map_agent: reload wireless after uci commit

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@iopsys.eu>

bbfdm/Config_bbfdm.in

@@ -1,4 +1,7 @@
-if PACKAGE_libbbfdm
+config BBF_VENDOR_EXTENSION
+	bool "Enable Vendor Extension"
+	default y
+
 config BBF_VENDOR_LIST
 	string "Vendor List"
 	default "iopsys"
@@ -7,11 +10,14 @@ config BBF_VENDOR_PREFIX
 	string "Vendor Prefix"
 	default "X_IOPSYS_EU_"
 
-config BBF_OBFUSCATION_KEY
-	string "Obfuscation key"
-	default "371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04"
+config BBF_TR143
+	bool "Enable TR-143 Data Model Support"
+	default y
+
+config BBF_TR471
+	bool "Enable TR-471 Data Model Support"
+	default y
 
 config BBF_MAX_OBJECT_INSTANCES
 	int "Maximum number of instances per object"
 	default 255
-endif

bbfdm/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bbfdm
-PKG_VERSION:=1.9.6
+PKG_VERSION:=1.4.23
 
 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=6730d2784bbac93d87705db83a5157eaeb436f7d
+PKG_SOURCE_VERSION:=c10303fc51a1034cb87040e0eaf23c95d2b1c658
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -21,24 +21,55 @@ PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
-include bbfdm.mk
 
 define Package/libbbfdm-api
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=BBF datamodel library, provides API to extend datamodel using DotSO plugins
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libcurl
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c
   ABI_VERSION:=1.0
 endef
 
-define Package/libbbfdm
+define Package/libbbfdm/default
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=Library for broadband forum data model support
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libopenssl
-  MENU:=1
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libcurl +libbbfdm-api \
+	    +BBF_TR471:obudpst
+endef
+
+define Package/libbbfdm
+  $(Package/libbbfdm/default)
+  TITLE += (default)
+  VARIANT:=default
+  DEPENDS += +PACKAGE_libbbfdm-openssl:libopenssl
+  DEFAULT_VARIANT:=1
+endef
+
+define Package/libbbfdm-mbedtls
+  $(Package/libbbfdm/default)
+  TITLE += (mbedtls)
+  DEPENDS += +PACKAGE_libbbfdm-mbedtls:libmbedtls
+  VARIANT:=mbedtls
+  CONFLICTS := libbbfdm libbbfdm-openssl libbbfdm-wolfssl
+endef
+
+define Package/libbbfdm-openssl
+  $(Package/libbbfdm/default)
+  TITLE += (openssl)
+  DEPENDS += +PACKAGE_libbbfdm-openssl:libopenssl
+  VARIANT:=openssl
+  CONFLICTS := libbbfdm libbbfdm-mbedtls libbbfdm-wolfssl
+endef
+
+define Package/libbbfdm-wolfssl
+  $(Package/libbbfdm/default)
+  TITLE += (wolfssl)
+  DEPENDS += +PACKAGE_libbbfdm-wolfssl:libwolfssl
+  VARIANT:=wolfssl
+  CONFLICTS := libbbfdm libbbfdm-mbedtls libbbfdm-openssl
 endef
 
 define Package/bbfdmd
@@ -46,36 +77,32 @@ define Package/bbfdmd
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=Datamodel ubus backend
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq +bbf_configmngr
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +PACKAGE_libbbfdm-mbedtls:libbbfdm-mbedtls \
+		   +PACKAGE_libbbfdm-openssl:libbbfdm-openssl +PACKAGE_libbbfdm-wolfssl:libbbfdm-wolfssl \
+		   +PACKAGE_libbbfdm:libbbfdm
 endef
 
-define Package/bbf_configmngr
+define Package/userinterface
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
-  TITLE:= BBF Config Manager
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
-  MENU:=1
+  TITLE:=Package to add Device.UserInterface. datamodel support
+endef
+
+define Package/userinterface/description
+  Package to add Device.UserInterface. datamodel support
 endef
 
 define Package/libbbfdm/config
 	source "$(SOURCE)/Config_bbfdm.in"
 endef
 
-define Package/bbf_configmngr/config
-	source "$(SOURCE)/bbf_configmngr.in"
-endef
-
 define Package/libbbfdm-api/description
  Library contains the API(UCI, UBUS, JSON, CLI and Browse) of libbbfdm
 endef
 
 define Package/libbbfdm/description
- Library contains the data model tree, It includes basic TR181 nodes.
-endef
-
-define Package/bbf_configmngr/description
- Daemon for handling bbf reload services via ubus bbf.config
+ Library contains the data model tree. It includes TR181, TR143 data models
 endef
 
 ifeq ($(USE_LOCAL),1)
@@ -86,12 +113,45 @@ endif
 
 CMAKE_OPTIONS += \
 	-DBBF_TR181=ON
+	-DBBF_WIFI_DATAELEMENTS=ON
+
+ifeq ($(CONFIG_BBF_TR143),y)
+CMAKE_OPTIONS += \
+	-DBBF_TR143=ON
+endif
+
+ifeq ($(CONFIG_BBF_TR471),y)
+CMAKE_OPTIONS += \
+	-DBBF_TR471=ON
+endif
+
+ifeq ($(CONFIG_BBF_VENDOR_EXTENSION),y)
+CMAKE_OPTIONS += \
+	-DBBF_VENDOR_EXTENSION=ON
 
 CMAKE_OPTIONS += \
 	-DBBF_VENDOR_LIST:String="$(CONFIG_BBF_VENDOR_LIST)" \
 	-DBBF_VENDOR_PREFIX:String="$(CONFIG_BBF_VENDOR_PREFIX)" \
 	-DBBF_MAX_OBJECT_INSTANCES:Integer=$(CONFIG_BBF_MAX_OBJECT_INSTANCES)
 
+endif ##CONFIG_BBF_VENDOR_EXTENSION
+
+ifeq ($(BUILD_VARIANT),default)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),openssl)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),wolfssl)
+CMAKE_OPTIONS += -DWITH_WOLFSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),mbedtls)
+CMAKE_OPTIONS += -DWITH_MBEDTLS=ON
+endif
+
 ifeq ($(CONFIG_PACKAGE_bbfdmd),y)
 CMAKE_OPTIONS += \
 	-DBBFDMD_MAX_MSG_LEN:Integer=10485760
@@ -100,32 +160,30 @@ endif
 define Package/libbbfdm-api/install
 	$(INSTALL_DIR) $(1)/lib
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/lib/
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
-	$(INSTALL_DIR) $(1)/etc/bbfdm
-	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
-	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
 endef
 
-define Package/libbbfdm/install
+define Package/libbbfdm/default/install
 	$(INSTALL_DIR) $(1)/lib
 	$(INSTALL_DIR) $(1)/etc/bbfdm
 	$(INSTALL_DIR) $(1)/etc/bbfdm/dmmap
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/usr/share/bbfdm/libbbfdm.so
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/lib/
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
-	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
-ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
-	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/iopsys/libbbfdm_iopsys_ext.so $(1)
+	$(INSTALL_BIN) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/95-portmap-firewall
+	$(INSTALL_BIN) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/97-firewall-service
+	$(INSTALL_BIN) ./files/etc/uci-defaults/99-link-core-plugins $(1)/etc/uci-defaults/99-link-core-plugins
+	$(INSTALL_BIN) ./files/etc/firewall.portmap $(1)/etc/firewall.portmap
+	$(INSTALL_BIN) ./files/etc/firewall.service $(1)/etc/firewall.service
+ifeq ($(CONFIG_BBF_TR143),y)
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm
+	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm
+	$(LN) /usr/share/bbfdm/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
 endif
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm/scripts/
 endef
 
-define Package/libbbfdm/prerm
+define Package/libbbfdm/default/prerm
 	#!/bin/sh
 	rm -rf /etc/bbfdm/dmmap/*
 	exit 0
@@ -140,33 +198,54 @@ define Package/bbfdmd/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bbfdmd/ubus/bbfdmd $(1)/usr/sbin/
 	$(INSTALL_DATA) ./files/etc/bbfdm/input.json $(1)/etc/bbfdm/
 	$(INSTALL_BIN) ./files/etc/init.d/bbfdmd $(1)/etc/init.d/bbfdmd
-	$(INSTALL_BIN) ./files/etc/init.d/bbfdm.services $(1)/etc/init.d/
 	$(INSTALL_CONF) ./files/etc/config/bbfdm $(1)/etc/config/bbfdm
+	$(INSTALL_BIN) ./files/etc/bbfdm/bbfdm_services.sh $(1)/etc/bbfdm/
 	$(INSTALL_BIN) ./files/etc/hotplug.d/iface/85-bbfdm-sysctl $(1)/etc/hotplug.d/iface/85-bbfdm-sysctl
 endef
 
-define Package/bbf_configmngr/install
+define Package/userinterface/install
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/etc/init.d
-ifeq ($(CONFIG_BBF_CONFIGMNGR_C_BACKEND),y)
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/bbf_configd $(1)/usr/sbin/
-	$(INSTALL_BIN) ./files/etc/init.d/bbf_configd $(1)/etc/init.d/bbf_configd
-endif
-ifeq ($(CONFIG_BBF_CONFIGMNGR_SCRIPT_BACKEND),y)
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.config $(1)/usr/libexec/rpcd/bbf.config
-endif
+	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+	$(INSTALL_DATA) ./files/etc/config/userinterface $(1)/etc/config/userinterface
+	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/userinterface $(1)/lib/upgrade/keep.d/userinterface
+	$(INSTALL_BIN) ./files/etc/init.d/userinterface $(1)/etc/init.d/userinterface
+	$(INSTALL_BIN) ./files/etc/uci-defaults/93-userinterface-firewall $(1)/etc/uci-defaults/93-userinterface-firewall
+	$(INSTALL_BIN) ./files/etc/uci-defaults/94-userinterface-json $(1)/etc/uci-defaults/94-userinterface-json
+	$(INSTALL_BIN) ./files/etc/firewall.userinterface $(1)/etc/firewall.userinterface
 endef
 
+Package/libbbfdm/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-openssl/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-wolfssl/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-mbedtls/prerm = $(Package/libbbfdm/default/prerm)
+
+Package/libbbfdm/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-openssl/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-wolfssl/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-mbedtls/install = $(Package/libbbfdm/default/install)
+
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
+	$(INSTALL_DIR) $(1)/usr/include/libbbfdm
 	$(INSTALL_DIR) $(1)/usr/include/libbbfdm-api
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbfdm-api/
+	$(INSTALL_DIR) $(1)/usr/include/libbbf_api
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/*.h $(1)/usr/include/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm/dmtree/tr181/device.h $(1)/usr/include/libbbfdm/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/vendor.h $(1)/usr/include/libbbfdm/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbfdm-api/
+	# Work around for backward compatibility
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbf_api/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/libbbfdm_api.h $(1)/usr/include/libbbf_api.h
 endef
 
-$(eval $(call BuildPackage,bbf_configmngr))
 $(eval $(call BuildPackage,libbbfdm-api))
 $(eval $(call BuildPackage,libbbfdm))
+$(eval $(call BuildPackage,libbbfdm-openssl))
+$(eval $(call BuildPackage,libbbfdm-wolfssl))
+$(eval $(call BuildPackage,libbbfdm-mbedtls))
 $(eval $(call BuildPackage,bbfdmd))
+
+$(eval $(call BuildPackage,userinterface))

bbfdm/README.md

@@ -1,38 +0,0 @@
-# BBFDM configuration options and utilities
-
-bbfdm provides few compile time configuration options and compile time help utility called [bbfdm.mk](./bbfdm.mk), this document aimed to explain the available usages and best practices.
-
-## Compilation options
-
-|  Configuration option    | Description   | Default Value |
-| -----------------------  | ------------- | ----------- |
-| CONFIG_BBF_VENDOR_LIST   | List of vendor extension directories | iopsys        |
-| CONFIG_BBF_VENDOR_PREFIX | Prefix for Vendor extension datamodel objects/parameters | X_IOPSYS_EU_  |
-| CONFIG_BBF_MAX_OBJECT_INSTANCES | Maximum number of instances per object | 255    |
-| BBF_OBFUSCATION_KEY      | Hash used to encode/decode in `bbf.secure` object | 371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04 |
-
-
-#### BBF_OBFUSCATION_KEY
-
-`bbfdm` provides an ubus object called `bbf.secure` to allow encoding/decoding the values, `bbf.secure` currently support following methods internally to encode/decode
-
-  - Encode/Decode using a predefined SHA512 Hash key
-  - Encode/Decode using a private/public RSA key pair
-
-The `BBF_OBFUSCATION_KEY` compile time configuration option used to defined the SHA512 HASH, if this option is undefined, then it usages a default value as mention in the above table.
-
-User must override this parameter with their own hash value, to generate a hash user can run below command and copy the hash value to this option.
-
-ex: User wants to use 'Sup3rS3cur3Passw0rd' as passkey, then can get the SHA512 sum with
-
-```bash
-$ echo -n "Sup3rS3cur3Passw0rd" | sha512sum
-371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04  -
-```
-
-> Note: Additionally, user can install RSA private key in '/etc/bbfdm/certificates/private_key.pem' path, if private key is present `bbf.secure` shall use rsa private certificate for encrypt/decrypt function. In case of key not present in the pre-defined path, hash will be used for the same.
-
-## Helper utility (bbfdm.mk)
-
-bbfdm provides a helper utility [bbfdm.mk](./bbfdm.mk) to install datamodel plugins in bbfdm core or in microservice directory.
-

bbfdm/bbf_configmngr.in

@@ -1,19 +0,0 @@
-if PACKAGE_bbf_configmngr
-choice
-	prompt "Select backend daemon for bbf.config"
-	default BBF_CONFIGMNGR_C_BACKEND
-	help
-		Select which backend daemon should be used for ubus bbf.config
-
-config BBF_CONFIGMNGR_SCRIPT_BACKEND
-	bool "Use shell script backend"
-	help
-		Enable this option to use shell script as the backend for bbf.config. This can be useful for quick and easy scripting of configuration tasks.
-
-config BBF_CONFIGMNGR_C_BACKEND
-	bool "Use C code backend"
-	help
-		Enable this option to use a C code implementation as the backend for bbf.config. This option is generally preferred for performance-critical tasks and scenarios requiring more robust and efficient handling.
-
-endchoice
-endif

bbfdm/bbfdm.mk

@@ -2,113 +2,8 @@
 # Copyright (C) 2023 IOPSYS
 #
 
-BBFDM_BASE_DM_PATH=/usr/share/bbfdm
-BBFDM_INPUT_PATH=/etc/bbfdm/micro_services
-BBFDM_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-
-#BBFDM_VERSION:=$(shell grep -oP '(?<=^PKG_VERSION:=).*' ${BBFDM_DIR}/Makefile)
-#BBFDM_TOOLS:=$(BUILD_DIR)/bbfdm-$(BBFDM_VERSION)/tools
-
-# Utility to install the plugin in bbfdm core path with priority.
-# Its now possible to overwrite/remove core datamodel with plugin, so, if some
-# datamodel objects/parameters are present in more than one plugin, order in
-# which they loaded into memory becomes crucial, this Utility help to configure
-# a priority order in which they gets loaded in memory.
-#
-# ARGS:
-#  $1 => Plugin artifact
-#  $2 => package install directory
-#  $3 => Priority of the installed plugin (Optional)
-#
-# Note:
-# - Last loaded plugin gets the highest priority
-#
-# Example:
-#  BBFDM_INSTALL_CORE_PLUGIN ./files/etc/bbfdm/json/CWMPManagementServer.json $(1)
-#
-# Example to install plugin with priority:
-#  BBFDM_INSTALL_CORE_PLUGIN ./files/etc/bbfdm/json/CWMPManagementServer.json $(1) 01
-#
-BBFDM_INSTALL_CORE_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -p
-
-
-# Utility to install the micro-service datamodel
-# Use Case:
-# user wants to run a datamodel micro-service, it required to install the
-# DotSO/JSON plugin into a bbf shared directory, this utility helps in
-# installing the DotSO/JSON plugin in bbfdm shared directory, and auto-generate
-# input file for the micro-service
-#
-# ARGS:
-#  $1 => DotSo or Json plugin with complete path
-#  $2 => package install directory
-#  $3 => service name
-#
-# Note:
-# - There could be only one main plugin file, so its bind to PKG_NAME
-# - Micro-service input.json will be auto generated with this call
-# - Use -u (optional argument) to overwrite ubus object name
-#
-# Example:
-#  BBFDM_INSTALL_MS_DM $(PKG_BUILD_DIR)/libcwmp.so $(1) $(PKG_NAME)
-#
-BBFDM_INSTALL_MS_DM:=$(BBFDM_DIR)/tools/bbfdm.sh -m
-
-
-# Utility to install a plugins in datamodel micro-service
-#
-# ARGS:
-#  $1 => DotSo or Json plugin with complete path
-#  $2 => package install directory
-#  $3 => service name
-#
-# Note:
-# - Use the service_name/PKG_NAME of the service in which this has to run
-#
-# Example:
-#  BBFDM_INSTALL_MS_PLUGIN $(PKG_BUILD_DIR)/libxmpp.so $(1) icwmp
-#
-BBFDM_INSTALL_MS_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -m -p
-
-# Utility to install the helper scripts in default bbfdm script path
-#
-# Use Case:
-# User want to install some script for running diagnostics
-#
-# ARGS:
-#  $1 => Script with complete path
-#  $2 => package install directory
-#
-# Note:
-# - Use with -d option to install script in bbf.diag directory
-#
-# Example:
-#  BBFDM_INSTALL_SCRIPT $(PKG_BUILD_DIR)/download $(1)
-#  BBFDM_INSTALL_SCRIPT -d $(PKG_BUILD_DIR)/ipping $(1)
-#
-BBFDM_INSTALL_SCRIPT:=$(BBFDM_DIR)/tools/bbfdm.sh -s
-
-# Deprecated functions errors
-define BbfdmInstallPluginInMicroservice
-	$(warning # BbfdmInstallPluginInMicroservice function is deprecated, use BBFDM_INSTALL_MS_PLUGIN macro #)
-	$(INSTALL_DIR) $(1)
-	$(INSTALL_DATA) $(2) $(1)/
-endef
-
-define BbfdmInstallMicroServiceInputFile
-	$(warning # function BbfdmInstallMicroServiceInputFile deprecated, input file auto generated with BBFDM_INSTALL_MS_DM #)
-	$(INSTALL_DIR) $(1)/etc/bbfdm/micro_services
-	$(INSTALL_DATA) $(2) $(1)/etc/bbfdm/micro_services/$(PKG_NAME).json
-endef
 
 define BbfdmInstallPlugin
-	$(warning # function BbfdmInstallPlugin deprecated, use BBFDM_INSTALL_CORE_PLUGIN macro #)
 	$(INSTALL_DIR) $(1)/etc/bbfdm/plugins
 	$(INSTALL_DATA) $(2) $(1)/etc/bbfdm/plugins/
 endef
-
-define BbfdmInstallPluginWithPriority
-	$(warning # fucntion BbfdmInstallPluginWithPriority deprecated, use BBFDM_INSTALL_CORE_PLUGIN #)
-	$(INSTALL_DIR) $(1)/etc/bbfdm/plugins
-	$(INSTALL_DATA) $(3) $(1)/etc/bbfdm/plugins/$(2)_$(shell basename ${3})
-endef

bbfdm/files/etc/bbfdm/bbfdm_services.sh

@@ -0,0 +1,47 @@
+#!/bin/sh
+
+BBFDMD="/usr/sbin/bbfdmd"
+
+bbfdm_add_service()
+{
+	local name path
+
+	name="${1}"
+	path="${2}"
+
+	if [ -z "${name}" -o -z "$path" ]; then
+		return 0;
+	fi
+
+	ubus call service add "{'name':'bbfdm.services','instances':{'$name':{'command':['$BBFDMD','-m','$path']}}}"
+}
+
+bbfdm_stop_service()
+{
+	local name
+
+	name="${1}"
+	if [ -z "${name}" ]; then
+		return 0;
+	fi
+
+	if ubus call service list '{"name":"bbfdm.services"}' |grep -q "bbfdm.$name"; then
+		ubus call service delete "{'name':'bbfdm.services','instance':'bbfdm.$name'}"
+	fi
+}
+
+usages()
+{
+	echo "Usages $0: <OPTIONS>..."
+	echo
+	echo "    -h    show help"
+	echo "    -k    micro-service name to stop"
+	echo
+}
+
+while getopts "s:k:h" opts; do
+	case "$opts" in
+		h) usages; exit 0;;
+		k) bbfdm_stop_service "${OPTARG}";;
+	esac
+done

bbfdm/files/etc/bbfdm/input.json

@@ -4,8 +4,8 @@
                 },
                 "input": {
                         "type": "DotSo",
-                        "name": "/usr/share/bbfdm/libbbfdm.so",
-                        "plugin_dir": "/usr/share/bbfdm/plugins"
+                        "name": "/lib/libbbfdm.so",
+                        "plugin_dir": "/etc/bbfdm/plugins"
                 },
                 "output": {
                         "type": "UBUS",

bbfdm/files/etc/config/bbfdm

@@ -1,11 +1,8 @@
+
 config bbfdmd 'bbfdmd'
-	option enable '1'
+	option enabled '1'
 	option loglevel '1'
-	option refresh_time '120'
+	option refresh_time '10'
 	option transaction_timeout '30'
 	option subprocess_level '2'
 
-config micro_services 'micro_services'
-	option enable '1'
-	option enable_core '0'
-	option enable_respawn '1'

bbfdm/files/etc/firewall.userinterface

@@ -71,12 +71,19 @@ configure_ui_firewall_rule() {
 	local enabled access interface
 	local port=""
 
-	config_get_bool enabled "${sec}" enable '1'
-	config_get access "${sec}" access ""
-	config_get interface "${sec}" interface ""
-	config_get port "${sec}" port ""
+	config_get_bool enabled "${sec}" uci_enable '1'
+	config_get access "${sec}" uci_access ""
+	config_get interface "${sec}" uci_interface ""
 
 	if [ "${enabled}" -eq "1" ] && [ "${access}" == "remote" ] && [ -n "${interface}" ]; then
+		port_list=$(uci -q show nginx."${1}".listen|cut -d'=' -f 2|sed "s/'/ /g"|sed "s/\[\:\:\]\://g")
+		for item in ${port_list}; do
+			if [ -z "${item##[0-9]*}" ]; then
+				port="${item}"
+				break
+			fi
+		done
+
 		if [ -z "${port}" ]; then
 			return 0
 		fi
@@ -112,6 +119,7 @@ config_load userinterface
 config_get_bool serv_enable global enable 1
 
 if [ "${serv_enable}" -eq "1" ]; then
+	config_load nginx
 	# Configure the User Interface rule
-	config_foreach configure_ui_firewall_rule http_access
+	config_foreach configure_ui_firewall_rule server
 fi

bbfdm/files/etc/init.d/bbf_configd

@@ -1,15 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=64
-STOP=10
-
-USE_PROCD=1
-PROG=/usr/sbin/bbf_configd
-
-start_service()
-{
-	procd_open_instance "bbf_configd"
-	procd_set_param command ${PROG}
-	procd_set_param respawn
-	procd_close_instance "bbf_configd"
-}

bbfdm/files/etc/init.d/bbfdm.services

@@ -1,106 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=40
-STOP=8
-
-USE_PROCD=1
-PROG=/usr/sbin/bbfdmd
-
-BBFDM_MICROSERVICE_DIR="/etc/bbfdm/micro_services"
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "${@}"|logger -t bbfdmd.services -p info
-}
-
-validate_bbfdm_micro_service_section()
-{
-	uci_validate_section bbfdm micro_services "micro_services" \
-		'enable:bool:true' \
-		'enable_core:bool:false' \
-		'enable_respawn:bool:true'
-}
-
-_add_microservice()
-{
-	local name path
-	local enable enable_core enable_respawn
-
-	# Check enable from micro-service
-	path="${1}"
-	enable_respawn="${2}"
-	enable_core="${3}"
-
-	name="$(basename ${path})"
-	name="${name//.json}"
-
-	enable="$(jq -r '.daemon.enable//1' ${path})"
-	if [ "${enable}" -eq "0" ]; then
-		log "datamodel micro-service ${name} not enabled"
-		return 0
-	fi
-
-	procd_open_instance "${name}"
-
-	procd_set_param command ${PROG}
-	procd_append_param command -m "${name}"
-
-	if [ "${enable_core}" -eq "1" ]; then
-		procd_set_param limits core="unlimited"
-		procd_set_param stdout 1
-		procd_set_param stderr 1
-	fi
-
-	if [ "${enable_respawn}" -eq "1" ]; then
-		procd_set_param respawn "3600" "5" "5"
-	fi
-	procd_close_instance "${name}"
-}
-
-configure_bbfdm_micro_services()
-{
-	local enable enable_core enable_respawn
-
-	config_load bbfdm
-	validate_bbfdm_micro_service_section || {
-		log "Validation of micro_service section failed"
-		return 1;
-	}
-
-	[ "${enable}" -eq "0" ] && return 0
-
-	if [ -d "${BBFDM_MICROSERVICE_DIR}" ]; then
-		FILES="$(ls -1 ${BBFDM_MICROSERVICE_DIR}/*.json)"
-
-		for file in $FILES;
-		do
-			[ -e "$file" ] || continue
-
-			_add_microservice $file "${enable_respawn}" "${enable_core}"
-		done
-	fi
-}
-
-_start_single_service()
-{
-	local service file
-
-	service="${1}"
-
-	if [ -d "${BBFDM_MICROSERVICE_DIR}" ]; then
-		file="$(ls -1 ${BBFDM_MICROSERVICE_DIR}/${service}.json)"
-		[ -e "$file" ] || return
-
-		_add_microservice $file "0" "0"
-	fi
-}
-
-start_service()
-{
-	if [ -n "${1}" ]; then
-		_start_single_service "${1}"
-	else
-		configure_bbfdm_micro_services
-	fi
-}

bbfdm/files/etc/init.d/bbfdmd

@@ -7,9 +7,7 @@ USE_PROCD=1
 PROG=/usr/sbin/bbfdmd
 
 BBFDM_JSON_INPUT="/etc/bbfdm/input.json"
-BBFDM_TEMP_DIR="/tmp/bbfdm"
-
-. /usr/share/libubox/jshn.sh
+BBFDM_TEMP_JSON="/tmp/bbfdm/input.json"
 
 log() {
 	echo "${@}"|logger -t bbfdmd.init -p info
@@ -18,7 +16,7 @@ log() {
 validate_bbfdm_bbfdmd_section()
 {
 	uci_validate_section bbfdm bbfdmd "bbfdmd" \
-		'enable:bool:true' \
+		'enabled:bool:true' \
 		'sock:string' \
 		'debug:bool:false' \
 		'loglevel:uinteger:1' \
@@ -29,19 +27,20 @@ validate_bbfdm_bbfdmd_section()
 
 configure_bbfdmd()
 {
-	local enable debug sock
+	local enabled debug sock update
 	local jlog jrefresh jtimeout jlevel
 
+	update=0
 	config_load bbfdm
 	validate_bbfdm_bbfdmd_section || {
 		log "Validation of bbfdmd section failed"
 		return 1;
 	}
 
-	[ "${enable}" -eq 0 ] && return 0
+	[ "${enabled}" -eq 0 ] && return 0
 
 	if [ -f "${BBFDM_JSON_INPUT}" ]; then
-		echo "$(jq --arg log ${loglevel} --arg tran ${transaction_timeout} --arg refresh ${refresh_time} --arg level ${subprocess_level} '.daemon.config += {"loglevel": $log, "refresh_time": $refresh, "transaction_timeout": $tran, "subprocess_level": $level}' ${BBFDM_JSON_INPUT})" > "${BBFDM_TEMP_DIR}/input.json"
+		echo "$(jq --arg log ${loglevel} --arg tran ${transaction_timeout} --arg refresh ${refresh_time} --arg level ${subprocess_level} '.daemon.config += {"loglevel": $log, "refresh_time": $refresh, "transaction_timeout": $tran, "subprocess_level": $level}' ${BBFDM_JSON_INPUT})" > ${BBFDM_TEMP_JSON}
 	fi
 
 	procd_set_param command ${PROG}
@@ -57,12 +56,18 @@ configure_bbfdmd()
 
 start_service()
 {
-	mkdir -p ${BBFDM_TEMP_DIR}
-
+	mkdir -p /tmp/bbfdm
 	procd_open_instance "bbfdm"
 	configure_bbfdmd
 	procd_set_param respawn
 	procd_close_instance "bbfdm"
+
+	ubus call service state '{"name":"bbfdm.services", "spawn":true}'
+}
+
+stop_service()
+{
+	ubus call service state '{"name":"bbfdm.services", "spawn":false}'
 }
 
 service_triggers()

bbfdm/files/etc/init.d/userinterface

@@ -0,0 +1,33 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=01
+
+USE_PROCD=1
+
+start_service() {
+	local enable
+
+	config_load userinterface
+	config_get_bool enable global enable 1
+
+	if [ ! -f "/etc/config/nginx" ]; then
+		return 0
+	fi
+
+	if [ "${enable}" -eq "1" ]; then
+		ubus call service state '{"name":"nginx", "spawn":true}'
+	else
+		ubus call service state '{"name":"nginx", "spawn":false}'
+	fi
+
+	# Inject firewall rules
+	procd_open_instance userinterface
+	/etc/firewall.userinterface
+	procd_close_instance
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "userinterface" "nginx"
+}

bbfdm/files/etc/uci-defaults/91-fix-bbfdmd-enabled-option

@@ -1,11 +0,0 @@
-#!/bin/sh
-
-# rename bbfdmd enabled option to enable
-val="$(uci -q get bbfdm.bbfdmd.enabled)"
-if [ -n "${val}" ]; then
-	uci -q set bbfdm.bbfdmd.enabled=""
-	uci -q set bbfdm.bbfdmd.enable="${val}"
-fi
-
-exit 0
-

bbfdm/files/etc/uci-defaults/94-userinterface-json

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+# This deletes the userinterface json plugin if exists in case of upgrade
+if [ -f "/etc/bbfdm/json/UserInterface.json" ]; then
+	rm /etc/bbfdm/json/UserInterface.json
+fi
+
+exit 0
+

bbfdm/files/etc/uci-defaults/99-link-core-plugins

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+UNIFIED_PATH="/etc/bbfdm/plugins/"
+
+# Link JSON plugins
+for f in `ls -1 /etc/bbfdm/json/*.json`; do
+	echo "# BBFDM JSON plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+# Link DotSo plugins
+for f in `ls -1 /usr/lib/bbfdm/*.so`; do
+	echo "# BBFDM DotSO plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+exit 0
+

