(pdata, ed->username);
-
-	/* If user not in config or has no subnet rules, allow */
-	if (user_acl == NULL || (user_acl->allow_count == 0 && user_acl->deny_count == 0))
-		return MOSQ_ERR_SUCCESS;
-
-	/* Get client IP address */
-	client_address = mosquitto_client_address(ed->client);
-	if (client_address == NULL) {
-		mosquitto_log_printf(MOSQ_LOG_WARNING,
-			"subnet_acl: Could not get client address for user '%s', denying connection",
-			ed->username);
-		return MOSQ_ERR_AUTH;
-	}
-
-	/* Check deny list first - deny takes precedence */
-	if (user_acl->deny_count > 0) {
-		if (ip_in_subnet_list(client_address, user_acl->deny_subnets, user_acl->deny_count)) {
-			mosquitto_log_printf(MOSQ_LOG_NOTICE,
-				"subnet_acl: User '%s' from %s DENIED by deny rule",
-				ed->username, client_address);
-			return MOSQ_ERR_AUTH;
-		}
-	}
-
-	/* If there are allow rules, IP must match one of them */
-	if (user_acl->allow_count > 0) {
-		if (ip_in_subnet_list(client_address, user_acl->allow_subnets, user_acl->allow_count)) {
-			mosquitto_log_printf(MOSQ_LOG_DEBUG,
-				"subnet_acl: User '%s' from %s allowed by allow rule",
-				ed->username, client_address);
-			return MOSQ_ERR_SUCCESS;
-		} else {
-			mosquitto_log_printf(MOSQ_LOG_NOTICE,
-				"subnet_acl: User '%s' from %s DENIED (not in allowed subnets)",
-				ed->username, client_address);
-			return MOSQ_ERR_AUTH;
-		}
-	}
-
-	/* No subnet rules for this user - allow */
-	return MOSQ_ERR_SUCCESS;
-}
-
-#ifdef ENABLE_PAM_SUPPORT
-static int pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
-{
-	int i;
-	const char *pass = (const char *)appdata_ptr;
-
-	*resp = calloc(num_msg, sizeof(struct pam_response));
-	if (*resp == NULL) {
-		mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed to allocate buffer for validation");
-		return PAM_BUF_ERR;
-	}
-
-	if (pass == NULL)
-		return PAM_SUCCESS;
-
-	for (i = 0; i < num_msg; ++i) {
-		if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF) {
-			(*resp)[i].resp = strdup(pass);
-			if ((*resp)[i].resp == NULL) {
-				for (int j = 0; j < i ; j++)
-					free((*resp)[j].resp);
-
-				free(*resp);
-				*resp = NULL;
-				mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed in strdup");
-				return PAM_BUF_ERR;
-			}
-		}
-	}
-	return PAM_SUCCESS;
-}
-
-static int process_pam_auth_callback(struct mosquitto_evt_basic_auth *ed)
-{
-	struct pam_conv conv;
-	int retval;
-	pam_handle_t *pamh = NULL;
-
-	conv.conv = pam_conversation;
-	conv.appdata_ptr = (void *)ed->password;
-
-	retval = pam_start("mosquitto", ed->username, &conv, &pamh);
-	if (retval != PAM_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_ERR, "pam start failed: %s", pam_strerror(pamh, retval));
-		return MOSQ_ERR_AUTH;
-	}
-
-	retval = pam_authenticate(pamh, 0);
-	pam_end(pamh, retval);
-	if (retval == PAM_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] logged in", ed->username);
-		return MOSQ_ERR_SUCCESS;
-	}
-
-	mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] failed authentication, err [%s]", ed->username, pam_strerror(pamh, retval));
-	return MOSQ_ERR_AUTH;
-}
-#else
-static int process_shadow_auth_callback(struct mosquitto_evt_basic_auth *ed)
-{
-	struct spwd spbuf, *sp = NULL;
-	char buf[256];
-	struct crypt_data data;
-	char *hash;
-
-	getspnam_r(ed->username, &spbuf, buf, sizeof(buf), &sp);
-
-	if (sp == NULL || sp->sp_pwdp == NULL)
-		return MOSQ_ERR_AUTH;
-
-	/* Empty string as hash means password is not required */
-	if (sp->sp_pwdp[0] == 0)
-		return MOSQ_ERR_SUCCESS;
-
-	if (ed->password == NULL)
-		return MOSQ_ERR_AUTH;
-
-	memset(&data, 0, sizeof(data));
-	hash = crypt_r(ed->password, sp->sp_pwdp, &data);
-
-	if (hash == NULL)
-		return MOSQ_ERR_AUTH;
-
-	if (strcmp(hash, sp->sp_pwdp) == 0)
-		return MOSQ_ERR_SUCCESS;
-
-	return MOSQ_ERR_AUTH;
-}
-#endif
-
-static int basic_auth_callback(int event, void *event_data, void *userdata)
-{
-	struct mosquitto_evt_basic_auth *ed = event_data;
-	plugin_data_t *pdata = userdata;
-	int auth_result;
-
-	/* Let other plugins or broker decide about anonymous login */
-	if (ed->username == NULL)
