map-agent: introduce config option that passes PERSIST_CONTROLLER CLFLAG

bbfdm/Config_bbfdm.in

@@ -1,4 +1,3 @@
-if PACKAGE_libbbfdm
 config BBF_VENDOR_LIST
 	string "Vendor List"
 	default "iopsys"
@@ -14,4 +13,3 @@ config BBF_OBFUSCATION_KEY
 config BBF_MAX_OBJECT_INSTANCES
 	int "Maximum number of instances per object"
 	default 255
-endif

bbfdm/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bbfdm
-PKG_VERSION:=1.9.6
+PKG_VERSION:=1.8.26
 
 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=6730d2784bbac93d87705db83a5157eaeb436f7d
+PKG_SOURCE_VERSION:=6df8fecbcc72e55f2ba06ae933dcddb6f725b204
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -38,7 +38,6 @@ define Package/libbbfdm
   SUBMENU:=TRx69
   TITLE:=Library for broadband forum data model support
   DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libopenssl
-  MENU:=1
 endef
 
 define Package/bbfdmd
@@ -46,36 +45,19 @@ define Package/bbfdmd
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=Datamodel ubus backend
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq +bbf_configmngr
-endef
-
-define Package/bbf_configmngr
-  SECTION:=utils
-  CATEGORY:=Utilities
-  SUBMENU:=TRx69
-  TITLE:= BBF Config Manager
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
-  MENU:=1
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq
 endef
 
 define Package/libbbfdm/config
 	source "$(SOURCE)/Config_bbfdm.in"
 endef
 
-define Package/bbf_configmngr/config
-	source "$(SOURCE)/bbf_configmngr.in"
-endef
-
 define Package/libbbfdm-api/description
  Library contains the API(UCI, UBUS, JSON, CLI and Browse) of libbbfdm
 endef
 
 define Package/libbbfdm/description
- Library contains the data model tree, It includes basic TR181 nodes.
-endef
-
-define Package/bbf_configmngr/description
- Daemon for handling bbf reload services via ubus bbf.config
+ Library contains the data model tree. It includes TR181, TR143 data models
 endef
 
 ifeq ($(USE_LOCAL),1)
@@ -101,11 +83,11 @@ define Package/libbbfdm-api/install
 	$(INSTALL_DIR) $(1)/lib
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/lib/
 	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.config $(1)/usr/libexec/rpcd/bbf.config
 	$(INSTALL_DIR) $(1)/etc/bbfdm
-	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
 	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
+	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
 endef
 
 define Package/libbbfdm/install
@@ -117,12 +99,20 @@ define Package/libbbfdm/install
 	$(INSTALL_DIR) $(1)/usr/share/bbfdm/
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/usr/share/bbfdm/libbbfdm.so
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
+	$(INSTALL_BIN) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/95-portmap-firewall
+	$(INSTALL_BIN) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/97-firewall-service
+	$(INSTALL_BIN) ./files/etc/uci-defaults/99-link-core-plugins $(1)/etc/uci-defaults/99-link-core-plugins
+	$(INSTALL_BIN) ./files/etc/uci-defaults/90-remove-nonexisting-microservices $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/firewall.portmap $(1)/etc/firewall.portmap
+	$(INSTALL_BIN) ./files/etc/firewall.service $(1)/etc/firewall.service
 ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
 	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/iopsys/libbbfdm_iopsys_ext.so $(1)
 endif
 	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
+	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm/scripts/
+	$(LN) /usr/share/bbfdm/scripts/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
 endef
 
 define Package/libbbfdm/prerm
@@ -145,19 +135,6 @@ define Package/bbfdmd/install
 	$(INSTALL_BIN) ./files/etc/hotplug.d/iface/85-bbfdm-sysctl $(1)/etc/hotplug.d/iface/85-bbfdm-sysctl
 endef
 
-define Package/bbf_configmngr/install
-	$(INSTALL_DIR) $(1)/etc/init.d
-ifeq ($(CONFIG_BBF_CONFIGMNGR_C_BACKEND),y)
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/bbf_configd $(1)/usr/sbin/
-	$(INSTALL_BIN) ./files/etc/init.d/bbf_configd $(1)/etc/init.d/bbf_configd
-endif
-ifeq ($(CONFIG_BBF_CONFIGMNGR_SCRIPT_BACKEND),y)
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.config $(1)/usr/libexec/rpcd/bbf.config
-endif
-endef
-
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
@@ -166,7 +143,6 @@ define Build/InstallDev
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/*.h $(1)/usr/include/
 endef
 
-$(eval $(call BuildPackage,bbf_configmngr))
 $(eval $(call BuildPackage,libbbfdm-api))
 $(eval $(call BuildPackage,libbbfdm))
 $(eval $(call BuildPackage,bbfdmd))

bbfdm/bbf_configmngr.in

@@ -1,19 +0,0 @@
-if PACKAGE_bbf_configmngr
-choice
-	prompt "Select backend daemon for bbf.config"
-	default BBF_CONFIGMNGR_C_BACKEND
-	help
-		Select which backend daemon should be used for ubus bbf.config
-
-config BBF_CONFIGMNGR_SCRIPT_BACKEND
-	bool "Use shell script backend"
-	help
-		Enable this option to use shell script as the backend for bbf.config. This can be useful for quick and easy scripting of configuration tasks.
-
-config BBF_CONFIGMNGR_C_BACKEND
-	bool "Use C code backend"
-	help
-		Enable this option to use a C code implementation as the backend for bbf.config. This option is generally preferred for performance-critical tasks and scenarios requiring more robust and efficient handling.
-
-endchoice
-endif

bbfdm/files/etc/init.d/bbf_configd

@@ -1,15 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=64
-STOP=10
-
-USE_PROCD=1
-PROG=/usr/sbin/bbf_configd
-
-start_service()
-{
-	procd_open_instance "bbf_configd"
-	procd_set_param command ${PROG}
-	procd_set_param respawn
-	procd_close_instance "bbf_configd"
-}

bbfdm/files/etc/uci-defaults/90-remove-nonexisting-microservices

@@ -0,0 +1,18 @@
+#!/bin/sh
+. /lib/functions.sh
+
+remove_nonexisting_microservice() {
+	local input_json
+
+	config_get input_json "$1" input_json ""
+
+	if [ -z "${input_json}" ]; then
+		uci_remove bbfdm "${1}"
+	fi
+}
+
+config_load bbfdm
+config_foreach remove_nonexisting_microservice "micro_service"
+
+exit 0
+

bbfdm/files/etc/uci-defaults/99-link-core-plugins

@@ -0,0 +1,34 @@
+#!/bin/sh
+
+UNIFIED_PATH="/usr/share/bbfdm/plugins/"
+
+log() {
+	echo "$@" | logger -t bbfdm.uci-default -p info
+}
+
+# Link JSON plugins
+for f in `ls -1 /etc/bbfdm/json/*.json`; do
+	log "# BBFDM JSON plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+# Link DotSo plugins
+for f in `ls -1 /usr/lib/bbfdm/*.so`; do
+	log "# BBFDM DotSO plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+# Link JSON plugins
+for f in `ls -1 /etc/bbfdm/plugins/*.json`; do
+	log "# BBFDM JSON plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+# Link DotSo plugins
+for f in `ls -1 /etc/bbfdm/plugins/*.so`; do
+	log "# BBFDM DotSO plugin ${f} not aligned #"
+	ln -s ${f} "${UNIFIED_PATH}"
+done
+
+exit 0
+

bridgemngr/Config.in

@@ -1,11 +0,0 @@
-if PACKAGE_bridgemngr
-
-menu "Configuration"
-
-config BRIDGEMNGR_BRIDGE_VLAN
-	bool "Use bridge-vlan backend"
-	help
-	   Set this option to use bridge-vlan as backend for VLAN objects.
-
-endmenu
-endif

bridgemngr/Makefile

@@ -5,14 +5,14 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bridgemngr
-PKG_VERSION:=1.0.5
+PKG_VERSION:=1.0.2
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr
-PKG_SOURCE_VERSION:=c0f2e17f6d4f96aecfe72ab90be885939413176d
+PKG_SOURCE_VERSION:=9cddf87b527ef1614a8a39db67e6578ff1810031
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -33,18 +33,10 @@ define Package/bridgemngr/description
 	Package to add Device.Bridging. data model support.
 endef
 
-define Package/$(PKG_NAME)/config
-	source "$(SOURCE)/Config.in"
-endef
-
 MAKE_PATH:=src
 
 TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
 
-ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VLAN),y)
-	TARGET_CFLAGS += -DBRIDGE_VLAN_BACKEND
-endif
-
 define Package/bridgemngr/install
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libbridgemngr.so $(1) $(PKG_NAME)
 ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)

ddnsmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ddnsmngr
-PKG_VERSION:=1.0.7
+PKG_VERSION:=1.0.5
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
-PKG_SOURCE_VERSION:=4b0c679c4dc3e3725de5c0c55ed60f24b87c6edd
+PKG_SOURCE_VERSION:=f3c818322747922035a9eafe5de05d148ce15b4b
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

decollector/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=decollector
-PKG_VERSION:=6.0.0.13
+PKG_VERSION:=6.0.0.9
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d75639d9ae82538103123b32fc0de9280e84cabb
+PKG_SOURCE_VERSION:=08cd179438b8085c19e7d7523c9b26adfcb93129
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

dhcpmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dhcpmngr
-PKG_VERSION:=1.0.2
+PKG_VERSION:=1.0.1
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dhcpmngr.git
-PKG_SOURCE_VERSION:=4c89a3f12686343e3cca23819255744ac06dfb22
+PKG_SOURCE_VERSION:=d15d21766c1a1e5054b2391de1cfc4708be7a14c
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

dslmngr/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dslmngr
-PKG_VERSION:=1.2.5
+PKG_VERSION:=1.2.4
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
-PKG_SOURCE_VERSION:=4a6f6f829006e481eeb20bcb121f7938d12c60ec
+PKG_SOURCE_VERSION:=d71bef278b8222dee1c278723f8264aa8faf5e40
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip

easy-qos/Makefile

@@ -0,0 +1,47 @@
+#
+# Copyright (C) 2019 iopsys Software Solutions AB
+#
+# This is free software, licensed under the GNU General Public License v2.
+# 
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=easy-qos
+PKG_VERSION:=1.1
+PKG_RELEASE:=0
+
+PKG_LICENSE:=GPLv2
+PKG_LICENSE_FILES:=none
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/easy-qos
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Easy QoS
+  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha)
+endef
+
+define Package/easy-qos/description
+	This package contains Easy QoS utility
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+	$(CP) ./files/* $(PKG_BUILD_DIR)/
+endef
+
+define Build/Compile
+endef
+
+define Package/easy-qos/install
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(CP) ./files/etc/config/easy_qos $(1)/etc/config/
+	$(CP) ./files/etc/init.d/easy_qos.iptables $(1)/etc/init.d/easy_qos
+	$(CP) ./files/etc/uci-defaults/* $(1)/etc/uci-defaults/
+	$(CP) ./files/etc/firewall.easyqos $(1)/etc/firewall.easyqos
+endef
+
+$(eval $(call BuildPackage,easy-qos))

easy-qos/files/etc/firewall.easyqos

@@ -0,0 +1 @@
+/etc/init.d/easy_qos reload

easy-qos/files/etc/init.d/easy_qos.ebtables

@@ -0,0 +1,140 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+
+log() {
+	echo "${@}"|logger -t easy_qos.ebtable -p debug
+}
+
+exec_log() {
+	${@}
+	if [ "${?}" -ne 0 ]; then
+		log "Failed to create ${@}";
+	fi
+}
+
+get_priority() {
+	local prio=$(echo $1|tr 'A-Z' 'a-z');
+	case "${prio}" in
+		"lowest")
+			echo 0;;
+		"low")
+			echo 1;;
+		"besteffort")
+			echo 2;;
+		"normal")
+			echo 3;;
+		"video")
+			echo 4;;
+		"medium")
+			echo 5;;
+		"high")
+			echo 6;;
+		"highest")
+			echo 7;;
+	esac
+}
+
+validate_rule_section()
+{
+	uci_validate_section easy_qos rule "${1}" \
+		'priority:string' \
+		'macaddr:string' \
+		'proto:string:none' \
+		'port:list(uinteger)' \
+		'comment:string:none'
+}
+
+# Clear existing rules before applying new rules
+clear_existing_rules() {
+	local rule=$(ebtables --concurrent -t broute -L BROUTING|grep -m 1 mark)
+	while [ -n "${rule}" ]; do
+		exec_log ebtables --concurrent -t broute -D BROUTING ${rule}
+		rule=$(ebtables --concurrent -t broute -L BROUTING|grep -m 1 mark)
+	done
+}
+
+create_rule() {
+	local protocol=$1; shift
+	local mac=$1; shift
+	local mark="0x$1"; shift
+	local forward_port=$1;
+	local cmd="";
+	local protocol_number
+
+	cmd="-j mark --mark-or ${mark}";
+	if [ -n "${forward_port}" ]; then
+		cmd="--ip-destination-port ${forward_port} ${cmd}";
+	fi
+	
+	case "${protocol}" in
+		"tcp")
+			protocol_number=6;;
+		"udp")
+			protocol_number=17;;
+		"dccp")
+			protocol_number=33;;
+		"sctp")
+			protocol_number=132;;
+		*)
+			log "Protocol ${protocol} not supported in ebtables"
+			return;;
+	esac
+			
+	cmd="--ip-proto ${protocol_number} $cmd"
+	cmd="-p ip $cmd"
+
+	cmd="-s ${mac} $cmd"
+	exec_log ebtables --concurrent -t broute -A BROUTING ${cmd}
+}
+
+manage_rule() {
+	local cfg="$1"
+	local priority macaddr proto port comment prio_num protocol
+
+	validate_rule_section "${1}" || {
+		log "Validation of section failed"
+		return 1;
+	}
+
+	protocol=$(echo ${proto}|tr 'A-Z' 'a-z')
+	prio_num=$(get_priority ${priority})
+	if [ -n "${macaddr}" -a -n "${prio_num}" ]; then
+		for p in ${port}; do
+			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
+				create_rule tcp ${macaddr} ${prio_num} ${p}
+				create_rule udp ${macaddr} ${prio_num} ${p}
+			else
+				create_rule ${protocol} ${macaddr} ${prio_num} ${p}
+			fi
+		done
+		# Create rule for all ports if port is not mentioned in uci
+		if [ -z "${port}" ]; then
+			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
+				create_rule tcp ${macaddr} ${prio_num}
+				create_rule udp ${macaddr} ${prio_num}
+			else
+				create_rule ${protocol} ${macaddr} ${prio_num}
+			fi
+		fi
+	fi
+}
+
+reload_service() {
+	# Do not apply rules if ebtables is not present in system
+	[ -x /usr/sbin/ebtables ] || return;
+
+	clear_existing_rules
+	config_load easy_qos
+	config_foreach manage_rule rule
+}
+
+start_service() {
+	reload_service
+}
+
+service_triggers() {
+	procd_add_reload_trigger "easy_qos"
+}
+

easy-qos/files/etc/init.d/easy_qos.iptables

@@ -0,0 +1,186 @@
+#!/bin/sh /etc/rc.common
+
+. /usr/share/libubox/jshn.sh
+
+START=99
+USE_PROCD=1
+
+CLIENT_LIST="/tmp/easy_qos_client.list"
+
+log() {
+	echo "${@}"|logger -t easy_qos -p debug
+}
+
+exec_log() {
+	${@}
+	if [ "${?}" -ne 0 ]; then
+		log "Failed to create ${@}";
+	fi
+}
+
+get_priority() {
+	local prio=$(echo $1|tr 'A-Z' 'a-z');
+	case "${prio}" in
+		"lowest")
+			echo 0;;
+		"low")
+			echo 1;;
+		"besteffort")
+			echo 2;;
+		"normal")
+			echo 3;;
+		"video")
+			echo 4;;
+		"medium")
+			echo 5;;
+		"high")
+			echo 6;;
+		"highest")
+			echo 7;;
+	esac
+}
+
+clean_client_entries() {
+	[ -f ${CLIENT_LIST} ] && rm ${CLIENT_LIST}
+}
+
+map_client_entries() {
+	local clients ip mac host
+
+	json_load "$(ubus call router.network 'clients')"
+	json_get_keys keys
+
+	for key in ${keys};
+	do
+		json_select ${key}
+		json_get_vars ipaddr macaddr hostname
+		clients="${macaddr} ${ipaddr} ${hostname};${clients}"
+		json_select ..
+	done
+
+	json_init
+
+#	json_add_array "clients"
+	IFS=";"
+	for client in ${clients};
+	do
+		macaddr=$(echo ${client} | cut -d" " -f1)
+		json_add_object "${macaddr//:/_}"
+		json_add_string "ip" "$(echo ${client} | cut -d" " -f2)"
+		json_add_string "macaddr" "$(echo ${client} | cut -d" " -f1)"
+		json_add_string "host" "$(echo ${client} | cut -d" " -f3)"
+		json_close_object
+	done
+
+	IFS=' '
+	echo `json_dump` > ${CLIENT_LIST}
+	json_cleanup
+}
+
+# Find the IP of a corresponding mac from arp table
+get_ipaddress() {
+	local clients ip mac host
+
+	json_load "$(cat ${CLIENT_LIST})"
+	json_get_keys keys
+
+	# jshn seems a bit iffy on having : in key, replace by _
+	json_select "${1//:/_}" 2 > /dev/null
+	json_get_var ip ip
+
+	echo "$ip"
+}
+
+validate_rule_section()
+{
+	uci_validate_section easy_qos rule "${1}" \
+		'priority:string' \
+		'macaddr:string' \
+		'proto:string:none' \
+		'port:list(uinteger)' \
+		'comment:string:none'
+}
+
+# Clear existing rules before applying new rules
+clear_existing_rules() {
+	local rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
+	while [ -n "${rule}" ]; do
+		exec_log iptables -t mangle ${rule}
+		rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
+	done
+}
+
+check_and_create() {
+	iptables -t mangle -C PREROUTING ${@} 2>/dev/null
+	# Create rule if not exists
+	if [ ${?} -ne 0 ]; then
+		exec_log iptables -t mangle -A PREROUTING ${@}
+	else
+		log "Rule exists for ${@}"
+	fi
+}
+
+create_rule() {
+	local proto=$1; shift
+	local src_ip=$1; shift
+	local mark="0x$1/0x$1"; shift
+	local ports=$1;
+	local cmd="";
+
+	cmd="-j MARK --set-xmark ${mark}";
+	if [ -n "${ports}" ]; then
+		cmd="--match multiport --dports ${ports} ${cmd}";
+	fi
+
+	if [ "${proto}" == "icmp" ]; then
+		cmd="-p icmp -m icmp --icmp-type 8 $cmd"
+	elif [ "${proto}" == "all" ]; then
+		cmd="-p all $cmd"
+	else
+		cmd="-p ${proto} -m ${proto} $cmd"
+	fi
+	cmd="-s ${src_ip} $cmd"
+
+	check_and_create ${cmd} 
+}
+
+manage_rule() {
+	local cfg="$1"
+	local priority macaddr proto port comment prio_num ip port_list
+
+	validate_rule_section "${1}" || {
+		log "Validation of section failed"
+		return 1;
+	}
+
+	prio_num=$(get_priority ${priority})
+	ip=$(get_ipaddress ${macaddr})
+	port_list=$(echo ${port}|sed 's/ /,/g')
+
+	if [ -n "${ip}" -a -n "${prio_num}" ]; then
+		if [ "${proto}" == "none" -o "${proto}" == "tcpudp" ]; then
+			create_rule tcp ${ip} ${prio_num} ${port_list}
+			create_rule udp ${ip} ${prio_num} ${port_list}
+		else
+			create_rule ${proto} ${ip} ${prio_num} ${port_list}
+		fi
+	fi
+}
+
+reload_service() {
+	clear_existing_rules
+	map_client_entries
+	config_load easy_qos
+	config_foreach manage_rule rule
+	clean_client_entries
+}
+
+start_service() {
+	reload_service
+	echo "Easy QoS installed">/dev/console;
+}
+
+service_triggers() {
+	procd_add_reload_trigger "easy_qos"
+}
+

easy-qos/files/etc/uci-defaults/60-easyqos-reqs

@@ -0,0 +1,8 @@
+# Add firewall include
+uci -q batch <<-EOT
+        delete firewall.easyqos
+        set firewall.easyqos=include
+        set firewall.easyqos.path=/etc/firewall.easyqos
+        set firewall.easyqos.reload=1
+        commit firewall
+EOT

ebtables-extensions/Makefile

@@ -6,13 +6,13 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ebtables-extensions
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.2
 PKG_LICENSE:=GPL-2.0
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d3de8b0ac52ce9f96ef5a0a6277a6730879fc793
+PKG_SOURCE_VERSION:=a23a70f5518a42d663156a156c1e3356f695b5ad
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ebtables-extensions.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

ethmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ethmngr
-PKG_VERSION:=2.1.9
+PKG_VERSION:=2.1.7
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/ethmngr.git
-PKG_SOURCE_VERSION:=2d35e86cc8dfd7ef4e0d8579f5d314e90faadc90
+PKG_SOURCE_VERSION:=d029ce86fe99b7896f096f68eda3f6caa000ee5f
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

firewallmngr/Config.in

@@ -8,11 +8,5 @@ config FIREWALLMNGR_PORT_TRIGGER
 	help
 	   Set this option to include support for PortTrigger object.
 