bbfdm/files/lib/upgrade/keep.d/userinterface

@@ -0,0 +1 @@
+/etc/nginx/allow_host_*

bbfdm/tools/bbfdm.sh

@@ -1,169 +0,0 @@
-#!/bin/bash
-
-BBFDM_BASE_DM_PATH="usr/share/bbfdm"
-BBFDM_INPUT_PATH="etc/bbfdm/micro_services"
-INPUT_TEMPLATE='{"daemon":{"enable":"1","service_name":"template","config":{"loglevel":"1"}}}'
-OUT_NAME=""
-
-MICRO_SERVICE=0
-SCRIPT=0
-DIAG=0
-PLUGIN=0
-DEST=""
-TOOLS="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
-SRC=""
-
-while getopts ":mpsdu:" opt; do
-	case ${opt} in
-	  m)
-	  	MICRO_SERVICE=1
-		;;
-	  p)
-	  	PLUGIN=1
-		;;
-	  s)
-	  	SCRIPT=1
-		;;
-	  d)
-	  	DIAG=1
-		;;
-	  u)
-	  	OUT_NAME="${OPTARG}"
-		;;
-	  ?)
-	  	echo "Invalid option: ${OPTARG}"
-		exit 1
-		;;
-	esac
-done
-shift $((OPTIND-1))
-
-SRC="${1}"
-shift
-DEST="${1}"
-shift
-DATA="${1}"
-
-install_bin() {
-	if ! install -m0755 ${1} ${2}; then
-		echo "Failed to install bin ${1} => ${2}"
-		exit 1
-	fi
-}
-
-install_dir() {
-	if ! install -d -m0755 ${1}; then
-		echo "Failed to create directory ${1}"
-		exit 1
-	fi
-}
-
-install_data() {
-	if ! install -m0644 ${1} ${2}; then
-		echo "Failed to install ${1} => ${2}"
-		exit 1
-	fi
-}
-
-# Installing datamodel
-bbfdm_install_dm()
-{
-	local src dest minfile
-
-	src="$1"
-	dest="$2"
-	minfile=""
-
-	if [ -z ${src} ] || [ -z "${dest}" ] || [ -z "${TOOLS}" ]; then
-		echo "Invalid input option for install dm $@"
-		exit 1
-	fi
-
-	if [ "${src##*.}" = "json" ]; then
-		echo "Compacting BBFDM JSON file"
-		minfile=$(mktemp)
-		jq -c 'del(..|.description?)' ${src} > ${minfile}
-
-		src=${minfile}
-		if dpkg -s python3-jsonschema >/dev/null 2>&1; then
-			echo "Verifying bbfdm Datamodel JSON file"
-			if ! ${TOOLS}/validate_plugins.py ${src}; then
-				echo "Validation of the plugin failed ${src}"
-				exit 1
-			fi
-		else
-			echo "## Install python3-jsonschema to verify datamodel plugins"
-		fi
-	fi
-
-	install_bin ${src} ${dest}
-
-	if [ -f "${minfile}" ]; then
-		rm ${minfile}
-	fi
-}
-
-bbfdm_generate_input()
-{
-	local dest ser
-
-	dest_dir=${1}
-	ser=${2}
-	dest=${dest_dir}/${ser}.json
-
-	if [ -n "${OUT_NAME}" ]; then
-		echo ${INPUT_TEMPLATE} | jq --arg service "${ser}" --arg OUT "${OUT_NAME}" '.daemon |= (.service_name = $service |.output.name = $OUT)' > ${dest}
-	else
-		echo ${INPUT_TEMPLATE} | jq --arg service "${ser}" '.daemon.service_name = $service' > ${dest}
-	fi
-
-	chmod 466 ${dest}
-}
-
-if [ -z "$SRC" ] || [ -z "${DEST}" ] ; then
-	echo "# BBFDM Null value in src[${SRC}], dest[${DEST}]"
-	exit 1
-fi
-
-if [ "${SCRIPT}" -eq "1" ]; then
-	if [ "${DIAG}" -eq "1" ]; then
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/bbf_diag
-		install_bin ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/bbf_diag/
-	else
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/scripts
-		install_bin ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/
-	fi
-	exit 0
-fi
-
-if [ "${MICRO_SERVICE}" -eq "1" ]; then
-	if [ -z "${DATA}" ]; then
-		echo "# service_name[${DATA}] not provided"
-		exit 1
-	fi
-
-	if [ "${PLUGIN}" -ne "1" ]; then
-		extn="$(basename ${SRC})"
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services
-		bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}.${extn##*.}
-
-		# main micro-service datamodel plugin, create an input file as well
-		install_dir ${DEST}/${BBFDM_INPUT_PATH}
-		bbfdm_generate_input ${DEST}/${BBFDM_INPUT_PATH}/ ${DATA}
-	else
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}
-		bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}/$(basename ${SRC})
-	fi
-else
-	if [ "${PLUGIN}" -eq "1" ]; then
-		priority="${DATA:-0}"
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/plugins
-		if [ "${priority}" -gt "0" ]; then
-			# install with priority if defined
-			bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/plugins/${priority}_$(basename ${SRC})
-		else
-			bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/plugins/$(basename ${SRC})
-		fi
-	fi
-fi
-

bbfdm/tools/validate_plugins.py

@@ -1,330 +0,0 @@
-#!/usr/bin/python3
-
-# Copyright (C) 2024 iopsys Software Solutions AB
-# Author: Amin Ben Romdhane <amin.benromdhane@iopsys.eu>
-
-import sys
-import json
-from jsonschema import validate
-
-JSON_PLUGIN_VERSION = 0
-
-obj_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"object"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"uniqueKeys" : {"type" : "array"},
-		"access" : {"type" : "boolean"},
-		"array" : {"type" : "boolean"},
-		"mapping" : {"type" : "object", "properties" : {
-				"type" : {"$ref": "#/definitions/map_type_t"},
-				"uci" : {"type" : "object", "properties" : {
-						"file" : {"type": "string"},
-						"section" : {"type": "object", "properties" : {
-								"type" : {"type": "string"}
-							}
-						},
-						"dmmapfile" : {"type": "string"}
-					}
-				},
-				"ubus" : {"type" : "object", "properties" : {
-						"object" : {"type": "string"},
-						"method" : {"type": "string"},
-						"args" : {"type": "object"},
-						"key" : {"type": "string"}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"array",
-		"access"
-	]
-}
-
-obj_schema_v1 = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"object"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp",
-				"none"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"uniqueKeys" : {"type" : "array"},
-		"access" : {"type" : "boolean"},
-		"array" : {"type" : "boolean"},
-		"mapping" : {"type" : "array", "items" : {
-			"type" : "object", "properties" : {
-				"type" : {"$ref": "#/definitions/map_type_t"},
-					"uci" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"},
-							"section" : {"type": "object", "properties" : {
-									"type" : {"type": "string"}
-								}
-							},
-							"dmmapfile" : {"type": "string"}
-						}
-					},
-					"ubus" : {"type" : "object", "properties" : {
-							"object" : {"type": "string"},
-							"method" : {"type": "string"},
-							"args" : {"type": "object"},
-							"key" : {"type": "string"}
-						}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"array",
-		"access"
-	]
-}
-
-param_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"string",
-				"unsignedInt",
-				"unsignedLong",
-				"int",
-				"long",
-				"boolean",
-				"dateTime",
-				"hexBinary",
-				"base64",
-				"decimal"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus",
-				"procfs",
-				"sysfs",
-				"json",
-				"uci_sec"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp",
-				"none"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"read" : {"type" : "boolean"},
-		"write" : {"type" : "boolean"},
-		"mapping" : {"type" : "array", "items" : {"type": "object", "properties" : {
-					"type" : {"$ref": "#/definitions/map_type_t"},
-					"uci" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"},
-							"section" : {"type": "object", "properties" : {
-									"type" : {"type": "string"},
-									"index" : {"type": "string"}
-								}
-							},
-							"option" : {"type": "object", "properties" : {
-									"name" : {"type": "string"}								}
-							}
-						}
-					},
-					"ubus" : {"type" : "object", "properties" : {
-							"object" : {"type": "string"},
-							"method" : {"type": "string"},
-							"args" : {"type": "object"},
-							"key" : {"type": "string"}
-						}
-					},
-					"procfs" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"}
-						}
-					},
-					"sysfs" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"}
-						}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"read",
-		"write"
-	]
-}
-
-event_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"event"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}}
-	},
-	"required": [
-		"type",
-		"protocols"
-	]
-}
-
-command_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"command"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"async" : {"type" : "boolean"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"input" : {"type" : "object"},
-		"output" : {"type" : "object"}
-	},
-	"required": [
-		"type",
-		"async",
-		"protocols"
-	]
-}
-
-def print_validate_json_usage():
-    print("Usage: " + sys.argv[0] + " <dm json file>")
-    print("Examples:")
-    print("  - " + sys.argv[0] + " datamodel.json")
-    print("    ==> Validate the json file")
-    print("")
-    exit(1)
-
-def parse_value( key , value ):
-
-    if key.endswith('.') and not key.startswith('Device.'):
-        print(key + " is not a valid path")
-        exit(1)
-
-    if key.endswith('.') and (JSON_PLUGIN_VERSION == 1 or JSON_PLUGIN_VERSION == 2):
-        __schema = obj_schema_v1
-    elif key.endswith('.'):
-        __schema = obj_schema
-    elif key.endswith('!'):
-        __schema = event_schema
-    elif key.endswith('()'):
-        __schema = command_schema
-    else:
-        __schema = param_schema
-    
-    validate(instance = value, schema = __schema)
-    
-    for k, v in value.items():
-        if k != "list" and k != "mapping" and k != "input" and k != "output" and isinstance(v, dict):
-            parse_value(k, v)
-
-### main ###
-if len(sys.argv) < 2:
-    print_validate_json_usage()
-    
-json_file = open(sys.argv[1], "r", encoding='utf-8')
-try:
-    json_data = json.loads(json_file.read())
-except ValueError:
-    print(sys.argv[1] + " file has a wrong JSON format!!!!!")
-    exit(1)
-
-for __key, __value in json_data.items():
-
-    if __key == "json_plugin_version":
-
-        if not isinstance(__value, int) or __value not in [0, 1, 2]:
-            raise ValueError("Invalid value for json_plugin_version")
-
-        JSON_PLUGIN_VERSION = __value
-        continue
-
-    parse_value(__key , __value)
-
-print("JSON File is Valid")

bridgemngr/Config.in

@@ -1,11 +0,0 @@
-if PACKAGE_bridgemngr
-
-menu "Configuration"
-
-config BRIDGEMNGR_BRIDGE_VLAN
-	bool "Use bridge-vlan backend"
-	help
-	   Set this option to use bridge-vlan as backend for VLAN objects.
-
-endmenu
-endif

bridgemngr/Makefile

@@ -1,61 +0,0 @@
-#
-# Copyright (C) 2020-2024 iopsys
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=bridgemngr
-PKG_VERSION:=1.0.5
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr
-PKG_SOURCE_VERSION:=c0f2e17f6d4f96aecfe72ab90be885939413176d
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=GPL-2.0-only
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-define Package/bridgemngr
- CATEGORY:=Utilities
- TITLE:=Bridge Manager
- DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api
-endef
-
-define Package/bridgemngr/description
-	Package to add Device.Bridging. data model support.
-endef
-
-define Package/$(PKG_NAME)/config
-	source "$(SOURCE)/Config.in"
-endef
-
-MAKE_PATH:=src
-
-TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
-
-ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VLAN),y)
-	TARGET_CFLAGS += -DBRIDGE_VLAN_BACKEND
-endif
-
-define Package/bridgemngr/install
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libbridgemngr.so $(1) $(PKG_NAME)
-ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libbridgeext.so $(1) $(PKG_NAME)
-endif
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) ~/git/bridgemngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-$(eval $(call BuildPackage,bridgemngr))

bulkdata/Makefile

@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.10
+PKG_VERSION:=2.1.3
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=e472e90feec31d9f318ea8c732ab564002e25db1
+PKG_SOURCE_VERSION:=f556410b51a2248f11358793f11ae54d3e53e85e
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -22,7 +22,6 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
 
 define Package/$(PKG_NAME)
   SECTION:=utils
@@ -44,14 +43,10 @@ endif
 
 define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bulkdatad $(1)/usr/sbin/
-	$(INSTALL_DATA) ./files/etc/config/bulkdata $(1)/etc/config/
-	$(INSTALL_BIN) ./files/etc/init.d/bulkdatad $(1)/etc/init.d/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/95-bulkdata-translation-options $(1)/etc/uci-defaults/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/bbf_plugin/bulkdata.json $(1) $(PKG_NAME)
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bulkdatad $(1)/usr/sbin/	
+	$(INSTALL_DIR) $(1)/etc/bulkdata
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bbf_plugin/*.json $(1)/etc/bulkdata
+	$(CP) ./files/* $(1)/
 endef
 
 $(eval $(call BuildPackage,$(PKG_NAME)))

bulkdata/bulkdata/usr/share/bbfdm/micro_services/bulkdata.json

@@ -1,960 +0,0 @@
-{
-	"json_plugin_version": 2,
-	"Device.BulkData.": {
-		"type": "object",
-		"protocols": [
-			"cwmp",
-			"usp"
-		],
-		"access": false,
-		"array": false,
-		"Enable": {
-			"type": "boolean",
-			"read": true,
-			"write": true,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "boolean",
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"name": "bulkdata"
-						},
-						"option": {
-							"name": "enable"
-						}
-					}
-				}
-			]
-		},
-		"Status": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "string",
-			"enumerations": [
-				"Enabled",
-				"Disabled",
-				"Error"
-			],
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"name": "bulkdata"
-						},
-						"option": {
-							"name": "enable"
-						}
-					}
-				}
-			]
-		},
-		"MinReportingInterval": {
-			"type": "unsignedInt",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "0",
-			"datatype": "unsignedInt",
-			"unit": "seconds"
-		},
-		"Protocols": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "HTTP",
-			"list": {
-				"datatype": "string",
-				"enumerations": [
-					"Streaming",
-					"File",
-					"HTTP",
-					"MQTT"
-				]
-			}
-		},
-		"EncodingTypes": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "JSON,CSV",
-			"list": {
-				"datatype": "string",
-				"enumerations": [
-					"XML",
-					"XDR",
-					"CSV",
-					"JSON"
-				]
-			}
-		},
-		"ParameterWildCardSupported": {
-			"type": "boolean",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "1",
-			"datatype": "boolean"
-		},
-		"MaxNumberOfProfiles": {
-			"type": "int",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "-1",
-			"datatype": "int",
-			"range": [
-				{
-					"min": -1
-				}
-			]
-		},
-		"MaxNumberOfParameterReferences": {
-			"type": "int",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "-1",
-			"datatype": "int",
-			"range": [
-				{
-					"min": -1
-				}
-			]
-		},
-		"ProfileNumberOfEntries": {
-			"type": "unsignedInt",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "unsignedInt",
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"type": "profile"
-						},
-						"option": {
-							"name": "@Count"
-						}
-					}
-				}
-			]
-		},
-		"Device.BulkData.Profile.{i}.": {
-			"type": "object",
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"access": true,
-			"array": true,
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"type": "profile"
-						},
-						"dmmapfile": "dmmap_bulkdata"
-					}
-				}
-			],
-			"Enable": {
-				"type": "boolean",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "boolean",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "enable"
-					}
-				]
-			},
-			"Alias": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "Alias",
-				"range": [
-					{
-						"max": 64
-					}
-				],
-				"flags": [
-					"Unique"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "alias"
-					}
-				]
-			},
-			"Name": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"range": [
-					{
-						"max": 255
-					}
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "name"
-					}
-				]
-			},
-			"NumberOfRetainedFailedReports": {
-				"type": "int",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "int",
-				"range": [
-					{
-						"min": -1
-					}
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "nbre_of_retained_failed_reports"
-					}
-				]
-			},
-			"Protocol": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"enumerations": [
-					"Streaming",
-					"File",
-					"HTTP"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "protocol"
-					}
-				]
-			},
-			"EncodingType": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"enumerations": [
-					"XML",
-					"XDR",
-					"CSV",
-					"JSON"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "encoding_type"
-					}
-				]
-			},
-			"ReportingInterval": {
-				"type": "unsignedInt",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "unsignedInt",
-				"range": [
-					{
-						"min": 1
-					}
-				],
-				"unit": "seconds",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "reporting_interval"
-					}
-				]
-			},
-			"TimeReference": {
-				"type": "dateTime",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "dateTime",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "time_reference"
-					}
-				]
-			},
-			"ParameterNumberOfEntries": {
-				"type": "unsignedInt",
-				"read": true,
-				"write": false,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "unsignedInt",
-				"mapping": [
-					{
-						"type": "uci",
-						"uci": {
-							"file": "bulkdata",
-							"section": {
-								"type": "profile_parameter"
-							},
-							"option": {
-								"name": "@Count"
-							}
-						}
-					}
-				]
-			},
-			"Device.BulkData.Profile.{i}.Parameter.{i}.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": true,
-				"array": true,
-				"mapping": [
-					{
-						"type": "uci",
-						"uci": {
-							"file": "bulkdata",
-							"section": {
-								"type": "profile_parameter"
-							},
-							"dmmapfile": "dmmap_bulkdata"
-						}
-					}
-				],
-				"Name": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 64
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "name"
-						}
-					]
-				},
-				"Reference": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "reference"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.CSVEncoding.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"FieldSeparator": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_field_separator"
-						}
-					]
-				},
-				"RowSeparator": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_row_separator"
-						}
-					]
-				},
-				"EscapeCharacter": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_escape_character"
-						}
-					]
-				},
-				"ReportFormat": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"ParameterPerRow",
-						"ParameterPerColumn"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_report_format"
-						}
-					]
-				},
-				"RowTimestamp": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"Unix-Epoch",
-						"ISO-8601",
-						"None"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_row_time_stamp"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.JSONEncoding.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"ReportFormat": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"ObjectHierarchy",
-						"NameValuePair"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "json_encoding_report_format"
-						}
-					]
-				},
-				"ReportTimestamp": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"Unix-Epoch",
-						"ISO-8601",
-						"None"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "json_encoding_report_time_stamp"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.HTTP.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"URL": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "URL",
-					"range": [
-						{
-							"max": 2048
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_url"
-						}
-					]
-				},
-				"Username": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_username"
-						}
-					]
-				},
-				"Password": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"flags": [
-						"Secure"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_password"
-						}
-					]
-				},
-				"CompressionsSupported": {
-					"type": "string",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"default": "GZIP",
-					"list": {
-						"datatype": "string",
-						"enumerations": [
-							"GZIP",
-							"Compress",
-							"Deflate"
-						]
-					}
-				},
-				"Compression": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"GZIP",
-						"Compress",
-						"Deflate"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_compression"
-						}
-					]
-				},
-				"MethodsSupported": {
-					"type": "string",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"default": "POST,PUT",
-					"list": {
-						"datatype": "string",
-						"enumerations": [
-							"POST",
-							"PUT"
-						]
-					}
-				},
-				"Method": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"POST",
-						"PUT"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_method"
-						}
-					]
-				},
-				"UseDateHeader": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_use_date_header"
-						}
-					]
-				},
-				"RetryEnable": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_enable"
-						}
-					]
-				},
-				"RetryMinimumWaitInterval": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"range": [
-						{
-							"min": 1,
-							"max": 65535
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_minimum_wait_interval"
-						}
-					]
-				},
-				"RetryIntervalMultiplier": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"range": [
-						{
-							"min": 1000,
-							"max": 65535
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_interval_multiplier"
-						}
-					]
-				},
-				"RequestURIParameterNumberOfEntries": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"mapping": [
-						{
-							"type": "uci",
-							"uci": {
-								"file": "bulkdata",
-								"section": {
-									"type": "profile_http_request_uri_parameter"
-								},
-								"option": {
-									"name": "@Count"
-								}
-							}
-						}
-					]
-				},
-				"PersistAcrossReboot": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_persist_across_reboot"
-						}
-					]					
-				},
-				"Device.BulkData.Profile.{i}.HTTP.RequestURIParameter.{i}.": {
-					"type": "object",
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"access": true,
-					"array": true,
-					"mapping": [
-						{
-							"type": "uci",
-							"uci": {
-								"file": "bulkdata",
-								"section": {
-									"type": "profile_http_request_uri_parameter"
-								},
-								"dmmapfile": "dmmap_bulkdata"
-							}
-						}
-					],
-					"Name": {
-						"type": "string",
-						"read": true,
-						"write": true,
-						"protocols": [
-							"cwmp",
-							"usp"
-						],
-						"datatype": "string",
-						"range": [
-							{
-								"max": 64
-							}
-						],
-						"mapping": [
-							{
-								"data": "@Parent",
-								"type": "uci_sec",
-								"key": "name"
-							}
-						]
-					},
-					"Reference": {
-						"type": "string",
-						"read": true,
-						"write": true,
-						"protocols": [
-							"cwmp",
-							"usp"
-						],
-						"datatype": "string",
-						"range": [
-							{
-								"max": 256
-							}
-						],
-						"mapping": [
-							{
-								"data": "@Parent",
-								"type": "uci_sec",
-								"key": "reference"
-							}
-						]
-					}
-				}
-			}
-		}
-	}
-}

bulkdata/files/etc/bulkdata/input.json

@@ -0,0 +1,15 @@
+{
+	"daemon": {
+		"input": {
+			"type": "JSON",
+			"name": "/etc/bulkdata/bulkdata.json"
+		},
+		"output": {
+			"type": "UBUS",
+			"name": "bbfdm.bulkdata",
+			"parent_dm": "Device.",
+			"object": "BulkData",
+			"root_obj": "bbfdm"
+		}
+	}
+}

bulkdata/files/etc/init.d/bulkdatad

@@ -3,8 +3,11 @@
 START=60
 STOP=10
 
+. /etc/bbfdm/bbfdm_services.sh
+
 USE_PROCD=1
 PROG="/usr/sbin/bulkdatad"
+BULKDATA_JSON_INPUT="/etc/bulkdata/input.json"
 
 start_service() {
 	local enable
@@ -18,6 +21,8 @@ start_service() {
 		procd_set_param respawn
 		procd_close_instance "bulkdata"
 	}
+
+	bbfdm_add_service "bbfdm.bulkdata" "${BULKDATA_JSON_INPUT}"
 }
 
 reload_service() {

capiagent/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=capiagent
-PKG_VERSION:=2.1.1
+PKG_VERSION:=2.1.0
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=136cab3a9f1eec0132db9fa3f7bb1c8748ce1449
+PKG_SOURCE_VERSION:=3e671db8f567b19c109fc13b25bc571c4c73a962
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/capiagent.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -31,7 +31,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/capiagent
   TITLE+= capiagent (daemon implementing Wi-Fi Alliance's CAPI commands)
   DEPENDS= +libubox +libuci +libubus +libnl-genl +libeasy +libwifi \
-	   +libjson-c +libblobmsg-json +ubus +libieee1905 +libwifiutils
+	   +libjson-c +libblobmsg-json +ubus +libieee1905
 endef
 
 define Package/capiagent/description

csmngr/Makefile

@@ -1,64 +0,0 @@
-#
-# Copyright (C) 2020-2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=csmngr
-PKG_VERSION:=1.0.2
-
-LOCAL_DEV=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=5e50fe388fff29b08d895c1c580152cccfa290ad
-PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/csmngr.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-
-PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-
-PKG_CONFIG_DEPENDS := \
-		     CONFIG_PACKAGE_libwifiutils \
-		     CONFIG_PACKAGE_libwifi
-
-PKG_BUILD_DEPENDS := libwifi
-
-include $(INCLUDE_DIR)/package.mk
-
-
-MAKE_PATH:=src
-
-define Package/csmngr
-  SECTION:=utils
-  CATEGORY:=Utilities
-  TITLE:=WiFi channel selection manager
-  DEPENDS:=+libwifiutils +libwifi +libuci +libubox +ubus +libnl-genl
-endef
-
-define Package/csmngr/description
- WiFi Auto Channel Selection manager.
-endef
-
-TARGET_CFLAGS += \
-	-I$(STAGING_DIR)/usr/include \
-	-I$(STAGING_DIR)/usr/include/libnl3 \
-	-D_GNU_SOURCE
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-  rsync -r --exclude=.* ~/git/csmngr/ $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/csmngr/install
-	$(CP) ./files/* $(1)/
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/csmngr $(1)/usr/sbin/
-endef
-
-$(eval $(call BuildPackage,csmngr))

csmngr/files/etc/init.d/csmngr

@@ -1,21 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=95
-STOP=10
-
-USE_PROCD=1
-PROG=/usr/sbin/csmngr
-
-start_service() {
-	procd_open_instance
-	procd_set_param command ${PROG}
-#	procd_set_param stderr 1                    #for debugging only
-#	procd_set_param respawn
-	procd_close_instance
-}
-
-reload_service() {
-        stop
-        start
-}
-

ddnsmngr/Config.in

@@ -1,16 +0,0 @@
-if PACKAGE_ddnsmngr
-choice
-	prompt "Select backend for dynamic DNS management"
-	default DDNSMNGR_BACKEND_DDNSSCRIPT
-	depends on PACKAGE_ddnsmngr
-	help
-		Select which package to use for dynamic DNS support
-
-config DDNSMNGR_BACKEND_DDNSSCRIPT
-	bool "Use ddns_script"
-
-config DDNSMNGR_BACKEND_INADYN
-	bool "Use inadyn"
-
-endchoice
-endif

ddnsmngr/Makefile

@@ -1,77 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=ddnsmngr
-PKG_VERSION:=1.0.7
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
-PKG_SOURCE_VERSION:=4b0c679c4dc3e3725de5c0c55ed60f24b87c6edd
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-PKG_CONFIG_DEPENDS:=CONFIG_DDNSMNGR_BACKEND_DDNSSCRIPT CONFIG_DDNSMNGR_BACKEND_INADYN
-
-include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
-
-define Package/$(PKG_NAME)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  SUBMENU:=TRx69
-  TITLE:=Dynamic DNS manager
-  DEPENDS:=+libbbfdm-api +DDNSMNGR_BACKEND_DDNSSCRIPT:ddns-scripts +DDNSMNGR_BACKEND_INADYN:inadyn
-  MENU:=1
-endef
-
-define Package/$(PKG_NAME)/config
-	source "$(SOURCE)/Config.in"
-endef
-
-MAKE_PATH:=src
-
-define Package/$(PKG_NAME)/description
-	Manage dynamic DNS updation and provides Device.DynamicDNS. datamodel object based on TR181-2.16
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/ddnsmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/$(PKG_NAME)/install
-	$(INSTALL_DIR) $(1)/etc/ddnsmngr/ddns
-	$(INSTALL_DIR) $(1)/etc/ddnsmngr/servers
-	$(INSTALL_DIR) $(1)/usr/lib/ddnsmngr
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(INSTALL_DATA) ./files/etc/config/ddnsmngr $(1)/etc/config/ddnsmngr
-	$(INSTALL_BIN) ./files/etc/uci-defaults/01-ddns-config-migrate $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/init.d/ddnsmngr $(1)/etc/init.d/ddnsmngr
-ifeq ($(CONFIG_DDNSMNGR_BACKEND_DDNSSCRIPT),y)
-	$(INSTALL_BIN) ./files/usr/lib/ddns_script/ddnsmngr_service.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/ddns-script/usr/lib/ddnsmngr/ddnsmngr_updater.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/ddns-script/server/* $(1)/etc/ddnsmngr/servers
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/ddns-script/usr/libexec/rpcd/ddnsmngr $(1)/usr/libexec/rpcd/ddnsmngr
-endif
-ifeq ($(CONFIG_DDNSMNGR_BACKEND_INADYN),y)
-	$(INSTALL_BIN) ./files/usr/lib/inadyn/ddnsmngr_service.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/inadyn/server/* $(1)/etc/ddnsmngr/servers
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/inadyn/usr/libexec/rpcd/ddnsmngr $(1)/usr/libexec/rpcd/ddnsmngr
-endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libddnsmngr.so $(1) $(PKG_NAME)
-endef
-
-
-$(eval $(call BuildPackage,$(PKG_NAME)))

ddnsmngr/files/etc/config/ddnsmngr

@@ -1,23 +0,0 @@
-config ddnsmngr 'global'
-	option configfile '/var/run/ddnsmngr/ddnsmngr.json'
-	option ddns_dateformat '%F %R'
-	option ddns_rundir '/var/run/ddnsmngr'
-	option ddns_logdir '/var/log/ddnsmngr'
-	option ddns_loglines '250'
-	option upd_privateip '0'
-	option use_curl '1'
-
-config server 'ddns_server_1'
-	option enabled '1'
-	option service 'dynu.com'
-	option name 'dynu.com'
-
-config server 'ddns_server_2'
-	option enabled '1'
-	option service 'dyndns.org'
-	option name 'dyndns.org'
-
-config server 'ddns_server_3'
-	option enabled '1'
-	option service 'zoneedit.com'
-	option name 'zoneedit.com'

ddnsmngr/files/etc/init.d/ddnsmngr

@@ -1,26 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=80
-STOP=10
-USE_PROCD=1
-
-. /usr/lib/ddnsmngr/ddnsmngr_service.sh
-
-start_service() {
-	start_ddnsmngr_service
-}
-
-stop_service() {
-	stop_ddnsmngr_service
-}
-
-reload_service() {
-	stop
-	sleep 1
-	start
-}
-
-service_triggers() {
-	procd_add_reload_trigger ddnsmngr
-	add_ddnsmngr_triggers
-}

ddnsmngr/files/etc/uci-defaults/01-ddns-config-migrate

@@ -1,170 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-cl_id=1
-srv_id=1
-
-function get_ddns_config_option() {
-	local val
-
-	val="$(uci -q get ddns.${1}.${2})"
-
-	if [ -z "${val}" ] && [ -n "${3}" ]; then
-		val="${3}"
-	fi
-
-	echo "${val}"
-}
-
-function config_supported_service() {
-	if ! uci -q get ddnsmngr.global >/dev/null 2>&1; then
-		uci -q set ddnsmngr.global="ddnsmngr"
-	fi
-
-	servers=""
-
-	for i in $(find /etc/ddnsmngr/servers/ -name '*.json' | cut -d'/' -f 5 | sed "s/.json//")
-	do
-		if [ -z "${servers}" ]; then
-			servers="${i}"
-		else
-			servers="${servers},${i}"
-		fi
-	done
-
-	uci -q set ddnsmngr.global.supported_services="${servers}"
-}
-
-function migrate_service_section() {
-	client_sec=""
-	enabled="$(get_ddns_config_option ${1} enabled "0")"
-	service_name="$(get_ddns_config_option ${1} service_name)"
-	interface="$(get_ddns_config_option ${1} interface)"
-	ip_network="$(get_ddns_config_option ${1} ip_network)"
-	username="$(get_ddns_config_option ${1} username)"
-	password="$(get_ddns_config_option ${1} password)"
-	lookup_host="$(get_ddns_config_option ${1} lookup_host)"
-	use_ipv6="$(get_ddns_config_option ${1} use_ipv6 "0")"
-	force_ipversion="$(get_ddns_config_option ${1} force_ipversion "0")"
-	use_https="$(get_ddns_config_option ${1} use_https "0")"
-	force_dnstcp="$(get_ddns_config_option ${1} force_dnstcp "0")"
-
-	if [ -z "${service_name}" ]; then
-		uci -q delete ddns."${1}"
-		return 0
-	fi
-
-	# check server file is present in device
-	if [ ! -f "/etc/ddnsmngr/servers/${service_name}.json" ]; then
-		uci -q delete ddns."${1}"
-		return 0
-	fi
-
-	# Check if client section is already added for this service
-	clients=$(uci -q show ddnsmngr | grep "=client")
-	client_count=$(echo "${clients}" | wc -l)
-
-	tmp=0
-	while [ $tmp -lt $client_count ]
-	do
-		mngr_serv="$(uci -q get ddnsmngr.@client[$tmp].service_name)"
-		mngr_intf="$(uci -q get ddnsmngr.@client[$tmp].interface)"
-		mngr_netw="$(uci -q get ddnsmngr.@client[$tmp].ip_network)"
-		mngr_user="$(uci -q get ddnsmngr.@client[$tmp].username)"
-		mngr_ipv6="$(uci -q get ddnsmngr.@client[$tmp].use_ipv6)"
-		mngr_forceip="$(uci -q get ddnsmngr.@client[$tmp].force_ipversion)"
-		mngr_https="$(uci -q get ddnsmngr.@client[$tmp].use_https)"
-		mngr_dnstcp="$(uci -q get ddnsmngr.@client[$tmp].force_dnstcp)"
-
-		[ -z "${mngr_ipv6}" ] && mngr_ipv6="0"
-		[ -z "${mngr_forceip}" ] && mngr_forceip="0"
-		[ -z "${mngr_https}" ] && mngr_https="0"
-		[ -z "${mngr_dnstcp}" ] && mngr_dnstcp="0"
-
-		if [ "${mngr_serv}" == "${service_name}" ] && [ "${mngr_intf}" == "${interface}" ] && \
-		   [ "${mngr_netw}" == "${ip_network}" ] && [ "${mngr_user}" == "${username}" ] && \
-		   [ "${mngr_ipv6}" == "${use_ipv6}" ] && [ "${mngr_forceip}" == "${force_ipversion}" ] && \
-		   [ "${mngr_https}" == "${use_https}" ] && [ "${mngr_dnstcp}" == "${force_dnstcp}" ]; then
-			break
-		fi
-
-		tmp=$(( tmp + 1 ))
-	done
-
-	if [ $tmp -ne $client_count ]; then
-		i=0
-		for client in $clients; do
-			if [ $i -eq $tmp ]; then
-				client_sec="$(echo $client | cut -d'=' -f 1 | cut -d'.' -f 2)"
-				break
-			fi
-			i=$(( i + 1 ))
-		done
-
-		if [ $enabled -eq 1 ]; then
-			uci -q set ddnsmngr."${client_sec}".enabled="1"
-		fi
-	else
-		client_sec=ddns_mig_client_"${cl_id}"
-
-		uci -q set ddnsmngr."${client_sec}"="client"
-		uci -q set ddnsmngr."${client_sec}".enabled="${enabled}"
-		uci -q set ddnsmngr."${client_sec}".service_name="${service_name}"
-		uci -q set ddnsmngr."${client_sec}".interface="${interface}"
-		uci -q set ddnsmngr."${client_sec}".ip_network="${ip_network}"
-		uci -q set ddnsmngr."${client_sec}".username="${username}"
-		uci -q set ddnsmngr."${client_sec}".password="${password}"
-		uci -q set ddnsmngr."${client_sec}".use_ipv6="${use_ipv6}"
-		uci -q set ddnsmngr."${client_sec}".force_ipversion="${force_ipversion}"
-		uci -q set ddnsmngr."${client_sec}".use_https="${use_https}"
-		uci -q set ddnsmngr."${client_sec}".force_dnstcp="${force_dnstcp}"
-
-		cl_id=$(( cl_id + 1 ))
-
-		# add server section if not added
-		servers=$(uci -q show ddnsmngr | grep "service=\'${service_name}\'")
-		if [ -z "${servers}" ]; then
-			server_sec=ddns_mig_server_"${srv_id}"
-			uci -q set ddnsmngr."${server_sec}"="server"
-			uci -q set ddnsmngr."${server_sec}".enabled="1"
-			uci -q set ddnsmngr."${server_sec}".service="${service_name}"
-			uci -q set ddnsmngr."${server_sec}".name="${service_name}"
-
-			srv_id=$(( srv_id + 1 ))
-		fi
-	fi
-
-
-	# if lookup_host is set then add host section
-	if [ -n "${lookup_host}" ] && [ -n "${client_sec}" ]; then
-		# check number of hosts present for this client
-		host_count=$(uci -q show ddnsmngr | grep "dm_parent=\'${client_sec}\'" | wc -l)
-		host_ix=$(( host_count + 1 ))
-		host_sec="${client_sec}"_host_"${host_ix}"
-
-		uci -q set ddnsmngr."${host_sec}"="host"
-		uci -q set ddnsmngr."${host_sec}".enabled="${enabled}"
-		uci -q set ddnsmngr."${host_sec}".lookup_host="${lookup_host}"
-		uci -q set ddnsmngr."${host_sec}".dm_parent="${client_sec}"
-	fi
-
-	uci -q delete ddns."${1}"
-}
-
-function migrate_ddns_config() {
-	if [ ! -f "/etc/config/ddnsmngr" ]; then
-		# Create ddnsmngr config file
-		touch /etc/config/ddnsmngr
-	fi
-
-	config_supported_service
-
-	config_load ddns
-	config_foreach migrate_service_section service
-
-	uci -q commit ddns
-	uci -q commit ddnsmngr
-}
-
-migrate_ddns_config