-		return MOSQ_ERR_PLUGIN_DEFER;
-
-	/* First check username/password authentication */
-#ifdef ENABLE_PAM_SUPPORT
-	auth_result = process_pam_auth_callback(ed);
-#else
-	auth_result = process_shadow_auth_callback(ed);
-#endif
-
-	/* If authentication failed, reject immediately */
-	if (auth_result != MOSQ_ERR_SUCCESS)
-		return auth_result;
-
-	/* Authentication succeeded, now check subnet restrictions */
-	return check_subnet_on_auth(pdata, ed);
-}
-
-static int reload_callback(int event, void *event_data, void *userdata)
-{
-	plugin_data_t *pdata = userdata;
-
-	if (pdata == NULL)
-		return MOSQ_ERR_SUCCESS;
-
-	mosquitto_log_printf(MOSQ_LOG_NOTICE,
-		"subnet_acl: Reloading subnet ACL configuration from '%s'",
-		pdata->config_file ? pdata->config_file : "(none)");
-
-	/* Reload subnet ACL configuration */
-	if (load_subnet_acl_config(pdata, pdata->config_file) != 0) {
-		mosquitto_log_printf(MOSQ_LOG_ERR,
-			"subnet_acl: Failed to reload subnet ACL configuration, keeping old config");
-		return MOSQ_ERR_UNKNOWN;
-	}
-
-	mosquitto_log_printf(MOSQ_LOG_NOTICE,
-		"subnet_acl: Reload complete, now tracking %d user(s)", pdata->user_count);
-
-	return MOSQ_ERR_SUCCESS;
-}
-
-int mosquitto_plugin_version(int supported_version_count,
-			     const int *supported_versions)
-{
-	return 5;
-}
-
-int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier,
-			  void **user_data,
-			  struct mosquitto_opt *opts, int opt_count)
-{
-	plugin_data_t *pdata;
-	const char *config_file = NULL;
-	int rc;
-
-	/* Find subnet config file option */
-	for (int i = 0; i < opt_count; i++) {
-		if (strcmp(opts[i].key, "subnet_acl_file") == 0) {
-			config_file = opts[i].value;
-			break;
-		}
-	}
-
-	pdata = calloc(1, sizeof(plugin_data_t));
-	if (pdata == NULL)
-		return MOSQ_ERR_NOMEM;
-
-	pdata->identifier = identifier;
-
-	/* Store config file path for reload */
-	if (config_file != NULL) {
-		pdata->config_file = strdup(config_file);
-		if (pdata->config_file == NULL) {
-			free(pdata);
-			return MOSQ_ERR_NOMEM;
-		}
-	} else {
-		pdata->config_file = NULL;
-	}
-
-	/* Load subnet ACL configuration */
-	if (load_subnet_acl_config(pdata, config_file) != 0) {
-		free(pdata->config_file);
-		free(pdata);
-		return MOSQ_ERR_UNKNOWN;
-	}
-
-	/* Register authentication callback only - subnet check is done during auth */
-	rc = mosquitto_callback_register(identifier, MOSQ_EVT_BASIC_AUTH,
-	                                 basic_auth_callback, NULL, pdata);
-	if (rc != MOSQ_ERR_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_ERR,
-			"subnet_acl: Failed to register authentication callback");
-		free(pdata->config_file);
-		free(pdata);
-		return rc;
-	}
-
-	/* Register reload callback to handle SIGHUP */
-	rc = mosquitto_callback_register(identifier, MOSQ_EVT_RELOAD,
-	                                 reload_callback, NULL, pdata);
-	if (rc != MOSQ_ERR_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_ERR,
-			"subnet_acl: Failed to register reload callback");
-		mosquitto_callback_unregister(identifier, MOSQ_EVT_BASIC_AUTH,
-		                              basic_auth_callback, NULL);
-		free(pdata->config_file);
-		free(pdata);
-		return rc;
-	}
-
-	mosquitto_log_printf(MOSQ_LOG_INFO,
-		"subnet_acl: Plugin initialized with %d user(s)", pdata->user_count);
-
-	/* Only assign user_data after all possible error paths */
-	*user_data = pdata;
-
-	return MOSQ_ERR_SUCCESS;
-}
-
-int mosquitto_plugin_cleanup(void *user_data,
-			     struct mosquitto_opt *opts, int opt_count)
-{
-	plugin_data_t *pdata = user_data;
-
-	if (pdata) {
-		mosquitto_callback_unregister(pdata->identifier, MOSQ_EVT_BASIC_AUTH,
-		                              basic_auth_callback, NULL);
-		mosquitto_callback_unregister(pdata->identifier, MOSQ_EVT_RELOAD,
-		                              reload_callback, NULL);
-		free(pdata->config_file);
-		free(pdata);
-	}
-
-	return MOSQ_ERR_SUCCESS;
-}
--- a/mosquitto-auth-shadow/Config.in
+++ b/mosquitto-auth-shadow/Config.in
@@ -1,4 +1,4 @@
-if PACKAGE_mosquitto-auth-plugin
+if PACKAGE_mosquitto-auth-shadow