-config FIREWALLMNGR_BACKEND_FIREWALLMNGR
-	bool "Include Firewallmanager uci"
-	default n
-	help
-	   Set this option to include support for firewallmngr uci.
-
 endmenu
 endif

firewallmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=firewallmngr
-PKG_VERSION:=1.0.4
+PKG_VERSION:=1.0.1
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
-PKG_SOURCE_VERSION:=d4bdd162cf37b3373df2448a70dcb4fbc1113535
+PKG_SOURCE_VERSION:=f5c3e2c93a8a992ab24291eb2c67adf77de7f896
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -43,55 +43,26 @@ endef
 
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
-	$(CP) -rf ./firewallmngr/* $(PKG_BUILD_DIR)/
+	$(CP) -rf ~/git/firewallmngr/* $(PKG_BUILD_DIR)/
 endef
 endif
 
 ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
 	TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
 endif
-ifeq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
-	TARGET_CFLAGS += -DINCLUDE_BACKEND_FIREWALLMNGR
-
-endif
 
 define Package/firewallmngr/install
 	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
 ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
 	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/lib/port-trigger
 
 	$(INSTALL_BIN) ./files/port-trigger/etc/init.d/port-trigger $(1)/etc/init.d/
 	$(INSTALL_DATA) ./files/port-trigger/etc/config/port-trigger $(1)/etc/config/
 	$(INSTALL_DATA) ./files/port-trigger/lib/port-trigger/port_trigger.sh $(1)/lib/port-trigger/
 endif
-ifeq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/lib/fwmngr
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/etc/uci-defaults/00-firewallmngr $(1)/etc/uci-defaults/00-firewallmngr
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/etc/config/firewallmngr  $(1)/etc/config/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/etc/init.d/firewallmngr  $(1)/etc/init.d/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr.sh  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_functions.sh  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/uci_migration.sh  $(1)/lib/fwmngr/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/is_intf_bridge  $(1)/lib/fwmngr/
-	$(INSTALL_BIN) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/firewallmngr_preconfig  $(1)/lib/fwmngr/
-	$(INSTALL_DATA) ./files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_twamp.sh  $(1)/lib/fwmngr/
-
-	$(BBFDM_INSTALL_MS_DM) ./files/firewallmngr_backend_firewallmngr/etc/firewallmngr/firewallmngr.json $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/firewallmngr $(1)/usr/sbin
-else
-	$(INSTALL_BIN) ./files/firewall.portmap $(1)/etc/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/
-
-	$(INSTALL_BIN) ./files/firewall.service $(1)/etc/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
-endif
 endef
 
 $(eval $(call BuildPackage,firewallmngr))

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/bbfdm/micro_services/firewallmngr.json

@@ -1,18 +0,0 @@
-{
-	"daemon": {
-		"config": {
-			"loglevel": "4"
-		},
-		"input": {
-			"type": "JSON",
-			"name": "/etc/firewallmngr/firewallmngr.json",
-			"plugin_dir": "/etc/firewallmngr/plugins"
-		},
-		"output": {
-			"type": "UBUS",
-			"parent_dm": "Device.",
-			"root_obj": "bbfdm",
-			"multiple_objects": ["Firewall","NAT"]
-		}
-	}
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/config/firewallmngr

@@ -1,160 +0,0 @@
-config firewall 'firewall'
-	option enable '1'
-	option config 'Advanced'
-	option advanced_level 'level1'
-
-config level 'level1'
-	option name 'level1'
-	option chain 'chain1'
-	option port_mapping_enabled '1'
-	option default_policy 'reject'
-	option default_log_policy '0'
-	option enable '1'
-
-config chain 'chain1'
-	option enable '1'
-	option name 'chain1'
-
-config rule 'default_rule_0'
-	option chain 'chain1'
-	option enable '1'
-	option order '1'
-	option name 'Allow-DHCP-Renew'
-	option target 'Accept'
-	option src 'wan'
-	option family '4'
-	option proto '17'
-	option dest_port '68'
-
-config rule 'default_rule_1'
-	option chain 'chain1'
-	option enable '1'
-	option order '2'
-	option name 'Allow-Ping'
-	option target 'Accept'
-	option src 'wan'
-	list icmp_type 'echo-request'
-	option family '4'
-	option proto '1'
-
-config rule 'default_rule_2'
-	option chain 'chain1'
-	option enable '1'
-	option order '3'
-	option name 'Allow-IGMP'
-	option target 'Accept'
-	option src 'wan'
-	option family '4'
-	option proto '2'
-
-config rule 'default_rule_3'
-	option chain 'chain1'
-	option enable '1'
-	option order '4'
-	option name 'Allow-DHCPv6'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	option proto '17'
-	option dest_port '546'
-
-config rule 'default_rule_4'
-	option chain 'chain1'
-	option enable '1'
-	option order '5'
-	option name 'Allow-MLD'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	option src_ip 'fe80::'
-	option source_mask 'fe80::/10'
-	list icmp_type '130/0'
-	list icmp_type '131/0'
-	list icmp_type '132/0'
-	list icmp_type '143/0'
-	option proto '1'
-
-config rule 'default_rule_5'
-	option chain 'chain1'
-	option enable '1'
-	option order '6'
-	option name 'Allow-ICMPv6-Input'
-	option target 'Accept'
-	option src 'wan'
-	option family '6'
-	list icmp_type  'echo-request'
-	list icmp_type  'echo-reply'
-	list icmp_type  'destination-unreachable'
-	list icmp_type  'packet-too-big'
-	list icmp_type  'time-exceeded'
-	list icmp_type  'bad-header'
-	list icmp_type  'unknown-header-type'
-	list icmp_type  'router-solicitation'
-	list icmp_type  'neighbour-solicitation'
-	list icmp_type  'router-advertisement'
-	list icmp_type  'neighbour-advertisement'
-	option limit  '1000/sec'
-	option proto '1'
-
-config rule 'default_rule_6'
-	option chain 'chain1'
-	option enable '1'
-	option order '7'
-	option name 'Allow-ICMPv6-Forward'
-	option target 'Accept'
-	option src 'wan'
-	option dest_all_interfaces '1'
-	option family '6'
-	list icmp_type 'echo-request'
-	list icmp_type 'echo-reply'
-	list icmp_type 'destination-unreachable'
-	list icmp_type 'packet-too-big'
-	list icmp_type 'time-exceeded'
-	list icmp_type 'bad-header'
-	list icmp_type 'unknown-header-type'
-	option limit  '1000/sec'
-	option proto '1'
-
-config rule 'default_rule_7'
-	option chain 'chain1'
-	option enable '1'
-	option order '8'
-	option name 'Allow-IPSec-ESP'
-	option target 'Accept'
-	option src 'wan'
-	option dest 'lan'
-	option proto '50'
-
-config rule 'default_rule_8'
-	option chain 'chain1'
-	option enable '1'
-	option order '9'
-	option name 'Allow-ISAKMP'
-	option target 'Accept'
-	option src 'wan'
-	option dest 'lan'
-	option proto '17'
-	option dest_port '500'
-
-config rule 'default_rule_9'
-	option chain 'chain1'
-	option enable '0'
-	option order '10'
-	option name 'Support-UDP-Traceroute'
-	option target 'Reject'
-	option src 'wan'
-	option family '4'
-	option proto '17'
-	option dest_port '33434'
-	option dest_port_range_max '33689'
-
-config rule 'default_forward_rule'
-	option chain 'chain1'
-	option enable '1'
-	option order '65535'
-	option name 'forward-rule'
-	option src 'lan'
-	option dest 'wan'
-	option proto '-1'
-	option target 'Accept'
-

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/init.d/firewallmngr

@@ -1,27 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=18
-USE_PROCD=1
-
-USE_PROCD=1
-NAME=firewallmngr
-PROG=/usr/sbin/firewallmngr
-
-. /lib/fwmngr/fwmngr.sh
-
-
-start_service() {
-	configure_firewall
-	procd_open_instance firewallmngr
-	procd_set_param command ${PROG}
-	procd_set_param respawn
-	procd_close_instance
-}
-
-boot() {
-	start
-}
-
-service_triggers() {
-	procd_add_reload_trigger firewallmngr
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/etc/uci-defaults/00-firewallmngr

@@ -1,28 +0,0 @@
-#!/bin/sh
-
-. /lib/fwmngr/fwmngr_functions.sh
-. /lib/fwmngr/uci_migration.sh
-
-
-rule_sec=$(uci show firewall | grep "=rule")
-[ -z "$rule_sec" ] && return
-rule_sec=$(echo $rule_sec | grep "fwmngr")
-
-if [ -z "$rule_sec" ]; then
-	generate_firewallmngr_config
-fi
-if [ -f /etc/firewall.ddos ]; then
-        uci -q get firewall.ddos || {
-                uci -q set firewall.ddos=include
-                uci -q set firewall.ddos.path="/etc/firewall.ddos"
-                uci -q set firewall.ddos.reload=1
-fi
-if [ -f /etc/firewall.protect_port ]; then
-        uci -q get firewall.protect_port || {
-                uci -q set firewall.protect_port='include'
-                uci -q set firewall.protect_port.path='/etc/firewall.protect_port'
-                uci -q set firewall.protect_port.reload='1'
-        }
-fi
-
-

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/firewallmngr_preconfig

@@ -1,76 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-rule_max_order_val=0
-config_load firewallmngr
-
-firewallmngr_generate_nat_interface_setting() {
-	local intf="$1"
-	local is_bridge="false"
-	local masq="0"
-	local intf_dev
-	local type=""
-	local nat_intf_setting=""
-
-
-	type=$(uci -q get firewallmngr."$intf")
-	[ "$type" = "natif" ] && return
-
-	nat_intf_setting=$(uci  add "firewallmngr" "natif")
-	uci set firewallmngr."$nat_intf_setting".interface="$intf"
-
-	if [ $(/lib/fwmngr/is_intf_bridge "$intf") -eq 1 ]; then
-		uci set firewallmngr."$nat_intf_setting".enabled="0"
-	else
-		uci set firewallmngr."$nat_intf_setting".enabled="1"
-	fi
-
-	uci rename firewallmngr."$nat_intf_setting"="$intf"
-}
-
-firewallmngr_process_rule_interface() {
-	local rule="$1"
-	local src_intf=""
-	local dest_intf=""
-
-	config_get src_intf "$rule" "src"
-	config_get dest_intf "$rule" "dest"
-
-	[ -z "$src_intf" ] || firewallmngr_generate_nat_interface_setting "$src_intf"
-	[ -z "$dest_intf" ] || firewallmngr_generate_nat_interface_setting "$dest_intf"
-}
-
-firewallmngr_process_rule_param() {
-	local order=""
-	config_get order "$1" order
-
-	if [ -z "$order" ] || [ "$order" = "65535" ]; then
-		return
-	fi
-	rule_max_order_val=$(( rule_max_order_val + 1 ))
-	if [ ${order} -gt ${rule_max_order_val} ]; then
-		uci -q set firewallmngr."$1".order="$rule_max_order_val"
-		uci -q reorder firewallmngr."$1"=${rule_max_order_val}
-	fi
-
-	firewallmngr_process_rule_interface "$1"
-}
-
-firewallmngr_set_rule_order() {
-	local order=""
-	config_get order "$1" order
-
-	if [ -n "$order" ]; then
-		uci -q reorder firewallmngr."$1"=${order}
-		return
-	fi
-	rule_max_order_val=$(( rule_max_order_val + 1 ))
-	uci -q set firewallmngr."$1".order="$rule_max_order_val"
-	uci -q reorder firewallmngr."$1"=${rule_max_order_val}
-}
-
-config_foreach firewallmngr_process_rule_param rule
-config_foreach firewallmngr_set_rule_order rule
-
-uci commit firewallmngr

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr.sh

@@ -1,195 +0,0 @@
-#!/bin/sh
-#set -x
-
-. /lib/functions.sh
-. /lib/fwmngr/fwmngr_functions.sh
-
-
-fw_rule_sections=""
-fw_redirect_sections=""
-fw_include_sections=""
-
-clean_expiry() {
-	[ -f "/tmp/fw3.atjobs" ] || return
-	for job in $(cat /tmp/fw3.atjobs); do
-		atrm $job 2>/dev/null
-	done
-	rm -f /tmp/fw3.atjobs
-}
-
-schedule_expiry() {
-
-        [ -f "/usr/bin/at" ] || return
-
-        expire_at() {
-                local cfg=$1
-                local expiry atdate
-
-                config_get expiry $cfg expiry
-
-                [ -n "$expiry" ] || return
-
-                atdate="$(date +'%Y%m%d%H%M.%S' -d @$expiry)"
-
-                [ -n "$atdate" ] || return
-
-                sec=$(echo $atdate | cut -d. -f2)
-                at_date=$(echo $atdate | cut -d. -f1)
-
-                echo "sleep $sec && uci -q delete firewallmngr.$cfg; ubus call uci commit '{\"config\":\"firewallmngr\"}'" | \
-                        at -t $at_date 2>&1 | grep job | awk '{print$2}' >> /tmp/fw3.atjobs
-        }
-
-        config_foreach expire_at rule
-        config_foreach expire_at redirect
-}
-
-firewall_cleanup() {
-	local count=1
-
-	list=$(uci show firewall)
-        section_list=$(echo "$list" | grep "fwmngr")
-
-        section_list=$(echo "$section_list" | awk -F. '{ print $2 }')
-        section_list=$(echo "$section_list" | awk -F= '{ print $1 }')
-
-        fw_rule_sections=$(echo "$list" | grep -v fwmngr | grep "=rule")
-        fw_rule_sections=$(echo "$fw_rule_sections" | awk -F= '{ print $1 }')
-        fw_rule_sections=$(echo "$fw_rule_sections" | awk -F. '{ print $2 }')
-        fw_redirect_sections=$(echo "$list" | grep -v fwmngr | grep "=redirect")
-        fw_redirect_sections=$(echo "$fw_redirect_sections" | awk -F= '{ print $1 }')
-        fw_redirect_sections=$(echo "$fw_redirect_sections" | awk -F. '{ print $2 }')
-        fw_include_sections=$(echo "$list" | grep -v fwmngr | grep "=include")
-        fw_include_sections=$(echo "$fw_include_sections" | awk -F= '{ print $1 }')
-        fw_include_sections=$(echo "$fw_include_sections" | awk -F. '{ print $2 }')
-
-        for sec in $section_list; do
-                uci -q delete firewall."$sec"
-        done
-	uci commit firewall
-}
-
-firewallmngr_preload() {
-	firewall_cleanup
-
-	/lib/fwmngr/firewallmngr_preconfig
-}
-
-firewall_handle_section_dmz() {
-	local dmz_cfg="$1"
-	local dest_uci="$2"
-	local dmz_sec=""
-	local enable=""
-	local origin=""
-	local description=""
-	local interface=""
-	local dest_ip=""
-	local source_prefix=""
-	
-	config_get enable "$dmz_cfg" "enabled" 0
-	[ "$enable" = "1" ] || return
-	config_get dest_ip "$dmz_cfg" "dest_ip"
-	config_get interface "$dmz_cfg" "interface"
-	if [ -z "$dest_ip" ] || [ -z "$interface" ]; then
-		return
-	fi
-	config_get origin "$dmz_cfg" "origin"
-	config_get description "$dmz_cfg" "description"
-	config_get source_prefix "$dmz_cfg" "source_prefix"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		zones=$(uci show firewall | grep "=zone")
-		for zn in zones; do
-			zn_arg=$(echo $zn | awk -F= '{ print $1 }')
-			if [ "$interface" = "$(uci -q get $zn_arg.network)" ]; then
-				zn_name=$(uci -q get "$zn_arg".name)
-			fi
-		done
-	fi
-
-	dmz_sec=$(uci add "$dest_uci" redirect)
-	uci set "$dest_uci"."$dmz_sec".src="$zn_name"
-	uci set "$dest_uci"."$dmz_sec".enabled="1"
-	uci set "$dest_uci"."$dmz_sec".dest_ip="$dest_ip"
-	uci set "$dest_uci"."$dmz_sec".origin="$origin"
-	uci set "$dest_uci"."$dmz_sec".src_ip="$source_prefix"
-	uci set "$dest_uci"."$dmz_sec".target="DNAT"
-
-       	uci rename "$dest_uci"."$dmz_sec"="fwmngr_$dmz_cfg"
-}
-
-handle_section_nat_interface_setting() {
-	local nat_intf_cfg="$1"
-	local interface=""
-	local enable=""
-
-	config_get enable "$nat_intf_cfg" "enabled"
-	[ -z "$enable" ] && return
-	config_get interface "$nat_intf_cfg" "interface"
-	if [ -n "$interface" ]; then
-		create_firewall_zone_config "$interface" "$enable"
-	fi
-}
-
-generate_firewall_config() {
-	local minus_one
-
-
-	firewallmngr_preload
-	uci commit firewallmngr
-	fw_config="$(uci -q get firewallmngr.firewall.config)"
-	[ -z "$fw_config" ] && return
-	[ "$fw_config" = "Advanced" ] || return
-
-#get active chain name
-	chain_name=$(firewallmngr_get_active_chain)
-
-#configure firewall global config
-	global_exist=$(uci -q get firewall.globals)
-	if [ -z "$global_exist" ]; then
-		global_sec=$(uci   add firewall globals)
-		uci   set firewall."$global_sec".enabled="1"
-		uci   rename firewall."$global_sec"="globals"
-	fi
-
-#configure firewall default config
-	default_sec=$(uci  add firewall defaults)
-	uci   set firewall."$default_sec".syn_flood="1"
-	uci   set firewall."$default_sec".input="$INPUT"
-	uci   set firewall."$default_sec".output="$OUTPUT"
-	uci   set firewall."$default_sec".forward="$FORWARD"
-        uci   rename firewall."$default_sec"="fwmngr_default"
-
-	config_load firewallmngr
-	config_foreach handle_section_nat_interface_setting natif
-	uci commit firewall
-#loop through rules in firewallmngr uci and write rule in firewall
-	config_foreach handle_section_firewall_rule rule "$chain_name" "firewall"
-	uci commit firewall
-
-	config_foreach handle_section_nat_port_mapping nat_portmapping "firewall"
-	config_foreach firewall_handle_section_dmz dmz "firewall"
-	config_foreach handle_section_service service "firewall"
-
-#reorder sections to place rule created by user at the end
-	minus_one=$((2**16))
-	for sec in $fw_rule_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-	for sec in $fw_redirect_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-	for sec in $fw_include_sections; do
-		uci -q reorder firewall."$sec"=${minus_one}
-	done
-
-	ubus call uci commit '{"config":"firewall"}'
-	schedule_expiry
-}
-
-configure_firewall () {
-	if ! [ -f "/etc/config/firewall" ]; then
-		touch /etc/config/firewall
-	fi
-	generate_firewall_config
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_functions.sh