ddnsmngr/files/usr/lib/ddns_script/ddnsmngr_service.sh

@@ -1,169 +0,0 @@
-#! /bin/sh
-
-RUNDIR="/var/run/ddnsmngr"
-LOGDIR="/var/log/ddnsmngr"
-PROG="/usr/lib/ddnsmngr/ddnsmngr_updater.sh"
-CONFIGFILE="/var/run/ddnsmngr/ddnsmngr.json"
-CLIENT_INTFS=""
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "$*"|logger -t ddnsmngr.init -p debug
-}
-
-validate_host_section() {
-	uci_validate_section ddnsmngr host "${1}" \
-		'enabled:bool:0' \
-		'lookup_host:string' \
-		'dm_parent:string'
-}
-
-validate_client_section() {
-	uci_validate_section ddnsmngr client "${1}" \
-		'enabled:bool:0' \
-		'service_name:string' \
-		'interface:string' \
-		'ip_network:string' \
-		'username:string' \
-		'password:string' \
-		'use_https:bool:0' \
-		'force_dnstcp:bool:0' \
-		'use_ipv6:bool:0' \
-		'force_ipversion:bool:0'
-}
-
-add_object() {
-	local enabled lookup_host dm_parent use_ipv6 force_ipversion proc_info_file
-	local service_name interface ip_network username password use_https force_dnstcp
-
-	validate_host_section "${1}" || {
-		log "Validation of host section failed"
-		return 0
-	}
-
-	if [ "${enabled}" -ne 1 ] || [ -z "${dm_parent}" ]; then
-		return 0
-	fi
-
-	validate_client_section "${dm_parent}" || {
-		log "Validation of client section failed"
-		return 0 
-	}
-
-	if [ "${enabled}" -ne 1 ]; then
-		return 0
-	fi
-
-	service_name=$(uci -q get ddnsmngr.${dm_parent}.service_name)
-	if [ -z "${service_name}" ]; then
-		return 0
-	fi
-
-	service_section=$(uci -q show ddnsmngr | grep "service=\'${service_name}\'" | cut -d'.' -f 2 | head -1)
-	if [ -z "${service_section}" ]; then
-		return 0
-	fi
-
-	service_enabled=$(uci -q get ddnsmngr.${service_section}.enabled)
-	if [ "${service_enabled}" -ne 1 ]; then
-		return 0
-	fi
-
-	json_add_object
-	json_add_string "interface" "${interface}"
-	json_add_string "service_name" "${service_name}"
-	json_add_string "username" "${username}"
-	json_add_string "password" "${password}"
-	json_add_string "lookup_host" "${lookup_host}"
-	json_add_string "ip_network" "${ip_network}"
-	json_add_string "proc_info_file" "${1}"
-	json_add_string "use_ipv6" "${use_ipv6}"
-	json_add_string "force_ipversion" "${force_ipversion}"
-	json_add_string "use_https" "${use_https}"
-	json_add_string "force_dnstcp" "${force_dnstcp}"
-	json_close_object
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	for intf in $CLIENT_INTFS; do
-		if [ "${intf}" == "${interface}" ]; then
-			return 0
-		fi
-	done
-
-	CLIENT_INTFS="${CLIENT_INTFS} ${interface}"
-}
-
-start_ddnsmngr_service() {
-	run_dir=$(uci -q get ddnsmngr.global.ddns_rundir)
-	log_dir=$(uci -q get ddnsmngr.global.ddns_logdir)
-
-	if [ -n "${run_dir}" ]; then
-		RUNDIR="${run_dir}"
-	fi
-
-	if [ -n "${log_dir}" ]; then
-		LOGDIR="${log_dir}"
-	fi
-
-	mkdir -p "${RUNDIR}"
-	mkdir -p "${LOGDIR}"
-
-	conf_file=$(uci -q get ddnsmngr.global.configfile)
-	if [ -n "${conf_file}" ]; then
-		CONFIGFILE="${conf_file}"
-	fi
-
-	touch "${CONFIGFILE}"
-
-	if [ ! -f "${CONFIGFILE}" ]; then
-		log "Can not create ${CONFIGFILE}, exit"
-		exit 0
-	fi
-
-	json_init
-	json_add_array "services"
-
-	config_load ddnsmngr
-	config_foreach add_object host
-
-	json_close_array
-	json_dump > "${CONFIGFILE}"
-
-	procd_open_instance ddnsmngr
-	procd_set_param command "$PROG"
-	procd_append_param command -c "${CONFIGFILE}"
-	procd_append_param command -- start
-	procd_close_instance
-}
-
-stop_ddnsmngr_service() {
-	conf_file=$(uci -q get ddnsmngr.global.configfile)
-	if [ -n "${conf_file}" ]; then
-		CONFIGFILE="${conf_file}"
-	fi
-
-	if [ ! -f "${CONFIGFILE}" ]; then
-		log "${CONFIGFILE} not found, can't stop services if running any"
-	fi
-
-	"$PROG" -c "${CONFIGFILE}" -- stop
-	return 0
-}
-
-add_ddnsmngr_triggers() {
-	procd_open_trigger
-	for intf in $CLIENT_INTFS; do
-		# No need to handle other ifevents like ifupdate etc
-		procd_add_interface_trigger "interface.*.up" $intf /etc/init.d/ddnsmngr restart
-		procd_add_interface_trigger "interface.*.down" $intf /etc/init.d/ddnsmngr restart
-	done
-	procd_close_trigger
-}

ddnsmngr/files/usr/lib/inadyn/ddnsmngr_service.sh

@@ -1,311 +0,0 @@
-#!/bin/sh
-
-PROG="/usr/sbin/inadyn"
-CONFIGPATH="/tmp/inadyn_config"
-PIDPATH="/etc/inadyn_pid"
-CLIENT_INTFS=""
-CONFIG_FILES=""
-SERVER_PATH="/etc/ddnsmngr/servers"
-
-FORMAT="custom [SECTION] {\n\tusername\t= [USER]\n\tpassword\t= [PWD]\n\tddns-server\t= [SERV]\n\tddns-path\t= [URI]\n\tssl\t\t= [SSL]\n\thostname\t= [NAME]\n\tcheckip-command\t= [CMD]\n\tddns-response\t= [RESPONSES]\n}"
-
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "$*"|logger -t ddnsmngr.init -p debug
-}
-
-get_service_data() {
-	local provider="$1"
-	shift
-	local dir="$1"
-	shift
-	local ipv6="$1"
-	shift
-
-	local name data url answer script
-
-	[ $# -ne 2 ] && {
-		return 1
-	}
-
-	[ -f "${dir}/${provider}.json" ] || {
-		eval "$1=\"\""
-		eval "$2=\"\""
-		return 1
-	}
-
-	json_load_file "${dir}/${provider}.json"
-	json_get_var name "name"
-	if [ "$ipv6" -eq "1" ]; then
-		json_select "ipv6"
-	else
-		json_select "ipv4"
-	fi
-	json_get_var data "url"
-	json_get_var answer "answer"
-	json_select ".."
-	json_cleanup
-
-	response=""
-	if [ -n "${answer}" ]; then
-		answer=$(echo "${answer}" | sed 's/|/ /g')
-		for ans in $answer; do
-			if [ -z "${response}" ]; then
-				response="${ans}"
-			else
-				response="${response}, ${ans}"
-			fi
-		done
-		response="{ ${response} }"
-	fi
-
-	eval "$1=\"$data\""
-	eval "$2=\"$response\""
-
-	return 0
-}
-
-generate_inadyn_config() {
-	json_load "${1}"
-	json_get_var service_name service_name
-	json_get_var use_ipv6 use_ipv6
-	json_get_var interface interface
-	json_get_var username username
-	json_get_var password password
-	json_get_var host lookup_host
-	json_get_var conf_file config_file
-	json_get_var conf_dir config_dir
-	json_get_var server_address server_address
-	json_cleanup
-
-	if [ -z "${service_name}" ] || [ -z "${host}" ]; then
-		return 1
-	fi
-
-	if [ -z "${conf_file}" ]; then
-		return 1
-	fi
-
-	if [ -z "${conf_dir}" ]; then
-		return 1
-	fi
-
-	# First look into custom path to load the url otherwise default path
-	get_service_data "${service_name}" "${SERVER_PATH}" "${use_ipv6}" server_url server_answer
-
-	if [ -z "${server_url}" ]; then
-		return 1
-	fi
-
-	# Need to pick proto, server address and request uri separately from the url
-	# format http://[server_address]/[update_Request_uri]
-	proto=$(echo $server_url | cut -d':' -f 1)
-	serv=$(echo $server_url | cut -d'/' -f 3 | cut -d'@' -f 2)
-	uri=${server_url#*$serv}
-
-	if [ -z $proto ] || [ -z $serv ] || [ -z $uri ]; then
-		return 1
-	fi
-
-	path=$(echo "$uri" | sed 's/&/\\&/g')
-	update_uri=$(echo $path | sed -e "s#\[DOMAIN\]#%h#g"	-e "s#\[PASSWORD\]#%p#g" \
-				      -e "s#\[USERNAME\]#%u#g"	-e "s#\[IP\]#%i#g")
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	# now get the physical interface name
-	intf=$(ifstatus "${interface}" | jsonfilter -e '@.device')
-	if [ -z "${intf}" ]; then
-		return 1
-	fi
-
-	# command to get ip of the interface
-	if [ "${use_ipv6}" -eq 0 ]; then
-		get_ip="\"ifstatus ${interface} | jsonfilter -e '@[\\\\\"ipv4-address\\\\\"][0].address'\""
-	else
-		get_ip="\"ifstatus ${interface} | jsonfilter -e '@[\\\\\"ipv6-address\\\\\"][0].address'\""
-	fi
-
-	if [ "${proto}" = "http" ]; then
-		ssl="false"
-	else
-		ssl="true"
-	fi
-
-	inadyn_ver=$(inadyn -v)
-	user_agent="inadyn/${inadyn_ver}"
-
-	config_file="${conf_dir}/${conf_file}"
-	touch "${config_file}"
-
-	echo "iface = ${intf}" > "${config_file}"
-	echo "period = 600" >> "${config_file}"
-	echo "user-agent = ${user_agent}" >> "${config_file}"
-
-	if [ "${use_ipv6}" -eq 1 ]; then
-		echo "allow-ipv6 = true" >> "${config_file}"
-	fi
-
-	if [ -z "${password}" ]; then
-		FORMAT=$(echo "${FORMAT}" | sed 's/\\tpassword\\t= \[PWD\]\\n//g')
-	fi
-
-	if [ -z "${server_answer}" ]; then
-		FORMAT=$(echo "${FORMAT}" | sed 's/\\tddns-response\\t= \[RESPONSES\]\\n//g')
-	fi
-
-	config=$(echo $FORMAT | sed -e "s#\[SECTION\]#$conf_file#g"	-e "s#\[PWD\]#$password#g" \
-				    -e "s#\[USER\]#$username#g"	-e "s#\[SERV\]#$serv#g" \
-				    -e "s#\[URI\]#\"$update_uri\"#g"	-e "s#\[SSL\]#$ssl#g" \
-				    -e "s#\[NAME\]#$host#g"	-e "s#\[CMD\]#$get_ip#g" \
-				    -e "s#\[RESPONSES\]#$server_answer#g")
-
-	echo -e "\n\n${config}" >> "${config_file}"
-
-	return 0
-}
-
-validate_host_section() {
-	uci_validate_section ddnsmngr host "${1}" \
-		'enabled:bool:0' \
-		'lookup_host:string' \
-		'dm_parent:string'
-}
-
-validate_client_section() {
-	uci_validate_section ddnsmngr client "${1}" \
-		'enabled:bool:0' \
-		'service_name:string' \
-		'interface:string' \
-		'ip_network:string' \
-		'username:string' \
-		'password:string' \
-		'use_https:bool:0' \
-		'force_dnstcp:bool:0' \
-		'use_ipv6:bool:0' \
-		'force_ipversion:bool:0'
-}
-
-add_object() {
-	local enabled lookup_host dm_parent use_ipv6 force_ipversion
-	local service_name interface ip_network username password use_https force_dnstcp
-
-	validate_host_section "${1}" || {
-		log "Validation of host section failed"
-		return
-	}
-
-	if [ "${enabled}" -ne 1 ] || [ -z "${dm_parent}" ]; then
-		return
-	fi
-
-	validate_client_section "${dm_parent}" || {
-		log "Validation of client section failed"
-		return
-	}
-
-	if [ "${enabled}" -ne 1 ]; then
-		return
-	fi
-
-	service_name=$(uci -q get ddnsmngr.${dm_parent}.service_name)
-	if [ -z "${service_name}" ]; then
-		return
-	fi
-
-	service_section=$(uci show ddnsmngr | grep "service=\'${service_name}\'" | cut -d'.' -f 2 | head -1)
-	if [ -z "${service_section}" ]; then
-		return
-	fi
-
-	service_enabled=$(uci -q get ddnsmngr.${service_section}.enabled)
-	if [ "${service_enabled}" -ne 1 ]; then
-		return
-	fi
-
-	json_init
-	json_add_string "interface" "${interface}"
-	json_add_string "service_name" "${service_name}"
-	json_add_string "username" "${username}"
-	json_add_string "password" "${password}"
-	json_add_string "lookup_host" "${lookup_host}"
-	json_add_string "ip_network" "${ip_network}"
-	json_add_string "use_ipv6" "${use_ipv6}"
-	json_add_string "force_ipversion" "${force_ipversion}"
-	json_add_string "use_https" "${use_https}"
-	json_add_string "force_dnstcp" "${force_dnstcp}"
-	json_add_string "config_file" "${1}"
-	json_add_string "config_dir" "${CONFIGPATH}"
-
-	json_str=$(json_dump)
-	json_cleanup
-
-	generate_inadyn_config "${json_str}"
-
-	if [ "$?" -ne 0 ]; then
-		return
-	fi
-
-	CONFIG_FILES="${CONFIG_FILES} ${1}"
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	for intf in $CLIENT_INTFS; do
-		if [ "${intf}" == "${interface}" ]; then
-			return
-		fi
-	done
-
-	CLIENT_INTFS="${CLIENT_INTFS} ${interface}"
-}
-
-start_ddnsmngr_service() {
-	rm -rf $CONFIGPATH
-	mkdir $CONFIGPATH
-	mkdir -p $PIDPATH
-
-	config_load ddnsmngr
-	config_foreach add_object host
-
-	i=1
-	for conf in $CONFIG_FILES; do
-		instance="ddnsmngr_${i}"
-		i=$(( i + 1 ))
-
-		procd_open_instance $instance
-		procd_set_param command "$PROG"
-		procd_append_param command -f "${CONFIGPATH}/${conf}"
-		procd_append_param command -l debug
-		procd_append_param command -P "${PIDPATH}/${conf}"
-		procd_append_param command -n -C
-		procd_close_instance
-	done
-}
-
-stop_ddnsmngr_service() {
-	rm -rf $CONFIGPATH
-	return 0
-}
-
-add_ddnsmngr_triggers() {
-	procd_open_trigger
-	for intf in $CLIENT_INTFS; do
-		# No need to handle other ifevents like ifupdate etc
-		procd_add_interface_trigger "interface.*.up" $intf /etc/init.d/ddnsmngr restart
-	done
-	procd_close_trigger
-}

decollector/Config.in

@@ -2,6 +2,6 @@ menu "Configuration"
 
 config DECOLLECTOR_EASYMESH_VERSION
 	int "Support Easymesh version"
-	default 6
+	default 4
 
 endmenu

decollector/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=decollector
-PKG_VERSION:=6.0.0.13
+PKG_VERSION:=4.2.1.1
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d75639d9ae82538103123b32fc0de9280e84cabb
+PKG_SOURCE_VERSION:=ae836adb0779979686d0dad34b941f319ffed1b8
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -29,7 +29,7 @@ define Package/decollector
   CATEGORY:=Utilities
   TITLE:=WiFi DataElements Collector Proxy
   DEPENDS:=+libuci +libubox +ubus +libpthread +libnl-genl \
-	   +libeasy +libwifiutils +libieee1905 +ieee1905-map-plugin
+	   +libeasy +libwifiutils +libieee1905 +map-plugin
 endef
 
 define Package/decollector/description

dectmngr/Makefile

@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dectmngr
 PKG_RELEASE:=3
-PKG_VERSION:=3.6.6
+PKG_VERSION:=3.6.4
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/dectmngr.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=85c173d1fac535726b2e750be8c282b74fb7dbca
+PKG_SOURCE_VERSION:=d9cc11c81ce1ff625e4e789afa180b301c7fcf74
 PKG_MIRROR_HASH:=skip
 endif
 

dectmngr/files/etc/init.d/dectmngr

@@ -11,6 +11,8 @@ LOG_PATH=/var/log/dectmngr
 DB_PATH=/etc/dect
 DCX81_UART_DT_ALIAS=/proc/device-tree/aliases/dcx81-uart
 
+DECT_GPIO="$(gpiofind DCX81_RSTN | cut -d ' ' -f 2 2>/dev/null)"
+
 # Ask dectmngr to exit nicely and wait for it to clean up, which is a slow process.
 stop_and_wait_dectmngr() {
 	dect_pid=$(pidof $PROG)
@@ -62,6 +64,8 @@ start_service() {
 		dcx81_uart_device=/dev/ttyH0
 	fi
 
+	[ -n "$DECT_GPIO" ] && echo 1 > /sys/class/gpio/gpio${DECT_GPIO}/value
+
 	rfpi=$(db -q get hw.board.dect_rfpi)
 	[ -n "$rfpi" -a ${#rfpi} -eq 14 ] && opt_ext="$opt_ext -rfpi $rfpi"
 
@@ -108,6 +112,7 @@ start_service() {
 stop_service() {
 	has_dect || return 0
 
+	[ -n "$DECT_GPIO" ] && echo 0 > /sys/class/gpio/gpio${DECT_GPIO}/value
 	stop_and_wait_dectmngr
 }
 
@@ -121,6 +126,11 @@ service_triggers() {
 }
 
 boot() {
+	[ -n "$DECT_GPIO" ] && {
+		echo ${DECT_GPIO} > /sys/class/gpio/export
+		echo out > /sys/class/gpio/gpio${DECT_GPIO}/direction
+	}
+
 	[ ! -d $LOG_PATH ] && mkdir -p $LOG_PATH
 	[ ! -d $DB_PATH ] && mkdir -p $DB_PATH
 	start

dhcpmngr/Makefile

@@ -1,50 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dhcpmngr
-PKG_VERSION:=1.0.2
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dhcpmngr.git
-PKG_SOURCE_VERSION:=4c89a3f12686343e3cca23819255744ac06dfb22
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-MAKE_PATH:=src
-
-define Package/dhcpmngr
-  SECTION:=net
-  CATEGORY:=Network
-  TITLE:=Package to add Device.DHCPv4 and v6 data model support.
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +dnsmasq
-endef
-
-define Package/dhcpmngr/description
-  Package to add Device.DHCPv4. and Device.DHCPv6. data model support.
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/dhcpmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/dhcpmngr/install
-	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
-	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_lease_start_time.user $(1)/etc/udhcpc.user.d/udhcpc_lease_start_time.user
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdhcpmngr.so $(1) $(PKG_NAME)
-endef
-
-$(eval $(call BuildPackage,dhcpmngr))

dhcpmngr/files/etc/udhcpc.user.d/udhcpc_lease_start_time.user

@@ -1,14 +0,0 @@
-#!/bin/sh
-
-leasestarttime="$(awk -F'.' '{print $1}' /proc/uptime 2> /dev/null)"
-target_file=/tmp/dhcp_client_info
-target_str="$INTERFACE $lease $leasestarttime"
-
-# if this interface is present in file, then replace it
-if grep -q "$INTERFACE" "$target_file" 2> /dev/null; then
-	# replace the whole line if pattern matches
-	sed -i "/${INTERFACE}/c\\${target_str}" "$target_file"
-else
-	# interface info was not present, append it to the file
-	echo "$target_str" >> "$target_file"
-fi

dnsmngr/Makefile

@@ -1,49 +0,0 @@
-#
-# Copyright (C) 2022-2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dnsmngr
-PKG_VERSION:=1.0.6
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dnsmngr.git
-PKG_SOURCE_VERSION:=03d8d79c1221adb92b5789c03e2489d26c6ae184
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-MAKE_PATH:=src
-
-define Package/dnsmngr
-  SECTION:=net
-  CATEGORY:=Network
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +dnsmasq +umdns
-  TITLE:=Package to add Device.DNS. datamodel support
-endef
-
-define Package/dnsmngr/description
-  Package to add Device.DNS. datamodel support.
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/dnsmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/dnsmngr/install
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdnsmngr.so $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_SCRIPT) -d $(PKG_BUILD_DIR)/scripts/nslookup $(1)
-endef
-
-$(eval $(call BuildPackage,dnsmngr))

dslmngr/Makefile

@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2018-2024 iopsys Software Solutions AB
+# Copyright (C) 2018 iopsys Software Solutions AB
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -8,15 +8,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dslmngr
-PKG_VERSION:=1.2.5
+PKG_VERSION:=1.2.0
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
-PKG_SOURCE_VERSION:=4a6f6f829006e481eeb20bcb121f7938d12c60ec
+PKG_SOURCE_VERSION:=43dec92b1c86be7859521da337e7bd1168848b26
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/dslmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip
 endif
 
@@ -26,7 +25,6 @@ PKG_LICENSE_FILES:=LICENSE
 
 
 include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
 
 ifeq ($(CONFIG_TARGET_brcmbca),y)
   TARGET_PLATFORM=BROADCOM
@@ -40,7 +38,7 @@ define Package/dslmngr
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=XDSL status and configration utility
-  DEPENDS:=+libdsl +libuci +libubox +ubus +libpthread +libnl-genl +libeasy +libbbfdm-api
+  DEPENDS:=+libdsl +libuci +libubox +ubus +libpthread +libnl-genl +libeasy
 endef
 
 define Package/dslmngr/description
@@ -61,7 +59,7 @@ MAKE_FLAGS += \
 
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
-	rsync -r --exclude=.* ./dslmngr/ $(PKG_BUILD_DIR)/
+	rsync -r --exclude=.* ~/git/dslmngr/ $(PKG_BUILD_DIR)/
 endef
 endif
 
@@ -70,14 +68,12 @@ define Build/Compile
 endef
 
 define Package/dslmngr/install
-	$(INSTALL_DIR) $(1)/etc/dsl
 	$(CP) ./files/common/* $(1)/
 ifeq ($(CONFIG_TARGET_brcmbca),y)
 	$(CP) ./files/broadcom/* $(1)/
 endif
 	$(INSTALL_DIR) $(1)/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dslmngr $(1)/sbin/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libbbfdsl.so $(1) $(PKG_NAME)
 endef
 
 $(eval $(call BuildPackage,dslmngr))

dslmngr/files/broadcom/lib/dsl/broadcom.sh

@@ -211,8 +211,8 @@ create_ptm_devices() {
 
 prioritize_arp()
 {
-      ebtables --concurrent -t nat -D POSTROUTING -j mark --mark-or 0x7 -p ARP >/dev/null
-      ebtables --concurrent -t nat -A POSTROUTING -j mark --mark-or 0x7 -p ARP >/dev/null
+      ebtables -t nat -D POSTROUTING -j mark --mark-or 0x7 -p ARP >/dev/null
+      ebtables -t nat -A POSTROUTING -j mark --mark-or 0x7 -p ARP >/dev/null
 }
 
 xtm_remove_devices() {

easy-qos/Makefile

@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2019 iopsys Software Solutions AB
+#
+# This is free software, licensed under the GNU General Public License v2.
+# 
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=easy-qos
+PKG_VERSION:=1.1
+PKG_RELEASE:=0
+
+PKG_LICENSE:=GPLv2
+PKG_LICENSE_FILES:=none
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/easy-qos
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Easy QoS
+  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha)
+endef
+
+define Package/easy-qos/description
+	This package contains Easy QoS utility
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+	$(CP) ./files/* $(PKG_BUILD_DIR)/
+endef
+
+define Build/Compile
+endef
+
+define Package/easy-qos/install
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(CP) ./files/etc/config/easy_qos $(1)/etc/config/
+	$(CP) ./files/etc/init.d/easy_qos.iptables $(1)/etc/init.d/easy_qos
+	$(CP) ./files/etc/uci-defaults/* $(1)/etc/uci-defaults/
+	$(CP) ./files/etc/firewall.easyqos $(1)/etc/firewall.easyqos
+endef
+
+$(eval $(call BuildPackage,easy-qos))

easy-qos/files/etc/firewall.easyqos

@@ -0,0 +1 @@
+/etc/init.d/easy_qos reload

easy-qos/files/etc/init.d/easy_qos.ebtables

@@ -0,0 +1,140 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+
+log() {
+	echo "${@}"|logger -t easy_qos.ebtable -p debug
+}
+
+exec_log() {
+	${@}
+	if [ "${?}" -ne 0 ]; then
+		log "Failed to create ${@}";
+	fi
+}
+
+get_priority() {
+	local prio=$(echo $1|tr 'A-Z' 'a-z');
+	case "${prio}" in
+		"lowest")
+			echo 0;;
+		"low")
+			echo 1;;
+		"besteffort")
+			echo 2;;
+		"normal")
+			echo 3;;
+		"video")
+			echo 4;;
+		"medium")
+			echo 5;;
+		"high")
+			echo 6;;
+		"highest")
+			echo 7;;
+	esac
+}
+
+validate_rule_section()
+{
+	uci_validate_section easy_qos rule "${1}" \
+		'priority:string' \
+		'macaddr:string' \
+		'proto:string:none' \
+		'port:list(uinteger)' \
+		'comment:string:none'
+}
+
+# Clear existing rules before applying new rules
+clear_existing_rules() {
+	local rule=$(ebtables -t broute -L BROUTING|grep -m 1 mark)
+	while [ -n "${rule}" ]; do
+		exec_log ebtables -t broute -D BROUTING ${rule}
+		rule=$(ebtables -t broute -L BROUTING|grep -m 1 mark)
+	done
+}
+
+create_rule() {
+	local protocol=$1; shift
+	local mac=$1; shift
+	local mark="0x$1"; shift
+	local forward_port=$1;
+	local cmd="";
+	local protocol_number
+
+	cmd="-j mark --mark-or ${mark}";
+	if [ -n "${forward_port}" ]; then
+		cmd="--ip-destination-port ${forward_port} ${cmd}";
+	fi
+	
+	case "${protocol}" in
+		"tcp")
+			protocol_number=6;;
+		"udp")
+			protocol_number=17;;
+		"dccp")
+			protocol_number=33;;
+		"sctp")
+			protocol_number=132;;
+		*)
+			log "Protocol ${protocol} not supported in ebtables"
+			return;;
+	esac
+			
+	cmd="--ip-proto ${protocol_number} $cmd"
+	cmd="-p ip $cmd"
+
+	cmd="-s ${mac} $cmd"
+	exec_log ebtables -t broute -A BROUTING ${cmd}
+}
+
+manage_rule() {
+	local cfg="$1"
+	local priority macaddr proto port comment prio_num protocol
+
+	validate_rule_section "${1}" || {
+		log "Validation of section failed"
+		return 1;
+	}
+
+	protocol=$(echo ${proto}|tr 'A-Z' 'a-z')
+	prio_num=$(get_priority ${priority})
+	if [ -n "${macaddr}" -a -n "${prio_num}" ]; then
+		for p in ${port}; do
+			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
+				create_rule tcp ${macaddr} ${prio_num} ${p}
+				create_rule udp ${macaddr} ${prio_num} ${p}
+			else
+				create_rule ${protocol} ${macaddr} ${prio_num} ${p}
+			fi
+		done
+		# Create rule for all ports if port is not mentioned in uci
+		if [ -z "${port}" ]; then
+			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
+				create_rule tcp ${macaddr} ${prio_num}
+				create_rule udp ${macaddr} ${prio_num}
+			else
+				create_rule ${protocol} ${macaddr} ${prio_num}
+			fi
+		fi
+	fi
+}
+
+reload_service() {
+	# Do not apply rules if ebtables is not present in system
+	[ -x /usr/sbin/ebtables ] || return;
+
+	clear_existing_rules
+	config_load easy_qos
+	config_foreach manage_rule rule
+}
+
+start_service() {
+	reload_service
+}
+
+service_triggers() {
+	procd_add_reload_trigger "easy_qos"
+}
+

easy-qos/files/etc/init.d/easy_qos.iptables

@@ -0,0 +1,186 @@
+#!/bin/sh /etc/rc.common
+
+. /usr/share/libubox/jshn.sh
+
+START=99
+USE_PROCD=1
+
+CLIENT_LIST="/tmp/easy_qos_client.list"
+
+log() {
+	echo "${@}"|logger -t easy_qos -p debug
+}
+
+exec_log() {
+	${@}
+	if [ "${?}" -ne 0 ]; then
+		log "Failed to create ${@}";
+	fi
+}
+
+get_priority() {
+	local prio=$(echo $1|tr 'A-Z' 'a-z');
+	case "${prio}" in
+		"lowest")
+			echo 0;;
+		"low")
+			echo 1;;
+		"besteffort")
+			echo 2;;
+		"normal")
+			echo 3;;
+		"video")
+			echo 4;;
+		"medium")
+			echo 5;;
+		"high")
+			echo 6;;
+		"highest")
+			echo 7;;
+	esac
+}
+
+clean_client_entries() {
+	[ -f ${CLIENT_LIST} ] && rm ${CLIENT_LIST}
+}
+
+map_client_entries() {
+	local clients ip mac host
+
+	json_load "$(ubus call router.network 'clients')"
+	json_get_keys keys
+
+	for key in ${keys};
+	do
+		json_select ${key}
+		json_get_vars ipaddr macaddr hostname
+		clients="${macaddr} ${ipaddr} ${hostname};${clients}"
+		json_select ..
+	done
+
+	json_init
+
+#	json_add_array "clients"
+	IFS=";"
+	for client in ${clients};
+	do
+		macaddr=$(echo ${client} | cut -d" " -f1)
+		json_add_object "${macaddr//:/_}"
+		json_add_string "ip" "$(echo ${client} | cut -d" " -f2)"
+		json_add_string "macaddr" "$(echo ${client} | cut -d" " -f1)"
+		json_add_string "host" "$(echo ${client} | cut -d" " -f3)"
+		json_close_object
+	done
+
+	IFS=' '
+	echo `json_dump` > ${CLIENT_LIST}
+	json_cleanup
+}
+
+# Find the IP of a corresponding mac from arp table
+get_ipaddress() {
+	local clients ip mac host
+
+	json_load "$(cat ${CLIENT_LIST})"
+	json_get_keys keys
+
+	# jshn seems a bit iffy on having : in key, replace by _
+	json_select "${1//:/_}" 2 > /dev/null
+	json_get_var ip ip
+
+	echo "$ip"
+}
+
+validate_rule_section()
+{
+	uci_validate_section easy_qos rule "${1}" \
+		'priority:string' \
+		'macaddr:string' \
+		'proto:string:none' \
+		'port:list(uinteger)' \
+		'comment:string:none'
+}
+
+# Clear existing rules before applying new rules
+clear_existing_rules() {
+	local rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
+	while [ -n "${rule}" ]; do
+		exec_log iptables -t mangle ${rule}
+		rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
+	done
+}
+
+check_and_create() {
+	iptables -t mangle -C PREROUTING ${@} 2>/dev/null
+	# Create rule if not exists
+	if [ ${?} -ne 0 ]; then
+		exec_log iptables -t mangle -A PREROUTING ${@}
+	else
+		log "Rule exists for ${@}"
+	fi
+}
+
+create_rule() {
+	local proto=$1; shift
+	local src_ip=$1; shift
+	local mark="0x$1/0x$1"; shift
+	local ports=$1;
+	local cmd="";
+
+	cmd="-j MARK --set-xmark ${mark}";
+	if [ -n "${ports}" ]; then
+		cmd="--match multiport --dports ${ports} ${cmd}";
+	fi
+
+	if [ "${proto}" == "icmp" ]; then
+		cmd="-p icmp -m icmp --icmp-type 8 $cmd"
+	elif [ "${proto}" == "all" ]; then
+		cmd="-p all $cmd"
+	else
+		cmd="-p ${proto} -m ${proto} $cmd"
+	fi
+	cmd="-s ${src_ip} $cmd"
+
+	check_and_create ${cmd} 
+}
+
+manage_rule() {
+	local cfg="$1"
+	local priority macaddr proto port comment prio_num ip port_list
+
+	validate_rule_section "${1}" || {
+		log "Validation of section failed"
+		return 1;
+	}
+
+	prio_num=$(get_priority ${priority})
+	ip=$(get_ipaddress ${macaddr})
+	port_list=$(echo ${port}|sed 's/ /,/g')
+
+	if [ -n "${ip}" -a -n "${prio_num}" ]; then
+		if [ "${proto}" == "none" -o "${proto}" == "tcpudp" ]; then
+			create_rule tcp ${ip} ${prio_num} ${port_list}
+			create_rule udp ${ip} ${prio_num} ${port_list}
+		else
+			create_rule ${proto} ${ip} ${prio_num} ${port_list}
+		fi
+	fi
+}
+
+reload_service() {
+	clear_existing_rules
+	map_client_entries
+	config_load easy_qos
+	config_foreach manage_rule rule
+	clean_client_entries
+}
+
+start_service() {
+	reload_service
+	echo "Easy QoS installed">/dev/console;
+}
+
+service_triggers() {
+	procd_add_reload_trigger "easy_qos"
+}
+