 config MOSQUITTO_AUTH_PAM_SUPPORT
 	bool "Enable support of Linux PAM module for Authentication"
--- a/mosquitto-auth-shadow/Makefile
+++ b/mosquitto-auth-shadow/Makefile
@@ -13,8 +13,8 @@

 include $(TOPDIR)/rules.mk

-PKG_NAME:=mosquitto-auth-plugin
-PKG_VERSION:=1.2.1
+PKG_NAME:=mosquitto-auth-shadow
+PKG_VERSION:=1.1.0

 PKG_MAINTAINER:=Erik Karlsson <erik.karlsson@genexis.eu>
 PKG_LICENSE:=EPL-2.0
@@ -24,7 +24,7 @@ PKG_CONFIG_DEPENDS:=CONFIG_MOSQUITTO_AUTH_PAM_SUPPORT

 include $(INCLUDE_DIR)/package.mk

-define Package/mosquitto-auth-plugin
+define Package/mosquitto-auth-shadow
  SECTION:=net
  CATEGORY:=Network
  TITLE:=mosquitto - /etc/shadow authentication plugin
@@ -32,12 +32,12 @@ define Package/mosquitto-auth-plugin
  USERID:=mosquitto=200:mosquitto=200 mosquitto=200:shadow=11
 endef

-define Package/mosquitto-auth-plugin/description
+define Package/mosquitto-auth-shadow/description
  Plugin for the mosquitto MQTT message broker that authenticates
  users using /etc/shadow
 endef

-define Package/mosquitto-auth-plugin/config
+define Package/mosquitto-auth-shadow/config
 	source "$(SOURCE)/Config.in"
 endef

@@ -45,10 +45,10 @@ ifeq ($(CONFIG_MOSQUITTO_AUTH_PAM_SUPPORT),y)
 TARGET_CFLAGS+=-DENABLE_PAM_SUPPORT
 endif

-define Package/mosquitto-auth-plugin/install
+define Package/mosquitto-auth-shadow/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/mosquitto_auth_plugin.so $(1)/usr/lib/
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/mosquitto_auth_shadow.so $(1)/usr/lib/
 	$(CP) ./files/* $(1)/
 endef

-$(eval $(call BuildPackage,mosquitto-auth-plugin))
+$(eval $(call BuildPackage,mosquitto-auth-shadow))
--- a/mosquitto-auth-shadow/files/etc/uci-defaults/14_set-shadow-permissions
+++ b/mosquitto-auth-shadow/files/etc/uci-defaults/14_set-shadow-permissions
--- a/mosquitto-auth-shadow/src/Makefile
+++ b/mosquitto-auth-shadow/src/Makefile
@@ -11,14 +11,14 @@
 #   Erik Karlsson - initial implementation
 #

-TARGETS = mosquitto_auth_plugin.so
+TARGETS = mosquitto_auth_shadow.so

 all: $(TARGETS)