@@ -1,627 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-INPUT="REJECT"
-OUTPUT="ACCEPT"
-FORWARD="REJECT"
-
-firewallmngr_get_active_chain() {
-	local fw_level=""
-	local chain_name=""
-	local fw_level=""
-	local chain=""
-
-	fw_level="$(uci -q get firewallmngr.firewall.advanced_level)"
-	[ -z "$fw_level" ] && return
-	enabled="$(uci -q get firewallmngr."${fw_level}".enable)"
-
-	[ "$enabled" = "1" ] || exit
-
-	chain="$(uci -q get firewallmngr."${fw_level}".chain)"
-	[ -z "$chain" ] && exit
-
-	enabled="$(uci -q get firewallmngr."${chain}".enable)"
-	chain_name="$(uci -q get firewallmngr."${chain}".name)"
-	echo "$chain_name"
-}
-
-
-create_firewall_zone_config() {
-	local intf="$1"
-	local masq="$2"
-	local is_bridge="false"
-	local intf_dev=""
-	local ntwrk=""
-	local interface=$(echo "$intf" | awk -F" " '{ print $1 }')
-
-	type=$(uci -q get firewall."$interface")
-	[ "$type" = "zone" ] && return
-
-	zone_sec=$(uci add "firewall" "zone")
-	uci set firewall."$zone_sec".masq="$masq"
-	uci set firewall."$zone_sec".name="$interface"
-	uci set firewall."$zone_sec".output="$OUTPUT"
-
-	if [ $(/lib/fwmngr/is_intf_bridge "$interface") -eq 1 ]; then
-		uci set firewall."$zone_sec".input="ACCEPT"
-		uci set firewall."$zone_sec".forward="ACCEPT"
-	else
-		if [ "$(uci -q get firewallmngr.globals.enabled)" = "0" ]; then
-			uci set firewall."$zone_sec".input="ACCEPT"
-		else
-			uci set firewall."$zone_sec".input="REJECT"
-		fi
-		uci set firewall."$zone_sec".forward="REJECT"
-	fi
-	for ntwrk in $intf; do
-		uci add_list firewall."$zone_sec".network="$ntwrk"
-	done
-	uci rename firewall."$zone_sec"="$interface"
-}
-
-firewallmngr_set_ip() {
-	local rule_sec="$1"
-	local src_ip="$2"
-	local dest_ip="$3"
-
-	mask=$(echo "$src_ip"|grep "/")
-	if [ -z "$src_ip" ]; then
-		uci set firewallmngr."$rule_sec".src_ip="$src_ip"
-	else
-		ip=$(echo "$src_ip" | awk -F"/" '{ print $0 }')
-		mask=$(echo "$src_ip" | awk -F"/" '{ print $2 }')
-		uci set firewallmngr."$rule_sec".src_ip="$ip"
-		uci set firewallmngr."$rule_sec".source_mask="$mask"
-	fi
-
-	mask=$(echo "$src_ip"|grep "/")
-	if [ -z "$dest_ip" ]; then
-		uci set firewallmngr."$rule_sec".dest_ip="$dest_ip"
-	else
-		ip=$(echo "$dest_ip" | awk -F"/" '{ print $0 }')
-		mask=$(echo "$dest_ip" | awk -F"/" '{ print $2 }')
-		uci set firewallmngr."$rule_sec".dest_ip="$ip"
-		uci set firewallmngr."$rule_sec".dest_mask="$mask"
-	fi
-}
-
-firewall_set_ip() {
-	local rule_sec="$1"
-	local src_ip="$2"
-	local dest_ip="$3"
-
-	uci set firewall."$rule_sec".src_ip="$src_ip"
-	uci set firewall."$rule_sec".dest_ip="$dest_ip"
-}
-
-firewallmngr_set_port() {
-	local rule_sec="$1"
-	local src_port="$2"
-	local dest_port="$3"
-	local src_port_range_max="$4"
-	local dest_port_range_max="$5"
-
-	range=$(echo "$src_port" | grep ":")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$rule_sec".src_port="$src_port"
-	else
-		min_port=$(echo "$src_port" | awk -F":" '{ print $1 }')
-		max_port=$(echo "$src_port" | awk -F":" '{ print $2 }')
-
-		uci set firewallmngr."$rule_sec".src_port="$min_port"
-		uci set firewallmngr."$rule_sec".src_port_range_max="$max_port"
-	fi
-	range=$(echo "$dest_port" | grep ":")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$rule_sec".dest_port="$dest_port"
-	else
-		min_port=$(echo "$dest_port" | awk -F":" '{ print $1 }')
-		max_port=$(echo "$dest_port" | awk -F":" '{ print $2 }')
-
-		uci set firewallmngr."$rule_sec".dest_port="$min_port"
-		uci set firewallmngr."$rule_sec".dest_port_range_max="$max_port"
-	fi
-
-}
-
-firewall_set_port() {
-	local rule_sec="$1"
-	local src_port="$2"
-	local dest_port="$3"
-	local src_port_range_max="$4"
-	local dest_port_range_max="$5"
-
-	if [ -z "$dest_port_range_max" ] || [ "$dest_port_range_max" = "-1" ]; then
-		[ "$dest_port" == "-1" ] || uci set firewall."$rule_sec".dest_port="$dest_port"
-	else
-		uci set firewall."$rule_sec".dest_port="$dest_port:$dest_port_range_max"
-	fi
-
-	if [ -z "$src_port_range_max" ] || [ "$src_port_range_max" = "-1" ]; then
-		[ "$src_port" == "-1" ] || uci set firewall."$rule_sec".src_port="$src_port"
-	else
-		uci set firewall."$rule_sec".src_port="$src_port:$src_port_range_max"
-	fi
-}
-
-firewallmngr_set_interface() {
-	local rule_sec="$1"
-	local src_intf="$2"
-	local dest_intf="$3"
-
-	if [ "$src_intf" = "*" ]; then
-		uci set firewallmngr."$rule_sec".source_all_interfaces="1"
-	else
-		uci set firewallmngr."$rule_sec".source_all_interfaces="0"
-		uci set firewallmngr."$rule_sec".src="$src_intf"
-	fi
-	if [ "$dest_intf" = "*" ]; then
-		uci set firewallmngr."$rule_sec".dest_all_interfaces="1"
-	else
-		uci set firewallmngr."$rule_sec".dest_all_interfaces="0"
-		uci set firewallmngr."$rule_sec".dest="$dest_intf"
-	fi
-
-}
-
-firewall_set_interface() {
-	local rule_sec="$1"
-	local src_intf="$2"
-	local dest_intf="$3"
-	uci set firewall."$rule_sec".src="$src_intf"
-	uci set firewall."$rule_sec".dest="$dest_intf"
-}
-
-
-firewallmngr_get_rule_ip_family() {
-	local version="$1"
-
-	if [ "$version" == "ipv4" ]; then
-		echo "4"
-	elif [ "$version" == "ipv6" ]; then
-		echo "6"
-	else
-		echo "-1"
-	fi
-}
-
-firewall_get_rule_ip_family() {
-	local version="$1"
-
-	if [ "$version" == "4" ]; then
-		echo "ipv4"
-	elif [ "$version" == "6" ]; then
-		echo "ipv6"
-	else
-		echo "-1"
-	fi
-}
-
-firewallmngr_set_ip_family() {
-	local rule_sec="$1"
-	local ip_family="$2"
-
-	if [ -z "$ip_family" ]; then
-		uci set firewallmngr."$rule_sec".family="-1"
-		return
-	fi
-	uci set firewallmngr."$rule_sec".family="$ip_family"
-}
-
-firewall_set_ip_family() {
-	local rule_sec="$1"
-	local ip_family="$2"
-
-	[ "$ip_family" == "-1" ] ||  uci set firewall."$rule_sec".family="$ip_family"
-}
-
-firewallmngr_set_rule_target() {
-	local rule_sec="$1"
-	local target="$2"
-	local targetchain="$3"
-	local action
-	if [ "$target" = "MARK" ]; then
-		uci set firewallmngr."$rule_sec".target="Return"
-	elif [ "$target" = "TargetChain" ]; then
-		uci set firewallmngr."$rule_sec".target="$targetchain"
-	else
-		action=$(echo "$target" | awk '{for(i=1;i<=NF;i++){$i=toupper(substr($i,1,1)) substr($i,2)}} 1')
-		uci set firewallmngr."$rule_sec".target="$action"
-	fi
-}
-
-firewall_set_rule_target() {
-	local rule_sec="$1"
-	local target="$2"
-	local targetchain="$3"
-
-	target="$(echo $target | awk '{ print toupper($0) }')"
-	if [ "$target" = "ACCEPT" ] || [ "$target" = "REJECT" ] || [ "$target" = "DROP" ]; then
-		uci set firewall."$rule_sec".target="$(echo $target | awk '{ print toupper($0) }')"
-	elif [ "$target" = "Retrun" ]; then
-		uci set firewall."$rule_sec".target="MARK"
-	elif [ "$target" = "TargetChain" ]; then
-		uci set firewall."$rule_sec".target="$targetchain"
-	else
-		uci set firewall."$rule_sec".target="DROP"
-	fi
-}
-
-set_rule_protocol() {
-	local rule_sec="$1"
-	local protocol="$2"
-	local rule_rd="$3"
-	local dest_uci="$4"
-
-	set_icmp_type() {
-		uci add_list "$dest_uci"."$rule_sec".icmp_type="$1"
-	}
-
-	if [ -z "$protocol" ] || [ "$protocol" = "0" ] || [ "$protocol" = "all" ] || [ "$protocol" = "-1" ]; then
-		uci set "$dest_uci"."$rule_sec".proto="all"
-		return
-	fi
-
-	if [ "$dest_uci" = "firewallmngr" ]; then
-		protocol=$(grep -m 1 "$protocol" "/etc/protocols" | awk -F" " '{ print $2 }')
-	fi
-	uci set "$dest_uci"."$rule_sec".proto="$protocol"
-	if [ "$protocol" = "1" ] || [ "$protocol" = "icmp" ]; then
-		config_list_foreach "$rule_rd" "icmp_type" set_icmp_type
-	fi
-}
-
-handle_section_firewall_rule() {
-	local rule="$1"
-	local chain_name="$2"
-	local dest_uci="$3"
-	local chain=""
-	local is_enable=""
-	local src_intf=""
-	local ip_version=""
-	local ip_family=""
-	local protocol=""
-	local dest_intf=""
-	local target=""
-	local targetchain=""
-	local desc=""
-	local dest_port=""
-	local src_port=""
-	local src_port_range_max=""
-	local dest_port_range_max=""
-	local src_ip=""
-	local dest_ip=""
-	local source_mac=""
-	local source_all_interfaces=""
-	local dest_all_interfaces=""
-	local source_mask=""
-	local dest_mask=""
-	local limit=""
-	local expiry=""
-	local order=""
-
-	config_get is_enable "$rule" "enable" 1
-	[ "$is_enable" = "1" ] || return
-
-	if [ "$dest_uci" = "firewall" ]; then
-		config_get chain "$rule" "chain"
-		[ "$chain" = "$chain_name" ] || return
-	fi
-
-	config_get desc "$rule" "name"
-	config_get src_intf "$rule" "src"
-	config_get dest_intf "$rule" "dest"
-	config_get ip_version "$rule" "family"
-	function="$dest_uci"_get_rule_ip_family
-	ip_family="$($function $ip_version)"
-	config_get protocol "$rule" "proto"
-	config_get src_port "$rule" "src_port"
-	config_get dest_port "$rule" "dest_port"
-	config_get src_ip "$rule" "src_ip"
-	config_get source_mask "$rule" "source_mask"
-	[ -n "$source_mask" ] && src_ip="${src_ip}/$(echo $source_mask | awk -F/ '{ print $2 }')"
-	config_get dest_ip "$rule" "dest_ip"
-	config_get dest_mask "$rule" "dest_mask"
-	[ -n "$dest_mask" ] && dest_ip="${dest_ip}/$(echo $dest_mask | awk -F/ '{ print $2 }')"
-	config_get dest_port_range_max "$rule" "dest_port_range_max"
-	config_get src_port_range_max "$rule" "src_port_range_max"
-	config_get target "$rule" "target"
-	config_get targetchain "$rule" "targetchain"
-	config_get source_mac "$rule" "src_mac"
-	config_get order "$rule" "order"
-	config_get limit "$rule" "limit"
-	config_get expiry "$rule" "expiry"
-	config_get source_all_interfaces "$rule" "source_all_interfaces"
-	[ "$source_all_interfaces" = "1" ] && src_intf="*"
-	config_get dest_all_interfaces "$rule" "dest_all_interfaces"
-	[ "$dest_all_interfaces" = "1" ] && dest_intf="*"
-
-	rule_sec=$(uci add "$dest_uci" rule)
-	uci set "$dest_uci"."$rule_sec".chain="$chain_name"
-	uci set "$dest_uci"."$rule_sec".enabled="1"
-	uci set "$dest_uci"."$rule_sec".name="$desc"
-
-	"$dest_uci"_set_interface "$rule_sec" "$src_intf" "$dest_intf"
-	"$dest_uci"_set_ip_family "$rule_sec" "$ip_family"
-	"$dest_uci"_set_rule_target "$rule_sec" "$target" "$targetchain"
-	set_rule_protocol "$rule_sec" "$protocol" "$rule" "$dest_uci"
-
-	"$dest_uci"_set_port "$rule_sec" "$src_port" "$dest_port" "$src_port_range_max" "$dest_port_range_max"
-
-	"$dest_uci"_set_ip "$rule_sec" "$src_ip" "$dest_ip"
-
-	uci set "$dest_uci"."$rule_sec".src_mac="$source_mac"
-	uci set "$dest_uci"."$rule_sec".order="$order"
-	uci set "$dest_uci"."$rule_sec".limit="$limit"
-	uci set "$dest_uci"."$rule_sec".expiry="$expiry"
-
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci rename "$dest_uci"."$rule_sec"="fwmngr_$rule"
-	else
-        	uci rename "$dest_uci"."$rule_sec"="$rule"
-	fi
-}
-
-firewallmngr_configure_service_rule() {
-	local interface="$1"
-	local dest_port="$2"
-	local ip_family="$3"
-	local protocol="$4"
-	local icmp_type="$5"
-	local source_prefix="$6"
-	local action="$7"
-	local service_cfg="$8"
-	local service_sec
-	
-	service_sec_add_list_value() {
-		for value in $1; do
-			uci add_list firewallmngr."$service_sec"."$2"="$value"
-		done
-	}
-
-	service_sec=$(uci add firewall service)
-	uci set firewallmngr."$service_sec".enabled="1"
-	uci set firewallmngr."$service_sec".name="service rule"
-	uci set firewallmngr."$service_sec".src="$interface"
-	uci set firewallmngr."$service_sec".icmp_type="$icmp_type"
-	uci set firewallmngr."$service_sec".family=$(firewallmngr_get_rule_ip_family "$ip_family")
-	firewallmngr_set_rule_target "$service_sec" "$action" ""
-
-	service_sec_add_list_value "$dest_port" "dest_port"
-	service_sec_add_list_value "$protocol" "protocol"
-	service_sec_add_list_value "$source_prefix" "src_prefix"
-
-	uci rename firewallmngr."$service_sec"="${service_cfg}"
-}
-
-firewall_configure_service_rule() {
-	local interface="$1"
-	local dest_port="$2"
-	local ip_family="$3"
-	local protocol="$4"
-	local icmp_type="$5"
-	local source_prefix="$6"
-	local action="$7"
-	local service_cfg="$8"
-	local service_sec
-
-	service_sec=$(uci add firewall rule)
-	uci set firewall."$service_sec".enabled="1"
-	uci set firewall."$service_sec".name="service rule"
-	uci set firewall."$service_sec".src="$interface"
-	[ "$dest_port" == "-1" ] || uci set firewall."$service_sec".dest_port="$dest_port"
-	uci set firewall."$service_sec".family=$(firewall_get_rule_ip_family "$ip_family")
-	[ "$protocol" == "-1" ] || uci set firewall."$service_sec".proto="$protocol"
-	[ "$icmp_type"  == "-1" ] || uci set firewall."$service_sec".icmp_type="$icmp_type"
-	uci set firewall."$service_sec".src_ip="$source_prefix"
-	firewall_set_rule_target "$service_sec" "$action" ""
-
-	[ -z "$service_cfg" ] || uci rename firewall."$service_sec"="fwmngr_${service_cfg}"
-}
-
-handle_section_service() {
-	local service_cfg="$1"
-	local dest_uci="$2"
-	local service_sec=""
-	local enable=""
-	local interface=""
-	local dest_port=""
-	local protocol=""
-	local icmp_type=""
-	local source_prefix=""
-	local action=""
-	local ip_family=""
-
-	get_service_proto_list() {
-		protocol="$protocol $1"
-	}
-	get_service_src_prefix_list() {
-		source_prefix="$source_prefix $1"
-	}
-	get_service_dest_port_list() {
-		dest_port="$dest_port $1"
-	}
-
-	config_get enable "$service_cfg" "enable" 0
-	[ "$enable" == "1" ] || return
-	config_get interface "$service_cfg" "interface"
-	[ -z "$interface" ] && return
-	config_get ip_family "$service_cfg" "family"
-
-	config_list_foreach "$service_cfg" "proto" get_service_proto_list
-	config_list_foreach "$service_cfg" "dest_port" get_service_dest_port_list
-	config_list_foreach "$service_cfg" "src_prefix" get_service_src_prefix_list
-
-	config_get icmp_type "$service_cfg" "icmp_type"
-	config_get action "$service_cfg" "target"
-
-	"$dest_uci"_configure_service_rule "$interface" "$dest_port" "$ip_family" "$protocol" "$icmp_type" "$source_prefix" "$action" "$service_cfg"
-
-}
-
-firewallmngr_set_all_intf_src_dip() {
-	local redirect_section="$1"
-	local zn_name="$2"
-	local all_interface="$3"
-
-	config_get src_dip "$redirect_section" "src_dip"
-
-	if [ "$src_dip" = "*" ]; then
-		uci set firewallmngr."$redirect_sec".all_interface="1"
-	else
-		uci set firewallmngr."$redirect_sec".all_interface="0"
-	fi
-}
-
-firewall_set_all_intf_src_dip() {
-	local redirect_section="$1"
-	local zn_name="$2"
-	local all_interface="$3"
-
-	if [ "$all_interface" = "1" ]; then
-		if [ -z "$zn_name" ]; then
-			uci set firewall."$redirect_sec".src="wan"
-		else
-			uci set firewall."$redirect_sec".src="$zn_name"
-		fi
-		uci set firewall."$redirect_sec".src_dip="*"
-	else
-		uci set firewall."$redirect_sec".src="$zn_name"
-		uci set firewall."$redirect_sec".src_dip=""
-	fi
-}
-
-firewallmngr_set_src_dport() {
-        local redirect_sec="$1"
-        lodcal external_port="$2"
-        local external_port_end="$3"
-
-	range=$(echo "$external_port" | grep "-")
-	if [ -z "$range" ]; then
-		uci set firewallmngr."$redirect_sec".src_dport="$external_port"
-	else
-		min_port=$(echo "$external_port" | awk -F"-" '{ print $1 }')
-		max_port=$(echo "$external_port" | awk -F"-" '{ print $2 }')
-
-		uci set firewallmngr."$redirect_sec".src_dport="$min_port"
-		uci set firewallmngr."$redirect_sec".src_dport_end="$max_port"
-	fi
-} 
-
-firewall_set_src_dport() {
-        local redirect_sec="$1"
-        local external_port="$2"
-        local external_port_end="$3"
-
-	if [ "$external_port_end" = "0" ]; then
-		if ! [ "$external_port" = "0" ]; then
-			uci set firewall."$redirect_sec".src_dport="$external_port"
-		fi
-	else
-		uci set firewall."$redirect_sec".src_dport="$external_port-$external_port_end"
-	fi
-} 
-
-
-# handling for firewallmngr to firewall
-handle_section_nat_port_mapping() {
-	local nat_port_cfg="$1"
-	local dest_uci="$2"
-	local enable=""
-	local interface=""
-	local all_interface=""
-	local lease_duration=""
-	local remote_host=""
-	local external_port=""
-	local external_port_end=""
-	local internal_port=""
-	local protocol=""
-	local internal_client=""
-	local description=""
-	local redirect_sec=""
-	local epoch_sec=""
-	local stop_epoch=""
-	local stop_ymd=""
-	local stop_hms=""
-	local zn_name=""
-
-	config_get enable "$nat_port_cfg" "enabled"
-	config_get interface "$nat_port_cfg" "src"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		zones=$(uci show firewall | grep "=zone")
-		for zn in zones; do
-			zn_arg=$(echo $zn | awk -F= '{ print $1 }')
-			if [ "$interface" = "$(uci -q get $zn_arg.network)" ]; then
-				zn_name=$(uci -q get "$zn_arg".name)
-				masq=$(uci -q get "$zn_arg".masq)
-			fi
-		done
-		if [ -z "$enable" ] && ! [ "$masq" = "1" ]; then
-			return
-		fi
-	fi
-
-	config_get internal_client "$nat_port_cfg" "dest_ip"
-	config_get all_interface "$nat_port_cfg" "all_interface"
-	config_get lease_duration "$nat_port_cfg" "lease_duration"
-	config_get remote_host "$nat_port_cfg" "src_ip"
-	config_get external_port "$nat_port_cfg" "src_dport" "0"
-	config_get external_port_end "$nat_port_cfg" "src_dport_end" "0"
-	config_get internal_port "$nat_port_cfg" "dest_port"
-	config_get protocol "$nat_port_cfg" "proto"
-	protocol=$(echo $protocol | awk '{ print tolower($0) }')
-	config_get description "$nat_port_cfg" "name"
-
-	redirect_sec=$(uci add "$dest_uci" redirect)
-
-	"dest_uci"_set_all_intf_src_dip "$redirect_sec" "$zn_name" "$all_interface"
-
-	if [ "$dest_uci" = "firewall" ]; then
-		if [ -n "$lease_duration" ] && ! [ "$lease_duration" == "0" ]; then
-			epoch_sec=$(date +%s)
-			stop_epoch=$(( epoch_sec + lease_duration ))
-			stop_ymd=$(date -d @${stop_epoh} +%Y-%m-%d)
-			stop_hms=$(date -d @${stop_epoch} +%H:%M:%S)
-			uci set "$dest_uci"."$redirect_sec".stop_date="$stop_ymd"
-			uci set "$dest_uci"."$redirect_sec".stop_time="$stop_hms"
-		fi
-	fi
-
-	"$dest_uci"_set_src_dport "$redirect_section" "$external_port" "$external_port_end"
-
-	uci  set "$dest_uci"."$redirect_sec".enabled="1"
-	uci  set "$dest_uci"."$redirect_sec".target="DNAT"
-	uci  set "$dest_uci"."$redirect_sec".dest_ip="$internal_client"
-	[ -z "$protocol" ] || uci set "$dest_uci"."$redirect_sec".proto="$protocol"
-	[ -z "$remote_host" ] || uci  set "$dest_uci"."$redirect_sec".src_ip="$remote_host"
-	[ -z "$internal_port" ] || uci set "$dest_uci"."$redirect_sec".dest_port="$internal_port"
-	[ -z "$description" ] || uci set "$dest_uci"."$redirect_sec".name="$description"
-
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci rename "$dest_uci"."$redirect_sec"="fwmngr_$nat_port_cfg"
-	else
-        	uci rename "$dest_uci"."$redirect_sec"="$nat_port_cfg"
-	fi
-}
-
-handle_include_section() {
-	local include_sec="$1"
-	local dest_uci="$2"
-
-	config_get path "$include_sec" "path"
-	config_get reload "$include_sec" "reload"
-	config_get include_type "$include_sec" "type"
-
-	sec=$(uci   add "$dest_uci" include)
-	[ -z "$path" ] || uci   set "$dest_uci"."$sec".path="$path"
-	[ -z "$reload" ] || uci   set "$dest_uci"."$sec".reload="$reload"
-	[ -z "$include_type" ] || uci   set "$dest_uci"."$sec".type="$include_type"
-	if [ "$dest_uci" = "firewall" ]; then
-        	uci   rename "$dest_uci"."$sec"="fwmngr_$include_sec"
-	else
-        	uci   rename "$dest_uci"."$sec"="$include_sec"
-	fi
-	
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/fwmngr_twamp.sh