easy-qos/files/etc/uci-defaults/60-easyqos-reqs

@@ -0,0 +1,8 @@
+# Add firewall include
+uci -q batch <<-EOT
+        delete firewall.easyqos
+        set firewall.easyqos=include
+        set firewall.easyqos.path=/etc/firewall.easyqos
+        set firewall.easyqos.reload=1
+        commit firewall
+EOT

ebtables-extensions/Makefile

@@ -1,80 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=ebtables-extensions
-PKG_VERSION:=1.0.3
-PKG_LICENSE:=GPL-2.0
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d3de8b0ac52ce9f96ef5a0a6277a6730879fc793
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ebtables-extensions.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-include $(INCLUDE_DIR)/package.mk
-
-define KernelPackage/vlantranslation
-  SUBMENU:=Other modules
-  TITLE:=Kernel module for ebtables VLAN translation
-  FILES:=$(PKG_BUILD_DIR)/src/ebt_vlantranslation.ko
-  DEPENDS+=+kmod-ebtables
-  AUTOLOAD:=$(call AutoLoad,30,ebt_vlantranslation,1)
-  KCONFIG:=
-endef
-
-define KernelPackage/dscp2pbit
-  SUBMENU:=Other modules
-  TITLE:=Kernel module for DSCP-to-Pbit mapping
-  DEPENDS+=+kmod-ebtables
-  FILES:=$(PKG_BUILD_DIR)/src/ebt_dscp2pbit.ko
-  AUTOLOAD:=$(call AutoLoad,30,ebt_dscp2pbit,1)
-  KCONFIG:=
-endef
-
-define KernelPackage/vlantranslation/description
-	Kernel module to enable VLAN translation for ebtables
-endef
-
-define KernelPackage/dscp2pbit/description
-	Kernel module to enableDSCP-to-Pbit mapping for ebtables
-endef
-
-ifeq ($(CONFIG_TARGET_brcmbca),y)
-	include ../../broadcom/bcmkernel/bcm-kernel-toolchain.mk
-endif
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ./src/* $(PKG_BUILD_DIR)/
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
-endef
-else
-define Build/Prepare
-	$(Build/Prepare/Default)
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
-endef
-endif
-
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/include/uapi/linux/netfilter_bridge/
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(1)/include/uapi/linux/netfilter_bridge/
-	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(1)/include/uapi/linux/netfilter_bridge/
-endef
-
-KERNEL_MAKE_FLAGS += -I$(LINUX_DIR)/include
-
-define Build/Compile
-	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/src" modules
-endef
-
-$(eval $(call KernelPackage,vlantranslation))
-$(eval $(call KernelPackage,dscp2pbit))

ethmngr/Config.in

@@ -1,9 +0,0 @@
-if (PACKAGE_ethmngr)
-
-menu "Configurations"
-
-config TR181_VENDOR_EXTENSIONS_MACVLAN
-	bool "Use TR181 vendor extension MACVLAN"
-	default y
-endmenu
-endif

ethmngr/Makefile

@@ -1,33 +1,29 @@
 #
-# Copyright (C) 2020-2024 Iopsys
+# Copyright (C) 2020 Iopsys
 #
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ethmngr
-PKG_VERSION:=2.1.9
+PKG_VERSION:=2.1.1
 
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/ethmngr.git
-PKG_SOURCE_VERSION:=2d35e86cc8dfd7ef4e0d8579f5d314e90faadc90
-PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
+PKG_SOURCE_VERSION:=b81d06867d895245ef47004c6949f9d6dedd10ef
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/ethmngr.git
+
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
-endif
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=GPL-2.0-only
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
 
 define Package/ethmngr
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=Ethernet status and configration utility
-  DEPENDS:=+(TARGET_brcmbca||TARGET_airoha||TARGET_ipq95xx||TARGET_ipq53xx||TARGET_mediatek):libethernet +libuci +libubox +ubus +libpthread +libnl-genl +libeasy +libbbfdm-api
+  DEPENDS:=+(TARGET_brcmbca||TARGET_airoha||TARGET_ipq95xx||TARGET_ipq53xx||TARGET_mediatek):libethernet +libuci +libubox +ubus +libpthread +libnl-genl
 endef
 
 define Package/ethmngr/description
@@ -36,25 +32,10 @@ define Package/ethmngr/description
  It uses APIs from the libethernet.so library.
 endef
 
-define Package/$(PKG_NAME)/config
-       source "$(SOURCE)/Config.in"
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-        $(CP) -rf ./ethmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
 TARGET_CFLAGS += \
 	-I$(STAGING_DIR)/usr/include \
 	-I$(STAGING_DIR)/usr/include/libnl3 \
-	-D_GNU_SOURCE \
-	-DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
-
-ifeq ($(CONFIG_TR181_VENDOR_EXTENSIONS_MACVLAN),y)
-TARGET_CFLAGS += -DTR181_VENDOR_EXTENSIONS_MACVLAN
-endif
+	-D_GNU_SOURCE
 
 ifeq ($(CONFIG_TARGET_brcmbca)$(CONFIG_TARGET_airoha)$(CONFIG_TARGET_ipq95xx)$(CONFIG_TARGET_ipq53xx)$(CONFIG_TARGET_mediatek),)
 define Build/Compile
@@ -63,15 +44,9 @@ endif
 
 define Package/ethmngr/install
 	$(CP) ./files/* $(1)/
-	$(INSTALL_DIR) $(1)/etc/ethmngr
-	$(INSTALL_DIR) $(1)/etc/ethmngr/plugins
 ifneq ($(CONFIG_TARGET_brcmbca)$(CONFIG_TARGET_airoha)$(CONFIG_TARGET_ipq95xx)$(CONFIG_TARGET_ipq53xx)$(CONFIG_TARGET_mediatek),)
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/ethmngr $(1)/usr/sbin/
-endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libbbfethernet.so $(1) $(PKG_NAME)
-ifeq ($(CONFIG_TR181_VENDOR_EXTENSIONS_MACVLAN),y)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/libbbfethernetmacvlan.so $(1) $(PKG_NAME)
 endif
 endef
 

ethmngr/files/etc/hotplug.d/ethernet/ethport-deprecated-ubus-event

@@ -1,23 +0,0 @@
-#!/bin/sh
-
-[ -n "$PORT" -a -n "$LINK" ] || exit 0
-
-case "$PORT" in
-	# do not generate ethport ubus event
-	# for wifi, dsl and brige devices
-	wl*|wds*|atm*|ptm*|br-*)
-		exit 0
-	;;
-esac
-
-speed=0
-duplex=full
-
-if [ "$LINK" = "up" ]; then
-	devspeed="$(ubus -t 2 call network.device status "{\"name\":\"$PORT\"}" | jsonfilter -e @.speed)"
-	speed=${devspeed:0:-1}
-	duplex=${devspeed:0-1}
-	[ "$duplex" == "H" ] && duplex="half" || duplex="full"
-fi
-
-ubus send ethport "{\"ifname\":\"$PORT\",\"link\":\"$LINK\",\"speed\":\"$speed\",\"duplex\":\"$duplex\"}"

ethmngr/files/etc/ruleng/ethport.json

@@ -1,20 +0,0 @@
-{
-	"ethport_update": {
-		"if" : [
-			{
-				"event": "network.device"
-			}
-		],
-		"then" : [
-			{
-				"cli": "/sbin/hotplug-call ethernet",
-				"envs": {
-					"PORT": "&network.device->ifname",
-					"LINK": "&network.device->link"
-				},
-				"timeout": 1
-			}
-		]
-	}
-}
-

ethmngr/files/etc/uci-defaults/ruleng.ethport

@@ -1,2 +0,0 @@
-uci -q set ruleng.ethport=rule
-uci -q set ruleng.ethport.recipe='/etc/ruleng/ethport.json'

firewallmngr/Config.in

@@ -1,18 +0,0 @@
-if PACKAGE_firewallmngr
-
-menu "Configuration"
-
-config FIREWALLMNGR_PORT_TRIGGER
-	bool "Include Device.NAT.PortTrigger"
-	default y
-	help
-	   Set this option to include support for PortTrigger object.
-
-config FIREWALLMNGR_BACKEND_FIREWALLMNGR
-	bool "Include Firewallmanager uci"
-	default n
-	help
-	   Set this option to include support for firewallmngr uci.
-
-endmenu
-endif

firewallmngr/Makefile

@@ -1,97 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=firewallmngr
-PKG_VERSION:=1.0.4
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
-PKG_SOURCE_VERSION:=d4bdd162cf37b3373df2448a70dcb4fbc1113535
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-MAKE_PATH:=src
-
-define Package/firewallmngr
-  SECTION:=net
-  CATEGORY:=Network
-  TITLE:=Package to add Device.Firewall and Device.NAT. data model support.
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +firewall
-  DEPENDS+=+FIREWALLMNGR_PORT_TRIGGER:kmod-ipt-trigger +FIREWALLMNGR_PORT_TRIGGER:kmod-ip6t-trigger
-  DEPENDS+=+FIREWALLMNGR_PORT_TRIGGER:iptables-mod-nfqueue
-endef
-
-define Package/firewallmngr/description
-  Package to add Device.Firewall. and Device.NAT. data model support.
-endef
-
-define Package/$(PKG_NAME)/config
-        source "$(SOURCE)/Config.in"
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ./firewallmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
-	TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
-endif
-ifeq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
-	TARGET_CFLAGS += -DINCLUDE_BACKEND_FIREWALLMNGR
-
-endif
-
-define Package/firewallmngr/install
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/lib/port-trigger
-
-	$(INSTALL_BIN) ./files/port-trigger/etc/init.d/port-trigger $(1)/etc/init.d/
-	$(INSTALL_DATA) ./files/port-trigger/etc/config/port-trigger $(1)/etc/config/
-	$(INSTALL_DATA) ./files/port-trigger/lib/port-trigger/port_trigger.sh $(1)/lib/port-trigger/
-endif
-ifeq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/lib/fwmngr
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/etc/uci-defaults/00-firewallmngr $(1)/etc/uci-defaults/00-firewallmngr
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/etc/config/firewallmngr  $(1)/etc/config/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/etc/init.d/firewallmngr  $(1)/etc/init.d/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr.sh  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_functions.sh  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/uci_migration.sh  $(1)/lib/fwmngr/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/is_intf_bridge  $(1)/lib/fwmngr/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/firewallmngr_preconfig  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_twamp.sh  $(1)/lib/fwmngr/
-
-	$(BBFDM_INSTALL_MS_DM) ./files/firewallmngr_backend_firewallmngr/etc/firewallmngr/firewallmngr.json $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/firewallmngr $(1)/usr/sbin
-else
-	$(INSTALL_BIN) ./files/firewall.portmap $(1)/etc/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/
-
-	$(INSTALL_BIN) ./files/firewall.service $(1)/etc/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
-endif
-endef
-
-$(eval $(call BuildPackage,firewallmngr))

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/bbfdm/micro_services/firewallmngr.json

@@ -1,18 +0,0 @@
-{
-	"daemon": {
-		"config": {
-			"loglevel": "4"
-		},
-		"input": {
-			"type": "JSON",
-			"name": "/etc/firewallmngr/firewallmngr.json",
-			"plugin_dir": "/etc/firewallmngr/plugins"
-		},
-		"output": {
-			"type": "UBUS",
-			"parent_dm": "Device.",
-			"root_obj": "bbfdm",
-			"multiple_objects": ["Firewall","NAT"]
-		}
-	}
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/config/firewallmngr

@@ -1,160 +0,0 @@
-config firewall 'firewall'
-	option enable '1'
-	option config 'Advanced'
-	option advanced_level 'level1'
-
-config level 'level1'
-	option name 'level1'
-	option chain 'chain1'
-	option port_mapping_enabled '1'
-	option default_policy 'reject'
-	option default_log_policy '0'
-	option enable '1'
-
-config chain 'chain1'
-	option enable '1'
-	option name 'chain1'
-
-config rule 'default_rule_0'
-	option chain 'chain1'
-	option enable '1'
-	option order '1'
-	option name 'Allow-DHCP-Renew'
-	option target 'Accept'
-	option src 'wan'
-	option family '4'
-	option proto '17'
-	option dest_port '68'
-
-config rule 'default_rule_1'
-	option chain 'chain1'
-	option enable '1'
-	option order '2'
-	option name 'Allow-Ping'
-	option target 'Accept'
-	option src 'wan'
-	list icmp_type 'echo-request'
-	option family '4'
-	option proto '1'
-
-config rule 'default_rule_2'
-	option chain 'chain1'
-	option enable '1'
-	option order '3'
-	option name 'Allow-IGMP'
-	option target 'Accept'
-	option src 'wan'
-	option family '4'
-	option proto '2'
-
-config rule 'default_rule_3'
-	option chain 'chain1'
-	option enable '1'
-	option order '4'
-	option name 'Allow-DHCPv6'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	option proto '17'
-	option dest_port '546'
-
-config rule 'default_rule_4'
-	option chain 'chain1'
-	option enable '1'
-	option order '5'
-	option name 'Allow-MLD'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	option src_ip 'fe80::'
-	option source_mask 'fe80::/10'
-	list icmp_type '130/0'
-	list icmp_type '131/0'
-	list icmp_type '132/0'
-	list icmp_type '143/0'
-	option proto '1'
-
-config rule 'default_rule_5'
-	option chain 'chain1'
-	option enable '1'
-	option order '6'
-	option name 'Allow-ICMPv6-Input'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	list icmp_type  'echo-request'
-	list icmp_type  'echo-reply'
-	list icmp_type  'destination-unreachable'
-	list icmp_type  'packet-too-big'
-	list icmp_type  'time-exceeded'
-	list icmp_type  'bad-header'
-	list icmp_type  'unknown-header-type'
-	list icmp_type  'router-solicitation'
-	list icmp_type  'neighbour-solicitation'
-	list icmp_type  'router-advertisement'
-	list icmp_type  'neighbour-advertisement'
-	option limit  '1000/sec'
-	option proto '1'
-
-config rule 'default_rule_6'
-	option chain 'chain1'
-	option enable '1'
-	option order '7'
-	option name 'Allow-ICMPv6-Forward'
-	option target 'Accept'
-	option src 'wan'
-	option dest_all_interfaces '1'
-	option family '6'
-	list icmp_type 'echo-request'
-	list icmp_type 'echo-reply'
-	list icmp_type 'destination-unreachable'
-	list icmp_type 'packet-too-big'
-	list icmp_type 'time-exceeded'
-	list icmp_type 'bad-header'
-	list icmp_type 'unknown-header-type'
-	option limit  '1000/sec'
-	option proto '1'
-
-config rule 'default_rule_7'
-	option chain 'chain1'
-	option enable '1'
-	option order '8'
-	option name 'Allow-IPSec-ESP'
-	option target 'Accept'
-	option src 'wan'
-	option dest 'lan'
-	option proto '50'
-
-config rule 'default_rule_8'
-	option chain 'chain1'
-	option enable '1'
-	option order '9'
-	option name 'Allow-ISAKMP'
-	option target 'Accept'
-	option src 'wan'
-	option dest 'lan'
-	option proto '17'
-	option dest_port '500'
-
-config rule 'default_rule_9'
-	option chain 'chain1'
-	option enable '0'
-	option order '10'
-	option name 'Support-UDP-Traceroute'
-	option target 'Reject'
-	option src 'wan'
-	option family '4'
-	option proto '17'
-	option dest_port '33434'
-	option dest_port_range_max '33689'
-
-config rule 'default_forward_rule'
-	option chain 'chain1'
-	option enable '1'
-	option order '65535'
-	option name 'forward-rule'
-	option src 'lan'
-	option dest 'wan'
-	option proto '-1'
-	option target 'Accept'
-

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/init.d/firewallmngr

@@ -1,27 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=18
-USE_PROCD=1
-
-USE_PROCD=1
-NAME=firewallmngr
-PROG=/usr/sbin/firewallmngr
-
-. /lib/fwmngr/fwmngr.sh
-
-
-start_service() {
-	configure_firewall
-	procd_open_instance firewallmngr
-	procd_set_param command ${PROG}
-	procd_set_param respawn
-	procd_close_instance
-}
-
-boot() {
-	start
-}
-
-service_triggers() {
-	procd_add_reload_trigger firewallmngr
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/uci-defaults/00-firewallmngr

@@ -1,28 +0,0 @@
-#!/bin/sh
-
-. /lib/fwmngr/fwmngr_functions.sh
-. /lib/fwmngr/uci_migration.sh
-
-
-rule_sec=$(uci show firewall | grep "=rule")
-[ -z "$rule_sec" ] && return
-rule_sec=$(echo $rule_sec | grep "fwmngr")
-
-if [ -z "$rule_sec" ]; then
-	generate_firewallmngr_config
-fi
-if [ -f /etc/firewall.ddos ]; then
-        uci -q get firewall.ddos || {
-                uci -q set firewall.ddos=include
-                uci -q set firewall.ddos.path="/etc/firewall.ddos"
-                uci -q set firewall.ddos.reload=1
-fi
-if [ -f /etc/firewall.protect_port ]; then
-        uci -q get firewall.protect_port || {
-                uci -q set firewall.protect_port='include'
-                uci -q set firewall.protect_port.path='/etc/firewall.protect_port'
-                uci -q set firewall.protect_port.reload='1'
-        }
-fi
-
-

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/firewallmngr_preconfig

@@ -1,76 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-rule_max_order_val=0
-config_load firewallmngr
-
-firewallmngr_generate_nat_interface_setting() {
-	local intf="$1"
-	local is_bridge="false"
-	local masq="0"
-	local intf_dev
-	local type=""
-	local nat_intf_setting=""
-
-
-	type=$(uci -q get firewallmngr."$intf")
-	[ "$type" = "natif" ] && return
-
-	nat_intf_setting=$(uci  add "firewallmngr" "natif")
-	uci set firewallmngr."$nat_intf_setting".interface="$intf"
-
-	if [ $(/lib/fwmngr/is_intf_bridge "$intf") -eq 1 ]; then
-		uci set firewallmngr."$nat_intf_setting".enabled="0"
-	else
-		uci set firewallmngr."$nat_intf_setting".enabled="1"
-	fi
-
-	uci rename firewallmngr."$nat_intf_setting"="$intf"
-}
-
-firewallmngr_process_rule_interface() {
-	local rule="$1"
-	local src_intf=""
-	local dest_intf=""
-
-	config_get src_intf "$rule" "src"
-	config_get dest_intf "$rule" "dest"
-
-	[ -z "$src_intf" ] || firewallmngr_generate_nat_interface_setting "$src_intf"
-	[ -z "$dest_intf" ] || firewallmngr_generate_nat_interface_setting "$dest_intf"
-}
-
-firewallmngr_process_rule_param() {
-	local order=""
-	config_get order "$1" order
-
-	if [ -z "$order" ] || [ "$order" = "65535" ]; then
-		return
-	fi
-	rule_max_order_val=$(( rule_max_order_val + 1 ))
-	if [ ${order} -gt ${rule_max_order_val} ]; then
-		uci -q set firewallmngr."$1".order="$rule_max_order_val"
-		uci -q reorder firewallmngr."$1"=${rule_max_order_val}
-	fi
-
-	firewallmngr_process_rule_interface "$1"
-}
-
-firewallmngr_set_rule_order() {
-	local order=""
-	config_get order "$1" order
-
-	if [ -n "$order" ]; then
-		uci -q reorder firewallmngr."$1"=${order}
-		return
-	fi
-	rule_max_order_val=$(( rule_max_order_val + 1 ))
-	uci -q set firewallmngr."$1".order="$rule_max_order_val"
-	uci -q reorder firewallmngr."$1"=${rule_max_order_val}
-}
-
-config_foreach firewallmngr_process_rule_param rule
-config_foreach firewallmngr_set_rule_order rule
-
-uci commit firewallmngr

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr.sh

@@ -1,195 +0,0 @@
-#!/bin/sh
-#set -x
-
-. /lib/functions.sh
-. /lib/fwmngr/fwmngr_functions.sh
-
-
-fw_rule_sections=""
-fw_redirect_sections=""
-fw_include_sections=""
-
-clean_expiry() {
-	[ -f "/tmp/fw3.atjobs" ] || return
-	for job in $(cat /tmp/fw3.atjobs); do
-		atrm $job 2>/dev/null
-	done
-	rm -f /tmp/fw3.atjobs
-}
-
-schedule_expiry() {
-
-        [ -f "/usr/bin/at" ] || return
-
-        expire_at() {
-                local cfg=$1
-                local expiry atdate
-
-                config_get expiry $cfg expiry
-
-                [ -n "$expiry" ] || return
-
-                atdate="$(date +'%Y%m%d%H%M.%S' -d @$expiry)"
-
-                [ -n "$atdate" ] || return
-
-                sec=$(echo $atdate | cut -d. -f2)
-                at_date=$(echo $atdate | cut -d. -f1)
-
-                echo "sleep $sec && uci -q delete firewallmngr.$cfg; ubus call uci commit '{\"config\":\"firewallmngr\"}'" | \
-                        at -t $at_date 2>&1 | grep job | awk '{print$2}' >> /tmp/fw3.atjobs
-        }
-
-        config_foreach expire_at rule
-        config_foreach expire_at redirect
-}
-
-firewall_cleanup() {
-	local count=1
-
-	list=$(uci show firewall)
-        section_list=$(echo "$list" | grep "fwmngr")
-
-        section_list=$(echo "$section_list" | awk -F. '{ print $2 }')
-        section_list=$(echo "$section_list" | awk -F= '{ print $1 }')
-
-        fw_rule_sections=$(echo "$list" | grep -v fwmngr | grep "=rule")
-        fw_rule_sections=$(echo "$fw_rule_sections" | awk -F= '{ print $1 }')
-        fw_rule_sections=$(echo "$fw_rule_sections" | awk -F. '{ print $2 }')
-        fw_redirect_sections=$(echo "$list" | grep -v fwmngr | grep "=redirect")
-        fw_redirect_sections=$(echo "$fw_redirect_sections" | awk -F= '{ print $1 }')
-        fw_redirect_sections=$(echo "$fw_redirect_sections" | awk -F. '{ print $2 }')
-        fw_include_sections=$(echo "$list" | grep -v fwmngr | grep "=include")
-        fw_include_sections=$(echo "$fw_include_sections" | awk -F= '{ print $1 }')
-        fw_include_sections=$(echo "$fw_include_sections" | awk -F. '{ print $2 }')
-
-        for sec in $section_list; do
-                uci -q delete firewall."$sec"
-        done
-	uci commit firewall
-}
-
-firewallmngr_preload() {
-	firewall_cleanup
-
-	/lib/fwmngr/firewallmngr_preconfig
-}
-
-firewall_handle_section_dmz() {
-	local dmz_cfg="$1"
-	local dest_uci="$2"
-	local dmz_sec=""
-	local enable=""
-	local origin=""
-	local description=""
-	local interface=""
-	local dest_ip=""
-	local source_prefix=""
-	
-	config_get enable "$dmz_cfg" "enabled" 0
-	[ "$enable" = "1" ] || return
-	config_get dest_ip "$dmz_cfg" "dest_ip"
-	config_get interface "$dmz_cfg" "interface"
-	if [ -z "$dest_ip" ] || [ -z "$interface" ]; then
-		return
-	fi
-	config_get origin "$dmz_cfg" "origin"
-	config_get description "$dmz_cfg" "description"
-	config_get source_prefix "$dmz_cfg" "source_prefix"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		zones=$(uci show firewall | grep "=zone")
-		for zn in zones; do
-			zn_arg=$(echo $zn | awk -F= '{ print $1 }')
-			if [ "$interface" = "$(uci -q get $zn_arg.network)" ]; then
-				zn_name=$(uci -q get "$zn_arg".name)
-			fi
-		done
-	fi
-
-	dmz_sec=$(uci add "$dest_uci" redirect)
-	uci set "$dest_uci"."$dmz_sec".src="$zn_name"
-	uci set "$dest_uci"."$dmz_sec".enabled="1"
-	uci set "$dest_uci"."$dmz_sec".dest_ip="$dest_ip"
-	uci set "$dest_uci"."$dmz_sec".origin="$origin"
-	uci set "$dest_uci"."$dmz_sec".src_ip="$source_prefix"
-	uci set "$dest_uci"."$dmz_sec".target="DNAT"
-
-       	uci rename "$dest_uci"."$dmz_sec"="fwmngr_$dmz_cfg"
-}
-
-handle_section_nat_interface_setting() {
-	local nat_intf_cfg="$1"
-	local interface=""
-	local enable=""
-
-	config_get enable "$nat_intf_cfg" "enabled"
-	[ -z "$enable" ] && return
-	config_get interface "$nat_intf_cfg" "interface"
-	if [ -n "$interface" ]; then
-		create_firewall_zone_config "$interface" "$enable"
-	fi
-}
-
-generate_firewall_config() {
-	local minus_one
-
-
-	firewallmngr_preload
-	uci commit firewallmngr
-	fw_config="$(uci -q get firewallmngr.firewall.config)"
-	[ -z "$fw_config" ] && return
-	[ "$fw_config" = "Advanced" ] || return
-
-#get active chain name
-	chain_name=$(firewallmngr_get_active_chain)
-
-#configure firewall global config
-	global_exist=$(uci -q get firewall.globals)
-	if [ -z "$global_exist" ]; then
-		global_sec=$(uci   add firewall globals)
-		uci   set firewall."$global_sec".enabled="1"
-		uci   rename firewall."$global_sec"="globals"
-	fi
-
-#configure firewall default config
-	default_sec=$(uci  add firewall defaults)
-	uci   set firewall."$default_sec".syn_flood="1"
-	uci   set firewall."$default_sec".input="$INPUT"
-	uci   set firewall."$default_sec".output="$OUTPUT"
-	uci   set firewall."$default_sec".forward="$FORWARD"
-        uci   rename firewall."$default_sec"="fwmngr_default"
-
-	config_load firewallmngr
-	config_foreach handle_section_nat_interface_setting natif
-	uci commit firewall
-#loop through rules in firewallmngr uci and write rule in firewall
-	config_foreach handle_section_firewall_rule rule "$chain_name" "firewall"
-	uci commit firewall
-
-	config_foreach handle_section_nat_port_mapping nat_portmapping "firewall"
-	config_foreach firewall_handle_section_dmz dmz "firewall"
-	config_foreach handle_section_service service "firewall"
-
-#reorder sections to place rule created by user at the end
-	minus_one=$((2**16))
-	for sec in $fw_rule_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-	for sec in $fw_redirect_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-	for sec in $fw_include_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-
-	ubus call uci commit '{"config":"firewall"}'
-	schedule_expiry
-}
-
-configure_firewall () {
-	if ! [ -f "/etc/config/firewall" ]; then
-		touch /etc/config/firewall
-	fi
-	generate_firewall_config
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_functions.sh