 %.pic.o: %.c
 	$(CC) $(CFLAGS) -Wall -Werror -fPIC -c -o $@ $<

-mosquitto_auth_plugin.so: mosquitto_auth_plugin.pic.o
+mosquitto_auth_shadow.so: mosquitto_auth_shadow.pic.o
 	$(CC) $(LDFLAGS) -shared -o $@ $^ $(if $(filter -DENABLE_PAM_SUPPORT,$(CFLAGS)),-lpam)

 clean:
--- a/mosquitto-auth-shadow/src/mosquitto_auth_shadow.c
+++ b/mosquitto-auth-shadow/src/mosquitto_auth_shadow.c
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2022 Genexis B.V.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License 2.0 which is available at
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *   Erik Karlsson - initial implementation
+ */
+
+#define _GNU_SOURCE
+#include <string.h>
+#include <shadow.h>
+#include <crypt.h>
+#include <stdlib.h>
+#include <mosquitto.h>
+#include <mosquitto_broker.h>
+#include <mosquitto_plugin.h>
+
+#ifdef ENABLE_PAM_SUPPORT
+#include <security/pam_appl.h>
+
+static int pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
+{
+	int i;
+	const char *pass = (const char *)appdata_ptr;
+
+	*resp = calloc(num_msg, sizeof(struct pam_response));
+	if (*resp == NULL) {
+		mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed to allocate buffer for validation");
+		return PAM_BUF_ERR;
+	}
+
+	if (pass == NULL)
+		return PAM_SUCCESS;
+
+	for (i = 0; i < num_msg; ++i) {
+		if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF) {
+			(*resp)[i].resp = strdup(pass);
+			if ((*resp)[i].resp == NULL) {
+				for (int j = 0; j < i ; j++)
+					free((*resp)[j].resp);
+
+				free(*resp);
+				*resp = NULL;
+				mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed in strdup");
+				return PAM_BUF_ERR;
+			}
+		}
+	}
+	return PAM_SUCCESS;
+}
+
+static int process_pam_auth_callback(struct mosquitto_evt_basic_auth *ed)
+{
+	struct pam_conv conv;
+	int retval;
+	pam_handle_t *pamh = NULL;
+
+	conv.conv = pam_conversation;
+	conv.appdata_ptr = (void *)ed->password;
+
+	retval = pam_start("mosquitto", ed->username, &conv, &pamh);
+	if (retval != PAM_SUCCESS) {
+		mosquitto_log_printf(MOSQ_LOG_ERR, "pam start failed: %s", pam_strerror(pamh, retval));
+		return MOSQ_ERR_AUTH;
+	}
+
+	retval = pam_authenticate(pamh, 0);
+	pam_end(pamh, retval);
+	if (retval == PAM_SUCCESS) {
+		mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] logged in", ed->username);
+		return MOSQ_ERR_SUCCESS;
+	}
+
+	mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] failed authentication, err [%s]", ed->username, pam_strerror(pamh, retval));
+	return MOSQ_ERR_AUTH;
+}
+#else
+static int process_shadow_auth_callback(struct mosquitto_evt_basic_auth *ed)
+{
+	struct spwd spbuf, *sp = NULL;
+	char buf[256];
+	struct crypt_data data;
+	char *hash;
+
+	getspnam_r(ed->username, &spbuf, buf, sizeof(buf), &sp);
+
+	if (sp == NULL || sp->sp_pwdp == NULL)
+		return MOSQ_ERR_AUTH;
+
+	/* Empty string as hash means password is not required */
+	if (sp->sp_pwdp[0] == 0)
+		return MOSQ_ERR_SUCCESS;
+
+	if (ed->password == NULL)
+		return MOSQ_ERR_AUTH;
+
+	memset(&data, 0, sizeof(data));
+	hash = crypt_r(ed->password, sp->sp_pwdp, &data);
+
+	if (hash == NULL)
+		return MOSQ_ERR_AUTH;
+
+	if (strcmp(hash, sp->sp_pwdp) == 0)
+		return MOSQ_ERR_SUCCESS;
+
+	return MOSQ_ERR_AUTH;
+}
+#endif
+
+static int basic_auth_callback(int event, void *event_data, void *userdata)
+{
+	struct mosquitto_evt_basic_auth *ed = event_data;
+
+	/* Let other plugins or broker decide about anonymous login */
+	if (ed->username == NULL)
+		return MOSQ_ERR_PLUGIN_DEFER;
+
+#ifdef ENABLE_PAM_SUPPORT
+	return process_pam_auth_callback(ed);
+#else
+	return process_shadow_auth_callback(ed);
+#endif
+}
+
+int mosquitto_plugin_version(int supported_version_count,
+			     const int *supported_versions)
+{
+	return 5;
+}
+
+int mosquitto_plugin_init(mosquitto_plugin_id_t *identifier,
+			  void **user_data,
+			  struct mosquitto_opt *opts, int opt_count)
+{
+	*user_data = identifier;
+
+	return mosquitto_callback_register(identifier, MOSQ_EVT_BASIC_AUTH,
+					   basic_auth_callback, NULL, NULL);
+}
+
+int mosquitto_plugin_cleanup(void *user_data,
+			     struct mosquitto_opt *opts, int opt_count)
+{
+	mosquitto_plugin_id_t *identifier = user_data;
+
+	return mosquitto_callback_unregister(identifier, MOSQ_EVT_BASIC_AUTH,
+					     basic_auth_callback, NULL);
+}
--- a/netmngr/Makefile
+++ b/netmngr/Makefile
@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=netmngr
-PKG_VERSION:=1.2.4
+PKG_VERSION:=1.1.8