@@ -1,60 +0,0 @@
-#! /bin/sh
-
-active_chain=""
-remove_twamp_reflector_rules() {
-	config_get name "$1" name
-
-	if [ "$name" = "Twamp Reflector Rule" ]; then
-		uci delete firewallmngr."$1"
-	fi
-
-}
-
-handle_twamp_reflector_rules() {
-	local twamp_cfg="$1"
-	local sec_name=""
-	local action="Acept"
-
-	config_get enable "$twamp_cfg" enable "1"
-	config_get port "$twamp_cfg" port
-	config_get interface "$twamp_cfg" interface
-
-	if [ "${enable}" -eq 0 ] || [ -z "$port" ] || [ -z "$interface" ]; then
-		return
-	fi
-	sec_name="twamp_${interface}_${port}"
-	rule_twamp=$(uci add firewallmngr rule)
-	uci set firewallmngr."$rule_twamp".enable="1"
-	uci set firewallmngr."$rule_twamp".chain="$active_chain"
-	uci set firewallmngr."$rule_twamp".dest_port="$port"
-	uci set firewallmngr."$rule_twamp".name="Twamp Reflector Rule"
-	uci set firewallmngr."$rule_twamp".interface="$interface"
-	uci set firewallmngr."$rule_twamp".ip_version="4"
-	uci set firewallmngr."$rule_twamp".protocol="17"
-	uci set firewallmngr."$rule_twamp".target="$action"
-	uci rename firewallmngr."$rule_twamp"="fwmngr_$sec_name"
-}
-
-firewallmngr_get_active_chain() {
-	config_get creator "$1" creator
-	[ "$creator" = "PortMapping" ] && return
-
-	config_get enable "$1" enable
-	if [ -n "$enable" ] && [ "$enable" = "1" ]; then
-		config_get active_chain "$1" name
-	fi
-}
-
-handle_twamp_rules() {
-	twamp_enable=$(uci -q get twamp.twamp.enable)
-
-	config_load firewallmngr
-	config_foreach firewallmngr_get_active_chain chain
-
-	config_foreach remove_twamp_reflector_rules rule
-	config_load twamp
-	if [ -n "$twamp_enable" ] && [ "$twamp_enable" == "1" ]; then
-		config_foreach handle_twamp_reflector_rules twamp_reflector
-	fi
-	uci commit firewallmngr
-}

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/is_intf_bridge

@@ -1,23 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-
-interface=$1
-intf_dev=""
-is_bridge=0
-
-is_device_type_bridge() {
-	local dev
-	local dev_type
-
-	config_get dev "$1" "name"
-	config_get dev_type "$1" "type"
-	if [ "$dev" = "$intf_dev" ] && [ "$dev_type" = "bridge" ]; then
-		is_bridge=1
-	fi
-}
-
-intf_dev=$(uci -q get network."$interface".device)
-config_load network
-config_foreach is_device_type_bridge device 
-
-echo $is_bridge

firewallmngr/files/firewallmngr_backend_firewallmngr/lib/fwmngr/uci_migration.sh

@@ -1,158 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-. /lib/fwmngr/fwmngr_functions.sh
-
-uci_mig_include_sections=""
-include_deprecated_list="hosts cwmp dmz mcast twamp portmap service"
-final_include_cfg=""
-
-
-firewallmngr_zone_to_nat_interface_setting() {
-	zone="$1"
-
-	config_get interface "$zone" "network"
-	[ -n "$interface" ] || return
-	config_get enable "$zone" "masq" "0"
-	nat_intf_setting=$(uci add "firewallmngr" "natif")
-	uci set firewallmngr."$nat_intf_setting".enabled="$enable"
-	uci set firewallmngr."$nat_intf_setting".interface="$interface"
-
-	uci rename firewallmngr."$nat_intf_setting"=$(echo "$interface" | awk -F" " '{ print $1 }')
-}
-
-handle_section_forwarding_rule() {
-	local fwd="$1"
-	local chain="$2"
-
-	config_get src_intf "$fwd" "src" 
-	config_get dest_intf "$fwd" "dest"
-
-	rule_sec=$(uci add "firewallmngr" rule)
-	firewallmngr_set_interface "$rule_sec" "$src_intf" "$dest_intf"
-	uci set firewallmngr."$rule_sec".chain="$chain"
-	uci set firewallmngr."$rule_sec".name="$fwd"
-	uci set firewallmngr."$rule_sec".target="accept"
-       	uci rename firewallmngr."$rule_sec"="fwmngr_$fwd"
-}
-
-firewallmngr_handle_section_dmz() {
-	local dmz_cfg="$1"
-	local dest_uci="$2"
-	local dmz_sec=""
-	local enabled=""
-	local origin=""
-	local description=""
-	local interface=""
-	local dest_ip=""
-	local source_prefix=""
-	
-	config_get dest_ip "$dmz_cfg" "dest_ip"
-	config_get interface "$dmz_cfg" "interface"
-	config_get origin "$dmz_cfg" "origin"
-	config_get source_prefix "$dmz_cfg" "source_prefix"
-	config_get description "$dmz_cfg" "description"
-	config_get enabled "$dmz_cfg" "enabled"
-
-	dmz_sec=$(uci add firewallmngr dmz)
-
-	uci set firewallmngr."$dmz_sec".enabled="$enabled"
-	uci set firewallmngr."$dmz_sec".dest_ip="$dest_ip"
-	uci set firewallmngr."$dmz_sec".interface="$interface"
-	uci set firewallmngr."$dmz_sec".origin="$origin"
-	uci set firewallmngr."$dmz_sec".description="$description"
-	uci set firewallmngr."$dmz_sec".source_prefix="$source_prefix"
-
-       	uci rename firewallmngr."$dmz_sec"="$dmz_cfg"
-}
-
-#This call must be triggered from procd boot function
-cleanup_firewallmngr_rule_section() {
-	rule_sec=$(uci show firewallmngr | grep "=rule")
-	for sec in $rule_sec; do
-		rule=$(echo "$sec" | awk -F= '{ print $1 }')
-		uci delete "$rule"
-	done
-	uci commit firewallmngr
-}
-
-firewallmngr_delete_install_dmz_rule() {
-	local dmz_cfgs
-
-	dmz_cfgs=$(uci show firewall | grep "=dmz")
-	for dmz in $dmz_cfgs; do
-		dmz=$(echo $dmz | awk -F= '{ print $1 }')
-		uci del "$dmz"
-	done
-	uci commit firewall
-}
-
-firewall_delete_deprecated_include_section() {
-	new_inc_list=""
-
-	inc_list=$(uci show firewall | grep "=include")
-	for inc in $inc_list; do
-		inc=$(echo "$inc"| awk -F"=" '{ print $1 }')
-
-		inc_name=$(echo "$inc" | awk -F. '{ print $2 }')
-		inc_path=$(uci -q get "$inc".path | awk -F/ '{ print $NF }')
-		inc_file=$(echo "$inc_path" | awk -F. '{ print $2 }')
-
-		inc_ignore=$(echo "$include_deprecated_list"| grep -w "$inc_name")
-		if [ -z "$inc_ignore" ]; then
-			inc_ignore=$(echo "$include_deprecated_list"| grep -w "$inc_file")
-		fi
-		[ -z "$inc_ignore" ] || uci delete "$inc"
-
-	done
-	uci commit firewall
-
-
-}
-
-firewall_backup_include_section() {
-	list=$(uci show firewall)
-        uci_mig_include_sections=$(echo "$list" | grep "=include")
-        uci_mig_include_sections=$(echo "$fw_include_sections" | awk -F= '{ print $1 }')
-        uci_mig_include_sections=$(echo "$fw_include_sections" | awk -F. '{ print $2 }')
-}
-
-firewall_uci_cleanup() {
-# cleanup all sections of firewall uci, firewall uci will be generated by firewallmngr init
-	section_cleanup () {
-		local sec="$1"
-
-		rule_sec=$(uci show firewall | grep "$sec")
-		for rule in $rule_sec; do
-			rule=$(echo "$rule" | awk -F= '{ print $1 }')
-			uci delete "$rule"
-		done
-	}
-
-	section_cleanup "=rule"
-	section_cleanup "=zone"
-	section_cleanup "=redirect"
-	section_cleanup "=dmz"
-	section_cleanup "=service"
-	section_cleanup "=forwarding"
-	section_cleanup "=defaults"
-	section_cleanup "=globals"
-	uci commit firewall
-}
-
-generate_firewallmngr_config() {
-	chain_name=$(firewallmngr_get_active_chain)
-	cleanup_firewallmngr_rule_section
-	config_load firewall
-	config_foreach handle_section_firewall_rule rule "$chain_name" "firewallmngr"
-	config_foreach firewallmngr_zone_to_nat_interface_setting zone 
-	config_foreach handle_section_nat_port_mapping redirect "firewallmngr"
-	config_foreach firewallmngr_handle_section_dmz dmz "firewallmngr"
-	config_foreach handle_section_service service "firewallmngr"
-	config_foreach handle_section_forwarding_rule forwarding "$chain_name"
-
-	uci commit firewallmngr
-
-	firewall_uci_cleanup
-	firewall_delete_deprecated_include_section
-}