@@ -1,627 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-INPUT="REJECT"
-OUTPUT="ACCEPT"
-FORWARD="REJECT"
-
-firewallmngr_get_active_chain() {
-	local fw_level=""
-	local chain_name=""
-	local fw_level=""
-	local chain=""
-
-	fw_level="$(uci -q get firewallmngr.firewall.advanced_level)"
-	[ -z "$fw_level" ] && return
-	enabled="$(uci -q get firewallmngr."${fw_level}".enable)"
-
-	[ "$enabled" = "1" ] || exit
-
-	chain="$(uci -q get firewallmngr."${fw_level}".chain)"
-	[ -z "$chain" ] && exit
-
-	enabled="$(uci -q get firewallmngr."${chain}".enable)"
-	chain_name="$(uci -q get firewallmngr."${chain}".name)"
-	echo "$chain_name"
-}
-
-
-create_firewall_zone_config() {
-	local intf="$1"
-	local masq="$2"
-	local is_bridge="false"
-	local intf_dev=""
-	local ntwrk=""
-	local interface=$(echo "$intf" | awk -F" " '{ print $1 }')
-
-	type=$(uci -q get firewall."$interface")
-	[ "$type" = "zone" ] && return
-
-	zone_sec=$(uci add "firewall" "zone")
-	uci set firewall."$zone_sec".masq="$masq"
-	uci set firewall."$zone_sec".name="$interface"
-	uci set firewall."$zone_sec".output="$OUTPUT"
-
-	if [ $(/lib/fwmngr/is_intf_bridge "$interface") -eq 1 ]; then
-		uci set firewall."$zone_sec".input="ACCEPT"
-		uci set firewall."$zone_sec".forward="ACCEPT"
-	else
-		if [ "$(uci -q get firewallmngr.globals.enabled)" = "0" ]; then
-			uci set firewall."$zone_sec".input="ACCEPT"
-		else
-			uci set firewall."$zone_sec".input="REJECT"
-		fi
-		uci set firewall."$zone_sec".forward="REJECT"
-	fi
-	for ntwrk in $intf; do
-		uci add_list firewall."$zone_sec".network="$ntwrk"
-	done
-	uci rename firewall."$zone_sec"="$interface"
-}
-
-firewallmngr_set_ip() {
-	local rule_sec="$1"
-	local src_ip="$2"
-	local dest_ip="$3"
-
-	mask=$(echo "$src_ip"|grep "/")
-	if [ -z "$src_ip" ]; then
-		uci set firewallmngr."$rule_sec".src_ip="$src_ip"
-	else
-		ip=$(echo "$src_ip" | awk -F"/" '{ print $0 }')
-		mask=$(echo "$src_ip" | awk -F"/" '{ print $2 }')
-		uci set firewallmngr."$rule_sec".src_ip="$ip"
-		uci set firewallmngr."$rule_sec".source_mask="$mask"
-	fi
-
-	mask=$(echo "$src_ip"|grep "/")
-	if [ -z "$dest_ip" ]; then
-		uci set firewallmngr."$rule_sec".dest_ip="$dest_ip"
-	else
-		ip=$(echo "$dest_ip" | awk -F"/" '{ print $0 }')
-		mask=$(echo "$dest_ip" | awk -F"/" '{ print $2 }')
-		uci set firewallmngr."$rule_sec".dest_ip="$ip"
-		uci set firewallmngr."$rule_sec".dest_mask="$mask"
-	fi
-}
-
-firewall_set_ip() {
-	local rule_sec="$1"
-	local src_ip="$2"
-	local dest_ip="$3"
-
-	uci set firewall."$rule_sec".src_ip="$src_ip"
-	uci set firewall."$rule_sec".dest_ip="$dest_ip"
-}
-
-firewallmngr_set_port() {
-	local rule_sec="$1"
-	local src_port="$2"
-	local dest_port="$3"
-	local src_port_range_max="$4"
-	local dest_port_range_max="$5"
-
-	range=$(echo "$src_port" | grep ":")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$rule_sec".src_port="$src_port"
-	else
-		min_port=$(echo "$src_port" | awk -F":" '{ print $1 }')
-		max_port=$(echo "$src_port" | awk -F":" '{ print $2 }')
-
-		uci set firewallmngr."$rule_sec".src_port="$min_port"
-		uci set firewallmngr."$rule_sec".src_port_range_max="$max_port"
-	fi
-	range=$(echo "$dest_port" | grep ":")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$rule_sec".dest_port="$dest_port"
-	else
-		min_port=$(echo "$dest_port" | awk -F":" '{ print $1 }')
-		max_port=$(echo "$dest_port" | awk -F":" '{ print $2 }')
-
-		uci set firewallmngr."$rule_sec".dest_port="$min_port"
-		uci set firewallmngr."$rule_sec".dest_port_range_max="$max_port"
-	fi
-
-}
-
-firewall_set_port() {
-	local rule_sec="$1"
-	local src_port="$2"
-	local dest_port="$3"
-	local src_port_range_max="$4"
-	local dest_port_range_max="$5"
-
-	if [ -z "$dest_port_range_max" ] || [ "$dest_port_range_max" = "-1" ]; then
-		[ "$dest_port" == "-1" ] || uci set firewall."$rule_sec".dest_port="$dest_port"
-	else
-		uci set firewall."$rule_sec".dest_port="$dest_port:$dest_port_range_max"
-	fi
-
-	if [ -z "$src_port_range_max" ] || [ "$src_port_range_max" = "-1" ]; then
-		[ "$src_port" == "-1" ] || uci set firewall."$rule_sec".src_port="$src_port"
-	else
-		uci set firewall."$rule_sec".src_port="$src_port:$src_port_range_max"
-	fi
-}
-
-firewallmngr_set_interface() {
-	local rule_sec="$1"
-	local src_intf="$2"
-	local dest_intf="$3"
-
-	if [ "$src_intf" = "*" ]; then
-		uci set firewallmngr."$rule_sec".source_all_interfaces="1"
-	else
-		uci set firewallmngr."$rule_sec".source_all_interfaces="0"
-		uci set firewallmngr."$rule_sec".src="$src_intf"
-	fi
-	if [ "$dest_intf" = "*" ]; then
-		uci set firewallmngr."$rule_sec".dest_all_interfaces="1"
-	else
-		uci set firewallmngr."$rule_sec".dest_all_interfaces="0"
-		uci set firewallmngr."$rule_sec".dest="$dest_intf"
-	fi
-
-}
-
-firewall_set_interface() {
-	local rule_sec="$1"
-	local src_intf="$2"
-	local dest_intf="$3"
-	uci set firewall."$rule_sec".src="$src_intf"
-	uci set firewall."$rule_sec".dest="$dest_intf"
-}
-
-
-firewallmngr_get_rule_ip_family() {
-	local version="$1"
-
-	if [ "$version" == "ipv4" ]; then
-		echo "4"
-	elif [ "$version" == "ipv6" ]; then
-		echo "6"
-	else
-		echo "-1"
-	fi
-}
-
-firewall_get_rule_ip_family() {
-	local version="$1"
-
-	if [ "$version" == "4" ]; then
-		echo "ipv4"
-	elif [ "$version" == "6" ]; then
-		echo "ipv6"
-	else
-		echo "-1"
-	fi
-}
-
-firewallmngr_set_ip_family() {
-	local rule_sec="$1"
-	local ip_family="$2"
-
-	if [ -z "$ip_family" ]; then
-		uci set firewallmngr."$rule_sec".family="-1"
-		return
-	fi
-	uci set firewallmngr."$rule_sec".family="$ip_family"
-}
-
-firewall_set_ip_family() {
-	local rule_sec="$1"
-	local ip_family="$2"
-
-	[ "$ip_family" == "-1" ] ||  uci set firewall."$rule_sec".family="$ip_family"
-}
-
-firewallmngr_set_rule_target() {
-	local rule_sec="$1"
-	local target="$2"
-	local targetchain="$3"
-	local action
-	if [ "$target" = "MARK" ]; then
-		uci set firewallmngr."$rule_sec".target="Return"
-	elif [ "$target" = "TargetChain" ]; then
-		uci set firewallmngr."$rule_sec".target="$targetchain"
-	else
-		action=$(echo "$target" | awk '{for(i=1;i<=NF;i++){$i=toupper(substr($i,1,1)) substr($i,2)}} 1')
-		uci set firewallmngr."$rule_sec".target="$action"
-	fi
-}
-
-firewall_set_rule_target() {
-	local rule_sec="$1"
-	local target="$2"
-	local targetchain="$3"
-
-	target="$(echo $target | awk '{ print toupper($0) }')"
-	if [ "$target" = "ACCEPT" ] || [ "$target" = "REJECT" ] || [ "$target" = "DROP" ]; then
-		uci set firewall."$rule_sec".target="$(echo $target | awk '{ print toupper($0) }')"
-	elif [ "$target" = "Retrun" ]; then
-		uci set firewall."$rule_sec".target="MARK"
-	elif [ "$target" = "TargetChain" ]; then
-		uci set firewall."$rule_sec".target="$targetchain"
-	else
-		uci set firewall."$rule_sec".target="DROP"
-	fi
-}
-
-set_rule_protocol() {
-	local rule_sec="$1"
-	local protocol="$2"
-	local rule_rd="$3"
-	local dest_uci="$4"
-
-	set_icmp_type() {
-		uci add_list "$dest_uci"."$rule_sec".icmp_type="$1"
-	}
-
-	if [ -z "$protocol" ] || [ "$protocol" = "0" ] || [ "$protocol" = "all" ] || [ "$protocol" = "-1" ]; then
-		uci set "$dest_uci"."$rule_sec".proto="all"
-		return
-	fi
-
-	if [ "$dest_uci" = "firewallmngr" ]; then
-		protocol=$(grep -m 1 "$protocol" "/etc/protocols" | awk -F" " '{ print $2 }')
-	fi
-	uci set "$dest_uci"."$rule_sec".proto="$protocol"
-	if [ "$protocol" = "1" ] || [ "$protocol" = "icmp" ]; then
-		config_list_foreach "$rule_rd" "icmp_type" set_icmp_type
-	fi
-}
-
-handle_section_firewall_rule() {
-	local rule="$1"
-	local chain_name="$2"
-	local dest_uci="$3"
-	local chain=""
-	local is_enable=""
-	local src_intf=""
-	local ip_version=""
-	local ip_family=""
-	local protocol=""
-	local dest_intf=""
-	local target=""
-	local targetchain=""
-	local desc=""
-	local dest_port=""
-	local src_port=""
-	local src_port_range_max=""
-	local dest_port_range_max=""
-	local src_ip=""
-	local dest_ip=""
-	local source_mac=""
-	local source_all_interfaces=""
-	local dest_all_interfaces=""
-	local source_mask=""
-	local dest_mask=""
-	local limit=""
-	local expiry=""
-	local order=""
-
-	config_get is_enable "$rule" "enable" 1
-	[ "$is_enable" = "1" ] || return
-
-	if [ "$dest_uci" = "firewall" ]; then
-		config_get chain "$rule" "chain"
-		[ "$chain" = "$chain_name" ] || return
-	fi
-
-	config_get desc "$rule" "name"
-	config_get src_intf "$rule" "src"
-	config_get dest_intf "$rule" "dest"
-	config_get ip_version "$rule" "family"
-	function="$dest_uci"_get_rule_ip_family
-	ip_family="$($function $ip_version)"
-	config_get protocol "$rule" "proto"
-	config_get src_port "$rule" "src_port"
-	config_get dest_port "$rule" "dest_port"
-	config_get src_ip "$rule" "src_ip"
-	config_get source_mask "$rule" "source_mask"
-	[ -n "$source_mask" ] && src_ip="${src_ip}/$(echo $source_mask | awk -F/ '{ print $2 }')"
-	config_get dest_ip "$rule" "dest_ip"
-	config_get dest_mask "$rule" "dest_mask"
-	[ -n "$dest_mask" ] && dest_ip="${dest_ip}/$(echo $dest_mask | awk -F/ '{ print $2 }')"
-	config_get dest_port_range_max "$rule" "dest_port_range_max"
-	config_get src_port_range_max "$rule" "src_port_range_max"
-	config_get target "$rule" "target"
-	config_get targetchain "$rule" "targetchain"
-	config_get source_mac "$rule" "src_mac"
-	config_get order "$rule" "order"
-	config_get limit "$rule" "limit"
-	config_get expiry "$rule" "expiry"
-	config_get source_all_interfaces "$rule" "source_all_interfaces"
-	[ "$source_all_interfaces" = "1" ] && src_intf="*"
-	config_get dest_all_interfaces "$rule" "dest_all_interfaces"
-	[ "$dest_all_interfaces" = "1" ] && dest_intf="*"
-
-	rule_sec=$(uci add "$dest_uci" rule)
-	uci set "$dest_uci"."$rule_sec".chain="$chain_name"
-	uci set "$dest_uci"."$rule_sec".enabled="1"
-	uci set "$dest_uci"."$rule_sec".name="$desc"
-
-	"$dest_uci"_set_interface "$rule_sec" "$src_intf" "$dest_intf"
-	"$dest_uci"_set_ip_family "$rule_sec" "$ip_family"
-	"$dest_uci"_set_rule_target "$rule_sec" "$target" "$targetchain"
-	set_rule_protocol "$rule_sec" "$protocol" "$rule" "$dest_uci"
-
-	"$dest_uci"_set_port "$rule_sec" "$src_port" "$dest_port" "$src_port_range_max" "$dest_port_range_max"
-
-	"$dest_uci"_set_ip "$rule_sec" "$src_ip" "$dest_ip"
-
-	uci set "$dest_uci"."$rule_sec".src_mac="$source_mac"
-	uci set "$dest_uci"."$rule_sec".order="$order"
-	uci set "$dest_uci"."$rule_sec".limit="$limit"
-	uci set "$dest_uci"."$rule_sec".expiry="$expiry"
-
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci rename "$dest_uci"."$rule_sec"="fwmngr_$rule"
-	else
-        	uci rename "$dest_uci"."$rule_sec"="$rule"
-	fi
-}
-
-firewallmngr_configure_service_rule() {
-	local interface="$1"
-	local dest_port="$2"
-	local ip_family="$3"
-	local protocol="$4"
-	local icmp_type="$5"
-	local source_prefix="$6"
-	local action="$7"
-	local service_cfg="$8"
-	local service_sec
-	
-	service_sec_add_list_value() {
-		for value in $1; do
-			uci add_list firewallmngr."$service_sec"."$2"="$value"
-		done
-	}
-
-	service_sec=$(uci add firewall service)
-	uci set firewallmngr."$service_sec".enabled="1"
-	uci set firewallmngr."$service_sec".name="service rule"
-	uci set firewallmngr."$service_sec".src="$interface"
-	uci set firewallmngr."$service_sec".icmp_type="$icmp_type"
-	uci set firewallmngr."$service_sec".family=$(firewallmngr_get_rule_ip_family "$ip_family")
-	firewallmngr_set_rule_target "$service_sec" "$action" ""
-
-	service_sec_add_list_value "$dest_port" "dest_port"
-	service_sec_add_list_value "$protocol" "protocol"
-	service_sec_add_list_value "$source_prefix" "src_prefix"
-
-	uci rename firewallmngr."$service_sec"="${service_cfg}"
-}
-
-firewall_configure_service_rule() {
-	local interface="$1"
-	local dest_port="$2"
-	local ip_family="$3"
-	local protocol="$4"
-	local icmp_type="$5"
-	local source_prefix="$6"
-	local action="$7"
-	local service_cfg="$8"
-	local service_sec
-
-	service_sec=$(uci add firewall rule)
-	uci set firewall."$service_sec".enabled="1"
-	uci set firewall."$service_sec".name="service rule"
-	uci set firewall."$service_sec".src="$interface"
-	[ "$dest_port" == "-1" ] || uci set firewall."$service_sec".dest_port="$dest_port"
-	uci set firewall."$service_sec".family=$(firewall_get_rule_ip_family "$ip_family")
-	[ "$protocol" == "-1" ] || uci set firewall."$service_sec".proto="$protocol"
-	[ "$icmp_type"  == "-1" ] || uci set firewall."$service_sec".icmp_type="$icmp_type"
-	uci set firewall."$service_sec".src_ip="$source_prefix"
-	firewall_set_rule_target "$service_sec" "$action" ""
-
-	[ -z "$service_cfg" ] || uci rename firewall."$service_sec"="fwmngr_${service_cfg}"
-}
-
-handle_section_service() {
-	local service_cfg="$1"
-	local dest_uci="$2"
-	local service_sec=""
-	local enable=""
-	local interface=""
-	local dest_port=""
-	local protocol=""
-	local icmp_type=""
-	local source_prefix=""
-	local action=""
-	local ip_family=""
-
-	get_service_proto_list() {
-		protocol="$protocol $1"
-	}
-	get_service_src_prefix_list() {
-		source_prefix="$source_prefix $1"
-	}
-	get_service_dest_port_list() {
-		dest_port="$dest_port $1"
-	}
-
-	config_get enable "$service_cfg" "enable" 0
-	[ "$enable" == "1" ] || return
-	config_get interface "$service_cfg" "interface"
-	[ -z "$interface" ] && return
-	config_get ip_family "$service_cfg" "family"
-
-	config_list_foreach "$service_cfg" "proto" get_service_proto_list
-	config_list_foreach "$service_cfg" "dest_port" get_service_dest_port_list
-	config_list_foreach "$service_cfg" "src_prefix" get_service_src_prefix_list
-
-	config_get icmp_type "$service_cfg" "icmp_type"
-	config_get action "$service_cfg" "target"
-
-	"$dest_uci"_configure_service_rule "$interface" "$dest_port" "$ip_family" "$protocol" "$icmp_type" "$source_prefix" "$action" "$service_cfg"
-
-}
-
-firewallmngr_set_all_intf_src_dip() {
-	local redirect_section="$1"
-	local zn_name="$2"
-	local all_interface="$3"
-
-	config_get src_dip "$redirect_section" "src_dip"
-
-	if [ "$src_dip" = "*" ]; then
-		uci set firewallmngr."$redirect_sec".all_interface="1"
-	else
-		uci set firewallmngr."$redirect_sec".all_interface="0"
-	fi
-}
-
-firewall_set_all_intf_src_dip() {
-	local redirect_section="$1"
-	local zn_name="$2"
-	local all_interface="$3"
-
-	if [ "$all_interface" = "1" ]; then
-		if [ -z "$zn_name" ]; then
-			uci set firewall."$redirect_sec".src="wan"
-		else
-			uci set firewall."$redirect_sec".src="$zn_name"
-		fi
-		uci set firewall."$redirect_sec".src_dip="*"
-	else
-		uci set firewall."$redirect_sec".src="$zn_name"
-		uci set firewall."$redirect_sec".src_dip=""
-	fi
-}
-
-firewallmngr_set_src_dport() {
-        local redirect_sec="$1"
-        lodcal external_port="$2"
-        local external_port_end="$3"
-
-	range=$(echo "$external_port" | grep "-")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$redirect_sec".src_dport="$external_port"
-	else
-		min_port=$(echo "$external_port" | awk -F"-" '{ print $1 }')
-		max_port=$(echo "$external_port" | awk -F"-" '{ print $2 }')
-
-		uci set firewallmngr."$redirect_sec".src_dport="$min_port"
-		uci set firewallmngr."$redirect_sec".src_dport_end="$max_port"
-	fi
-} 
-
-firewall_set_src_dport() {
-        local redirect_sec="$1"
-        local external_port="$2"
-        local external_port_end="$3"
-
-	if [ "$external_port_end" = "0" ]; then
-		if ! [ "$external_port" = "0" ]; then
-			uci set firewall."$redirect_sec".src_dport="$external_port"
-		fi
-	else
-		uci set firewall."$redirect_sec".src_dport="$external_port-$external_port_end"
-	fi
-} 
-
-
-# handling for firewallmngr to firewall
-handle_section_nat_port_mapping() {
-	local nat_port_cfg="$1"
-	local dest_uci="$2"
-	local enable=""
-	local interface=""
-	local all_interface=""
-	local lease_duration=""
-	local remote_host=""
-	local external_port=""
-	local external_port_end=""
-	local internal_port=""
-	local protocol=""
-	local internal_client=""
-	local description=""
-	local redirect_sec=""
-	local epoch_sec=""
-	local stop_epoch=""
-	local stop_ymd=""
-	local stop_hms=""
-	local zn_name=""
-
-	config_get enable "$nat_port_cfg" "enabled"
-	config_get interface "$nat_port_cfg" "src"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		zones=$(uci show firewall | grep "=zone")
-		for zn in zones; do
-			zn_arg=$(echo $zn | awk -F= '{ print $1 }')
-			if [ "$interface" = "$(uci -q get $zn_arg.network)" ]; then
-				zn_name=$(uci -q get "$zn_arg".name)
-				masq=$(uci -q get "$zn_arg".masq)
-			fi
-		done
-		if [ -z "$enable" ] && ! [ "$masq" = "1" ]; then
-			return
-		fi
-	fi
-
-	config_get internal_client "$nat_port_cfg" "dest_ip"
-	config_get all_interface "$nat_port_cfg" "all_interface"
-	config_get lease_duration "$nat_port_cfg" "lease_duration"
-	config_get remote_host "$nat_port_cfg" "src_ip"
-	config_get external_port "$nat_port_cfg" "src_dport" "0"
-	config_get external_port_end "$nat_port_cfg" "src_dport_end" "0"
-	config_get internal_port "$nat_port_cfg" "dest_port"
-	config_get protocol "$nat_port_cfg" "proto"
-	protocol=$(echo $protocol | awk '{ print tolower($0) }')
-	config_get description "$nat_port_cfg" "name"
-
-	redirect_sec=$(uci add "$dest_uci" redirect)
-
-	"dest_uci"_set_all_intf_src_dip "$redirect_sec" "$zn_name" "$all_interface"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		if [ -n "$lease_duration" ] && ! [ "$lease_duration" == "0" ]; then
-			epoch_sec=$(date +%s)
-			stop_epoch=$(( epoch_sec + lease_duration ))
-			stop_ymd=$(date -d @${stop_epoh} +%Y-%m-%d)
-			stop_hms=$(date -d @${stop_epoch} +%H:%M:%S)
-			uci set "$dest_uci"."$redirect_sec".stop_date="$stop_ymd"
-			uci set "$dest_uci"."$redirect_sec".stop_time="$stop_hms"
-		fi
-	fi
-
-	"$dest_uci"_set_src_dport "$redirect_section" "$external_port" "$external_port_end"
-
-	uci  set "$dest_uci"."$redirect_sec".enabled="1"
-	uci  set "$dest_uci"."$redirect_sec".target="DNAT"
-	uci  set "$dest_uci"."$redirect_sec".dest_ip="$internal_client"
-	[ -z "$protocol" ] || uci set "$dest_uci"."$redirect_sec".proto="$protocol"
-	[ -z "$remote_host" ] || uci  set "$dest_uci"."$redirect_sec".src_ip="$remote_host"
-	[ -z "$internal_port" ] || uci set "$dest_uci"."$redirect_sec".dest_port="$internal_port"
-	[ -z "$description" ] || uci set "$dest_uci"."$redirect_sec".name="$description"
-
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci rename "$dest_uci"."$redirect_sec"="fwmngr_$nat_port_cfg"
-	else
-        	uci rename "$dest_uci"."$redirect_sec"="$nat_port_cfg"
-	fi
-}
-
-handle_include_section() {
-	local include_sec="$1"
-	local dest_uci="$2"
-
-	config_get path "$include_sec" "path"
-	config_get reload "$include_sec" "reload"
-	config_get include_type "$include_sec" "type"
-
-	sec=$(uci   add "$dest_uci" include)
-	[ -z "$path" ] || uci   set "$dest_uci"."$sec".path="$path"
-	[ -z "$reload" ] || uci   set "$dest_uci"."$sec".reload="$reload"
-	[ -z "$include_type" ] || uci   set "$dest_uci"."$sec".type="$include_type"
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci   rename "$dest_uci"."$sec"="fwmngr_$include_sec"
-	else
-        	uci   rename "$dest_uci"."$sec"="$include_sec"
-	fi
-	
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_twamp.sh

@@ -1,60 +0,0 @@
-#! /bin/sh
-
-active_chain=""
-remove_twamp_reflector_rules() {
-	config_get name "$1" name
-
-	if [ "$name" = "Twamp Reflector Rule" ]; then
-		uci delete firewallmngr."$1"
-	fi
-
-}
-
-handle_twamp_reflector_rules() {
-	local twamp_cfg="$1"
-	local sec_name=""
-	local action="Acept"
-
-	config_get enable "$twamp_cfg" enable "1"
-	config_get port "$twamp_cfg" port
-	config_get interface "$twamp_cfg" interface
-
-	if [ "${enable}" -eq 0 ] || [ -z "$port" ] || [ -z "$interface" ]; then
-		return
-	fi
-	sec_name="twamp_${interface}_${port}"
-	rule_twamp=$(uci add firewallmngr rule)
-	uci set firewallmngr."$rule_twamp".enable="1"
-	uci set firewallmngr."$rule_twamp".chain="$active_chain"
-	uci set firewallmngr."$rule_twamp".dest_port="$port"
-	uci set firewallmngr."$rule_twamp".name="Twamp Reflector Rule"
-	uci set firewallmngr."$rule_twamp".interface="$interface"
-	uci set firewallmngr."$rule_twamp".ip_version="4"
-	uci set firewallmngr."$rule_twamp".protocol="17"
-	uci set firewallmngr."$rule_twamp".target="$action"
-	uci rename firewallmngr."$rule_twamp"="fwmngr_$sec_name"
-}
-
-firewallmngr_get_active_chain() {
-	config_get creator "$1" creator
-	[ "$creator" = "PortMapping" ] && return
-
-	config_get enable "$1" enable
-	if [ -n "$enable" ] && [ "$enable" = "1" ]; then
-		config_get active_chain "$1" name
-	fi
-}
-
-handle_twamp_rules() {
-	twamp_enable=$(uci -q get twamp.twamp.enable)
-
-	config_load firewallmngr
-	config_foreach firewallmngr_get_active_chain chain
-
-	config_foreach remove_twamp_reflector_rules rule
-	config_load twamp
-	if [ -n "$twamp_enable" ] && [ "$twamp_enable" == "1" ]; then
-		config_foreach handle_twamp_reflector_rules twamp_reflector
-	fi
-	uci commit firewallmngr
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/is_intf_bridge

@@ -1,23 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-
-interface=$1
-intf_dev=""
-is_bridge=0
-
-is_device_type_bridge() {
-	local dev
-	local dev_type
-
-	config_get dev "$1" "name"
-	config_get dev_type "$1" "type"
-	if [ "$dev" = "$intf_dev" ] && [ "$dev_type" = "bridge" ]; then
-		is_bridge=1
-	fi
-}
-
-intf_dev=$(uci -q get network."$interface".device)
-config_load network
-config_foreach is_device_type_bridge device 
-
-echo $is_bridge

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/uci_migration.sh

@@ -1,158 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-. /lib/fwmngr/fwmngr_functions.sh
-
-uci_mig_include_sections=""
-include_deprecated_list="hosts cwmp dmz mcast twamp portmap service"
-final_include_cfg=""
-
-
-firewallmngr_zone_to_nat_interface_setting() {
-	zone="$1"
-
-	config_get interface "$zone" "network"
-	[ -n "$interface" ] || return
-	config_get enable "$zone" "masq" "0"
-	nat_intf_setting=$(uci add "firewallmngr" "natif")
-	uci set firewallmngr."$nat_intf_setting".enabled="$enable"
-	uci set firewallmngr."$nat_intf_setting".interface="$interface"
-
-	uci rename firewallmngr."$nat_intf_setting"=$(echo "$interface" | awk -F" " '{ print $1 }')
-}
-
-handle_section_forwarding_rule() {
-	local fwd="$1"
-	local chain="$2"
-
-	config_get src_intf "$fwd" "src" 
-	config_get dest_intf "$fwd" "dest"
-
-	rule_sec=$(uci add "firewallmngr" rule)
-	firewallmngr_set_interface "$rule_sec" "$src_intf" "$dest_intf"
-	uci set firewallmngr."$rule_sec".chain="$chain"
-	uci set firewallmngr."$rule_sec".name="$fwd"
-	uci set firewallmngr."$rule_sec".target="accept"
-       	uci rename firewallmngr."$rule_sec"="fwmngr_$fwd"
-}
-
-firewallmngr_handle_section_dmz() {
-	local dmz_cfg="$1"
-	local dest_uci="$2"
-	local dmz_sec=""
-	local enabled=""
-	local origin=""
-	local description=""
-	local interface=""
-	local dest_ip=""
-	local source_prefix=""
-	
-	config_get dest_ip "$dmz_cfg" "dest_ip"
-	config_get interface "$dmz_cfg" "interface"
-	config_get origin "$dmz_cfg" "origin"
-	config_get source_prefix "$dmz_cfg" "source_prefix"
-	config_get description "$dmz_cfg" "description"
-	config_get enabled "$dmz_cfg" "enabled"
-
-	dmz_sec=$(uci add firewallmngr dmz)
-
-	uci set firewallmngr."$dmz_sec".enabled="$enabled"
-	uci set firewallmngr."$dmz_sec".dest_ip="$dest_ip"
-	uci set firewallmngr."$dmz_sec".interface="$interface"
-	uci set firewallmngr."$dmz_sec".origin="$origin"
-	uci set firewallmngr."$dmz_sec".description="$description"
-	uci set firewallmngr."$dmz_sec".source_prefix="$source_prefix"
-
-       	uci rename firewallmngr."$dmz_sec"="$dmz_cfg"
-}
-
-#This call must be triggered from procd boot function
-cleanup_firewallmngr_rule_section() {
-	rule_sec=$(uci show firewallmngr | grep "=rule")
-	for sec in $rule_sec; do
-		rule=$(echo "$sec" | awk -F= '{ print $1 }')
-		uci delete "$rule"
-	done
-	uci commit firewallmngr
-}
-
-firewallmngr_delete_install_dmz_rule() {
-	local dmz_cfgs
-
-	dmz_cfgs=$(uci show firewall | grep "=dmz")
-	for dmz in $dmz_cfgs; do
-		dmz=$(echo $dmz | awk -F= '{ print $1 }')
-		uci del "$dmz"
-	done
-	uci commit firewall
-}
-
-firewall_delete_deprecated_include_section() {
-	new_inc_list=""
-
-	inc_list=$(uci show firewall | grep "=include")
-	for inc in $inc_list; do
-		inc=$(echo "$inc"| awk -F"=" '{ print $1 }')
-
-		inc_name=$(echo "$inc" | awk -F. '{ print $2 }')
-		inc_path=$(uci -q get "$inc".path | awk -F/ '{ print $NF }')
-		inc_file=$(echo "$inc_path" | awk -F. '{ print $2 }')
-
-		inc_ignore=$(echo "$include_deprecated_list"| grep -w "$inc_name")
-		if [ -z "$inc_ignore" ]; then
-			inc_ignore=$(echo "$include_deprecated_list"| grep -w "$inc_file")
-		fi
-		[ -z "$inc_ignore" ] || uci delete "$inc"
-
-	done
-	uci commit firewall
-
-
-}
-
-firewall_backup_include_section() {
-	list=$(uci show firewall)
-        uci_mig_include_sections=$(echo "$list" | grep "=include")
-        uci_mig_include_sections=$(echo "$fw_include_sections" | awk -F= '{ print $1 }')
-        uci_mig_include_sections=$(echo "$fw_include_sections" | awk -F. '{ print $2 }')
-}
-
-firewall_uci_cleanup() {
-# cleanup all sections of firewall uci, firewall uci will be generated by firewallmngr init
-	section_cleanup () {
-		local sec="$1"
-
-		rule_sec=$(uci show firewall | grep "$sec")
-		for rule in $rule_sec; do
-			rule=$(echo "$rule" | awk -F= '{ print $1 }')
-			uci delete "$rule"
-		done
-	}
-
-	section_cleanup "=rule"
-	section_cleanup "=zone"
-	section_cleanup "=redirect"
-	section_cleanup "=dmz"
-	section_cleanup "=service"
-	section_cleanup "=forwarding"
-	section_cleanup "=defaults"
-	section_cleanup "=globals"
-	uci commit firewall
-}
-
-generate_firewallmngr_config() {
-	chain_name=$(firewallmngr_get_active_chain)
-	cleanup_firewallmngr_rule_section
-	config_load firewall
-	config_foreach handle_section_firewall_rule rule "$chain_name" "firewallmngr"
-	config_foreach firewallmngr_zone_to_nat_interface_setting zone 
-	config_foreach handle_section_nat_port_mapping redirect "firewallmngr"
-	config_foreach firewallmngr_handle_section_dmz dmz "firewallmngr"
-	config_foreach handle_section_service service "firewallmngr"
-	config_foreach handle_section_forwarding_rule forwarding "$chain_name"
-
-	uci commit firewallmngr
-
-	firewall_uci_cleanup
-	firewall_delete_deprecated_include_section
-}

firewallmngr/files/port-trigger/etc/config/port-trigger

@@ -1 +0,0 @@
-#port trigger uci file

firewallmngr/files/port-trigger/etc/init.d/port-trigger

@@ -1,21 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=65
-STOP=20
-USE_PROCD=1
-
-. /lib/port-trigger/port_trigger.sh
-
-start_service() {
-	port_trigger_handling
-}
-
-service_triggers()
-{
-	procd_add_reload_trigger firewall
-	procd_add_reload_trigger port-trigger
-}
-
-reload_service() {
-	start
-}

firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh

@@ -1,157 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-process_port_trigger() {
-	local rule_id="$1"
-	local is_enabled=""
-	local duration=""
-	local trigger_dport=""
-	local trigger_dport_end=""
-	local protocol=""
-	local interface=""
-	local open_dport=""
-	local open_dport_end=""
-	local open_protocol=""
-	local ptg_id=""
-	local IP_RULE=""
-	local IP6_RULE=""
-	local IP_RULE_FWD=""
-
-	get_port_trigger() {
-		local ptg_name
-		config_get ptg_name "$1" "name"
-		if [ "$ptg_name" == "$2" ]; then
-			ptg_id="$1"
-			return
-		fi
-	}
-
-	ptg_id=""
-	config_get name "$rule_id" "port_trigger"
-	config_foreach get_port_trigger  "port_trigger" "$name"
-	[ -z "$ptg_id" ] && return
-
-	is_enabled=$(uci -q get port-trigger."$ptg_id".enable)
-
-	if [ -z "$is_enabled" ] || [ "$is_enabled" = "0" ]; then
-		return
-	fi
-
-	protocol=$(uci -q get port-trigger."$ptg_id".protocol)
-	[ -z "$protocol" ] && return
-
-	if [ "$protocol" = "UDP" ] || [ "$protocol" = "udp" ]; then
-		IP_RULE="$IP_RULE -p udp"
-		IP6_RULE="$IP6_RULE -p udp"
-		IP_RULE_FWD="$IP_RULE_FWD -p udp"
-	elif [ "$protocol" = "TCP" ] || [ "$protocol" = "tcp" ]; then
-		IP_RULE="$IP_RULE -p tcp"
-		IP6_RULE="$IP6_RULE -p tcp"
-		IP_RULE_FWD="$IP_RULE_FWD -p tcp"
-	else
-		return
-	fi
-
-	trigger_dport=$(uci -q get port-trigger."$ptg_id".port)
-	[ -z "$trigger_dport" ] && return
-	IP_RULE="$IP_RULE --dport $trigger_dport"
-	IP6_RULE="$IP6_RULE --dport $trigger_dport"
-
-	trigger_dport_end=$(uci -q get port-trigger."$ptg_id".end_port_range)
-	if [ -n "$trigger_dport_end" ]; then
-		IP_RULE="$IP_RULE:$trigger_dport"
-		IP6_RULE="$IP6_RULE:$trigger_dport"
-	fi
-
-	config_get open_protocol "$rule_id" "protocol"
-	if [ "$open_protocol" = "UDP" ] || [ "$open_protocol" = "udp" ]; then
-		IP_RULE="$IP_RULE -j TRIGGER --trigger-type out --trigger-proto udp"
-		IP6_RULE="$IP6_RULE -j TRIGGER --trigger-type out --trigger-proto udp"
-	elif [ "$open_protocol" = "TCP" ] || [ "$open_protocol" = "tcp" ]; then
-		IP_RULE="$IP_RULE -j TRIGGER --trigger-type out --trigger-proto tcp"
-		IP6_RULE="$IP6_RULE -j TRIGGER --trigger-type out --trigger-proto tcp"
-	else
-		return
-	fi
-
-	config_get open_dport "$rule_id" "port"
-	[ -z "$open_dport" ] && return
-	IP_RULE="$IP_RULE --trigger-match $open_dport"
-	IP6_RULE="$IP6_RULE --trigger-match $open_dport"
-	IP_RULE_FWD="$IP_RULE_FWD --dport $open_dport"
-
-	config_get open_dport_end "$rule_id" "end_port_range"
-	if [ -z "$open_dport_end" ]; then
-		IP_RULE="$IP_RULE --trigger-relate $open_dport"
-		IP6_RULE="$IP6_RULE --trigger-relate $open_dport"
-	else
-		IP_RULE="$IP_RULE-$open_dport_end --trigger-relate $open_dport-$open_dport_end"
-		IP6_RULE="$IP6_RULE-$open_dport_end --trigger-relate $open_dport-$open_dport_end"
-		IP_RULE_FWD="$IP_RULE_FWD:$open_dport_end"
-	fi
-
-	duration=$(uci -q get port-trigger."$ptg_id".auto_disable_duration)
-        if [ -n "$duration" ]; then
-                IP_RULE="$IP_RULE --trigger-timeout $duration"
-                IP6_RULE="$IP6_RULE --trigger-timeout $duration"
-        fi
-
-	interface=$(uci -q get port-trigger."$ptg_id".src)
-	[ -z "$interface" ] && return
-	device=$(uci -q get network.$interface.device)
-       	IP_RULE_1="iptables -w -t nat -A prerouting_porttrigger -i $device $IP_RULE"
-       	echo "$IP_RULE_1">>/tmp/port_trigger_iptables
-
-       	IP_RULE_1="ip6tables -w -t nat -A prerouting_porttrigger -i $device $IP6_RULE"
-       	echo "$IP_RULE_1">>/tmp/port_trigger_ip6tables
-
-        if [ -n "$duration" ]; then
-		echo "iptables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in --trigger-timeout $duration">>/tmp/port_trigger_iptables
-		echo "ip6tables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in --trigger-timeout $duration">>/tmp/port_trigger_ip6tables
-
-		echo "iptables -w -t nat -A prerouting_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type dnat --trigger-timeout $duration">>/tmp/port_trigger_iptables
-	else
-		echo "iptables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in">>/tmp/port_trigger_iptables
-		echo "ip6tables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in">>/tmp/port_trigger_ip6tables
-
-		echo "iptables -w -t nat -A prerouting_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type dnat">>/tmp/port_trigger_iptables
-	fi
-}
-
-port_trigger_handling() {
-	rm /tmp/port_trigger_iptables 2> /dev/null
-	rm /tmp/port_trigger_ip6tables 2> /dev/null
-	touch /tmp/port_trigger_iptables
-	touch /tmp/port_trigger_ip6tables
-
-	echo "iptables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-	echo "ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-
-	echo "iptables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t filter -N forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	echo "iptables -w -t nat -N prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t nat -I prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
-
-	echo "ip6tables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-	echo "ip6tables -w -t filter -N forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
-
-	# Load /etc/config/port-trigger UCI file
-	config_load port-trigger
-	config_foreach process_port_trigger rule
-
-	sh /tmp/port_trigger_iptables
-	sh /tmp/port_trigger_ip6tables
-}