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/netmngr.git
-PKG_SOURCE_VERSION:=8240c6089cdd44f268db135920800b8fc1d65ca9
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.zst
+PKG_SOURCE_VERSION:=6310f32b80f8abeccbf99ad55ce88792b19342d6
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

--- a/netmode/Makefile
+++ b/netmode/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=netmode
-PKG_VERSION:=1.1.11
+PKG_VERSION:=1.1.5
 PKG_RELEASE:=1
 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=GPL-2.0-only
@@ -18,7 +18,6 @@ include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
 define Package/netmode
  CATEGORY:=Utilities
  TITLE:=Network Modes and Utils
-  DEPENDS:=+dm-service
 endef

 define Package/netmode/description
--- a/netmode/files/datamodel.json
+++ b/netmode/files/datamodel.json
@@ -58,7 +58,7 @@
 							"name": "mode"
 						}
 					},
-					"linker_obj": "Device.{BBF_VENDOR_PREFIX}NetMode.SupportedModes.*.Name"
+					"linker_obj": "Device.{BBF_VENDOR_PREFIX}NetMode.SupportedModes.[Name==@key]."
 				}
 			]
 		},
--- a/netmode/files/etc/config/netmode
+++ b/netmode/files/etc/config/netmode
@@ -1,2 +1,2 @@
 config netmode global
-	option enabled 1
+	option enabled 0
--- a/netmode/files/etc/init.d/netmode
+++ b/netmode/files/etc/init.d/netmode
@@ -1,6 +1,6 @@
 #!/bin/sh /etc/rc.common

-START=11
+START=10
 USE_PROCD=1

 . /lib/functions.sh
@@ -117,7 +117,6 @@ start_service() {
 	config_get_bool enabled global enabled '0'
 	[ $enabled -eq 0 ] && return

-	[ -d $MODEDIR ] || mkdir -p $MODEDIR
 	# Get the desired netmode from config
 	config_get mode global mode ""
 	# Check if netmode is set as boot environment parameter
@@ -128,12 +127,9 @@ start_service() {
 	# Get the last saved mode
 	lastmode="$(cat $MODEDIR/.last_mode 2>/dev/null)"
 	# Return if desired mode is same as last saved mode
-	if [ "$mode" = "$lastmode" ]; then
-		_log "Not switching mode[${mode}], lastmode[${lastmode}]"
-		return
-	fi
+	[ "$mode" == "$lastmode" ] && return

-	_log "Switching to [${mode}] Mode"
+	_log "Switching to [${mode}] Mode" >/dev/console

 	# Configure env variables
 	configure_env_vars ${mode}
@@ -151,19 +147,20 @@ start_service() {

 	# Execute mode specific scripts
 	if [ -d $MODEDIR/$mode/scripts ]; then
+		_log "Executing $MODEDIR/$mode/scripts/* scripts"
 		for script in $(ls $MODEDIR/$mode/scripts/); do
-			_log "Executing [${mode}], script [${script}]"
 			sh $MODEDIR/$mode/scripts/$script
 		done
 	fi

-	# Save mode as last mode
-	echo "$mode" > $MODEDIR/.last_mode
-	_log "Switching to Mode [${mode}] done, last mode updated"
-
 	# Execute netmode generic post-mode-switch scripts
 	libnetmode_exec "post"
 	cleanup_env_vars "${mode}"
+
+	# Save mode as last mode
+	[ -d $MODEDIR ] || mkdir -p $MODEDIR
+	echo "$mode" > $MODEDIR/.last_mode
+	_log "Switching to Mode [${mode}] done, last mode updated" >/dev/console
 }

 service_triggers()
--- a/Show More
+++ b/Show More