fluentbit/Makefile

@@ -1,165 +0,0 @@
-#
-# Copright (C) 2018 The Internet Foundation In Sweden
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=fluentbit
-PKG_VERSION:=1.0.0
-PKG_RELEASE:=1
-
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit.git
-PKG_SOURCE_VERSION:=v3.0.5
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-
-PKG_LICENSE:=Apache-2.0
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include $(INCLUDE_DIR)/cmake.mk
-
-define Package/fluentbit
-	CATEGORY:=Utilities
-	DEPENDS:= +libyaml +libopenssl +libcurl +libatomic +musl-fts
-	TITLE:=FluentBit
-endef
-
-define Package/fluentbit/description
-	Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
-endef
-
-# General options
-TARGET_LDFLAGS+=-lfts -latomic
-
-CMAKE_OPTIONS+= \
-	-DFLB_RELEASE=Yes \
-	-DFLB_SMALL=Yes \
-	-DEXCLUDE_FROM_ALL=true \
-	-DBUILD_SHAREDD_LIBS=Yes \
-	-DFLB_DEBUG=No \
-	-DFLB_ALL=No \
-	-DFLB_JEMALLOC=No \
-	-DFLB_EXAMPLES=No \
-	-DFLB_CHUNK_TRACE=No \
-	-DFLB_BACKTRACE=No \
-	-DFLB_WASM=No \
-	-DFLB_LUAJIT=No
-
-# In plugins
-CMAKE_OPTIONS += \
-	-DFLB_IN_SYSLOG=Yes \
-	-DFLB_IN_CPU=Yes \
-	-DFLB_IN_MEM=Yes \
-	-DFLB_IN_DISK=Yes \
-	-DFLB_IN_EXEC=Yes \
-	-DFLB_IN_HEAD=Yes \
-	-DFLB_IN_FORWARD=No \
-	-DFLB_IN_KMSG=No \
-	-DFLB_IN_PROC=No \
-	-DFLB_IN_RANDOM=No \
-	-DFLB_IN_SERIAL=No \
-	-DFLB_IN_MQTT=No \
-	-DFLB_IN_STDIN=No \
-	-DFLB_IN_SYSTEMD=No \
-	-DFLB_IN_TAIL=No \
-	-DFLB_IN_TCP=No \
-	-DFLB_IN_THERMAL=No \
-	-DFLB_IN_UDP=No \
-	-DFLB_IN_DOCKER=No \
-	-DFLB_IN_EXEC_WASI=No \
-	-DFLB_IN_EVENT_TYPE=No \
-	-DFLB_IN_FLUENTBIT_METRICS=No \
-	-DFLB_IN_KUBERNETES_EVENTS=No \
-	-DFLB_IN_KAFKA=No \
-	-DFLB_IN_LIB=No \
-	-DFLB_IN_SYSTEMD=No \
-	-DFLB_IN_DUMMY=No \
-	-DFLB_IN_NETIF=No \
-	-DFLB_IN_COLLECTD=No \
-	-DFLB_IN_PROMETHEUS_SCRAPE=No \
-	-DFLB_IN_STATSD=No \
-	-DFLB_IN_STORAGE_BACKLOG=No \
-	-DFLB_IN_PODMAN_METRICS=No \
-	-DFLB_IN_OPENTELEMETRY=No \
-	-DFLB_IN_ELASTICSEARCH=No \
-	-DFLB_IN_CALYPTIA_FLEET=No \
-	-DFLB_IN_SPLUNK=No
-	-DFLB_IN_HEALTH=No \
-	-DFLB_IN_WINLOG=No \
-	-DFLB_IN_WINEVTLOG=No
-
-
-# Filter options
-CMAKE_OPTIONS += 
-	-DFLB_FILTER_AWS=No \
-	-DFLB_FILTER_ECS=No \
-	-DFLB_FILTER_KUBERNETES=No \
-	-DFLB_FILTER_LUA=No \
-	-DFLB_FILTER_NEST=No \
-	-DFLB_FILTER_RECORD_MODIFIER=No \
-	-DFLB_FILTER_THROTTLE=No \
-	-DFLB_FILTER_TYPE_CONVERTER=No \
-	-DFLB_FILTER_WASM=No \
-	-DFLB_FILTER_TENSORFLOW=No \
-	-DFLB_FILTER_GEOIP2=No \
-	-DFLB_FILTER_NIGHTFALL=No
-
-# out plugins
-CMAKE_OPTIONS += \
-	-DFLB_OUT_EXIT=Yes \
-	-DFLB_OUT_FORWARD=Yes \
-	-DFLB_OUT_HTTP=Yes \
-	-DFLB_OUT_NATS=Yes \
-	-DFLB_OUT_TCP=Yes \
-	-DFLB_OUT_UDP=Yes \
-	-DFLB_OUT_FILE=Yes \
-	-DFLB_OUT_STDOUT=Yes \
-	-DFLB_OUT_SYSLOG=Yes \
-	-DFLB_OUT_NULL=Yes \
-	-DFLB_OUT_PLOT=No \
-	-DFLB_OUT_AZURE=No \
-	-DFLB_OUT_AZURE_BLOB=No \
-	-DFLB_OUT_AZURE_LOGS_INGESTION=No \
-	-DFLB_OUT_AZURE_KUSTO=No \
-	-DFLB_OUT_BIGQUERY=No \
-	-DFLB_OUT_CALYPTIA=No \
-	-DFLB_OUT_COUNTER=No \
-	-DFLB_OUT_DATADOG=No \
-	-DFLB_OUT_ES=No \
-	-DFLB_OUT_GELF=No \
-	-DFLB_OUT_INFLUXDB=No \
-	-DFLB_OUT_NRLOGS=No \
-	-DFLB_OUT_OPENSEARCH=No \
-	-DFLB_OUT_TD=No \
-	-DFLB_OUT_SKYWALKING=No \
-	-DFLB_OUT_SLACK=No \
-	-DFLB_OUT_SPLUNK=No \
-	-DFLB_OUT_STACKDRIVER=No \
-	-DFLB_OUT_LIB=No \
-	-DFLB_OUT_FLOWCOUNTER=No \
-	-DFLB_OUT_LOGDNA=No \
-	-DFLB_OUT_LOKI=No \
-	-DFLB_OUT_KAFKA=No \
-	-DFLB_OUT_KAFKA_REST=No \
-	-DFLB_OUT_CLOUDWATCH_LOGS=No \
-	-DFLB_OUT_KINESIS_FIREHOSE=No \
-	-DFLB_OUT_KINESIS_STREAMS=No \
-	-DFLB_OUT_OPENTELEMETRY=No \
-	-DFLB_OUT_PROMETHEUS_EXPORTER=No \
-	-DFLB_OUT_PROMETHEUS_REMOTE_WRITE=No \
-	-DFLB_OUT_S3=No \
-	-DFLB_OUT_VIVO_EXPORTER=No \
-	-DFLB_OUT_WEBSOCKET=No \
-	-DFLB_OUT_ORACLE_LOG_ANALYTICS=No \
-	-DFLB_OUT_CHRONICLE=No \
-	-DFLB_OUT_PGSQL=No
-
-define Package/fluentbit/install
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/fluent-bit $(1)/usr/sbin/
-endef
-
-$(eval $(call BuildPackage,fluentbit))

hostmngr/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostmngr
-PKG_VERSION:=1.2.6
+PKG_VERSION:=1.2.5
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=aa365710b227ba82b1c43f9cdf497261edb21852
+PKG_SOURCE_VERSION:=20402c9fb60afa0678d844b0401e1b89699ff8b3
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -62,11 +62,7 @@ define Package/hostmngr/install
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/hostmngr $(1)/usr/sbin/
 	$(INSTALL_DIR) $(1)/usr/share/hostmngr
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_DATA) ./files/scripts/hosts_acl.sh $(1)/usr/share/hostmngr/
-else
-	$(INSTALL_DATA) ./files/scripts/hostmngr_backend_firewallmngr/hosts_acl.sh $(1)/usr/share/hostmngr/
-endif
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/bbf_plugin/libhostmngr.so $(1) $(PKG_NAME)
 endef
 

hostmngr/files/scripts/hostmngr_backend_firewallmngr/hosts_acl.sh

@@ -1,299 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-day=""
-next_days=""
-prev_days=""
-schedule_added=""
-
-ACCESS_RULE=""
-IP_RULE=""
-IP_RULE1=""
-
-get_next_day() {
-	local weekday="$1"
-	case "$weekday" in
-		"Mon"|"Monday") echo "Tuesday"
-		;;
-		"Tue"|"Tuesday") echo "Wednesday"
-		;;
-		"Wed"|"Wednesday") echo "Thursday"
-		;;
-		"Thu"|"Thursday") echo "Friday"
-		;;
-		"Fri"|"Friday") echo "Saturday"
-		;;
-		"Sat"|"Saturday") echo "Sunday"
-		;;
-		"Sun"|"Sunday") echo "Monday"
-		;;
-	esac
-}
-
-get_previous_day() {
-	local weekday="$1"
-	case "$weekday" in
-		"Mon"|"Monday") echo "Sunday"
-		;;
-		"Tue"|"Tuesday") echo "Monday"
-		;;
-		"Wed"|"Wednesday") echo "Tuesday"
-		;;
-		"Thu"|"Thursday") echo "Wednesday"
-		;;
-		"Fri"|"Friday") echo "Thursday"
-		;;
-		"Sat"|"Saturday") echo "Friday"
-		;;
-		"Sun"|"Sunday") echo "Saturday"
-		;;
-	esac
-}
-
-ip_rule_west_zone() {
-	local utc_start_t_h="$1"
-	local utc_stop_t_h="$2"
-	local local_start_t_h="$3"
-	local local_stop_t_h="$4"
-	local utc_start_time="$5"
-	local utc_stop_time="$6"
-
-	if [ "$utc_start_t_h" -lt "$local_start_t_h" ]; then
-		IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		if [ -n "$next_days" ]; then
-			IP_RULE="$IP_RULE --weekdays $next_days"
-		fi
-	else
-		if [ "$utc_stop_t_h" -lt "$local_stop_t_h" ]; then
-			IP_RULE1="$IP_RULE"
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop 23:59"
-			IP_RULE1="$IP_RULE1 -m time --timestart 00:00 --timestop $utc_stop_time"
-			if [ -n "$next_days" ]; then
-				IP_RULE1="$IP_RULE1 --weekdays $next_days"
-			fi
-		else
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		fi
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	fi
-}
-
-ip_rule_east_zone() {
-	local utc_start_t_h="$1"
-	local utc_stop_t_h="$2"
-	local local_start_t_h="$3"
-	local local_stop_t_h="$4"
-	local utc_start_time="$5"
-	local utc_stop_time="$6"
-
-	if [ "$utc_start_t_h" -lt "$local_start_t_h" ]; then
-		IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	else
-		if [ "$utc_stop_t_h" -lt "$local_stop_t_h" ]; then
-			IP_RULE1="$IP_RULE"
-			IP_RULE="$IP_RULE -m time --timestart 00:00 --timestop $utc_stop_time"
-			IP_RULE1="$IP_RULE1 -m time --timestart $utc_start_time --timestop 23:59"
-			if [ -n "$prev_days" ]; then
-				IP_RULE1="$IP_RULE1 --weekdays $prev_days"
-			fi
-		else
-			IP_RULE="$IP_RULE -m time --timestart $utc_start_time --timestop $utc_stop_time"
-		fi
-		if [ -n "$day" ]; then
-			IP_RULE="$IP_RULE --weekdays $day"
-		fi
-	fi
-}
-
-
-add_access_rule() {
-	local rule="$1"
-	echo "iptables -w -A hosts_forward ${rule}" >> $ACL_FILE
-	echo "ip6tables -w -A hosts_forward ${rule}" >> $ACL_FILE
-}
-
-handle_day_list() {
-	local value=$1
-
-	val=$(echo $value | cut -c 1-3)
-	next_day_val=$(get_next_day $val)
-	prev_day_val=$(get_previous_day $val)
-	if [ -z $day ]; then
-		day="$val"
-		next_days="$next_day_val"
-		prev_days="$prev_day_val"
-	else
-		day="$day,$val"
-		next_days="$next_days,$next_day_val"
-		prev_days="$prev_days,$prev_day_val"
-	fi
-}
-
-handle_schedule() {
-	local schd_section="$1"
-	local ac_section="$2"
-	local acs_id
-	local start_time
-	local duration
-
-	IP_RULE="$ACCESS_RULE"
-	IP_RULE1=""
-	day=""
-	next_days=""
-	prev_days=""
-
-	config_get acs_id "$schd_section" "dm_parent"
-
-	if [ "$acs_id" != "$ac_section" ]; then
-		return # schedule not for this access control section
-	fi
-
-	local is_enabled
-	config_get is_enabled "$schd_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local all_days="Monday Tuesday Wednesday Thursday Friday Saturday Sunday"
-	local day_config
-	config_get day_config "$schd_section" "day" "$all_days"
-
-	IFS=" "
-	for d in $day_config; do
-		handle_day_list $d
-	done
-
-	config_get start_time "$schd_section" "start_time" "00:00"
-	config_get duration "$schd_section" "duration"
-
-	zone=$(date +%z | cut -c 1)
-	local_start_time=$start_time
-	hh=$(echo $local_start_time | awk -F: '{ print $1 }')
-	mm=$(echo $local_start_time | awk -F: '{ print $2 }')
-	hh_s=`expr $hh \* 3600`
-	mm_s=`expr $mm \* 60`
-	ss=$(( hh_s + mm_s ))
-	local_start_hh=$hh
-
-        if [ -n "$duration" ]; then
-                stop_ss=$(( ss + duration ))
-                hh=$(( stop_ss / 3600 ))
-               	rem_ss=$(( stop_ss % 3600 ))
-               	mm=$(( rem_ss / 60 ))
-               	ss=$(( rem_ss % 60 ))
-		local_stop_time="$hh:$mm:$ss"
-		local_stop_hh=$hh
-	else
-		# if duartion is not specified, then apply rule to end of the day
-		local_stop_time="23:59:59"
-		local_stop_hh="23"
-	fi
-
-	utc_start_time=$(date -u -d @$(date "+%s" -d "$local_start_time") +%H:%M)
-	utc_stop_time=$(date -u -d @$(date "+%s" -d "$local_stop_time") +%H:%M)
-	utc_start_hh=$(echo $utc_start_time | awk -F: '{ print $1 }')
-	utc_stop_hh=$(echo $utc_stop_time | awk -F: '{ print $1 }')
-	if [ "$zone" == "-" ]; then
-		ip_rule_west_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
-	else
-		ip_rule_east_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
-	fi
-
-	IP_RULE="$IP_RULE -j ACCEPT"
-	if [ -n "$IP_RULE1" ]; then
-		IP_RULE1="$IP_RULE1 -j ACCEPT"
-	fi
-
-	add_access_rule "$IP_RULE"
-	if [ -n "$IP_RULE1" ]; then
-		add_access_rule "$IP_RULE1"
-	fi
-
-	# for access rules to be effective for a schedule, need to add DROP rule
-	# to block the access outside the defined schedule
-	if [ "$schedule_added" == "0" ]; then
-		schedule_added="1"
-	fi
-}
-
-handle_access_control() {
-	local ac_section="$1"
-	local is_enabled
-
-	# default value of Hosts.AccessControl.{i}.Enable is false,
-	# so, if not defined in uci as 1, assume 0
-	config_get is_enabled "$ac_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local mac_addr
-	config_get mac_addr "$ac_section" "macaddr"
-	if [ -z "$mac_addr" ]; then
-		return
-	else
-		ACCESS_RULE="-m mac --mac-source $mac_addr"
-	fi
-
-	local access_policy
-	config_get access_policy "$ac_section" "access_policy"
-	if [ -z "$access_policy" ]; then
-		return # since system default is allow so no need to do anything
-	fi
-
-	# As per Data Model, if access policy is deny, then schedule is to be ignored
-	# and no access is to be provided for the device
-	if [ "$access_policy" == "Deny" ]; then
-		ACCESS_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$ACCESS_RULE"
-		return # no need to parse schedule
-	fi
-
-	schedule_added="0"
-	# check if schedule is defined for this access_control instance
-	# and if yes, create rule accordingly
-	config_foreach handle_schedule  ac_schedule "$ac_section"
-
-	# for access rule to work, need to have default drop rule as last rule
-	if [ "$schedule_added" == "1" ]; then
-		IP_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$IP_RULE"
-	fi
-}
-
-ACL_FILE="/tmp/hosts_access_control/access_control.rules"
-
-rm -f $ACL_FILE
-
-mkdir -p /tmp/hosts_access_control/
-touch $ACL_FILE
-
-echo "iptables -w -F hosts_forward" >> $ACL_FILE
-echo "ip6tables -w -F hosts_forward" >> $ACL_FILE
-
-hosts_ipv4_forward=$(iptables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv4_forward" ]; then
-	echo "iptables -w -t filter -N hosts_forward" >> $ACL_FILE
-	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-fi
-
-hosts_ipv6_forward=$(ip6tables -t filter --list -n | grep hosts_forward)
-if [ -z "$hosts_ipv6_forward" ]; then
-	echo "ip6tables -w -t filter -N hosts_forward" >> $ACL_FILE
-	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-fi
-
-# Load /etc/config/hosts UCI file
-config_load hosts
-config_foreach handle_access_control access_control
-
-# apply the rules
-sh $ACL_FILE

icwmp/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icwmp
-PKG_VERSION:=9.7.19
+PKG_VERSION:=9.7.15
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=db40cb6311003c9a49e78f0e2f740aae465266a8
+PKG_SOURCE_VERSION:=fb3c8833f3fce7fe3659395cab48e7078f2007d5
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -50,16 +50,10 @@ define Package/icwmp/install
 	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_BIN) ./files/etc/firewall.cwmp $(1)/etc/firewall.cwmp
 	$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
-	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
-else
-	$(INSTALL_DIR) $(1)/usr/share/icwmp
-	$(INSTALL_BIN) ./files/etc/init.d/icwmp_backend_firewallmngr/icwmpd $(1)/etc/init.d/icwmpd
-	$(INSTALL_BIN) ./files/script/icwmp_backend_firewallmngr/firewall_cwmp.sh $(1)/usr/share/icwmp/
-endif
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/95-set-random-inform-time $(1)/etc/uci-defaults/
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user