fluentbit/Makefile

@@ -1,165 +0,0 @@
-#
-# Copright (C) 2018 The Internet Foundation In Sweden
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=fluentbit
-PKG_VERSION:=1.0.0
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit.git
-PKG_SOURCE_VERSION:=v3.0.5
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-
-PKG_LICENSE:=Apache-2.0
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/cmake.mk
-
-define Package/fluentbit
-	CATEGORY:=Utilities
-	DEPENDS:= +libyaml +libopenssl +libcurl +libatomic +musl-fts
-	TITLE:=FluentBit
-endef
-
-define Package/fluentbit/description
-	Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
-endef
-
-# General options
-TARGET_LDFLAGS+=-lfts -latomic
-
-CMAKE_OPTIONS+= \
-	-DFLB_RELEASE=Yes \
-	-DFLB_SMALL=Yes \
-	-DEXCLUDE_FROM_ALL=true \
-	-DBUILD_SHAREDD_LIBS=Yes \
-	-DFLB_DEBUG=No \
-	-DFLB_ALL=No \
-	-DFLB_JEMALLOC=No \
-	-DFLB_EXAMPLES=No \
-	-DFLB_CHUNK_TRACE=No \
-	-DFLB_BACKTRACE=No \
-	-DFLB_WASM=No \
-	-DFLB_LUAJIT=No
-
-# In plugins
-CMAKE_OPTIONS += \
-	-DFLB_IN_SYSLOG=Yes \
-	-DFLB_IN_CPU=Yes \
-	-DFLB_IN_MEM=Yes \
-	-DFLB_IN_DISK=Yes \
-	-DFLB_IN_EXEC=Yes \
-	-DFLB_IN_HEAD=Yes \
-	-DFLB_IN_FORWARD=No \
-	-DFLB_IN_KMSG=No \
-	-DFLB_IN_PROC=No \
-	-DFLB_IN_RANDOM=No \
-	-DFLB_IN_SERIAL=No \
-	-DFLB_IN_MQTT=No \
-	-DFLB_IN_STDIN=No \
-	-DFLB_IN_SYSTEMD=No \
-	-DFLB_IN_TAIL=No \
-	-DFLB_IN_TCP=No \
-	-DFLB_IN_THERMAL=No \
-	-DFLB_IN_UDP=No \
-	-DFLB_IN_DOCKER=No \
-	-DFLB_IN_EXEC_WASI=No \
-	-DFLB_IN_EVENT_TYPE=No \
-	-DFLB_IN_FLUENTBIT_METRICS=No \
-	-DFLB_IN_KUBERNETES_EVENTS=No \
-	-DFLB_IN_KAFKA=No \
-	-DFLB_IN_LIB=No \
-	-DFLB_IN_SYSTEMD=No \
-	-DFLB_IN_DUMMY=No \
-	-DFLB_IN_NETIF=No \
-	-DFLB_IN_COLLECTD=No \
-	-DFLB_IN_PROMETHEUS_SCRAPE=No \
-	-DFLB_IN_STATSD=No \
-	-DFLB_IN_STORAGE_BACKLOG=No \
-	-DFLB_IN_PODMAN_METRICS=No \
-	-DFLB_IN_OPENTELEMETRY=No \
-	-DFLB_IN_ELASTICSEARCH=No \
-	-DFLB_IN_CALYPTIA_FLEET=No \
-	-DFLB_IN_SPLUNK=No
-	-DFLB_IN_HEALTH=No \
-	-DFLB_IN_WINLOG=No \
-	-DFLB_IN_WINEVTLOG=No
-
-
-# Filter options
-CMAKE_OPTIONS += 
-	-DFLB_FILTER_AWS=No \
-	-DFLB_FILTER_ECS=No \
-	-DFLB_FILTER_KUBERNETES=No \
-	-DFLB_FILTER_LUA=No \
-	-DFLB_FILTER_NEST=No \
-	-DFLB_FILTER_RECORD_MODIFIER=No \
-	-DFLB_FILTER_THROTTLE=No \
-	-DFLB_FILTER_TYPE_CONVERTER=No \
-	-DFLB_FILTER_WASM=No \
-	-DFLB_FILTER_TENSORFLOW=No \
-	-DFLB_FILTER_GEOIP2=No \
-	-DFLB_FILTER_NIGHTFALL=No
-
-# out plugins
-CMAKE_OPTIONS += \
-	-DFLB_OUT_EXIT=Yes \
-	-DFLB_OUT_FORWARD=Yes \
-	-DFLB_OUT_HTTP=Yes \
-	-DFLB_OUT_NATS=Yes \
-	-DFLB_OUT_TCP=Yes \
-	-DFLB_OUT_UDP=Yes \
-	-DFLB_OUT_FILE=Yes \
-	-DFLB_OUT_STDOUT=Yes \
-	-DFLB_OUT_SYSLOG=Yes \
-	-DFLB_OUT_NULL=Yes \
-	-DFLB_OUT_PLOT=No \
-	-DFLB_OUT_AZURE=No \
-	-DFLB_OUT_AZURE_BLOB=No \
-	-DFLB_OUT_AZURE_LOGS_INGESTION=No \
-	-DFLB_OUT_AZURE_KUSTO=No \
-	-DFLB_OUT_BIGQUERY=No \
-	-DFLB_OUT_CALYPTIA=No \
-	-DFLB_OUT_COUNTER=No \
-	-DFLB_OUT_DATADOG=No \
-	-DFLB_OUT_ES=No \
-	-DFLB_OUT_GELF=No \
-	-DFLB_OUT_INFLUXDB=No \
-	-DFLB_OUT_NRLOGS=No \
-	-DFLB_OUT_OPENSEARCH=No \
-	-DFLB_OUT_TD=No \
-	-DFLB_OUT_SKYWALKING=No \
-	-DFLB_OUT_SLACK=No \
-	-DFLB_OUT_SPLUNK=No \
-	-DFLB_OUT_STACKDRIVER=No \
-	-DFLB_OUT_LIB=No \
-	-DFLB_OUT_FLOWCOUNTER=No \
-	-DFLB_OUT_LOGDNA=No \
-	-DFLB_OUT_LOKI=No \
-	-DFLB_OUT_KAFKA=No \
-	-DFLB_OUT_KAFKA_REST=No \
-	-DFLB_OUT_CLOUDWATCH_LOGS=No \
-	-DFLB_OUT_KINESIS_FIREHOSE=No \
-	-DFLB_OUT_KINESIS_STREAMS=No \
-	-DFLB_OUT_OPENTELEMETRY=No \
-	-DFLB_OUT_PROMETHEUS_EXPORTER=No \
-	-DFLB_OUT_PROMETHEUS_REMOTE_WRITE=No \
-	-DFLB_OUT_S3=No \
-	-DFLB_OUT_VIVO_EXPORTER=No \
-	-DFLB_OUT_WEBSOCKET=No \
-	-DFLB_OUT_ORACLE_LOG_ANALYTICS=No \
-	-DFLB_OUT_CHRONICLE=No \
-	-DFLB_OUT_PGSQL=No
-
-define Package/fluentbit/install
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/fluent-bit $(1)/usr/sbin/
-endef
-
-$(eval $(call BuildPackage,fluentbit))

gryphon-led-module/Makefile

@@ -28,7 +28,7 @@ define KernelPackage/$(PKG_NAME)
   FILES:=$(PKG_BUILD_DIR)/$(PKG_NAME).$(LINUX_KMOD_SUFFIX)
   KCONFIG:=CONFIG_PACKAGE_kmod-gryphon-led-kernel-module=y
   AUTOLOAD:=$(call AutoLoad,60,$(PKG_NAME))
-  DEPENDS:= +(TARGET_brcmbca):bcm963xx-bsp
+  DEPENDS:= +(TARGET_brcmbca):bcmkernel
   PKG_LICENSE:=GPLv2
   PKG_LICENSE_URL:=
 endef

hostmngr/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostmngr
-PKG_VERSION:=1.2.6
+PKG_VERSION:=1.1.4
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=aa365710b227ba82b1c43f9cdf497261edb21852
+PKG_SOURCE_VERSION:=edb5bbe57c5bc83035e217c73071c9b3e878dc22
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -22,7 +22,7 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
+
 
 define Package/hostmngr
   SECTION:=utils
@@ -31,8 +31,7 @@ define Package/hostmngr
   DEPENDS= +libubox +libuci +libubus +ubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +libnfnetlink +libmnl \
 	   +libnetfilter-conntrack \
-	   +HOSTMNGR_PLATFORM_HAS_WIFI:libwifi +libbbfdm-api \
-	   +libwifiutils
+	   +HOSTMNGR_PLATFORM_HAS_WIFI:libwifi +libbbfdm-api
 
 endef
 
@@ -58,16 +57,14 @@ endif
 MAKE_PATH:=src
 
 define Package/hostmngr/install
-	$(CP) ./files/etc $(1)/
+	$(CP) ./files/* $(1)/
 	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/hostmngr/
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/hostmngr $(1)/usr/sbin/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/bbf_plugin/libhostmngr.so $(1)/etc/hostmngr/
+	$(INSTALL_DATA) ./files/etc/hostmngr/input.json $(1)/etc/hostmngr/	
 	$(INSTALL_DIR) $(1)/usr/share/hostmngr
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_DATA) ./files/scripts/hosts_acl.sh $(1)/usr/share/hostmngr/
-else
-	$(INSTALL_DATA) ./files/scripts/hostmngr_backend_firewallmngr/hosts_acl.sh $(1)/usr/share/hostmngr/
-endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/bbf_plugin/libhostmngr.so $(1) $(PKG_NAME)
 endef
 
 ifeq ($(LOCAL_DEV),1)

hostmngr/files/etc/hostmngr/input.json

@@ -0,0 +1,16 @@
+{
+	"daemon": {
+		"input": {
+			"type": "DotSo",
+			"name": "/etc/hostmngr/libhostmngr.so"
+		},
+		"output": {
+			"type": "UBUS",
+			"name": "bbfdm.hosts",
+			"parent_dm": "Device.",
+			"object": "Hosts",
+			"root_obj": "bbfdm"
+		}
+	}
+}
+

hostmngr/files/etc/init.d/hostmngr

@@ -3,8 +3,12 @@
 START=65
 STOP=20
 
+. /etc/bbfdm/bbfdm_services.sh
+
 USE_PROCD=1
 
+HOSTS_JSON_INPUT="/etc/hostmngr/input.json"
+
 start_service() {
 	procd_open_instance
 	procd_set_param command "/usr/sbin/hostmngr" "--config hosts" "-o"  "/tmp/hostmngr.log" "-f"
@@ -14,6 +18,7 @@ start_service() {
 #	procd_set_param stderr 1
 	procd_close_instance
 	
+	bbfdm_add_service "bbfdm.hosts" "${HOSTS_JSON_INPUT}"
 	sh /usr/share/hostmngr/hosts_acl.sh
 }
 

hostmngr/files/scripts/hostmngr_backend_firewallmngr/hosts_acl.sh

@@ -1,299 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-day=""
-next_days=""
-prev_days=""
-schedule_added=""
-
-ACCESS_RULE=""
-IP_RULE=""
-IP_RULE1=""
-
-get_next_day() {
-	local weekday="$1"
-	case "$weekday" in
-		"Mon"|"Monday") echo "Tuesday"
-		;;
-		"Tue"|"Tuesday") echo "Wednesday"
-		;;
-		"Wed"|"Wednesday") echo "Thursday"
-		;;
-		"Thu"|"Thursday") echo "Friday"
-		;;
-		"Fri"|"Friday") echo "Saturday"
-		;;
-		"Sat"|"Saturday") echo "Sunday"
-		;;
-		"Sun"|"Sunday") echo "Monday"
-		;;
-	esac
-}
-
-get_previous_day() {
-	local weekday="$1"
-	case "$weekday" in
-		"Mon"|"Monday") echo "Sunday"
-		;;
-		"Tue"|"Tuesday") echo "Monday"
-		;;
-		"Wed"|"Wednesday") echo "Tuesday"
-		;;
-		"Thu"|"Thursday") echo "Wednesday"
-		;;
-		"Fri"|"Friday") echo "Thursday"
-		;;
-		"Sat"|"Saturday") echo "Friday"
-		;;
-		"Sun"|"Sunday") echo "Saturday"
-		;;
-	esac
-}
-
-ip_rule_west_zone() {
-	local utc_start_t_h="$1"
-	local utc_stop_t_h="$2"
-	local local_start_t_h="$3"
-	local local_stop_t_h="$4"
-	local utc_start_time="$5"
-	local utc_stop_time="$6"
-
-	if [ "$utc_start_t_h" -lt "$local_start_t_h" ]; then
-		IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		if [ -n "$next_days" ]; then
-			IP_RULE="$IP_RULE --weekdays $next_days"
-		fi
-	else
-		if [ "$utc_stop_t_h" -lt "$local_stop_t_h" ]; then
-			IP_RULE1="$IP_RULE"
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop 23:59"
-			IP_RULE1="$IP_RULE1 -m time --timestart 00:00 --timestop $utc_stop_time"
-			if [ -n "$next_days" ]; then
-				IP_RULE1="$IP_RULE1 --weekdays $next_days"
-			fi
-		else
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		fi
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	fi
-}
-
-ip_rule_east_zone() {
-	local utc_start_t_h="$1"
-	local utc_stop_t_h="$2"
-	local local_start_t_h="$3"
-	local local_stop_t_h="$4"
-	local utc_start_time="$5"
-	local utc_stop_time="$6"
-
-	if [ "$utc_start_t_h" -lt "$local_start_t_h" ]; then
-		IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	else
-		if [ "$utc_stop_t_h" -lt "$local_stop_t_h" ]; then
-			IP_RULE1="$IP_RULE"
-			IP_RULE="$IP_RULE -m time --timestart 00:00 --timestop $utc_stop_time"
-			IP_RULE1="$IP_RULE1 -m time --timestart $utc_start_time --timestop 23:59"
-			if [ -n "$prev_days" ]; then
-				IP_RULE1="$IP_RULE1 --weekdays $prev_days"
-			fi
-		else
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		fi
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	fi
-}
-
-
-add_access_rule() {
-	local rule="$1"
-	echo "iptables -w -A hosts_forward ${rule}" >> $ACL_FILE
-	echo "ip6tables -w -A hosts_forward ${rule}" >> $ACL_FILE
-}
-
-handle_day_list() {
-	local value=$1
-
-	val=$(echo $value | cut -c 1-3)
-	next_day_val=$(get_next_day $val)
-	prev_day_val=$(get_previous_day $val)
-	if [ -z $day ]; then
-		day="$val"
-		next_days="$next_day_val"
-		prev_days="$prev_day_val"
-	else
-		day="$day,$val"
-		next_days="$next_days,$next_day_val"
-		prev_days="$prev_days,$prev_day_val"
-	fi
-}
-
-handle_schedule() {
-	local schd_section="$1"
-	local ac_section="$2"
-	local acs_id
-	local start_time
-	local duration
-
-	IP_RULE="$ACCESS_RULE"
-	IP_RULE1=""
-	day=""
-	next_days=""
-	prev_days=""
-
-	config_get acs_id "$schd_section" "dm_parent"
-
-	if [ "$acs_id" != "$ac_section" ]; then
-		return # schedule not for this access control section
-	fi
-
-	local is_enabled
-	config_get is_enabled "$schd_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local all_days="Monday Tuesday Wednesday Thursday Friday Saturday Sunday"
-	local day_config
-	config_get day_config "$schd_section" "day" "$all_days"
-
-	IFS=" "
-	for d in $day_config; do
-		handle_day_list $d
-	done
-
-	config_get start_time "$schd_section" "start_time" "00:00"
-	config_get duration "$schd_section" "duration"
-
-	zone=$(date +%z | cut -c 1)
-	local_start_time=$start_time
-	hh=$(echo $local_start_time | awk -F: '{ print $1 }')
-	mm=$(echo $local_start_time | awk -F: '{ print $2 }')
-	hh_s=`expr $hh \* 3600`
-	mm_s=`expr $mm \* 60`
-	ss=$(( hh_s + mm_s ))
-	local_start_hh=$hh
-
-        if [ -n "$duration" ]; then
-                stop_ss=$(( ss + duration ))
-                hh=$(( stop_ss / 3600 ))
-               	rem_ss=$(( stop_ss % 3600 ))
-               	mm=$(( rem_ss / 60 ))
-               	ss=$(( rem_ss % 60 ))
-		local_stop_time="$hh:$mm:$ss"
-		local_stop_hh=$hh
-	else
-		# if duartion is not specified, then apply rule to end of the day
-		local_stop_time="23:59:59"
-		local_stop_hh="23"
-	fi
-
-	utc_start_time=$(date -u -d @$(date "+%s" -d "$local_start_time") +%H:%M)
-	utc_stop_time=$(date -u -d @$(date "+%s" -d "$local_stop_time") +%H:%M)
-	utc_start_hh=$(echo $utc_start_time | awk -F: '{ print $1 }')
-	utc_stop_hh=$(echo $utc_stop_time | awk -F: '{ print $1 }')
-	if [ "$zone" == "-" ]; then
-		ip_rule_west_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
-	else
-		ip_rule_east_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
-	fi
-
-	IP_RULE="$IP_RULE -j ACCEPT"
-	if [ -n "$IP_RULE1" ]; then
-		IP_RULE1="$IP_RULE1 -j ACCEPT"
-	fi
-
-	add_access_rule "$IP_RULE"
-	if [ -n "$IP_RULE1" ]; then
-		add_access_rule "$IP_RULE1"
-	fi
-
-	# for access rules to be effective for a schedule, need to add DROP rule
-	# to block the access outside the defined schedule
-	if [ "$schedule_added" == "0" ]; then
-		schedule_added="1"
-	fi
-}
-
-handle_access_control() {
-	local ac_section="$1"
-	local is_enabled
-
-	# default value of Hosts.AccessControl.{i}.Enable is false,
-	# so, if not defined in uci as 1, assume 0
-	config_get is_enabled "$ac_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local mac_addr
-	config_get mac_addr "$ac_section" "macaddr"
-	if [ -z "$mac_addr" ]; then
-		return
-	else
-		ACCESS_RULE="-m mac --mac-source $mac_addr"
-	fi
-
-	local access_policy
-	config_get access_policy "$ac_section" "access_policy"
-	if [ -z "$access_policy" ]; then
-		return # since system default is allow so no need to do anything
-	fi
-
-	# As per Data Model, if access policy is deny, then schedule is to be ignored
-	# and no access is to be provided for the device
-	if [ "$access_policy" == "Deny" ]; then
-		ACCESS_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$ACCESS_RULE"
-		return # no need to parse schedule
-	fi
-
-	schedule_added="0"
-	# check if schedule is defined for this access_control instance
-	# and if yes, create rule accordingly
-	config_foreach handle_schedule  ac_schedule "$ac_section"
-
-	# for access rule to work, need to have default drop rule as last rule
-	if [ "$schedule_added" == "1" ]; then
-		IP_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$IP_RULE"
-	fi
-}
-
-ACL_FILE="/tmp/hosts_access_control/access_control.rules"
-
-rm -f $ACL_FILE
-
-mkdir -p /tmp/hosts_access_control/
-touch $ACL_FILE
-
-echo "iptables -w -F hosts_forward" >> $ACL_FILE
-echo "ip6tables -w -F hosts_forward" >> $ACL_FILE
-
-hosts_ipv4_forward=$(iptables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv4_forward" ]; then
-	echo "iptables -w -t filter -N hosts_forward" >> $ACL_FILE
-	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-fi
-
-hosts_ipv6_forward=$(ip6tables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv6_forward" ]; then
-	echo "ip6tables -w -t filter -N hosts_forward" >> $ACL_FILE
-	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-fi
-
-# Load /etc/config/hosts UCI file
-config_load hosts
-config_foreach handle_access_control access_control
-
-# apply the rules
-sh $ACL_FILE

hostmngr/files/scripts/hosts_acl.sh

@@ -5,9 +5,6 @@
 day=""
 next_days=""
 prev_days=""
-schedule_added=""
-
-ACCESS_RULE=""
 IP_RULE=""
 IP_RULE1=""
 
@@ -111,77 +108,70 @@ ip_rule_east_zone() {
 	fi
 }
 
-
-add_access_rule() {
-	local rule="$1"
-	echo "iptables -w -A hosts_forward ${rule}" >> $ACL_FILE
-	echo "ip6tables -w -A hosts_forward ${rule}" >> $ACL_FILE
-}
-
-handle_day_list() {
-	local value=$1
-
-	val=$(echo $value | cut -c 1-3)
-	next_day_val=$(get_next_day $val)
-	prev_day_val=$(get_previous_day $val)
-	if [ -z $day ]; then
-		day="$val"
-		next_days="$next_day_val"
-		prev_days="$prev_day_val"
-	else
-		day="$day,$val"
-		next_days="$next_days,$next_day_val"
-		prev_days="$prev_days,$prev_day_val"
-	fi
-}
-
-handle_schedule() {
-	local schd_section="$1"
-	local ac_section="$2"
-	local acs_id
-	local start_time
-	local duration
-
-	IP_RULE="$ACCESS_RULE"
-	IP_RULE1=""
-	day=""
-	next_days=""
-	prev_days=""
-
-	config_get acs_id "$schd_section" "dm_parent"
-
-	if [ "$acs_id" != "$ac_section" ]; then
-		return # schedule not for this access control section
-	fi
-
+process_ac_schedule() {
+	local acs_id="$1"
 	local is_enabled
-	config_get is_enabled "$schd_section" "enable" 0
+	local access_control
+	local start_time=""
+	local mac=""
+
+
+	handle_day_list() {
+		local value=$1
+
+		val=$(echo $value | cut -c 1-3)
+		next_day_val=$(get_next_day $val)
+		prev_day_val=$(get_previous_day $val)
+		if [ -z $day ]; then
+			day="$val"
+			next_days="$next_day_val"
+			prev_days="$prev_day_val"
+		else
+			day="$day,$val"
+			next_days="$next_days,$next_day_val"
+			prev_days="$prev_days,$prev_day_val"
+		fi
+	}
+
+	config_list_foreach "$acs_id" "day" handle_day_list
+	config_get is_enabled "$acs_id" "enable" 1
+	config_get access_control "$acs_id" "dm_parent"
+
+	if [ "$is_enabled" == "0" ] || [ -z "$access_control" ]; then
+		return
+	fi
+
+	IP_RULE=""
+	IP_RULE1=""
+
+	config_get is_enabled "$access_control" "enable" 1
 	if [ "$is_enabled" == "0" ]; then
 		return
 	fi
 
-	local all_days="Monday Tuesday Wednesday Thursday Friday Saturday Sunday"
-	local day_config
-	config_get day_config "$schd_section" "day" "$all_days"
+	mac=$(uci -q get hosts.$access_control.macaddr)
+	access_policy=$(uci -q get hosts.$access_control.access_policy)
 
-	IFS=" "
-	for d in $day_config; do
-		handle_day_list $d
-	done
+	config_get start_time "$acs_id" "start_time"
+	config_get duration "$acs_id" "duration"
 
-	config_get start_time "$schd_section" "start_time" "00:00"
-	config_get duration "$schd_section" "duration"
+	if [ -z "$mac" ] && [ -z "$start_time" ] && [ -z "$duration" ] && [ -z "$day" ] && [ -z "$access_policy" ]; then
+		return
+	fi
+	if [ -n "$mac" ]; then
+		IP_RULE="$IP_RULE -m mac --mac-source $mac"
+	fi
 
 	zone=$(date +%z | cut -c 1)
 	local_start_time=$start_time
-	hh=$(echo $local_start_time | awk -F: '{ print $1 }')
-	mm=$(echo $local_start_time | awk -F: '{ print $2 }')
-	hh_s=`expr $hh \* 3600`
-	mm_s=`expr $mm \* 60`
-	ss=$(( hh_s + mm_s ))
-	local_start_hh=$hh
-
         if [ -n "$duration" ]; then
+		hh=$(echo $local_start_time | awk -F: '{ print $1 }')
+                mm=$(echo $local_start_time | awk -F: '{ print $2 }')
+                hh_s=`expr $hh \* 3600`
+                mm_s=`expr $mm \* 60`
+                ss=$(( hh_s + mm_s ))
+		local_start_hh=$hh
+
                 stop_ss=$(( ss + duration ))
                 hh=$(( stop_ss / 3600 ))
                	rem_ss=$(( stop_ss % 3600 ))
@@ -189,10 +179,6 @@ handle_schedule() {
                	ss=$(( rem_ss % 60 ))
 		local_stop_time="$hh:$mm:$ss"
 		local_stop_hh=$hh
-	else
-		# if duartion is not specified, then apply rule to end of the day
-		local_stop_time="23:59:59"
-		local_stop_hh="23"
 	fi
 
 	utc_start_time=$(date -u -d @$(date "+%s" -d "$local_start_time") +%H:%M)
@@ -205,95 +191,43 @@ handle_schedule() {
 		ip_rule_east_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
 	fi
 
-	IP_RULE="$IP_RULE -j ACCEPT"
-	if [ -n "$IP_RULE1" ]; then
-		IP_RULE1="$IP_RULE1 -j ACCEPT"
-	fi
-
-	add_access_rule "$IP_RULE"
-	if [ -n "$IP_RULE1" ]; then
-		add_access_rule "$IP_RULE1"
-	fi
-
-	# for access rules to be effective for a schedule, need to add DROP rule
-	# to block the access outside the defined schedule
-	if [ "$schedule_added" == "0" ]; then
-		schedule_added="1"
-	fi
-}
-
-handle_access_control() {
-	local ac_section="$1"
-	local is_enabled
-
-	# default value of Hosts.AccessControl.{i}.Enable is false,
-	# so, if not defined in uci as 1, assume 0
-	config_get is_enabled "$ac_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local mac_addr
-	config_get mac_addr "$ac_section" "macaddr"
-	if [ -z "$mac_addr" ]; then
-		return
-	else
-		ACCESS_RULE="-m mac --mac-source $mac_addr"
-	fi
-
-	local access_policy
-	config_get access_policy "$ac_section" "access_policy"
-	if [ -z "$access_policy" ]; then
-		return # since system default is allow so no need to do anything
-	fi
-
-	# As per Data Model, if access policy is deny, then schedule is to be ignored
-	# and no access is to be provided for the device
 	if [ "$access_policy" == "Deny" ]; then
-		ACCESS_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$ACCESS_RULE"
-		return # no need to parse schedule
+		IP_RULE="$IP_RULE -j DROP"
+		if [ -n "$IP_RULE1" ]; then
+			IP_RULE1="$IP_RULE1 -j DROP"
+		fi
+	else
+		IP_RULE="$IP_RULE -j ACCEPT"
+		if [ -n "$IP_RULE1" ]; then
+			IP_RULE1="$IP_RULE1 -j ACCEPT"
+		fi
 	fi
 
-	schedule_added="0"
-	# check if schedule is defined for this access_control instance
-	# and if yes, create rule accordingly
-	config_foreach handle_schedule  ac_schedule "$ac_section"
-
-	# for access rule to work, need to have default drop rule as last rule
-	if [ "$schedule_added" == "1" ]; then
-		IP_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$IP_RULE"
+	iptables -w -A hosts_forward ${IP_RULE}
+	ip6tables -w -A hosts_forward ${IP_RULE}
+	if [ -n "$IP_RULE1" ]; then
+		iptables -w -A hosts_forward ${IP_RULE1}
+		ip6tables -w -A hosts_forward ${IP_RULE1}
 	fi
+
+	day=""
+	next_days=""
+	prev_days=""
 }
 
-ACL_FILE="/tmp/hosts_access_control/access_control.rules"
+iptables -w -F hosts_forward
+ip6tables -w -F hosts_forward
 
-rm -f $ACL_FILE
-
-mkdir -p /tmp/hosts_access_control/
-touch $ACL_FILE
-
-echo "iptables -w -F hosts_forward" >> $ACL_FILE
-echo "ip6tables -w -F hosts_forward" >> $ACL_FILE
-
-hosts_ipv4_forward=$(iptables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv4_forward" ]; then
-	echo "iptables -w -t filter -N hosts_forward" >> $ACL_FILE
+hosts_forward=$(iptables -t filter --list | grep hosts_forward)
+if [ -z "$hosts_forward" ]; then
+	iptables -w -t filter -N hosts_forward
 	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-fi
-
-hosts_ipv6_forward=$(ip6tables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv6_forward" ]; then
-	echo "ip6tables -w -t filter -N hosts_forward" >> $ACL_FILE
+	[ $ret -eq 0 ] && iptables -w -t filter -I FORWARD -j hosts_forward
+	ip6tables -w -t filter -N hosts_forward
 	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
+	[ $ret -eq 0 ] && ip6tables -w -t filter -I FORWARD -j hosts_forward
 fi
 
 # Load /etc/config/hosts UCI file
 config_load hosts
-config_foreach handle_access_control access_control
-
-# apply the rules
-sh $ACL_FILE
+config_foreach process_ac_schedule ac_schedule

icwmp/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icwmp
-PKG_VERSION:=9.7.19
+PKG_VERSION:=9.5.27
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=db40cb6311003c9a49e78f0e2f740aae465266a8
+PKG_SOURCE_VERSION:=ce1f7e01f0f5e7cc3a5dfeb5378d488f3e2938a0
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -26,21 +26,68 @@ include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 include ../bbfdm/bbfdm.mk
 
-define Package/icwmp
+define Package/icwmp/default
   SECTION:=utils
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=TR069 CWMP client
-  DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api +libopenssl
+  DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api
 endef
 
+define Package/icwmp
+  $(Package/icwmp/default)
+  VARIANT:=default
+  DEFAULT_VARIANT:=1
+  DEPENDS += +PACKAGE_icwmp-openssl:libopenssl
+endef
+
+define Package/icwmp-openssl
+  $(Package/icwmp/default)
+  TITLE += (openssl)
+  VARIANT:=openssl
+  DEPENDS += +PACKAGE_icwmp-openssl:libopenssl
+  CONFLICTS := icwmp icwmp-mbedtls icwmp-wolfssl
+endef
+
+define Package/icwmp-wolfssl
+  $(Package/icwmp/default)
+  TITLE += (wolfssl)
+  VARIANT:=wolfssl
+  DEPENDS += +PACKAGE_icwmp-wolfssl:libwolfssl
+  CONFLICTS := icwmp icwmp-mbedtls icwmp-openssl
+endef
+
+define Package/icwmp-mbedtls
+  $(Package/icwmp/default)
+  TITLE += (mbedtls)
+  DEPENDS += +PACKAGE_icwmp-mbedtls:libmbedtls
+  VARIANT:=mbedtls
+  CONFLICTS := icwmp icwmp-wolfssl icwmp-openssl
+endef
+
+ifeq ($(BUILD_VARIANT),default)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),openssl)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),wolfssl)
+CMAKE_OPTIONS += -DWITH_WOLFSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),mbedtls)
+CMAKE_OPTIONS += -DWITH_MBEDTLS=ON
+endif
+
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/icwmp/* $(PKG_BUILD_DIR)/
 endef
 endif
 