icwmp/files/etc/init.d/icwmp_backend_firewallmngr/icwmpd

@@ -1,589 +0,0 @@
-#!/bin/sh /etc/rc.common
-# Copyright (C) 2015-2019 iopsys Software Solutions AB
-
-START=99
-STOP=00
-
-USE_PROCD=1
-PROG="/usr/sbin/icwmpd"
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-include /lib/network
-
-log() {
-	echo "${@}"|logger -t cwmp.init -p info
-}
-
-regenerate_ssl_link() {
-	local cert_dir
-
-	cert_dir="${1%/}"
-	if [ -f "${cert_dir}" ]; then
-		return 0
-	fi
-
-	# do not generate the c_rehash if its system default cert path
-	# ca-certificate package already generates c_rehash on compilation
-	[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
-
-	generate_links() {
-		local file_type="$1"
-		local files="${cert_dir}"/*."${file_type}"
-		for cfile in ${files}; do
-			if [ -f "${cfile}" ]; then
-				rehash="$(openssl x509 -hash -noout -in "${cfile}")"
-				if [ ! -f "${cert_dir}/${rehash}.0" ]; then
-					log "Generating c_rehash for ${cfile}=>${rehash}.0"
-					ln -s "${cfile}" "${cert_dir}/${rehash}.0"
-				fi
-			fi
-		done
-	}
-
-	generate_links "pem"
-}
-
-enable_dhcp_option43() {
-	local wan="${1}"
-
-	### Ask for DHCP Option 43 only if CWMP is enabled ###
-	local reqopts="$(uci -q get network."${wan}".reqopts)"
-	local proto="$(uci -q get network."${wan}".proto)"
-	local newreqopts=""
-	local option43_present=0
-
-	for ropt in $reqopts; do
-		case $ropt in
-			43) option43_present=1 ;;
-			*) ;;
-		esac
-	done
-
-	if [ ${option43_present} -eq 1 ]; then
-		return;
-	fi
-
-	newreqopts="$reqopts 43"
-	if [ "${proto}" = "dhcp" ]; then
-		uci -q set network."${wan}".reqopts="$newreqopts"
-		uci commit network
-		ubus call network reload
-	fi
-}
-
-convert_to_hex() {
-	local val=""
-	local optval="${1}"
-	OPTIND=1
-	while getopts ":" opt "-$optval"
-	do
-		temp=$(printf "%02X" "'${OPTARG:-:}")
-		val="${val}:${temp}"
-	done
-
-	echo "${val}"
-}
-
-configure_send_op125() {
-	local sendopt="${1}"
-	local intf="${2}"
-	local uci="${3}"
-	local hex_oui=""
-	local hex_serial=""
-	local hex_class=""
-	local oui_len=0
-	local serial_len=0
-	local class_len=0
-
-	if [ "${uci}" = "network" ]; then
-		local opt125="125:00:00:0D:E9"
-	else
-		if [ -z "${sendopt}" ]; then
-			local opt125="125,00:00:0D:E9"
-		else
-			local opt125=":00:00:0D:E9"
-		fi
-	fi
-
-	config_get oui cpe manufacturer_oui ""
-	if [ -z "${oui}" ]; then
-		oui=$(db -q get device.deviceinfo.ManufacturerOUI)
-	fi
-
-	oui=$(echo "${oui}" | tr 'a-f' 'A-F')
-
-	config_get serial cpe serial_number ""
-	if [ -z "${serial}" ]; then
-		serial=$(db -q get device.deviceinfo.SerialNumber)
-	fi
-
-	config_get class cpe product_class ""
-	if [ -z "${class}" ]; then
-		class=$(db -q get device.deviceinfo.ProductClass)
-	fi
-
-	oui_len=$(echo -n "${oui}" | wc -m)
-	serial_len=$(echo -n "${serial}" | wc -m)
-	class_len=$(echo -n "${class}" | wc -m)
-
-	if [ "${oui_len}" -eq 0 ] || [ "${serial_len}" -eq 0 ]; then
-		return 0
-	fi
-
-	opt125_len=$((oui_len + serial_len + class_len))
-	if [ "${class_len}" -gt 0 ]; then
-		opt125_len=$((opt125_len + 6))
-	else
-		opt125_len=$((opt125_len + 4))
-	fi
-
-	hex_opt125_len=$(printf "%02X" "${opt125_len}")
-	opt125="${opt125}:${hex_opt125_len}"
-	hex_oui=$(convert_to_hex "${oui}")
-	if [ -z "${hex_oui}" ]; then
-		return 0
-	fi
-
-	hex_oui_len=$(printf "%02X" "${oui_len}")
-	if [ "${uci}" = "network" ]; then
-		opt125="${opt125}:01:${hex_oui_len}${hex_oui}"
-	else
-		opt125="${opt125}:04:${hex_oui_len}${hex_oui}"
-	fi
-
-	hex_serial=$(convert_to_hex "${serial}")
-	if [ -z "${hex_serial}" ]; then
-		return 0
-	fi
-
-	hex_serial_len=$(printf "%02X" "${serial_len}")
-	if [ "${uci}" = "network" ]; then
-		opt125="${opt125}:02:${hex_serial_len}${hex_serial}"
-	else
-		opt125="${opt125}:05:${hex_serial_len}${hex_serial}"
-	fi
-
-	if [ "${class_len}" -gt 0 ]; then
-		hex_class=$(convert_to_hex "${class}")
-		if [ -z "${hex_class}" ]; then
-			return 0
-		fi
-
-		hex_class_len=$(printf "%02X" "${class_len}")
-		if [ "${uci}" = "network" ]; then
-			opt125="${opt125}:03:${hex_class_len}${hex_class}"
-		else
-			opt125="${opt125}:06:${hex_class_len}${hex_class}"
-		fi
-	fi
-
-
-	if [ "${uci}" = "network" ]; then
-		new_send_opt="$sendopt $opt125"
-		uci -q set network."${intf}".sendopts="$new_send_opt"
-	else
-		new_send_opt="$sendopt$opt125"
-		uci -q add_list dhcp."${intf}".dhcp_option="$new_send_opt"
-	fi
-}
-
-check_for_suboptions() {
-	# Check if option 4 and 5 present inside enterprise id 3561
-	data=$(echo "${1}" | sed 's/://g')
-	len=$(printf "${data}"|wc -c)
-
-	rem_len="${len}"
-	while [ $rem_len -gt 8 ]; do
-		subopt_present=0
-
-		ent_id="${data:0:8}"
-		ent_id=$(printf "%d\n" "0x$ent_id")
-		if [ $ent_id -ne 3561 ]; then
-			len_val=${data:8:2}
-			data_len=$(printf "%d\n" "0x$len_val")
-			# add 4 byte for ent_id and 1 byte for len
-			data_len=$(( data_len * 2 + 10 ))
-			# move ahead data to next enterprise id
-			data=${data:"${data_len}":"${rem_len}"}
-			rem_len=$(( rem_len - data_len ))
-			continue
-		fi
-
-		# read the length of enterprise data
-		len_val=${data:8:2}
-		data_len=$(printf "%d\n" "0x$len_val")
-		# add 4 byte for ent_id and 1 byte for len
-		data_len=$(( data_len * 2 + 10 ))
-
-		len_val=${data:8:2}
-		opt_len=$(printf "%d\n" "0x$len_val")
-		if [ $opt_len -eq 0 ]; then
-			echo ${subopt_present}
-			return 0
-		fi
-
-		# populate the option data of enterprise id
-		sub_data_len=$(( opt_len * 2))
-		# starting 10 means ahead of length field
-		sub_data=${data:10:"${sub_data_len}"}
-
-		# parsing of suboption of option 125
-		while [ $sub_data_len -gt 0 ]; do
-			# get the suboption id
-			sub_opt_id=${sub_data:0:2}
-			sub_opt_id=$(printf "%d\n" "0x$sub_opt_id")
-			case "${sub_opt_id}" in
-			"4") subopt_present=1
-			;;
-			"5") subopt_present=1
-			;;
-			esac
-
-			if [ ${subopt_present} -eq 1 ]; then
-				break;
-			fi
-
-			# get the length of suboption
-			sub_opt_len=${sub_data:2:2}
-			sub_opt_len=$(printf "%d\n" "0x$sub_opt_len")
-			sub_opt_len=$(( sub_opt_len * 2 ))
-
-			# add 2 bytes for sub_opt id and sub_opt len field
-			sub_opt_end=$(( sub_opt_len + 4 ))
-
-			# update the remaining sub option hex string length
-			sub_data_len=$((sub_data_len - sub_opt_end))
-
-			# fetch next sub option hex string
-			sub_data=${sub_data:${sub_opt_end}:${sub_data_len}}
-		done
-
-		if [ ${subopt_present} -eq 1 ]; then
-			break;
-		else
-			# move ahead data to next enterprise id
-			rem_len=$(( rem_len - $data_len ))
-			data=${data:"${data_len}":"${rem_len}"}
-		fi
-	done
-
-	echo ${subopt_present}
-}
-
-enable_dnsmasq_option125() {
-	local lan="${1}"
-	local send125_present=0
-	local opt125="125,"
-
-	local proto="$(uci -q get dhcp."${lan}".dhcpv4)"
-	if [ "${proto}" = "server" ]; then
-		opt_list="$(uci -q get dhcp."${lan}".dhcp_option)"
-		base_opt=""
-
-		for sopt in $opt_list; do
-			if [[ "$sopt" == "$opt125"* ]]; then
-				send125_present=$(check_for_suboptions "${sopt:4}")
-				base_opt="${sopt}"
-				break
-			fi
-		done
-
-		if [ ${send125_present} -eq 0 ]; then
-			uci -q del_list dhcp."${lan}".dhcp_option="${base_opt}"
-			configure_send_op125 "${base_opt}" "${lan}" "dhcp"
-			ubus call uci commit '{"config":"dhcp"}'
-		fi
-	fi
-}
-
-set_vendor_id() {
-	local wan="${1}"
-	local proto="$(uci -q get network."${wan}".proto)"
-
-	if [ "${proto}" = "dhcp" ]; then
-		vendorid="$(uci -q get network."${wan}".vendorid)"
-		if [ -z "${vendorid}" ]; then
-			uci -q set network."${wan}".vendorid="dslforum.org"
-			ubus call uci commit '{"config":"network"}'
-		elif [[ $vendorid != *"dslforum.org"* ]]; then
-			uci -q set network."${wan}".vendorid="${vendorid},dslforum.org"
-			ubus call uci commit '{"config":"network"}'
-		fi
-	fi
-}
-
-enable_dhcp_option125() {
-	local wan="${1}"
-	local reqopts="$(uci -q get network."${wan}".reqopts)"
-	local sendopts="$(uci -q get network."${wan}".sendopts)"
-	local proto="$(uci -q get network."${wan}".proto)"
-	local newreqopts=""
-	local newsendopts=""
-	local req125_present=0
-	local send125_present=0
-	local network_uci_update=0
-	local opt125="125:"
-
-	for ropt in $reqopts; do
-		case $ropt in
-			125) req125_present=1 ;;
-			*) ;;
-		esac
-	done
-
-	for sopt in $sendopts; do
-		if [[ "$sopt" == "$opt125"* ]]; then
-			send125_present=1
-			break
-		fi
-	done
-
-	if [ "${proto}" = "dhcp" ]; then
-		if [ ${req125_present} -eq 0 ]; then
-			newreqopts="$reqopts 125"
-			uci -q set network."${wan}".reqopts="$newreqopts"
-			network_uci_update=1
-		fi
-
-		if [ ${send125_present} -eq 0 ]; then
-			configure_send_op125 "${sendopts}" "${wan}" "network"
-			network_uci_update=1
-		fi
-	fi
-
-	if [ ${network_uci_update} -eq 1 ]; then
-		uci commit network
-		ubus call network reload
-	fi
-}
-
-wait_for_resolvfile() {
-	local time=$1
-	local tm=1
-
-	local resolvfile="$(uci -q get dhcp.@dnsmasq[0].resolvfile)"
-	[ -n "$resolvfile" ] || return
-
-	while [ ! -f "$resolvfile" ]; do
-		sleep 1
-		[ "$tm" -ge "$time" ] && break
-		tm=$((tm+1))
-	done
-}
-
-copy_cwmp_etc_files_to_varstate() {
-	mkdir -p /var/run/icwmpd
-
-	if [ -f /etc/icwmpd/icwmpd_backup_session.xml ]; then
-		cp -f /etc/icwmpd/icwmpd_backup_session.xml /var/run/icwmpd/ 2>/dev/null
-	fi
-
-	if [ -f /etc/icwmpd/dm_enabled_notify.xml ]; then
-		cp -f /etc/icwmpd/dm_enabled_notify /var/run/icwmpd/ 2>/dev/null
-	fi
-}
-
-copy_cwmp_varstate_files_to_etc() {
-	if [ -f /var/run/icwmpd/icwmpd_backup_session.xml ]; then
-		cp -f /var/run/icwmpd/icwmpd_backup_session.xml /etc/icwmpd/ 2>/dev/null
-	fi
-
-	if [ -f /var/run/icwmpd/dm_enabled_notify.xml ]; then
-		cp -f /var/run/icwmpd/dm_enabled_notify /etc/icwmpd/ 2>/dev/null
-	fi
-
-	# move the successful custom notify import marker to persistent storage
-	if [ -f /var/run/icwmpd/icwmpd_notify_import_marker ]; then
-		cp -f /var/run/icwmpd/icwmpd_notify_import_marker /etc/icwmpd/
-	fi
-}
-
-validate_acs_section()
-{
-	uci_validate_section cwmp acs "acs" \
-		'passwd:string' \
-		'periodic_inform_enable:bool' \
-		'periodic_inform_interval:uinteger' \
-		'periodic_inform_time:string' \
-		'url:string' \
-		'dhcp_discovery:string' \
-		'skip_dhcp_boot_options:bool:0' \
-		'dhcp_url:string' \
-		'compression:or("GZIP","Deflate","Disabled")' \
-		'retry_min_wait_interval:range(1, 65535)' \
-		'retry_interval_multiplier:range(1000, 65535)' \
-		'ssl_capath:string'
-
-}
-
-validate_cpe_section()
-{
-	uci_validate_section cwmp cpe "cpe" \
-		'interface:string' \
-		'default_wan_interface:string' \
-		'log_to_console:or("enable","disable")' \
-		'log_to_file:or("enable","disable")' \
-		'log_severity:or("EMERG", "ALERT", "CRITIC" ,"ERROR", "WARNING", "NOTICE", "INFO", "DEBUG")' \
-		'log_file_name:string' \
-		'log_max_size:uinteger' \
-		'userid:string' \
-		'passwd:string' \
-		'port:uinteger' \
-		'provisioning_code:string:""' \
-		'amd_version:range(1, 6)' \
-		'instance_mode:or("InstanceNumber","InstanceAlias")' \
-		'session_timeout:uinteger' \
-		'notification:bool' \
-		'exec_download:bool' \
-		'periodic_notify_enable:bool' \
-		'enable:bool:1' \
-		'periodic_notify_interval:uinteger' \
-		'fw_upgrade_keep_settings:bool'
-}
-
-validate_defaults() {
-	local ssl_capath enable url dhcp_url
-
-	config_load cwmp
-
-	validate_acs_section || {
-		log "Validation of acs section failed"
-		return 1;
-	}
-
-	if [ -z "${url}" ] && [ -z "${dhcp_url}" ]; then
-		log "No ACS URL is configured"
-		return 1
-	fi
-
-	ssl_capath="${ssl_capath%/}"
-	# Put the cert pem file in keep list
-	if [ -d "${ssl_capath}" ] && [ "${ssl_capath}" != "/etc/ssl/certs" ]; then
-		if ! grep "*.pem\|*.crt" /lib/upgrade/keep.d/icwmp; then
-			echo "${ssl_capath}"'/*.pem' >> /lib/upgrade/keep.d/icwmp
-			echo "${ssl_capath}"'/*.crt' >> /lib/upgrade/keep.d/icwmp
-		fi
-	fi
-
-	validate_cpe_section || {
-		log "Validation of cpe section failed"
-		return 1;
-	}
-
-	if [ "$enable" = "0" ]; then
-		log "CWMP service disabled"
-		return 1
-	fi
-
-	return 0;
-}
-
-boot() {
-	local dhcp_discovery wan_interface skip_dhcp_boot_options disable_gatewayinfo
-
-	config_load cwmp
-	config_get wan_interface cpe default_wan_interface "wan"
-	config_get disable_gatewayinfo cpe disable_gatewayinfo "0"
-
-	config_get dhcp_discovery acs dhcp_discovery "0"
-	config_get dhcp_discovery acs dhcp_discovery "0"
-	config_get skip_dhcp_boot_options acs skip_dhcp_boot_options "0"
-
-	if [ "${dhcp_discovery}" = "enable" ] || [ "${dhcp_discovery}" = "1" ]; then
-		if [ "${skip_dhcp_boot_options}" -ne 1 ]; then
-			# Set dhcp option 43 if not already configured
-			enable_dhcp_option43 "${wan_interface}"
-			# Set dhcp option 60
-			set_vendor_id "${wan_interface}"
-		fi
-	fi
-
-	config_get lan_interface cpe default_lan_interface ""
-	if [ -n "${lan_interface}" ]; then
-		if [ "${disable_gatewayinfo}" -ne 1 ]; then
-			# Set dhcp_option 125 if not already configured
-			enable_dhcp_option125 "${wan_interface}"
-			enable_dnsmasq_option125 "${lan_interface}"
-		fi
-	fi
-	
-	config_get ssl_capath acs ssl_capath
-
-	if [ -n "${ssl_capath}" ]; then
-		regenerate_ssl_link "${ssl_capath}"
-	fi
-
-	# Copy backup data so that if it restart latter on, it gets the info
-	copy_cwmp_etc_files_to_varstate
-	mkdir -p /var/run/icwmpd/
-	touch /var/run/icwmpd/cwmp
-
-	start
-}
-
-start_service() {
-
-	sh /usr/share/icwmp/firewall_cwmp.sh
-	procd_open_instance icwmp
-
-	validate_defaults || {
-		log "Validation of defaults failed"
-		procd_close_instance
-		return 1;
-	}
-
-	procd_set_param command "$PROG"
-	procd_append_param command -b
-
-	procd_set_param respawn \
-		"${respawn_threshold:-5}" \
-		"${respawn_timeout:-10}" "${respawn_retry:-3}"
-
-	procd_close_instance
-}
-
-stop_service()
-{
-	copy_cwmp_varstate_files_to_etc
-}
-
-reload_service() {
-	local ret
-
-	log "Reload service $ret"
-	ret="0"
-
-	validate_defaults || {
-		stop
-		start
-		return 0;
-	}
-
-	ret=$(ubus call service list '{"name":"icwmpd"}' | jsonfilter -qe '@.icwmpd.instances.icwmp.running')
-	if [ "$ret" != "true" ]; then
-		log "Reloading cwmp service ..."
-		stop
-		start
-		return 0
-	fi
-
-	tr069_status="$(ubus -t 1 call tr069 status)"
-	ret="$?"
-	if [ "$ret" = "7" ]; then
-		# ubus timed out may be due to uloop is busy in some task so return
-		log "Skipping ubus reload due to ubus timeout"
-		return 0
-	fi
-
-	status="$(echo "${tr069_status}" | jsonfilter -qe '@.cwmp.status')"
-	if [ "$status" = "up" ]; then
-		ubus -t 1 call tr069 command '{"command":"reload"}'
-	fi
-}
-
-service_triggers() {
-       procd_add_reload_trigger "cwmp"
-}
-

icwmp/files/script/icwmp_backend_firewallmngr/firewall_cwmp.sh

@@ -1,107 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-order_offset=2
-
-get_firewall_zone() {
-	zone="$(uci show firewall|grep network|grep ${1}|cut -d. -f 2)"
-	zone="${zone:-wan}" # defaults to wan zone
-	echo "$zone"
-}
-
-cleanup_rule_firewallmngr() {
-	local rule_sec="$1"
-
-	config_get description "$rule_sec" "name"
-	[ "$description" = "Open_ACS_port" ] || return
-	uci -q delete firewallmngr."$rule_sec"
-	order_offset=0
-
-}
-
-reorder_previous_rule() {
-	local rule_sec="$1"
-	local order
-
-	config_get order "$rule_sec" "order"
-	[ -n $order ] || return
-	uci set firewallmngr."$rule_sec".order=$(( order + order_offset ))
-}
-
-enable="$(uci -q get cwmp.cpe.enable)"
-enable="${enable:-1}"
-
-if [ "$enable" -eq 0 ]; then
-	exit 0;
-fi
-
-wan="$(uci -q get cwmp.cpe.default_wan_interface)"
-wan="${wan:-wan}"
-
-zone_name="$(get_firewall_zone $wan)"
-active_level=$(uci -q get firewallmngr.firewall.advanced_level)
-active_chain=$(uci -q get firewallmngr."$active_level".chain)
-
-port=$(uci -q get cwmp.cpe.port)
-port="${port:-7547}"
-
-incoming_rule=$(uci -q get cwmp.cpe.incoming_rule|awk '{print tolower($0)}')
-incoming_rule="${incoming_rule:-port_only}"
-
-ipaddr=$(uci -c /var/state -q get icwmp.acs.ip)
-ip6addr=$(uci -c /var/state -q get icwmp.acs.ip6)
-
-config_load firewallmngr
-config_foreach cleanup_rule_firewallmngr "rule"
-config_foreach reorder_previous_rule "rule"
-rule_sec=$(uci add firewallmngr rule)
-rule1_sec=$(uci add firewallmngr rule)
-uci set firewallmngr."$rule_sec".family="4"
-uci set firewallmngr."$rule1_sec".family="6"
-uci set firewallmngr."$rule_sec".src="$zone_name"
-uci set firewallmngr."$rule1_sec".src="$zone_name"
-uci set firewallmngr."$rule_sec".chain="$active_chain"
-uci set firewallmngr."$rule1_sec".chain="$active_chain"
-uci set firewallmngr."$rule_sec".proto="6"
-uci set firewallmngr."$rule1_sec".proto="6"
-uci set firewallmngr."$rule_sec".order="1"
-uci set firewallmngr."$rule1_sec".order="2"
-uci reorder firewallmngr."$rule_sec"=1
-uci reorder firewallmngr."$rule1_sec"=2
-
-# default incoming rule is Port only
-if [ "${incoming_rule}" = "ip_only" ]; then
-	if [ -n "${ipaddr}" ]; then
-		uci -q set firewallmngr."$rule_sec".source_ip=${ipaddr}
-	fi
-	if [ -n "${ip6addr}" ]; then
-		uci -q set firewallmngr."$rule1_sec".source_ip=${ip6addr}
-	fi
-elif [ "${incoming_rule}" = "port_only" ]; then
-	if [ -n "${port}" ]; then
-		uci -q set firewallmngr."$rule_sec".dest_port=${port}
-		uci -q set firewallmngr."$rule1_sec".dest_port=${port}
-	fi
-else
-	if [ -n "${ipaddr}" ]; then
-		uci -q set firewallmngr."$rule_sec".source_ip=${ipaddr}
-	fi
-
-	if [ -n "${ip6addr}" ]; then
-		uci -q set firewallmngr."$rule1_sec".source_ip=${ip6addr}
-	fi
-
-	if [ -n "${port}" ]; then
-		uci -q set firewallmngr."$rule_sec".dest_port=${port}
-		uci -q set firewallmngr."$rule1_sec".dest_port=${port}
-	fi
-fi
-
-uci set firewallmngr."$rule_sec".name="Open_ACS_port"
-uci set firewallmngr."$rule1_sec".name="Open_ACS_port"
-uci set firewallmngr."$rule_sec".target="Accept"
-uci set firewallmngr."$rule1_sec".target="Accept"
-uci set firewallmngr."$rule_sec".enable="1"
-uci set firewallmngr."$rule1_sec".enable="1"
-ubus call uci commit '{"config":"firewallmngr"}'
-

ieee1905/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ieee1905
-PKG_VERSION:=8.4.6
+PKG_VERSION:=8.4.2
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=e2f68a0ba54a6abf3481cdbb24d2dcc81e7f199c
+PKG_SOURCE_VERSION:=4d60d4a9b55940fffa39b7799abf2a7962ae2113
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

iopsys-analytics/Makefile

@@ -4,7 +4,7 @@ PKG_NAME:=iopsys-analytics
 PKG_RELEASE:=$(COMMITCOUNT)
 PKG_LICENSE:=PROPRIETARY
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=aea91816de703cf1c72490f51c2aa73c2f61640d
+PKG_SOURCE_VERSION:=fb84c1019a8a0fbfb624d9df8eb3604806645510
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/iopsys-analytics.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

ipt-trigger/Makefile

@@ -6,13 +6,13 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ipt-trigger
-PKG_VERSION:=1.0.2
+PKG_VERSION:=1.0.1
 PKG_LICENSE:=GPL-2.0
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=4f3d4427403e0a9be7653c1b92907ae8ae5f21ae
+PKG_SOURCE_VERSION:=8d4b4520a2935a5717a27f486a3fc78357b2a0cd
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ipt-trigger.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

libqos/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libqos
-PKG_VERSION:=7.2.108
+PKG_VERSION:=7.2.107
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=6a72e35e1a662e2f707e4901679676a9c09b3bc2
+PKG_SOURCE_VERSION:=de659f50c0ae1cd4ec64315b301c53595eaf39de
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libqos.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

libvoice-broadcom/Makefile

@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libvoice-broadcom
 PKG_RELEASE:=1
-PKG_VERSION:=1.0.14
+PKG_VERSION:=1.0.13
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE
 
@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=7fde62b9634c63b9bc71d1c20541798971a78dc8
+PKG_SOURCE_VERSION:=f1509651217d027376b5b7fc3f64ca86662e9b2d
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

libvoice-d2/Makefile

@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libvoice-d2
 PKG_RELEASE:=1
-PKG_VERSION:=1.1.12
+PKG_VERSION:=1.1.11
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE
 
@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=772955d814af8bbf91cf5c76f128cd1d17755625
+PKG_SOURCE_VERSION:=95fb29a31f7665abbe87af4a74cf52b7e5f22a29
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

libwifi/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libwifi
-PKG_VERSION:=7.5.0
+PKG_VERSION:=7.4.69
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b85c43cca01d001a90604e11c7cf9286a5332c33
+PKG_SOURCE_VERSION:=8a5d8b5defb7cedc5876bb5fbee5c1ad185de889
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz

map-agent/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-agent
-PKG_VERSION:=6.1.1.6
+PKG_VERSION:=6.1.1.2
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=775f7d6316b980fba90c837ff483af914d546500
+PKG_SOURCE_VERSION:=d0ff409ffe6bb03c97e14b34932f437f58f4e241
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 PKG_LICENSE:=BSD-3-Clause

map-agent/files/lib/multiap/map_genconfig

@@ -199,16 +199,11 @@ map_genconf () {
 		else
 			uci set mapcontroller.controller.enabled="1"
 			[ "$disable_mlo" == "1" ] && {
-				mapcontroller_remove_mld() {
-					uci delete mapcontroller.$1
+				mapcontroller_disable_mld() {
+					uci set mapcontroller.$1.enabled='0'
 				}
-				mapcontroller_remove_mld_id() {
-					uci delete mapcontroller.$1.mld_id
-				}
-
 				config_load mapcontroller
-				config_foreach mapcontroller_remove_mld mld
-				config_foreach mapcontroller_remove_mld_id ap
+				config_foreach mapcontroller_disable_mld mld
 			}
 		fi
 		uci -q commit mapcontroller

map-controller/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-controller
-PKG_VERSION:=6.1.1.5
+PKG_VERSION:=6.1.1.2
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=cb27de727b787bdb58bc4bf42fdef8732cb78134
+PKG_SOURCE_VERSION:=480a5304591632729212408d77d220f707cb9d6b
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 LOCAL_DEV=0

mcastmngr/Makefile

@@ -49,21 +49,7 @@ define Package/mcastmngr/install
 ifneq ($(CONFIG_TARGET_brcmbca),)
 	$(CP) ./files/broadcom/* $(1)/
 else
-	$(INSTALL_DIR) $(1)/lib
-	$(INSTALL_DIR) $(1)/lib/mcast
-	$(INSTALL_DIR) $(1)/usr
-	$(INSTALL_DIR) $(1)/usr/libexec
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(INSTALL_DIR) $(1)/etc
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_BIN) ./files/linux/usr/libexec/rpcd/mcast $(1)/usr/libexec/rpcd/
-	$(INSTALL_BIN) ./files/linux/etc/uci-defaults/60-mcast_config_generate $(1)/etc/uci-defaults/
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
-	$(INSTALL_BIN) ./files/linux/etc/firewall.mcast $(1)/etc/
-	$(INSTALL_BIN) ./files/linux/lib/mcast/linux.sh $(1)/lib/mcast/
-else
-	$(INSTALL_BIN) ./files/linux/lib/mcast/mcast_backend_firewallmngr/linux.sh $(1)/lib/mcast/
-endif
+	$(CP) ./files/linux/* $(1)/
 endif
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/bbf_plugin/libmcast_bbf.so $(1) $(PKG_NAME)
 endef

mcastmngr/files/common/etc/hotplug.d/ethernet/mcast.hotplug

@@ -1,24 +0,0 @@
-#!/bin/sh
-
-[ "$LINK" = "up" -a -n "$PORT" ] || exit 0
-
-compare_mcast_snooping_interface() {
-	local interface dev running
-
-	config_get interface "$1" interface
-
-	for dev in $interface; do
-		if [ "$PORT" = "$dev" ]; then
-			running=$(ubus call service list '{"name": "mcast"}' | jsonfilter -e '@.mcast.instances')
-			if [ -z "${running}" ]; then
-				/etc/init.d/mcast start
-			else
-				ubus call uci commit '{"config":"mcast"}'
-			fi
-			exit
-		fi
-	done
-}
-
-config_load mcast
-config_foreach compare_mcast_snooping_interface "snooping"

mcastmngr/files/common/etc/hotplug.d/iface/mcast.hotplug

@@ -1,22 +1,27 @@
 #!/bin/sh
 
-[ "$ACTION" = "ifup" -a -n "$INTERFACE" ] || exit 0
+[ "$ACTION" = ifup ] || exit 0
 
 . /lib/functions/network.sh
 
-network_get_device l3device "$INTERFACE"
+network_get_device l3device $INTERFACE
 
 [ -n "$l3device" ] || exit 0
 
 compare_mcast_proxy_upstream() {
-	local upstream dev running
+        local upstream
+	local mode="$2"
 
-	config_get upstream "$1" upstream_interface
+	if [ "$mode" == "proxy" ]; then
+		config_get upstream $1 upstream_interface
+	else
+		config_get upstream $1 interface
+	fi
 
 	for dev in $upstream; do
-		if [ "$l3device" = "$dev" ]; then
+		if [ "$l3device" == "$dev" ]; then
 			running=$(ubus call service list '{"name": "mcast"}' | jsonfilter -e '@.mcast.instances')
-			if [ -z "${running}" ]; then
+			if [ -z "${running}" ];then
 				/etc/init.d/mcast start
 			else
 				ubus call uci commit '{"config":"mcast"}'
@@ -27,4 +32,5 @@ compare_mcast_proxy_upstream() {
 }
 
 config_load mcast
-config_foreach compare_mcast_proxy_upstream "proxy"
+config_foreach compare_mcast_proxy_upstream "proxy" "proxy"
+config_foreach compare_mcast_proxy_upstream "snooping" "snooping"

mcastmngr/files/linux/lib/mcast/linux.sh

@@ -262,6 +262,10 @@ config_mcproxy_instance() {
 		downstreams=$igmp_p_down_interfaces
 		mcast_mode=$igmp_p_mode
 
+		# mcproxy reserves two multicast subscriptions for igmp router service groups
+		local mg=$(cat /proc/sys/net/ipv4/igmp_max_memberships)
+		mg=$((mg+2))
+		echo $mg > /proc/sys/net/ipv4/igmp_max_memberships
 	elif [ "$protocol" == "mld" ]; then
 		case "$version" in
 			[1-2])

mcastmngr/files/linux/lib/mcast/mcast_backend_firewallmngr/linux.sh

@@ -1,468 +0,0 @@
-#!/bin/sh
-
-. /lib/mcast/common.sh
-. /lib/functions/network.sh
-
-include /lib/network
-
-CONFFILE=
-PROG_EXE=/usr/sbin/mcproxy
-PROG_PARAMS=
-PROG_PARAMS_SEPARATOR=:
-
-snooping_bridges=
-
-
-__device_is_bridge() {
-	local device="$2"
-	local devsec__="$(uci show network | grep -F ".name='$device'" | cut -d'.' -f2)"
-	local sectype="$(uci -q get network.$devsec__)"
-	local devtype="$(uci -q get network.$devsec__.type)"
-	[ "$sectype" != "device" -o "$devtype" != "bridge" ] && return 1
-	eval "$1=$devsec__"
-}
-
-device_is_bridge() {
-	local device="$1"
-	local devsec=
-	__device_is_bridge devsec "$device" || return 1
-}
-
-device_ports() {
-	local device="$1"
-	local devsec=
-
-	if __device_is_bridge devsec "$device"; then
-		echo "$(uci get network.$devsec.ports)"
-	else
-		echo "$device"
-	fi
-}
-
-device_has_ip() {
-	local protocol="$1"
-	local device="$2"
-
-	# Read the openwrt interface for the device.
-	# Device can have multiple logical interfaces like wan and wan6
-	# but same l3 device
-	local ifaces=$(ubus call network.interface dump | jsonfilter -e "@.interface[@.device='$device'].interface")
-	for iface in $ifaces; do
-		local ip=
-		case "$protocol" in
-			"igmp") network_get_ipaddr ip "$iface" ;;
-			"mld") network_get_ipaddr6 ip "$iface" ;;
-		esac
-		[ -n "$ip" ] && return
-	done
-
-	return 1
-}
-
-config_mcproxy_interfaces() {
-	local protocol="$1"
-	local upstreams="$2"
-	local downstreams="$3"
-	local exceptions="$4"
-
-	if [ -z "$upstreams" ] || [ -z "$downstreams" ]; then
-		return 1
-	fi
-
-	local str_up=""
-	for upstream in $upstreams; do
-		device_has_ip "$protocol" "$upstream" || continue
-		str_up="$str_up \"$upstream\""
-	done
-	[ -z "$str_up" ] && return 1
-
-	local str_down=""
-	for downstream in $downstreams; do
-		device_has_ip "$protocol" "$downstream" || continue
-		str_down="$str_down \"$downstream\""
-	done
-	[ -z "$str_down" ] && return 1
-
-	echo -e "pinstance main:$str_up ==>$str_down;\n" >> $CONFFILE
-
-	for excp in $exceptions; do
-		local filter=""
-
-		case $excp in
-		*/*)
-			ip_start="$(ipcalc.sh $excp | grep IP | awk '{print substr($0,4)}')"
-			ip_end="$(ipcalc.sh $excp | grep BROADCAST | awk '{print substr($0,11)}')"
-			filter="$filter ($ip_start - $ip_end | *)"
-			;;
-		*)
-			filter="$filter ($excp | *)"
-			;;
-		esac
-
-		for upstream in $str_up; do
-			echo "pinstance main upstream $upstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main upstream $upstream out blacklist table{$filter };" >> $CONFFILE
-		done
-
-		for downstream in $str_down; do
-			echo "pinstance main downstream $downstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main downstream $downstream out blacklist table{$filter };" >> $CONFFILE
-		done
-	done
-}
-
-config_sysfs_mcast_snooping() {
-	local downstreams="$1"
-	local snooping="$2"
-
-	for downstream in $downstreams; do
-		if device_is_bridge "$downstream"; then
-			echo 0 > /sys/class/net/$downstream/bridge/multicast_snooping
-			echo $snooping > /sys/class/net/$downstream/bridge/multicast_snooping
-		fi
-	done
-}
-
-config_sysfs_mcast_fastleave() {
-	local downstreams="$1"
-	local fastleave="$2"
-	local prt
-
-	for downstream in $downstreams; do
-		for prt in $(device_ports $downstream); do
-			if [ -f  /sys/class/net/$prt/brport/multicast_fast_leave ]; then
-				echo $fastleave > /sys/class/net/$prt/brport/multicast_fast_leave
-			fi
-		done
-	done
-}
-
-config_sysfs_mcast_version() {
-	local protocol="$1"
-	local interfaces="$2"
-	local version="$3"
-
-	for iface in $interfaces; do
-		echo $version > /sys/class/net/$iface/bridge/multicast_"$protocol"_version
-	done
-}
-
-config_sysfs_mcast_robustness() {
-	local interfaces="$1"
-	local robustness="$2"
-
-	for iface in $interfaces; do
-		echo $robustness > /sys/class/net/$iface/bridge/multicast_last_member_count
-	done
-}
-
-config_sysfs_mcast_query_interval() {
-	local interfaces="$1"
-	local query_interval="$2"
-
-	for iface in $interfaces; do
-		echo $query_interval > /sys/class/net/$iface/bridge/multicast_query_interval
-	done
-}
-
-config_sysfs_mcast_q_resp_interval() {
-	local interfaces="$1"
-	local q_resp_interval="$2"
-
-	for iface in $interfaces; do
-		echo $q_resp_interval > /sys/class/net/$iface/bridge/multicast_query_response_interval
-	done
-}
-
-config_sysfs_mcast_last_mem_q_int() {
-	local interfaces="$1"
-	local last_mem_q_int="$2"
-
-	for iface in $interfaces; do
-		echo $last_mem_q_int > /sys/class/net/$iface/bridge/multicast_last_member_interval
-	done
-}
-
-config_sysfs_mcast_flood() {
-	local downstreams=$1
-	local mcast_mode=$2
-	local prt
-
-	local mcast_flood=
-	if [ $mcast_mode == "2" ]; then # disable mcast flood
-		mcast_flood=0
-	else
-		mcast_flood=1
-	fi
-
-	for downstream in $downstreams; do
-		for prt in $(device_ports $downstream); do
-			if [ -f  /sys/class/net/$prt/brport/multicast_flood ]; then
-				echo $mcast_flood > /sys/class/net/$prt/brport/multicast_flood
-			fi
-		done
-	done
-}
-
-config_snooping_mode() {
-	local interfaces="$1"
-	local snooping="$2"
-
-	# snooping_mode:
-	#  0 - snooping is disabled
-	#  1 - multicast flood is enabled
-	#  2 - multicast flood is disabled
-	[ -z "$snooping_mode" ] && snooping_mode=2
-
-	if [ "$snooping_mode" == 0 ]; then
-		config_sysfs_mcast_snooping "$interfaces" 0
-	else
-		config_sysfs_mcast_snooping "$interfaces" 1
-	fi
-
-	config_sysfs_mcast_flood "$interfaces" "$snooping_mode"
-}
-
-config_mcproxy_instance() {
-	local protocol="$1"
-	local version="$2"
-
-	local robustness=
-	local query_interval=
-	local q_resp_interval=
-	local last_mem_q_int=
-	local fast_leave=0
-	local exceptions=
-	local upstreams=
-	local downstreams=
-	local mcast_mode=2 # default value 2 is for blocking mode
-
-	CONFFILE=/var/etc/mcproxy_"$protocol".conf
-	rm -f $CONFFILE
-	touch $CONFFILE
-
-	if [ "$protocol" == "igmp" ]; then
-		case "$version" in
-			[1-3])
-				echo -e "protocol IGMPv${version};\n" >> $CONFFILE
-				;;
-			*)
-				echo -e "protocol IGMPv2;\n" >> $CONFFILE
-				;;
-		esac
-
-		robustness=$igmp_p_robustness
-		query_interval=$igmp_query_interval
-		q_resp_interval=$igmp_q_resp_interval
-		last_mem_q_int=$igmp_last_mem_q_int
-		fast_leave=$igmp_fast_leave
-		exceptions=$igmp_p_exceptions
-
-		upstreams=$igmp_p_up_interfaces
-		downstreams=$igmp_p_down_interfaces
-		mcast_mode=$igmp_p_mode
-
-	elif [ "$protocol" == "mld" ]; then
-		case "$version" in
-			[1-2])
-				echo -e "protocol MLDv${version};\n" >> $CONFFILE
-				;;
-			*)
-				echo -e "protocol MLDv2;\n" >> $CONFFILE
-				;;
-		esac
-
-		robustness=$mld_p_robustness
-		query_interval=$mld_query_interval
-		q_resp_interval=$mld_q_resp_interval
-		last_mem_q_int=$mld_last_mem_q_int
-		fast_leave=$mld_fast_leave
-		exceptions=$mld_p_exceptions
-
-		upstreams=$mld_p_up_interfaces
-		downstreams=$mld_p_down_interfaces
-		mcast_mode=$mld_p_mode
-	fi
-
-	[ -n "$max_groups" ] && echo -e "max_groups $max_groups;" >> $CONFFILE
-	[ -n "$robustness" ] && echo -e "rv $robustness;" >> $CONFFILE
-	[ -n "$query_interval" ] && echo -e "qi $query_interval;" >> $CONFFILE
-	[ -n "$q_resp_interval" ] && echo -e "qri $q_resp_interval;" >> $CONFFILE
-	[ -n "$last_mem_q_int" ] && echo -e "lmqi $last_mem_q_int;" >> $CONFFILE
-	[ -n "$fast_leave" ] && echo -e "fastleave $fast_leave;\n" >> $CONFFILE
-
-	config_mcproxy_interfaces "$protocol" "$upstreams" "$downstreams" "$exceptions" || return
-
-	# for snooping to work we should enable it on the bridge, doing it from
-	# here instead of from inside network config
-	if [ "$downstreams" != "$snooping_bridges" ]; then
-		if [ "$mcast_mode" == "0" ]; then
-			config_sysfs_mcast_snooping "$downstreams" 0
-		else
-			config_sysfs_mcast_snooping "$downstreams" 1
-		fi
-
-		[ -n $fast_leave ] &&
-			config_sysfs_mcast_fastleave "$downstreams" "$fast_leave"
-		config_sysfs_mcast_flood "$downstreams" "$mcast_mode"
-	fi
-
-	PROG_PARAMS="${PROG_PARAMS} -f ${CONFFILE}${PROG_PARAMS_SEPARATOR}"
-}
-
-disable_snooping_iface() {
-	local iface="$(uci -q get network.$1.name)"
-	config_sysfs_mcast_snooping "$iface" 0
-}
-
-disable_snooping() {
-	config_load network
-	config_foreach disable_snooping_iface device
-}
-
-config_snooping() {
-	local protocol="$1"
-
-	local version=
-	local robustness=
-	local query_interval=
-	local q_resp_interval=
-	local last_mem_q_int=
-	local fast_leave=0
-	local snooping_mode=
-	local interfaces=
-
-	local HZ=100
-
-	local all_interfaces=
-	if [ "$protocol" == "igmp" ]; then
-		all_interfaces=$igmp_s_iface
-	elif [ "$protocol" == "mld" ]; then
-		all_interfaces=$mld_s_iface
-	fi
-	for iface in $all_interfaces; do
-		device_is_bridge "$iface" || continue
-		interfaces="$interfaces $iface"
-	done
-	[ -z "$interfaces" ] && return
-	snooping_bridges="$interfaces"
-
-	if [ "$protocol" == "igmp" ]; then
-		case "$igmp_s_version" in
-			[1-3])
-				version="$igmp_s_version"
-				;;
-			*)
-				version="2"
-				;;
-		esac
-
-		robustness=$igmp_s_robustness
-		query_interval=$(( igmp_s_query_interval * HZ ))
-		q_resp_interval=$(( igmp_s_q_resp_interval * HZ / 10 ))
-		last_mem_q_int=$(( igmp_s_last_mem_q_int * HZ / 10 ))
-		fast_leave=$igmp_s_fast_leave
-		snooping_mode=$igmp_s_mode
-	elif [ "$protocol" == "mld" ]; then
-		case "$mld_s_version" in
-			[1-2])
-				version="$mld_s_version"
-				;;
-			*)
-				version="2"
-				;;
-		esac
-
-		robustness=$mld_s_robustness
-		query_interval=$(( mld_s_query_interval * HZ ))
-		q_resp_interval=$(( mld_s_q_resp_interval * HZ / 10 ))
-		last_mem_q_int=$(( mld_s_last_mem_q_int * HZ / 10 ))
-		fast_leave=$mld_s_fast_leave
-		snooping_mode=$mld_s_mode
-	fi
-
-	config_snooping_mode "$interfaces" "$snooping_mode"
-
-	[ -n "$version" ] && config_sysfs_mcast_version "$protocol" "$interfaces" "$version"
-	[ -n "$robustness" ] && config_sysfs_mcast_robustness "$interfaces" "$robustness"
-	[ -n "$query_interval" ] && config_sysfs_mcast_query_interval "$interfaces" "$query_interval"
-	[ -n "$q_resp_interval" ] && config_sysfs_mcast_q_resp_interval "$interfaces" "$q_resp_interval"
-	[ -n "$last_mem_q_int" ] && config_sysfs_mcast_last_mem_q_int "$interfaces" "$last_mem_q_int"
-	[ -n "$fast_leave" ] && config_sysfs_mcast_fastleave "$interfaces" "$fast_leave"
-}
-
-config_mcproxy() {
-	disable_snooping
-	if [ "$igmp_p_enable" == "1" ]; then
-		config_mcproxy_instance igmp "$igmp_p_version"
-	elif [ "$igmp_s_enable" == "1" ]; then
-		config_snooping igmp "$igmp_s_version"
-	fi
-
-	if [ "$mld_p_enable" == "1" ]; then
-		config_mcproxy_instance mld "$mld_p_version"
-	elif [ "$mld_s_enable" == "1" ]; then
-		config_snooping mld "$mld_s_version"
-	fi
-}
-
-setup_mcast_mode() {
-	:
-}
-
-remove_mcast_rules() {
-	config_get name "$1" name
-
-	if [ "$name" = "Allow-Multicast-UDP" ]; then
-		uci delete firewallmngr."$1"
-	fi
-}
-
-create_mcast_firewallngr_rules() {
-        local src="wan"
-        local dst="lan"
-        local dest_ip="224.0.0.0/240.0.0.0"
-        local name="Allow-Multicast-UDP"
-        local target="accept"
-	local active_chain=""
-
-	firewallmngr_get_active_chain() {
-		config_get creator "$1" creator
-		[ "$creator" = "PortMapping" ] && return
-
-		config_get enable "$1" enable
-		if [ -n "$enable" ] && [ "$enable" = "1" ]; then
-			config_get active_chain "$1" name
-		fi
-	}
-	config_load firewallmngr
-	config_foreach remove_mcast_rules rule
-
-        sec=$(uci add firewallmngr rule)
-	uci set firewallmngr."$sec".enable="1"
-	uci set firewallmngr."$sec".chain="$active_chain"
-	uci set firewallmngr."$sec".name="$name"
-	uci set firewallmngr."$sec".src="$src"
-	uci set firewallmngr."$sec".dest="$dst"
-	uci set firewallmngr."$sec".dest_ip="$dest_ip"
-	uci set firewallmngr."$sec".family="4"
-	uci set firewallmngr."$sec".proto="17"
-	uci set firewallmngr."$sec".target="$target"
-        uci rename firewallmngr."$sec"="fwmngr_rule_mcast"
-
-	uci commit firewallmngr
-}
-
-configure_mcast() {
-	create_mcast_firewallngr_rules
-	config_global_params "set_max_groups_and_sources"
-
-	read_mcast_snooping_params
-	read_mcast_proxy_params
-	config_mcproxy
-
-	if [ -z "${PROG_PARAMS}" ]; then
-		exit 0
-	fi
-}
-