-define Package/icwmp/install
+define Package/icwmp/default/install
 	$(INSTALL_DIR) $(1)/etc/icwmpd
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_DIR) $(1)/etc/config
@@ -50,22 +97,24 @@ define Package/icwmp/install
 	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_BIN) ./files/etc/firewall.cwmp $(1)/etc/firewall.cwmp
 	$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
-	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
-else
-	$(INSTALL_DIR) $(1)/usr/share/icwmp
-	$(INSTALL_BIN) ./files/etc/init.d/icwmp_backend_firewallmngr/icwmpd $(1)/etc/init.d/icwmpd
-	$(INSTALL_BIN) ./files/script/icwmp_backend_firewallmngr/firewall_cwmp.sh $(1)/usr/share/icwmp/
-endif
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/95-set-random-inform-time $(1)/etc/uci-defaults/
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
-	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user
-	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libcwmpdm.so $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_MS_PLUGIN) ./files/etc/bbfdm/json/CWMPManagementServer.json $(1) $(PKG_NAME)
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
+	$(call BbfdmInstallPlugin,$(1),./files/etc/bbfdm/json/CWMPManagementServer.json)
+	$(call BbfdmInstallPlugin,$(1),$(PKG_BUILD_DIR)/libcwmpdm.so)
 endef
 
+Package/icwmp/install = $(Package/icwmp/default/install)
+Package/icwmp-openssl/install = $(Package/icwmp/default/install)
+Package/icwmp-wolfssl/install = $(Package/icwmp/default/install)
+Package/icwmp-mbedtls/install = $(Package/icwmp/default/install)
+
 $(eval $(call BuildPackage,icwmp))
+$(eval $(call BuildPackage,icwmp-openssl))
+$(eval $(call BuildPackage,icwmp-wolfssl))
+$(eval $(call BuildPackage,icwmp-mbedtls))

icwmp/files/etc/bbfdm/json/CWMPManagementServer.json

@@ -1,7 +1,8 @@
 {
-	"json_plugin_version": 2,
+	"json_plugin_version": 1,
 	"Device.CWMPManagementServer.": {
 		"type": "object",
+		"version": "2.15",
 		"protocols": [
 			"usp"
 		],
@@ -10,6 +11,7 @@
 		"dependency": "file:/etc/config/cwmp",
 		"EnableCWMP": {
 			"type": "boolean",
+			"version": "2.15",
 			"read": true,
 			"write": true,
 			"protocols": [

icwmp/files/etc/config/cwmp

@@ -5,7 +5,6 @@ config acs 'acs'
 	option periodic_inform_interval '1800'
 	option periodic_inform_time '0001-01-01T00:00:00Z'
 	option dhcp_discovery 'enable'
-	#option ssl_capath "/etc/icwmpd/ca.pem"
 	# compression possible configs: GZIP, Deflate, Disabled
 	option compression 'Disabled'
 	#­ possible configs interval :[1:65535]

icwmp/files/etc/init.d/icwmp_backend_firewallmngr/icwmpd

@@ -1,589 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2015-2019 iopsys Software Solutions AB
-
-START=99
-STOP=00
-
-USE_PROCD=1
-PROG="/usr/sbin/icwmpd"
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-include /lib/network
-
-log() {
-	echo "${@}"|logger -t cwmp.init -p info
-}
-
-regenerate_ssl_link() {
-	local cert_dir
-
-	cert_dir="${1%/}"
-	if [ -f "${cert_dir}" ]; then
-		return 0
-	fi
-
-	# do not generate the c_rehash if its system default cert path
-	# ca-certificate package already generates c_rehash on compilation
-	[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
-
-	generate_links() {
-		local file_type="$1"
-		local files="${cert_dir}"/*."${file_type}"
-		for cfile in ${files}; do
-			if [ -f "${cfile}" ]; then
-				rehash="$(openssl x509 -hash -noout -in "${cfile}")"
-				if [ ! -f "${cert_dir}/${rehash}.0" ]; then
-					log "Generating c_rehash for ${cfile}=>${rehash}.0"
-					ln -s "${cfile}" "${cert_dir}/${rehash}.0"
-				fi
-			fi
-		done
-	}
-
-	generate_links "pem"
-}
-
-enable_dhcp_option43() {
-	local wan="${1}"
-
-	### Ask for DHCP Option 43 only if CWMP is enabled ###
-	local reqopts="$(uci -q get network."${wan}".reqopts)"
-	local proto="$(uci -q get network."${wan}".proto)"
-	local newreqopts=""
-	local option43_present=0
-
-	for ropt in $reqopts; do
-		case $ropt in
-			43) option43_present=1 ;;
-			*) ;;
-		esac
-	done
-
-	if [ ${option43_present} -eq 1 ]; then
-		return;
-	fi
-
-	newreqopts="$reqopts 43"
-	if [ "${proto}" = "dhcp" ]; then
-		uci -q set network."${wan}".reqopts="$newreqopts"
-		uci commit network
-		ubus call network reload
-	fi
-}
-
-convert_to_hex() {
-	local val=""
-	local optval="${1}"
-	OPTIND=1
-	while getopts ":" opt "-$optval"
-	do
-		temp=$(printf "%02X" "'${OPTARG:-:}")
-		val="${val}:${temp}"
-	done
-
-	echo "${val}"
-}
-
-configure_send_op125() {
-	local sendopt="${1}"
-	local intf="${2}"
-	local uci="${3}"
-	local hex_oui=""
-	local hex_serial=""
-	local hex_class=""
-	local oui_len=0
-	local serial_len=0
-	local class_len=0
-
-	if [ "${uci}" = "network" ]; then
-		local opt125="125:00:00:0D:E9"
-	else
-		if [ -z "${sendopt}" ]; then
-			local opt125="125,00:00:0D:E9"
-		else
-			local opt125=":00:00:0D:E9"
-		fi
-	fi
-
-	config_get oui cpe manufacturer_oui ""
-	if [ -z "${oui}" ]; then
-		oui=$(db -q get device.deviceinfo.ManufacturerOUI)
-	fi
-
-	oui=$(echo "${oui}" | tr 'a-f' 'A-F')
-
-	config_get serial cpe serial_number ""
-	if [ -z "${serial}" ]; then
-		serial=$(db -q get device.deviceinfo.SerialNumber)
-	fi
-
-	config_get class cpe product_class ""
-	if [ -z "${class}" ]; then
-		class=$(db -q get device.deviceinfo.ProductClass)
-	fi
-
-	oui_len=$(echo -n "${oui}" | wc -m)
-	serial_len=$(echo -n "${serial}" | wc -m)
-	class_len=$(echo -n "${class}" | wc -m)
-
-	if [ "${oui_len}" -eq 0 ] || [ "${serial_len}" -eq 0 ]; then
-		return 0
-	fi
-
-	opt125_len=$((oui_len + serial_len + class_len))
-	if [ "${class_len}" -gt 0 ]; then
-		opt125_len=$((opt125_len + 6))
-	else
-		opt125_len=$((opt125_len + 4))
-	fi
-
-	hex_opt125_len=$(printf "%02X" "${opt125_len}")
-	opt125="${opt125}:${hex_opt125_len}"
-	hex_oui=$(convert_to_hex "${oui}")
-	if [ -z "${hex_oui}" ]; then
-		return 0
-	fi
-
-	hex_oui_len=$(printf "%02X" "${oui_len}")
-	if [ "${uci}" = "network" ]; then
-		opt125="${opt125}:01:${hex_oui_len}${hex_oui}"
-	else
-		opt125="${opt125}:04:${hex_oui_len}${hex_oui}"
-	fi
-
-	hex_serial=$(convert_to_hex "${serial}")
-	if [ -z "${hex_serial}" ]; then
-		return 0
-	fi
-
-	hex_serial_len=$(printf "%02X" "${serial_len}")
-	if [ "${uci}" = "network" ]; then
-		opt125="${opt125}:02:${hex_serial_len}${hex_serial}"
-	else
-		opt125="${opt125}:05:${hex_serial_len}${hex_serial}"
-	fi
-
-	if [ "${class_len}" -gt 0 ]; then
-		hex_class=$(convert_to_hex "${class}")
-		if [ -z "${hex_class}" ]; then
-			return 0
-		fi
-
-		hex_class_len=$(printf "%02X" "${class_len}")
-		if [ "${uci}" = "network" ]; then
-			opt125="${opt125}:03:${hex_class_len}${hex_class}"
-		else
-			opt125="${opt125}:06:${hex_class_len}${hex_class}"
-		fi
-	fi
-
-
-	if [ "${uci}" = "network" ]; then
-		new_send_opt="$sendopt $opt125"
-		uci -q set network."${intf}".sendopts="$new_send_opt"
-	else
-		new_send_opt="$sendopt$opt125"
-		uci -q add_list dhcp."${intf}".dhcp_option="$new_send_opt"
-	fi
-}
-
-check_for_suboptions() {
-	# Check if option 4 and 5 present inside enterprise id 3561
-	data=$(echo "${1}" | sed 's/://g')
-	len=$(printf "${data}"|wc -c)
-
-	rem_len="${len}"
-	while [ $rem_len -gt 8 ]; do
-		subopt_present=0
-
-		ent_id="${data:0:8}"
-		ent_id=$(printf "%d\n" "0x$ent_id")
-		if [ $ent_id -ne 3561 ]; then
-			len_val=${data:8:2}
-			data_len=$(printf "%d\n" "0x$len_val")
-			# add 4 byte for ent_id and 1 byte for len
-			data_len=$(( data_len * 2 + 10 ))
-			# move ahead data to next enterprise id
-			data=${data:"${data_len}":"${rem_len}"}
-			rem_len=$(( rem_len - data_len ))
-			continue
-		fi
-
-		# read the length of enterprise data
-		len_val=${data:8:2}
-		data_len=$(printf "%d\n" "0x$len_val")
-		# add 4 byte for ent_id and 1 byte for len
-		data_len=$(( data_len * 2 + 10 ))
-
-		len_val=${data:8:2}
-		opt_len=$(printf "%d\n" "0x$len_val")
-		if [ $opt_len -eq 0 ]; then
-			echo ${subopt_present}
-			return 0
-		fi
-
-		# populate the option data of enterprise id
-		sub_data_len=$(( opt_len * 2))
-		# starting 10 means ahead of length field
-		sub_data=${data:10:"${sub_data_len}"}
-
-		# parsing of suboption of option 125
-		while [ $sub_data_len -gt 0 ]; do
-			# get the suboption id
-			sub_opt_id=${sub_data:0:2}
-			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
-			case "${sub_opt_id}" in
-			"4") subopt_present=1
-			;;
-			"5") subopt_present=1
-			;;
-			esac
-
-			if [ ${subopt_present} -eq 1 ]; then
-				break;
-			fi
-
-			# get the length of suboption
-			sub_opt_len=${sub_data:2:2}
-			sub_opt_len=$(printf "%d\n" "0x$sub_opt_len")
-			sub_opt_len=$(( sub_opt_len * 2 ))
-
-			# add 2 bytes for sub_opt id and sub_opt len field
-			sub_opt_end=$(( sub_opt_len + 4 ))
-
-			# update the remaining sub option hex string length
-			sub_data_len=$((sub_data_len - sub_opt_end))
-
-			# fetch next sub option hex string
-			sub_data=${sub_data:${sub_opt_end}:${sub_data_len}}
-		done
-
-		if [ ${subopt_present} -eq 1 ]; then
-			break;
-		else
-			# move ahead data to next enterprise id
-			rem_len=$(( rem_len - $data_len ))
-			data=${data:"${data_len}":"${rem_len}"}
-		fi
-	done
-
-	echo ${subopt_present}
-}
-
-enable_dnsmasq_option125() {
-	local lan="${1}"
-	local send125_present=0
-	local opt125="125,"
-
-	local proto="$(uci -q get dhcp."${lan}".dhcpv4)"
-	if [ "${proto}" = "server" ]; then
-		opt_list="$(uci -q get dhcp."${lan}".dhcp_option)"
-		base_opt=""
-
-		for sopt in $opt_list; do
-			if [[ "$sopt" == "$opt125"* ]]; then
-				send125_present=$(check_for_suboptions "${sopt:4}")
-				base_opt="${sopt}"
-				break
-			fi
-		done
-
-		if [ ${send125_present} -eq 0 ]; then
-			uci -q del_list dhcp."${lan}".dhcp_option="${base_opt}"
-			configure_send_op125 "${base_opt}" "${lan}" "dhcp"
-			ubus call uci commit '{"config":"dhcp"}'
-		fi
-	fi
-}
-
-set_vendor_id() {
-	local wan="${1}"
-	local proto="$(uci -q get network."${wan}".proto)"
-
-	if [ "${proto}" = "dhcp" ]; then
-		vendorid="$(uci -q get network."${wan}".vendorid)"
-		if [ -z "${vendorid}" ]; then
-			uci -q set network."${wan}".vendorid="dslforum.org"
-			ubus call uci commit '{"config":"network"}'
-		elif [[ $vendorid != *"dslforum.org"* ]]; then
-			uci -q set network."${wan}".vendorid="${vendorid},dslforum.org"
-			ubus call uci commit '{"config":"network"}'
-		fi
-	fi
-}
-
-enable_dhcp_option125() {
-	local wan="${1}"
-	local reqopts="$(uci -q get network."${wan}".reqopts)"
-	local sendopts="$(uci -q get network."${wan}".sendopts)"
-	local proto="$(uci -q get network."${wan}".proto)"
-	local newreqopts=""
-	local newsendopts=""
-	local req125_present=0
-	local send125_present=0
-	local network_uci_update=0
-	local opt125="125:"
-
-	for ropt in $reqopts; do
-		case $ropt in
-			125) req125_present=1 ;;
-			*) ;;
-		esac
-	done
-
-	for sopt in $sendopts; do
-		if [[ "$sopt" == "$opt125"* ]]; then
-			send125_present=1
-			break
-		fi
-	done
-
-	if [ "${proto}" = "dhcp" ]; then
-		if [ ${req125_present} -eq 0 ]; then
-			newreqopts="$reqopts 125"
-			uci -q set network."${wan}".reqopts="$newreqopts"
-			network_uci_update=1
-		fi
-
-		if [ ${send125_present} -eq 0 ]; then
-			configure_send_op125 "${sendopts}" "${wan}" "network"
-			network_uci_update=1
-		fi
-	fi
-
-	if [ ${network_uci_update} -eq 1 ]; then
-		uci commit network
-		ubus call network reload
-	fi
-}
-
-wait_for_resolvfile() {
-	local time=$1
-	local tm=1
-
-	local resolvfile="$(uci -q get dhcp.@dnsmasq[0].resolvfile)"
-	[ -n "$resolvfile" ] || return
-
-	while [ ! -f "$resolvfile" ]; do
-		sleep 1
-		[ "$tm" -ge "$time" ] && break
-		tm=$((tm+1))
-	done
-}
-
-copy_cwmp_etc_files_to_varstate() {
-	mkdir -p /var/run/icwmpd
-
-	if [ -f /etc/icwmpd/icwmpd_backup_session.xml ]; then
-		cp -f /etc/icwmpd/icwmpd_backup_session.xml /var/run/icwmpd/ 2>/dev/null
-	fi
-
-	if [ -f /etc/icwmpd/dm_enabled_notify.xml ]; then
-		cp -f /etc/icwmpd/dm_enabled_notify /var/run/icwmpd/ 2>/dev/null
-	fi
-}
-
-copy_cwmp_varstate_files_to_etc() {
-	if [ -f /var/run/icwmpd/icwmpd_backup_session.xml ]; then
-		cp -f /var/run/icwmpd/icwmpd_backup_session.xml /etc/icwmpd/ 2>/dev/null
-	fi
-
-	if [ -f /var/run/icwmpd/dm_enabled_notify.xml ]; then
-		cp -f /var/run/icwmpd/dm_enabled_notify /etc/icwmpd/ 2>/dev/null
-	fi
-
-	# move the successful custom notify import marker to persistent storage
-	if [ -f /var/run/icwmpd/icwmpd_notify_import_marker ]; then
-		cp -f /var/run/icwmpd/icwmpd_notify_import_marker /etc/icwmpd/
-	fi
-}
-
-validate_acs_section()
-{
-	uci_validate_section cwmp acs "acs" \
-		'passwd:string' \
-		'periodic_inform_enable:bool' \
-		'periodic_inform_interval:uinteger' \
-		'periodic_inform_time:string' \
-		'url:string' \
-		'dhcp_discovery:string' \
-		'skip_dhcp_boot_options:bool:0' \
-		'dhcp_url:string' \
-		'compression:or("GZIP","Deflate","Disabled")' \
-		'retry_min_wait_interval:range(1, 65535)' \
-		'retry_interval_multiplier:range(1000, 65535)' \
-		'ssl_capath:string'
-
-}
-
-validate_cpe_section()
-{
-	uci_validate_section cwmp cpe "cpe" \
-		'interface:string' \
-		'default_wan_interface:string' \
-		'log_to_console:or("enable","disable")' \
-		'log_to_file:or("enable","disable")' \
-		'log_severity:or("EMERG", "ALERT", "CRITIC" ,"ERROR", "WARNING", "NOTICE", "INFO", "DEBUG")' \
-		'log_file_name:string' \
-		'log_max_size:uinteger' \
-		'userid:string' \
-		'passwd:string' \
-		'port:uinteger' \
-		'provisioning_code:string:""' \
-		'amd_version:range(1, 6)' \
-		'instance_mode:or("InstanceNumber","InstanceAlias")' \
-		'session_timeout:uinteger' \
-		'notification:bool' \
-		'exec_download:bool' \
-		'periodic_notify_enable:bool' \
-		'enable:bool:1' \
-		'periodic_notify_interval:uinteger' \
-		'fw_upgrade_keep_settings:bool'
-}
-
-validate_defaults() {
-	local ssl_capath enable url dhcp_url
-
-	config_load cwmp
-
-	validate_acs_section || {
-		log "Validation of acs section failed"
-		return 1;
-	}
-
-	if [ -z "${url}" ] && [ -z "${dhcp_url}" ]; then
-		log "No ACS URL is configured"
-		return 1
-	fi
-
-	ssl_capath="${ssl_capath%/}"
-	# Put the cert pem file in keep list
-	if [ -d "${ssl_capath}" ] && [ "${ssl_capath}" != "/etc/ssl/certs" ]; then
-		if ! grep "*.pem\|*.crt" /lib/upgrade/keep.d/icwmp; then
-			echo "${ssl_capath}"'/*.pem' >> /lib/upgrade/keep.d/icwmp
-			echo "${ssl_capath}"'/*.crt' >> /lib/upgrade/keep.d/icwmp
-		fi
-	fi
-
-	validate_cpe_section || {
-		log "Validation of cpe section failed"
-		return 1;
-	}
-
-	if [ "$enable" = "0" ]; then
-		log "CWMP service disabled"
-		return 1
-	fi
-
-	return 0;
-}
-
-boot() {
-	local dhcp_discovery wan_interface skip_dhcp_boot_options disable_gatewayinfo
-
-	config_load cwmp
-	config_get wan_interface cpe default_wan_interface "wan"
-	config_get disable_gatewayinfo cpe disable_gatewayinfo "0"
-
-	config_get dhcp_discovery acs dhcp_discovery "0"
-	config_get dhcp_discovery acs dhcp_discovery "0"
-	config_get skip_dhcp_boot_options acs skip_dhcp_boot_options "0"
-
-	if [ "${dhcp_discovery}" = "enable" ] || [ "${dhcp_discovery}" = "1" ]; then
-		if [ "${skip_dhcp_boot_options}" -ne 1 ]; then
-			# Set dhcp option 43 if not already configured
-			enable_dhcp_option43 "${wan_interface}"
-			# Set dhcp option 60
-			set_vendor_id "${wan_interface}"
-		fi
-	fi
-
-	config_get lan_interface cpe default_lan_interface ""
-	if [ -n "${lan_interface}" ]; then
-		if [ "${disable_gatewayinfo}" -ne 1 ]; then
-			# Set dhcp_option 125 if not already configured
-			enable_dhcp_option125 "${wan_interface}"
-			enable_dnsmasq_option125 "${lan_interface}"
-		fi
-	fi
-	
-	config_get ssl_capath acs ssl_capath
-
-	if [ -n "${ssl_capath}" ]; then
-		regenerate_ssl_link "${ssl_capath}"
-	fi
-
-	# Copy backup data so that if it restart latter on, it gets the info
-	copy_cwmp_etc_files_to_varstate
-	mkdir -p /var/run/icwmpd/
-	touch /var/run/icwmpd/cwmp
-
-	start
-}
-
-start_service() {
-
-	sh /usr/share/icwmp/firewall_cwmp.sh
-	procd_open_instance icwmp
-
-	validate_defaults || {
-		log "Validation of defaults failed"
-		procd_close_instance
-		return 1;
-	}
-
-	procd_set_param command "$PROG"
-	procd_append_param command -b
-
-	procd_set_param respawn \
-		"${respawn_threshold:-5}" \
-		"${respawn_timeout:-10}" "${respawn_retry:-3}"
-
-	procd_close_instance
-}
-
-stop_service()
-{
-	copy_cwmp_varstate_files_to_etc
-}
-
-reload_service() {
-	local ret
-
-	log "Reload service $ret"
-	ret="0"
-
-	validate_defaults || {
-		stop
-		start
-		return 0;
-	}
-
-	ret=$(ubus call service list '{"name":"icwmpd"}' | jsonfilter -qe '@.icwmpd.instances.icwmp.running')
-	if [ "$ret" != "true" ]; then
-		log "Reloading cwmp service ..."
-		stop
-		start
-		return 0
-	fi
-
-	tr069_status="$(ubus -t 1 call tr069 status)"
-	ret="$?"
-	if [ "$ret" = "7" ]; then
-		# ubus timed out may be due to uloop is busy in some task so return
-		log "Skipping ubus reload due to ubus timeout"
-		return 0
-	fi
-
-	status="$(echo "${tr069_status}" | jsonfilter -qe '@.cwmp.status')"
-	if [ "$status" = "up" ]; then
-		ubus -t 1 call tr069 command '{"command":"reload"}'
-	fi
-}
-
-service_triggers() {
-       procd_add_reload_trigger "cwmp"
-}
-

icwmp/files/etc/init.d/icwmpd

@@ -9,40 +9,38 @@ PROG="/usr/sbin/icwmpd"
 
 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
-
 include /lib/network
 
 log() {
 	echo "${@}"|logger -t cwmp.init -p info
 }
 
-regenerate_ssl_link() {
-	local cert_dir
+regenerate_ssl_link()
+{
+	local cert_dir all_file rehash
 
-	cert_dir="${1%/}"
-	if [ -f "${cert_dir}" ]; then
-		return 0
+	cert_dir="${1}"
+	[ ! -d "${cert_dir}" ] && return 0;
+
+	### Generate all ssl link for pem certicates ###
+	all_file=$(ls "${cert_dir}"/*.pem 2>/dev/null)
+	if [ -n "${all_file}" ]; then
+		for cfile in $all_file; do
+			rehash="$(openssl x509 -hash -noout -in "${cfile}")"
+			[ -f "${cert_dir}"/"${rehash}".0 ] || \
+				ln -s "${cfile}" "${cert_dir}"/"${rehash}".0
+		done
 	fi
 
-	# do not generate the c_rehash if its system default cert path
-	# ca-certificate package already generates c_rehash on compilation
-	[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
-
-	generate_links() {
-		local file_type="$1"
-		local files="${cert_dir}"/*."${file_type}"
-		for cfile in ${files}; do
-			if [ -f "${cfile}" ]; then
-				rehash="$(openssl x509 -hash -noout -in "${cfile}")"
-				if [ ! -f "${cert_dir}/${rehash}.0" ]; then
-					log "Generating c_rehash for ${cfile}=>${rehash}.0"
-					ln -s "${cfile}" "${cert_dir}/${rehash}.0"
-				fi
-			fi
+	### Generate all ssl link for crt certicates ###
+	all_file=$(ls "${cert_dir}"/*.crt 2>/dev/null)
+	if [ -n "${all_file}" ]; then
+		for cfile in $all_file; do
+			rehash="$(openssl x509 -hash -noout -in "${cfile}")"
+			[ -f "${cert_dir}"/"${rehash}".0 ] || \
+				ln -s "${cfile}" "${cert_dir}"/"${rehash}".0
 		done
-	}
-
-	generate_links "pem"
+	fi
 }
 
 enable_dhcp_option43() {
@@ -438,14 +436,13 @@ validate_cpe_section()
 		'notification:bool' \
 		'exec_download:bool' \
 		'periodic_notify_enable:bool' \
-		'enable:bool:1' \
+		'enable:bool' \
 		'periodic_notify_interval:uinteger' \
 		'fw_upgrade_keep_settings:bool'
 }
 
 validate_defaults() {
-	local ssl_capath enable url dhcp_url
-
+	local ssl_capath
 	config_load cwmp
 
 	validate_acs_section || {
@@ -453,17 +450,13 @@ validate_defaults() {
 		return 1;
 	}
 
-	if [ -z "${url}" ] && [ -z "${dhcp_url}" ]; then
-		log "No ACS URL is configured"
-		return 1
-	fi
-
 	ssl_capath="${ssl_capath%/}"
 	# Put the cert pem file in keep list
-	if [ -d "${ssl_capath}" ] && [ "${ssl_capath}" != "/etc/ssl/certs" ]; then
+	if [ -d "${ssl_capath}" ]; then
 		if ! grep "*.pem\|*.crt" /lib/upgrade/keep.d/icwmp; then
 			echo "${ssl_capath}"'/*.pem' >> /lib/upgrade/keep.d/icwmp
 			echo "${ssl_capath}"'/*.crt' >> /lib/upgrade/keep.d/icwmp
+			echo "${ssl_capath}"'/*.0' >> /lib/upgrade/keep.d/icwmp
 		fi
 	fi
 
@@ -472,11 +465,6 @@ validate_defaults() {
 		return 1;
 	}
 
-	if [ "$enable" = "0" ]; then
-		log "CWMP service disabled"
-		return 1
-	fi
-
 	return 0;
 }
 
@@ -524,22 +512,36 @@ boot() {
 }
 
 start_service() {
+	local enable_cwmp url dhcp_url
+
+	config_load cwmp
+	config_get_bool enable_cwmp cpe enable 1
+	config_get url acs url ""
+	config_get dhcp_url acs dhcp_url ""
 
 	procd_open_instance icwmp
 
+	if [ "$enable_cwmp" = "0" ]; then
+		procd_close_instance
+		return 0
+	fi
+
 	validate_defaults || {
 		log "Validation of defaults failed"
 		procd_close_instance
 		return 1;
 	}
 
-	procd_set_param command "$PROG"
-	procd_append_param command -b
+	if [ -n "${url}" ] || [ -n "${dhcp_url}" ]; then
+		procd_set_param command "$PROG"
+		procd_append_param command -b
+	fi
 
 	procd_set_param respawn \
 		"${respawn_threshold:-5}" \
 		"${respawn_timeout:-10}" "${respawn_retry:-3}"
 
+	procd_set_param watch network.interface
 	procd_close_instance
 }
 
@@ -551,34 +553,22 @@ stop_service()
 reload_service() {
 	local ret
 
+	config_load cwmp
+	config_get_bool enable_cwmp cpe enable 1
+
 	log "Reload service $ret"
 	ret="0"
-
-	validate_defaults || {
+	if [ "$enable_cwmp" = "0" ]; then
 		stop
 		start
-		return 0;
-	}
+		return 0
+	fi
 
 	ret=$(ubus call service list '{"name":"icwmpd"}' | jsonfilter -qe '@.icwmpd.instances.icwmp.running')
 	if [ "$ret" != "true" ]; then
 		log "Reloading cwmp service ..."
 		stop
 		start
-		return 0
-	fi
-
-	tr069_status="$(ubus -t 1 call tr069 status)"
-	ret="$?"
-	if [ "$ret" = "7" ]; then
-		# ubus timed out may be due to uloop is busy in some task so return
-		log "Skipping ubus reload due to ubus timeout"
-		return 0
-	fi
-
-	status="$(echo "${tr069_status}" | jsonfilter -qe '@.cwmp.status')"
-	if [ "$status" = "up" ]; then
-		ubus -t 1 call tr069 command '{"command":"reload"}'
 	fi
 }
 

icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user

@@ -1,139 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-CLASS=""
-OUI=""
-SERIAL=""
-
-get_vivsoi() {
-	# opt125 environment variable has data in below format
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-	# |	 enterprise-number1	  |
-	# |				  |
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-	# |   data-len1   |		  |
-	# +-+-+-+-+-+-+-+-+ option-data1  |
-	# /				  /
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -----
-	# |	 enterprise-number2	  |   ^
-	# |				  |   |
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |
-	# |   data-len2   |		  | optional
-	# +-+-+-+-+-+-+-+-+ option-data2  |   |
-	# /				  /   |
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+   |
-	# ~	       ...		  ~   V
-	# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ -----
-
-	#  Enterprise Id  Len  Sub Op  SLen  Data Sub Op  SLen Data	  Sub Op  SLen Data
-	# +-------------+-----+------+------+----+------+-----+----+-----+------+-----+----+
-	# |	id    |  n  |	1  |  n1  | D1 |   2  |  n2 | D2 | ... |   6  |  n6 | D6 |
-	# +-------------+-----+------+------+----+------+-----+----+-----+------+-----+----+
-
-	local opt125="$1"
-	local len="$2"
-	local ent_id
-
-	#hex-string 2 character=1 Byte
-	# length in hex string will be twice of actual Byte length
-	[ "$len" -gt "8" ] || return
-
-	data="${opt125}"
-	rem_len="${len}"
-	while [ $rem_len -gt 0 ]; do
-		ent_id=${data:0:8}
-		ent_id=$(printf "%d\n" "0x$ent_id")
-
-		if [ $ent_id -ne  3561 ]; then
-			len_val=${data:8:2}
-			data_len=$(printf "%d\n" "0x$len_val")
-			# add 4 byte for ent_id and 1 byte for len
-			data_len=$(( data_len * 2 + 10 ))
-			# move ahead data to next enterprise id
-			data=${data:"${data_len}":"${rem_len}"}
-			rem_len=$(( rem_len - $data_len ))
-			continue
-		fi
-
-		# read the length of enterprise data
-		len_val=${data:8:2}
-		data_len=$(printf "%d\n" "0x$len_val")
-		# add 4 byte for ent_id and 1 byte for len
-		data_len=$(( data_len * 2 + 10 ))
-
-		opt_len=$(printf "%d\n" "0x$len_val")
-		[ $opt_len -eq 0 ] && return
-
-		# populate the option data of enterprise id
-		sub_data_len=$(( opt_len * 2))
-		# starting 10 means ahead of length field
-		sub_data=${data:10:"${sub_data_len}"}
-
-		# parsing of suboption of option 125
-		while [ $sub_data_len -gt 0 ]; do
-			# get the suboption id
-			sub_opt_id=${sub_data:0:2}
-			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
-
-			# get the length of suboption
-			sub_opt_len=${sub_data:2:2}
-			sub_opt_len=$(printf "%d\n" "0x$sub_opt_len")
-			sub_opt_len=$(( sub_opt_len * 2 ))
-
-			# get the value of sub option starting 4 means starting after length
-			sub_opt_val=${sub_data:4:${sub_opt_len}}
-
-			# assign the value found in sub option
-			case "${sub_opt_id}" in
-				"4") OUI=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-				"5") SERIAL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-				"6") CLASS=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-			esac
-
-			# add 2 bytes for sub_opt id and sub_opt len field
-			sub_opt_end=$(( sub_opt_len + 4 ))
-
-			# update the remaining sub option hex string length
-			sub_data_len=$((sub_data_len - sub_opt_end))
-
-			# fetch next sub option hex string
-			sub_data=${sub_data:${sub_opt_end}:${sub_data_len}}
-		done
-
-		# move ahead data to next enterprise id
-		data=${data:"${data_len}":"${rem_len}"}
-		rem_len=$(( rem_len - data_len ))
-	done
-}
-
-config_load cwmp
-config_get_bool enable_cwmp cpe enable 1
-config_get wan_intf cpe default_wan_interface "wan"
-
-if [ "$enable_cwmp" = "0" ]; then
-	return 0
-fi
-
-if [ "${wan_intf}" == "${INTERFACE}" ]; then
-	if [ -n "$opt125" ]; then
-		len=$(printf "$opt125"|wc -c)
-		get_vivsoi "$opt125" "$len"
-	fi
-
-	mkdir -p /var/state
-	touch /var/state/icwmp
-	sec=$(uci -q -c /var/state get icwmp.gatewayinfo)
-	if [ -z "${sec}" ]; then
-		sec=$(uci -q -c /var/state add icwmp gatewayinfo)
-		uci -q -c /var/state rename icwmp."${sec}"="gatewayinfo"
-	fi
-
-	uci -q -c /var/state set icwmp.gatewayinfo.class="$CLASS"
-	uci -q -c /var/state set icwmp.gatewayinfo.oui="$OUI"
-	uci -q -c /var/state set icwmp.gatewayinfo.serial="$SERIAL"
-	uci -q -c /var/state commit icwmp
-fi

icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user

@@ -1,141 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-DHCP_ACS_URL=""
-DHCP_PROV_CODE=""
-MIN_WAIT_INVL=""
-INVL_MULTIPLIER=""
-
-log() {
-	echo "$@" |logger -t cwmp.update -p info
-}
-
-get_opt43() {
-	# Check if option value is in encapsulated form
-	local opt43="$1"
-	local len="$2"
-
-	[ "$len" -gt "2" ] || return
-
-	first_byte=${opt43:0:2}
-	first_byte=$(printf "%d\n" "0x$first_byte")
-
-	if [ $len -ge 4 ] && [ $first_byte -ge 1 ] && [ $first_byte -le 4 ]; then
-		# it is in encapsulated form
-		# opt43 encapsulated vendor-specific option has data in below format
-		#  Code   Len   Data item        Code   Len   Data item        Code
-		# +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
-		# |  T1 |  n  |  d1 |  d2 | ... |  T2 |  n  |  D1 |  D2 | ... | ... |
-		# +-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+-----+
-
-		#hex-string 2 character=1 Byte
-		# length in hex string will be twice of actual Byte length
-
-		data="${opt43}"
-		rem_len="${len}"
-		# parsing of suboption of option 43
-		while [ $rem_len -gt 0 ]; do
-			# get the suboption id
-			sub_opt_id=${data:0:2}
-			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
-
-			# get the length of suboption
-			sub_opt_len=${data:2:2}
-			sub_opt_len=$(printf "%d\n" "0x$sub_opt_len")
-			sub_opt_len=$(( sub_opt_len * 2 ))
-
-			# get the value of sub option starting 4 means starting after length
-			sub_opt_val=${data:4:${sub_opt_len}}
-
-			# assign the value found in sub option
-			case "${sub_opt_id}" in
-				"1") DHCP_ACS_URL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-				"2") DHCP_PROV_CODE=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-				"3") MIN_WAIT_INVL=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-				"4") INVL_MULTIPLIER=$(echo -n $sub_opt_val | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-				;;
-			esac
-
-			# add 2 bytes for sub_opt id and sub_opt len field
-			sub_opt_end=$(( sub_opt_len + 4 ))
-
-			# fetch next sub option hex string
-			data=${data:${sub_opt_end}:${len}}
-
-			# update the remaining sub option hex string length
-			rem_len=$((rem_len - sub_opt_end))
-		done
-	else
-		DHCP_ACS_URL=$(echo -n $opt43 | sed 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf && echo '')
-	fi
-}
-
-config_load cwmp
-config_get wan_intf cpe default_wan_interface "wan"
-config_get dhcp_discovery acs dhcp_discovery "0"
-config_get dhcp_url acs dhcp_url ""
-config_get min_wait_intvl acs dhcp_retry_min_wait_interval "0"
-config_get intvl_multi acs dhcp_retry_interval_multiplier "0"
-
-config_change=0
-discovery_enable=0
-
-if [ "$dhcp_discovery" = "1" ] || [ "$dhcp_discovery" = "true" ] || [ "$dhcp_discovery" = "enable" ]; then
-	discovery_enable=1
-fi
-
-if [ "$discovery_enable" = "0" ]; then
-	return 0
-fi
-
-if [ "${wan_intf}" == "${INTERFACE}" ]; then
-	if [ -n "$opt43" ]; then
-		len=$(printf "$opt43"|wc -c)
-		get_opt43 "$opt43" "$len"
-	fi
-
-	if [ -z "$DHCP_ACS_URL" ]; then
-		return 0
-	fi
-
-	sec=$(uci -q get cwmp.acs)
-
-	if [ -z "${sec}" ]; then
-		return 0
-	fi
-
-	if [ "${dhcp_url}" != "${DHCP_ACS_URL}" ]; then
-		uci -q set cwmp.acs.dhcp_url="$DHCP_ACS_URL"
-		config_change=1
-	fi
-
-	if [ -n "$MIN_WAIT_INVL" ] && [ "${MIN_WAIT_INVL}" != "${min_wait_intvl}" ]; then
-		uci -q set cwmp.acs.dhcp_retry_min_wait_interval="$MIN_WAIT_INVL"
-		config_change=1
-	fi
-
-	if [ -n "$INVL_MULTIPLIER" ] && [ "${INVL_MULTIPLIER}" != "${intvl_multi}" ]; then
-		uci -q set cwmp.acs.dhcp_retry_interval_multiplier="$INVL_MULTIPLIER"
-		config_change=1
-	fi
-
-	sec=$(uci -q get cwmp.cpe)
-
-	if [ -n "${sec}" ] && [ -n "$DHCP_PROV_CODE" ]; then
-		uci -q set cwmp.cpe.dhcp_provisioning_code="$DHCP_PROV_CODE"
-		config_change=1
-	fi
-
-	if [ $config_change -eq 0 ]; then
-		return 0
-	fi
-
-	# ACS url has been set, inform icwmpd to reload new configuration
-	sleep 10 # wait for some time to avoid interface fluctuation
-
-	ubus call uci commit '{"config":"cwmp"}'
-fi

icwmp/files/script/icwmp_backend_firewallmngr/firewall_cwmp.sh

@@ -1,107 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-order_offset=2
-
-get_firewall_zone() {
-	zone="$(uci show firewall|grep network|grep ${1}|cut -d. -f 2)"
-	zone="${zone:-wan}" # defaults to wan zone
-	echo "$zone"
-}
-
-cleanup_rule_firewallmngr() {
-	local rule_sec="$1"
-
-	config_get description "$rule_sec" "name"
-	[ "$description" = "Open_ACS_port" ] || return
-	uci -q delete firewallmngr."$rule_sec"
-	order_offset=0
-
-}
-
-reorder_previous_rule() {
-	local rule_sec="$1"
-	local order
-
-	config_get order "$rule_sec" "order"
-	[ -n $order ] || return
-	uci set firewallmngr."$rule_sec".order=$(( order + order_offset ))
-}
-
-enable="$(uci -q get cwmp.cpe.enable)"
-enable="${enable:-1}"
-
-if [ "$enable" -eq 0 ]; then
-	exit 0;
-fi
-
-wan="$(uci -q get cwmp.cpe.default_wan_interface)"
-wan="${wan:-wan}"
-
-zone_name="$(get_firewall_zone $wan)"
-active_level=$(uci -q get firewallmngr.firewall.advanced_level)
-active_chain=$(uci -q get firewallmngr."$active_level".chain)
-
-port=$(uci -q get cwmp.cpe.port)
-port="${port:-7547}"
-
-incoming_rule=$(uci -q get cwmp.cpe.incoming_rule|awk '{print tolower($0)}')
-incoming_rule="${incoming_rule:-port_only}"
-
-ipaddr=$(uci -c /var/state -q get icwmp.acs.ip)
-ip6addr=$(uci -c /var/state -q get icwmp.acs.ip6)
-
-config_load firewallmngr
-config_foreach cleanup_rule_firewallmngr "rule"
-config_foreach reorder_previous_rule "rule"
-rule_sec=$(uci add firewallmngr rule)
-rule1_sec=$(uci add firewallmngr rule)
-uci set firewallmngr."$rule_sec".family="4"
-uci set firewallmngr."$rule1_sec".family="6"
-uci set firewallmngr."$rule_sec".src="$zone_name"
-uci set firewallmngr."$rule1_sec".src="$zone_name"
-uci set firewallmngr."$rule_sec".chain="$active_chain"
-uci set firewallmngr."$rule1_sec".chain="$active_chain"
-uci set firewallmngr."$rule_sec".proto="6"
-uci set firewallmngr."$rule1_sec".proto="6"
-uci set firewallmngr."$rule_sec".order="1"
-uci set firewallmngr."$rule1_sec".order="2"
-uci reorder firewallmngr."$rule_sec"=1
-uci reorder firewallmngr."$rule1_sec"=2
-
-# default incoming rule is Port only
-if [ "${incoming_rule}" = "ip_only" ]; then
-	if [ -n "${ipaddr}" ]; then
-		uci -q set firewallmngr."$rule_sec".source_ip=${ipaddr}
-	fi
-	if [ -n "${ip6addr}" ]; then
-		uci -q set firewallmngr."$rule1_sec".source_ip=${ip6addr}
-	fi
-elif [ "${incoming_rule}" = "port_only" ]; then
-	if [ -n "${port}" ]; then
-		uci -q set firewallmngr."$rule_sec".dest_port=${port}
-		uci -q set firewallmngr."$rule1_sec".dest_port=${port}
-	fi
-else
-	if [ -n "${ipaddr}" ]; then
-		uci -q set firewallmngr."$rule_sec".source_ip=${ipaddr}
-	fi
-
-	if [ -n "${ip6addr}" ]; then
-		uci -q set firewallmngr."$rule1_sec".source_ip=${ip6addr}
-	fi
-
-	if [ -n "${port}" ]; then
-		uci -q set firewallmngr."$rule_sec".dest_port=${port}
-		uci -q set firewallmngr."$rule1_sec".dest_port=${port}
-	fi
-fi
-
-uci set firewallmngr."$rule_sec".name="Open_ACS_port"
-uci set firewallmngr."$rule1_sec".name="Open_ACS_port"
-uci set firewallmngr."$rule_sec".target="Accept"
-uci set firewallmngr."$rule1_sec".target="Accept"
-uci set firewallmngr."$rule_sec".enable="1"
-uci set firewallmngr."$rule1_sec".enable="1"
-ubus call uci commit '{"config":"firewallmngr"}'
-

ieee1905/Makefile

@@ -1,16 +1,16 @@
 #
-# Copyright (C) 2020-2024 IOPSYS Software Solutions AB
+# Copyright (C) 2020-2023 IOPSYS Software Solutions AB
 #
 
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ieee1905
-PKG_VERSION:=8.4.6
+PKG_VERSION:=8.3.4
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=e2f68a0ba54a6abf3481cdbb24d2dcc81e7f199c
+PKG_SOURCE_VERSION:=526690993c93720ee1707bba6b7a08e8c28f2dd9
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -22,7 +22,6 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
 
 
 define Package/ieee1905/Default
@@ -39,7 +38,7 @@ define Package/libieee1905
   $(call Package/ieee1905/Default)
   TITLE:=libieee1905.so (library for CMDU and TLV handling)
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
-	   +libjson-c +libblobmsg-json +libwifiutils
+	   +libjson-c +libblobmsg-json
 endef
 
 define Package/ieee1905
@@ -47,8 +46,7 @@ define Package/ieee1905
   TITLE:=ieee1905d (daemon implementing 1905.1 and provides cli)
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ubus +libpthread \
-	   +libieee1905 +IEEE1905_PLATFORM_HAS_WIFI:libwifi \
-	   +libwifiutils +libbbfdm-api
+	   +libieee1905 +IEEE1905_PLATFORM_HAS_WIFI:libwifi
 endef
 
 include $(wildcard plugins/*.mk)
@@ -62,12 +60,12 @@ define Package/libieee1905/description
 endef
 
 plugins := \
-	$(if $(CONFIG_PACKAGE_ieee1905-map-plugin),map) \
-	$(if $(CONFIG_PACKAGE_ieee1905-snoop-plugin),snoop) \
-	$(if $(CONFIG_PACKAGE_ieee1905-topology-plugin),topology)
+	$(if $(CONFIG_PACKAGE_map-plugin),map) \
+	$(if $(CONFIG_PACKAGE_snoop-plugin),snoop) \
+	$(if $(CONFIG_PACKAGE_topology-plugin),topology)
 
 
-ppkg:=$(patsubst plugins/%.mk,ieee1905-%-plugin,$(wildcard plugins/*.mk))
+ppkg:=$(patsubst plugins/%.mk,%-plugin,$(wildcard plugins/*.mk))
 
 
 TARGET_CFLAGS += \
@@ -109,7 +107,6 @@ define Package/ieee1905/install
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ieee1905d $(1)/usr/sbin/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/tr181/ieee1905dm.so $(1) $(PKG_NAME)
 endef
 
 define Package/libieee1905/install

ieee1905/plugins/map.mk

@@ -1,18 +1,18 @@
-define Package/ieee1905-map-plugin
+define Package/map-plugin
   $(call Package/ieee1905/Default)
   TITLE:=Multi-AP plugin supporting WiFi-Alliance Easymesh standard
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef
 
-define Package/ieee1905-map-plugin/config
-	if (PACKAGE_ieee1905-map-plugin)
+define Package/map-plugin/config
+	if (PACKAGE_map-plugin)
 
 		menu "Configuration"
 
 		config MULTIAP_EASYMESH_VERSION
 		int "Easymesh version"
-		default 6
+		default 4
 
 		config MULTIAP_DYNAMIC_CNTLR_SYNC_CONFIG
 		bool "Sync configuration between dynamic controllers in the network"
@@ -32,7 +32,7 @@ ifeq ($(CONFIG_MULTIAP_DYNAMIC_CNTLR_SYNC_CONFIG),y)
 TARGET_CFLAGS += -DDYNAMIC_CNTLR_SYNC_CONFIG
 endif
 
-define Build/InstallDev/ieee1905-map-plugin
+define Build/InstallDev/map-plugin
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
@@ -43,7 +43,7 @@ define Build/InstallDev/ieee1905-map-plugin
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/map/libmaputil.so $(1)/usr/lib/libmaputil.so
 endef
 
-define Package/ieee1905-map-plugin/install
+define Package/map-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/map/libmaputil.so $(1)/usr/lib/libmaputil.so

ieee1905/plugins/snoop.mk

@@ -1,11 +1,11 @@
-define Package/ieee1905-snoop-plugin
+define Package/snoop-plugin
   $(call Package/ieee1905/Default)
   TITLE:=Show all received 1905 CMDUs over UBUS
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef
 
-define Package/ieee1905-snoop-plugin/install
+define Package/snoop-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/snoop/snoop.so $(1)/usr/lib/ieee1905/snoop.so

ieee1905/plugins/topology.mk

@@ -1,11 +1,11 @@
-define Package/ieee1905-topology-plugin
+define Package/topology-plugin
   $(call Package/ieee1905/Default)
   TITLE:=Build full network topology of the 1905 nodes only
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef
 
-define Package/ieee1905-topology-plugin/install
+define Package/topology-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/topology/topology.so $(1)/usr/lib/ieee1905/topology.so

inbd/Makefile

@@ -0,0 +1,56 @@
+#
+# Copyright (C) 2016 iopsys
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=inbd
+PKG_VERSION:=1.2.3
+PKG_RELEASE:=1
+
+PKG_SOURCE_VERSION:=d4e910a31039e0c0b7a539311eafcd716c36be77
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/inbd
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_LICENSE:=GPLv2
+PKG_LICENSE_FILES:=LICENSE
+
+# support parallel build
+PKG_BUILD_PARALLEL:=1
+
+#re create configure scripts if not present.
+PKG_FIXUP:=autoreconf
+
+# run install target when cross compiling. basically, make install DESTDIR=$(PKG_INSTALL_DIR)
+# this way we don't need to pick out the resulting files from the build dir.
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/inbd
+	CATEGORY:=Utilities
+	TITLE:=iopsys Netlink Bridge Daemon
+	URL:=
+	DEPENDS:=+libuci +libubus +libblobmsg-json +libnl-genl
+endef
+
+define Package/inbd/description
+	Application handling netlink messages from kernel and sending them out on ubus.
+endef
+
+define Package/inbd/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/inbd $(1)/usr/bin/
+	cp $(PKG_BUILD_DIR)/files/etc/init.d/inbd $(1)/etc/init.d/
+endef
+
+$(eval $(call BuildPackage,inbd))

iop/config

@@ -0,0 +1,332 @@
+############
+# Generic #
+##########
+
+# Build #
+CONFIG_BUILD_LOG=y
+CONFIG_CCACHE=y
+CONFIG_DEBUG=y
+CONFIG_DEVEL=y
+# CONFIG_USE_SSTRIP is not set
+CONFIG_USE_STRIP=y
+# CONFIG_SIGNED_PACKAGES is not set
+
+CONFIG_JSON_CYCLONEDX_SBOM=y
+CONFIG_INCLUDE_CONFIG=y
+
+# Image #
+CONFIG_TARGET_CUSTOMER="IOPSYS"
+CONFIG_TARGET_ROOTFS_TARGZ=y
+
+# Although UBIFS and EXT4 images work on all non-secure-boot devices,
+# squashfs is the only officially supported rootfs filesystem.
+# A writable rootfs is useful for developping an debugging preinit code.
+# CONFIG_TARGET_ROOTFS_UBIFS is not set
+# CONFIG_TARGET_ROOTFS_EXT4FS is not set
+
+# /etc/banner and /etc/device_info #
+CONFIG_IMAGEOPT=y
+CONFIG_VERSIONOPT=y
+CONFIG_VERSION_MANUFACTURER="IOPSYS"
+CONFIG_VERSION_MANUFACTURER_URL="https://iopsys.eu/"
+CONFIG_VERSION_DIST="IOWRT"
+
+# OpenWrt is given by CONFIG_VERSION_NUMBER which we do not want to override.
+# disabling CONFIG_VERSION_FILENAMES will hide the OpenWrt version from the image filename
+# CONFIG_VERSION_FILENAMES is not set
+
+# CONFIG_VERSION_CODE is set to the IOWRT version instead by the genconfig-script and
+# CONFIG_VERSION_CODE_FILENAMES will put it into the image filename.
+CONFIG_VERSION_CODE_FILENAMES=y
+
+CONFIG_VERSION_HOME_URL="https://iopsys.eu"
+CONFIG_VERSION_BUG_URL="https://iopsys.eu"
+CONFIG_VERSION_SUPPORT_URL="https://iopsys.eu"
+
+# /lib/preinit #
+CONFIG_PREINITOPT=y
+# CONFIG_TARGET_PREINIT_SUPPRESS_STDERR is not set
+CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE=y
+CONFIG_TARGET_PREINIT_TIMEOUT=1
+# CONFIG_TARGET_PREINIT_SHOW_NETMSG is not set
+# CONFIG_TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG is not set
+CONFIG_TARGET_PREINIT_IFNAME=""
+CONFIG_TARGET_PREINIT_IP=""
+CONFIG_TARGET_PREINIT_NETMASK=""
+CONFIG_TARGET_PREINIT_BROADCAST=""
+
+# Mirror #
+CONFIG_LOCALMIRROR="https://download.iopsys.eu/iopsys/mirror/"
+
+
+##################
+# IOWRT Add-ons #
+################
+
+# EasySoC HAL #
+CONFIG_PACKAGE_inbd=y
+CONFIG_PACKAGE_qosmngr=y
+CONFIG_PACKAGE_libwifiutils=y
+CONFIG_PACKAGE_wifimngr=y
+
+# Multi-AP #
+CONFIG_PACKAGE_ieee1905=y
+CONFIG_IEEE1905_CMDU_SA_IS_ALMAC=y
+CONFIG_PACKAGE_topology-plugin=y
+CONFIG_PACKAGE_decollector=y
+CONFIG_PACKAGE_map-agent=y
+CONFIG_PACKAGE_map-controller=y
+
+# Network #
+CONFIG_PACKAGE_hostmngr=y
+CONFIG_PACKAGE_netmode=y
+CONFIG_PACKAGE_urlfilter=y
+
+# System #
+CONFIG_PACKAGE_imonitor=m
+CONFIG_PACKAGE_questd=y
+CONFIG_PACKAGE_rulengd=y
+CONFIG_PACKAGE_usermngr=y
+
+# TR-x69 #
+CONFIG_PACKAGE_libbbfdm=y
+CONFIG_PACKAGE_bbfdmd=y
+CONFIG_PACKAGE_icwmp=y
+CONFIG_PACKAGE_obuspa=y
+CONFIG_PACKAGE_bulkdata=y
+CONFIG_PACKAGE_periodicstats=y
+CONFIG_PACKAGE_stunc=y
+CONFIG_PACKAGE_swmodd=y
+CONFIG_PACKAGE_twamp=y
+CONFIG_PACKAGE_udpecho-client=y
+CONFIG_PACKAGE_udpecho-server=y
+CONFIG_PACKAGE_userinterface=y
+CONFIG_PACKAGE_xmppc=y
+CONFIG_PACKAGE_timemngr=y
+CONFIG_PACKAGE_self-diagnostics=y
+
+# WebGUI #
+CONFIG_PACKAGE_sulu=y
+
+
+############
+# Network #
+##########
+
+# Protocols #
+CONFIG_PACKAGE_6in4=y
+CONFIG_PACKAGE_6rd=y
+CONFIG_PACKAGE_6to4=y
+CONFIG_PACKAGE_chat=y
+CONFIG_PACKAGE_comgt=y
+CONFIG_PACKAGE_comgt-directip=y
+CONFIG_PACKAGE_comgt-ncm=y
+CONFIG_PACKAGE_ds-lite=y
+CONFIG_PACKAGE_firewall=y
+# CONFIG_PACKAGE_firewall4 is not set
+CONFIG_PACKAGE_gre=y
+CONFIG_PACKAGE_map=y
+CONFIG_PACKAGE_ntfs-3g=y
+CONFIG_PACKAGE_ntpd=y
+CONFIG_PACKAGE_odhcp6c=y
+CONFIG_PACKAGE_odhcpd=y
+CONFIG_PACKAGE_ppp-mod-pppoa=y
+CONFIG_PACKAGE_ppp-mod-pppoe=y
+CONFIG_PACKAGE_ppp-mod-pppol2tp=y
+CONFIG_PACKAGE_ppp-mod-pptp=y
+CONFIG_PACKAGE_ppp-multilink=y
+# CONFIG_PACKAGE_ppp is not set
+CONFIG_PACKAGE_relayd=y
+CONFIG_PACKAGE_umbim=y
+CONFIG_PACKAGE_uqmi=y
+CONFIG_PACKAGE_wwan=y
+CONFIG_PACKAGE_xl2tpd=y
+
+# Services #
+CONFIG_PACKAGE_atftp=y
+CONFIG_PACKAGE_atftpd=y
+CONFIG_PACKAGE_ddns-scripts=y
+CONFIG_PACKAGE_dnsmasq=y
+CONFIG_PACKAGE_ssdpd=y
+CONFIG_PACKAGE_miniupnpd-iptables=y
+CONFIG_PACKAGE_mosquitto-client-ssl=y
+CONFIG_PACKAGE_mosquitto-ssl=y
+CONFIG_PACKAGE_nginx=y
+CONFIG_PACKAGE_openvpn-easy-rsa=y
+CONFIG_PACKAGE_openvpn-openssl=y
+CONFIG_OPENVPN_openssl_ENABLE_IPROUTE2=y
+# CONFIG_PACKAGE_qos-scripts is not set
+CONFIG_PACKAGE_rdnssd=y
+CONFIG_PACKAGE_vsftpd-tls=y
+
+# Tools and Utilities #
+CONFIG_PACKAGE_curl=y
+CONFIG_PACKAGE_libcurl=y
+CONFIG_LIBCURL_CRYPTO_AUTH=y
+# CONFIG_LIBCURL_MBEDTLS is not set
+CONFIG_LIBCURL_OPENSSL=y
+CONFIG_PACKAGE_ethtool=y
+CONFIG_PACKAGE_ip-bridge=y
+CONFIG_PACKAGE_ip-full=y
+CONFIG_PACKAGE_iperf3=y
+CONFIG_PACKAGE_ipset=y
+CONFIG_PACKAGE_ip6tables-zz-legacy=y
+CONFIG_PACKAGE_iptables-zz-legacy=y
+CONFIG_PACKAGE_iptables-mod-conntrack-extra=y
+CONFIG_PACKAGE_iptables-mod-extra=y
+CONFIG_PACKAGE_iptables-mod-filter=y
+CONFIG_PACKAGE_iptables-mod-ipmark=y
+CONFIG_PACKAGE_iptables-mod-ipopt=y
+CONFIG_PACKAGE_iptables-mod-nflog=y
+CONFIG_PACKAGE_iptables-mod-nfqueue=y
+CONFIG_PACKAGE_ndisc6=y
+CONFIG_PACKAGE_rdisc6=y
+CONFIG_PACKAGE_resolveip=y
+CONFIG_PACKAGE_socat=y
+CONFIG_PACKAGE_tcpdump=y
+CONFIG_PACKAGE_traceroute6=y
+
+
+############
+# System  #
+##########
+
+CONFIG_PACKAGE_at=y
+CONFIG_PACKAGE_ca-certificates=y
+CONFIG_PACKAGE_crun=y
+CONFIG_PACKAGE_getopt=y
+CONFIG_PACKAGE_gpiod-tools=y
+# CONFIG_PACKAGE_iwatchdog is not set
+CONFIG_PACKAGE_jq=y
+CONFIG_PACKAGE_libcap-bin=y
+CONFIG_PACKAGE_libustream-openssl=y
+# CONFIG_PACKAGE_libustream-wolfssl is not set
+CONFIG_PACKAGE_lscpu=y
+CONFIG_PACKAGE_nand-utils=y
+CONFIG_PACKAGE_openssl-util=y
+CONFIG_OPENSSL_WITH_COMPRESSION=y
+CONFIG_PACKAGE_procd-ujail=m
+CONFIG_PACKAGE_quota=y
+CONFIG_PACKAGE_rpcd=y
+CONFIG_PACKAGE_rpcd-mod-rpcsys=y
+CONFIG_PACKAGE_rpcd-mod-rrdns=y
+CONFIG_PACKAGE_strace=y
+CONFIG_PACKAGE_terminfo=y
+CONFIG_PACKAGE_uledd=y
+# The urandom-seed package is very strange. It seeds urandom with urandom...
+# Disable it. Most SoCs nowadays has HW random generators anyway.
+# CONFIG_PACKAGE_urandom-seed is not set
+# CONFIG_PACKAGE_urngd is not set
+CONFIG_PACKAGE_usb-modeswitch=y
+CONFIG_PACKAGE_uuidgen=y
+CONFIG_PACKAGE_zoneinfo-core=y
+CONFIG_PACKAGE_zoneinfo-europe=y
+
+
+################
+# LuCI WebGUI #
+##############
+
+# BEGIN: luci-nginx metapackage with some changes
+# We do not want libiwinfo-lua on non-WiFi targets, but it is already
+# depended on by other luci-packages, so no need to take it in explicitly
+CONFIG_PACKAGE_luci-mod-admin-full=y
+CONFIG_PACKAGE_luci-app-firewall=y
+CONFIG_PACKAGE_luci-app-opkg=y
+CONFIG_PACKAGE_luci-proto-ppp=y
+CONFIG_PACKAGE_luci-proto-ipv6=y
+# CONFIG_LUCI_JSMIN is not set
+# CONFIG_LUCI_CSSTIDY is not set
+CONFIG_PACKAGE_luci-mod-dashboard=y
+CONFIG_PACKAGE_luci-theme-openwrt-2020=y
+CONFIG_PACKAGE_nginx-mod-luci=y
+
+
+############
+# BusyBox #
+##########
+
+CONFIG_BUSYBOX_CUSTOM=y
+CONFIG_BUSYBOX_CONFIG_ADDUSER=y
+CONFIG_BUSYBOX_CONFIG_ARPING=y
+CONFIG_BUSYBOX_CONFIG_ASH_IDLE_TIMEOUT=y
+CONFIG_BUSYBOX_CONFIG_ASH_RANDOM_SUPPORT=y
+CONFIG_BUSYBOX_CONFIG_CTTYHACK=y
+CONFIG_BUSYBOX_CONFIG_DELUSER=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_UDHCP_8021Q=y
+CONFIG_BUSYBOX_CONFIG_FIRST_SYSTEM_ID=100
+# CONFIG_BUSYBOX_CONFIG_HTTPD is not set
+# CONFIG_BUSYBOX_CONFIG_INSMOD is not set
+# CONFIG_BUSYBOX_CONFIG_MODINFO is not set
+# CONFIG_BUSYBOX_CONFIG_MODPROBE is not set
+CONFIG_BUSYBOX_CONFIG_FEATURE_MODPROBE_BLACKLIST=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_CHECK_TAINTED_MODULE=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_MODUTILS_ALIAS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_MODUTILS_SYMBOLS=y
+CONFIG_BUSYBOX_CONFIG_DEFAULT_MODULES_DIR="/lib/modules"
+CONFIG_BUSYBOX_CONFIG_DEFAULT_DEPMOD_FILE="modules.dep"
+# CONFIG_BUSYBOX_CONFIG_IP is not set
+CONFIG_BUSYBOX_CONFIG_LAST_SYSTEM_ID=999
+CONFIG_BUSYBOX_CONFIG_LOGIN=y
+# CONFIG_BUSYBOX_CONFIG_LSMOD is not set
+CONFIG_BUSYBOX_CONFIG_LSPCI=y
+CONFIG_BUSYBOX_CONFIG_LSUSB=y
+CONFIG_BUSYBOX_CONFIG_MICROCOM=y
+# CONFIG_BUSYBOX_CONFIG_RMMOD is not set
+CONFIG_BUSYBOX_CONFIG_STTY=y
+CONFIG_BUSYBOX_CONFIG_TFTP=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_CHECK_TAINTED_MODULE=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_AUTH_MD5=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_BASIC_AUTH=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_CGI=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_ENCODE_URL_STR=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_ERROR_PAGES=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_GZIP=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_PROXY=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_RANGES=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_SETUID=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_HTTPD_USE_SENDFILE=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_LSMOD_PRETTY_2_6_OUTPUT=y
+# CONFIG_BUSYBOX_CONFIG_FEATURE_NOLOGIN is not set
+CONFIG_BUSYBOX_CONFIG_FEATURE_SECURETTY=y
+# CONFIG_BUSYBOX_CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
+CONFIG_BUSYBOX_CONFIG_FEATURE_TFTP_GET=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_TFTP_PUT=y
+# CONFIG_BUSYBOX_CONFIG_WGET is not set
+# CONFIG_BUSYBOX_CONFIG_LOGIN_SCRIPTS is not set
+# CONFIG_BUSYBOX_CONFIG_LOGIN_SESSION_AS_CHILD is not set
+# CONFIG_BUSYBOX_CONFIG_PAM is not set
+# CONFIG_BUSYBOX_CONFIG_TFTP_DEBUG is not set
+# CONFIG_BUSYBOX_CONFIG_NTPD is not set
+CONFIG_BUSYBOX_CONFIG_MOUNTPOINT=y
+CONFIG_BUSYBOX_CONFIG_RUN_PARTS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_RUN_PARTS_LONG_OPTIONS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_RUN_PARTS_FANCY=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_GZIP_LEVELS=y
+CONFIG_BUSYBOX_CONFIG_GZIP_FAST=2
+CONFIG_BUSYBOX_CONFIG_FEATURE_FANCY_SLEEP=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_FLOAT_SLEEP=y
+CONFIG_BUSYBOX_CONFIG_FLOAT_DURATION=y
+CONFIG_BUSYBOX_CONFIG_USLEEP=y
+CONFIG_BUSYBOX_CONFIG_REALPATH=y
+CONFIG_BUSYBOX_CONFIG_TTY=y
+CONFIG_BUSYBOX_CONFIG_BLOCKDEV=y
+CONFIG_BUSYBOX_CONFIG_PARTPROBE=y
+CONFIG_BUSYBOX_CONFIG_LFS=y
+CONFIG_BUSYBOX_CONFIG_FDISK=y
+CONFIG_BUSYBOX_CONFIG_FDISK_SUPPORT_LARGE_DISKS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_FDISK_WRITABLE=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_GPT_LABEL=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_FDISK_ADVANCED=y
+CONFIG_BUSYBOX_CONFIG_IONICE=y
+CONFIG_BUSYBOX_CONFIG_RENICE=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_VOLUMEID_BTRFS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_VOLUMEID_F2FS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_VOLUMEID_LINUXSWAP=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_VOLUMEID_SQUASHFS=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_VOLUMEID_UBIFS=y
+CONFIG_BUSYBOX_CONFIG_TIMEOUT=y
+CONFIG_BUSYBOX_CONFIG_NOHUP=y
+CONFIG_BUSYBOX_CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="sha512"

iop/iop.completion

@@ -33,10 +33,9 @@ _iop()
     prev="${COMP_WORDS[COMP_CWORD-1]}"
 
     iopcmds="bootstrap cfe_upgrade cfe_upgrade_latest extract_core \
-             feeds_update genconfig \
-             generate_tarballs install_key \
+             feeds_update genconfig generate_tarballs install_key \
              scp_changes setup_host ssh_install_key status \
-             update_feed_branches ssh_upgrade smoketest"
+             update_package update_feed_branches ssh_upgrade smoketest"
 
     if [ $COMP_CWORD -eq 1 ] ; then