obuspa/Config.in

@@ -22,11 +22,6 @@ config OBUSPA_CONTROLLER_MTP_VERIFY
 config OBUSPA_ENABLE_TEST_CONTROLLER
 	bool "Adds a test controller by default"
 	default n
-	select OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
-
-config OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
-	bool "Adds a test controller by default (local access only)"
-	default n
 
 config OBUSPA_MAX_CONTROLLERS_NUM
 	int "The maximum number of controllers to be supported"

obuspa/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=obuspa
-PKG_VERSION:=8.0.1.11
+PKG_VERSION:=8.0.1.6
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=cfa6c48dea74707e098b09745b2c9f989accd714
+PKG_SOURCE_VERSION:=0997eebe269d766eb738b80e4d5ccd40baf79090
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -32,9 +32,7 @@ define Package/obuspa
   SUBMENU:=TRx69
   TITLE:=USP agent
   MENU:=1
-  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl +ca-certificates \
-		+OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-ssl +OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-client-ssl \
-		+OBUSPA_ENABLE_TEST_CONTROLLER:mosquitto-auth-shadow
+  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl
 endef
 
 define Package/obuspa/description
@@ -129,9 +127,6 @@ define Package/obuspa/install
 	$(INSTALL_BIN) ./files/obuspa.hotplug $(1)/etc/hotplug.d/iface/21-obuspa
 	$(BBFDM_INSTALL_CORE_PLUGIN) ./files/etc/bbfdm/json/USPAgent.json $(1)
 ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER),y)
-	$(INSTALL_BIN) ./files/etc/uci-defaults/54-test-usp-remote $(1)/etc/uci-defaults/
-endif
-ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL),y)
 	$(INSTALL_BIN) ./files/etc/init.d/usptest $(1)/etc/init.d/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/55-test-usp-controller $(1)/etc/uci-defaults/
 endif

obuspa/files/etc/uci-defaults/54-test-usp-remote

@@ -1,20 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-if [ ! -f "/etc/config/mosquitto" ]; then
-	echo "Local mosquitto broker not available"
-	return 0
-fi
-
-add_usp_test()
-{
-	uci_add mosquitto listener usptest
-	uci_set mosquitto usptest enabled 1
-	uci_set mosquitto usptest port '9001'
-	uci_set mosquitto usptest protocol 'websockets'
-	uci_set mosquitto usptest auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-}
-
-# Install test MQTT over WS listener
-add_usp_test

obuspa/files/etc/uci-defaults/55-test-usp-controller

@@ -40,6 +40,16 @@ add_obuspa_test_controller()
 	uci_set obuspa testcontroller assigned_role_name 'full_access'
 }
 
+add_usp_test()
+{
+	uci_add mosquitto listener usptest
+	uci_set mosquitto usptest enabled 1
+	uci_set mosquitto usptest port '9001'
+	uci_set mosquitto usptest protocol 'websockets'
+	uci_set mosquitto usptest require_certificates '0'
+	uci_set mosquitto usptest auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
+}
+
 add_obuspa_config()
 {
 	uci_add mosquitto listener obuspa
@@ -50,8 +60,11 @@ add_obuspa_config()
 }
 
 # Install test usp controller config
+uci_load mosquitto
+add_usp_test
 add_obuspa_config
 
+uci_load obuspa
 add_obuspa_test_mtp
 add_obuspa_test_mqtt
 add_obuspa_test_controller

obuspa/patches/0002-supress-group-get-error.patch

@@ -1,6 +1,8 @@
+diff --git a/src/core/cli_server.c b/src/core/cli_server.c
+index 701cbd9..103361e 100644
 --- a/src/core/cli_server.c
 +++ b/src/core/cli_server.c
-@@ -758,10 +758,6 @@ int ExecuteCli_Get(char *arg1, char *arg
+@@ -733,10 +733,6 @@ int ExecuteCli_Get(char *arg1, char *arg2, char *usage)
              USP_ASSERT(gge->value != NULL);
              SendCliResponse("%s => %s\n", gge->path, gge->value);
          }
@@ -11,9 +13,11 @@
      }
  
      GROUP_GET_VECTOR_Destroy(&ggv);
+diff --git a/src/core/handle_get.c b/src/core/handle_get.c
+index e1055e0..16b9ceb 100755
 --- a/src/core/handle_get.c
 +++ b/src/core/handle_get.c
-@@ -260,26 +260,16 @@ void FormPathExprResponse(int get_expr_i
+@@ -260,26 +260,16 @@ void FormPathExprResponse(int get_expr_index, char *path_expr, get_expr_info_t *
          return;
      }
  
@@ -43,4 +47,3 @@
 +	}
      }
  }
- 

obuspa/patches/0004-suppress-notification-logs.patch

@@ -1,6 +1,6 @@
 --- a/src/core/data_model.c
 +++ b/src/core/data_model.c
-@@ -1316,7 +1316,7 @@ int DATA_MODEL_NotifyInstanceAdded(char
+@@ -1243,7 +1243,7 @@ int DATA_MODEL_NotifyInstanceAdded(char
      // Exit if instance already exists - nothing to do
      if (exists)
      {
@@ -9,7 +9,7 @@
          return USP_ERR_CREATION_FAILURE;
      }
  
-@@ -1404,7 +1404,7 @@ int DATA_MODEL_NotifyInstanceDeleted(cha
+@@ -1328,7 +1328,7 @@ int DATA_MODEL_NotifyInstanceDeleted(cha
      // Exit if instance does not exist - nothing to do
      if (exists == false)
      {

obuspa/patches/0005-optimise_ubus_calls_cli.patch

@@ -1,14 +1,14 @@
 --- a/src/core/data_model.c
 +++ b/src/core/data_model.c
-@@ -160,6 +160,7 @@ int SetVendorParam(dm_node_t *node, char
+@@ -137,6 +137,7 @@ int GetVendorParam(dm_node_t *node, char
+ int SetVendorParam(dm_node_t *node, char *path, dm_instances_t *inst, char *value, dm_req_t *req);
  double_link_t *FindLinkToFirstObject(double_linked_list_t *list);
- int OverrideNodeType(dm_node_t *node, dm_node_type_t type, char *schema_path, dm_instances_t *inst);
  
 +extern bool is_running_cli_local_command;
  /*********************************************************************//**
  **
  ** DATA_MODEL_Init
-@@ -267,7 +268,9 @@ int DATA_MODEL_Init(void)
+@@ -224,7 +225,9 @@ int DATA_MODEL_Init(void)
      }
  
      // Set the default values of OUI, Serial Number and (LocalAgent) EndpointID, and cache EndpointID

obuspa/patches/0006-bdc_json_obj_hierarchy.patch

@@ -1,6 +1,8 @@
+diff --git a/src/core/bdc_exec.c b/src/core/bdc_exec.c
+index 6b5c11d..3670361 100644
 --- a/src/core/bdc_exec.c
 +++ b/src/core/bdc_exec.c
-@@ -549,9 +549,14 @@ int StartSendingReport(bdc_connection_t
+@@ -548,9 +548,14 @@ int StartSendingReport(bdc_connection_t *bc)
      // Set the list of headers
      bc->headers = NULL;
      bc->headers = curl_slist_append(bc->headers, "Content-Type: application/json; charset=UTF-8");
@@ -16,6 +18,8 @@
          bc->headers = curl_slist_append(bc->headers, "Content-Encoding: gzip");
      }
  
+diff --git a/src/core/bdc_exec.h b/src/core/bdc_exec.h
+index c58c6d5..ff37a2d 100644
 --- a/src/core/bdc_exec.h
 +++ b/src/core/bdc_exec.h
 @@ -53,6 +53,6 @@ void BDC_EXEC_ScheduleExit(void);
@@ -26,9 +30,11 @@
 +#define BDC_FLAG_HEADER_OBJ_HIER 0x00000008 // If set, report format in header would be ObjectHierarchy otherwise NameValuePair 
  
  #endif
+diff --git a/src/core/device_bulkdata.c b/src/core/device_bulkdata.c
+index 5b1aff2..a7d1b3e 100755
 --- a/src/core/device_bulkdata.c
 +++ b/src/core/device_bulkdata.c
-@@ -71,7 +71,8 @@
+@@ -68,7 +68,8 @@
  //------------------------------------------------------------------------------
  // Definitions for formats that we support
  #define BULKDATA_ENCODING_TYPE "JSON"
@@ -38,7 +44,7 @@
  
  
  // Definitions for Device.BulkData.Profile.{i}.JSONEncoding.ReportTimestamp
-@@ -162,6 +163,7 @@ typedef struct
+@@ -159,6 +160,7 @@ typedef struct
      char compression[9];
      char method[9];
      bool use_date_header;
@@ -46,7 +52,7 @@
  } profile_ctrl_params_t;
  
  //------------------------------------------------------------------------------
-@@ -236,7 +238,7 @@ bulkdata_profile_t *bulkdata_find_free_p
+@@ -233,7 +235,7 @@ bulkdata_profile_t *bulkdata_find_free_profile(void);
  bulkdata_profile_t *bulkdata_find_profile(int profile_id);
  int bulkdata_calc_report_map(bulkdata_profile_t *bp, kv_vector_t *report_map);
  int bulkdata_reduce_to_alt_name(char *spec, char *path, char *alt_name, char *out_buf, int buf_len);
@@ -55,7 +61,7 @@
  unsigned char *bulkdata_compress_report(profile_ctrl_params_t *ctrl, char *input_buf, int input_len, int *p_output_len);
  int bulkdata_schedule_sending_http_report(profile_ctrl_params_t *ctrl, bulkdata_profile_t *bp, unsigned char *json_report, int report_len);
  int bulkdata_start_profile(bulkdata_profile_t *bp);
-@@ -310,7 +312,7 @@ int DEVICE_BULKDATA_Init(void)
+@@ -307,7 +309,7 @@ int DEVICE_BULKDATA_Init(void)
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.Parameter.{i}.Reference", "", Validate_BulkDataReference, NULL, DM_STRING);
  
      // Device.BulkData.Profile.{i}.JSONEncoding
@@ -64,7 +70,7 @@
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.JSONEncoding.ReportTimestamp", BULKDATA_JSON_TIMESTAMP_FORMAT_EPOCH, Validate_BulkDataReportTimestamp, NULL, DM_STRING);
  
      // Device.BulkData.Profile.{i}.HTTP
-@@ -698,9 +700,11 @@ int Validate_BulkDataReference(dm_req_t
+@@ -661,9 +663,11 @@ int Validate_BulkDataReference(dm_req_t *req, char *value)
  int Validate_BulkDataReportFormat(dm_req_t *req, char *value)
  {
      // Exit if trying to set a value outside of the range we accept
@@ -78,7 +84,7 @@
          return USP_ERR_INVALID_VALUE;
      }
  
-@@ -2008,6 +2012,14 @@ int bulkdata_platform_get_profile_contro
+@@ -1974,6 +1978,14 @@ int bulkdata_platform_get_profile_control_params(bulkdata_profile_t *bp, profile
          return err;
      }
  
@@ -93,7 +99,7 @@
      return USP_ERR_OK;
  }
  
-@@ -2283,7 +2295,7 @@ void bulkdata_process_profile_http(bulkd
+@@ -2249,7 +2261,7 @@ void bulkdata_process_profile_http(bulkdata_profile_t *bp)
      }
  
      // Exit if unable to generate the report
@@ -102,7 +108,7 @@
      if (json_report == NULL)
      {
          USP_ERR_SetMessage("%s: bulkdata_generate_json_report failed", __FUNCTION__);
-@@ -2333,7 +2345,8 @@ void bulkdata_process_profile_usp_event(
+@@ -2299,7 +2311,8 @@ void bulkdata_process_profile_usp_event(bulkdata_profile_t *bp)
      kv_pair_t kv;
      report_t *cur_report;
      char *json_report;
@@ -112,7 +118,7 @@
  
      // Exit if the MTP has not been connected to successfully after bootup
      // This is to prevent BDC events being enqueued before the Boot! event is sent (the Boot! event is only sent after successfully connecting to the MTP).
-@@ -2350,6 +2363,14 @@ void bulkdata_process_profile_usp_event(
+@@ -2316,6 +2329,14 @@ void bulkdata_process_profile_usp_event(bulkdata_profile_t *bp)
          return;
      }
  
@@ -127,7 +133,7 @@
      // When sending via USP events, only one report is ever sent in each USP event
      // So ensure all retained reports are removed. NOTE: Clearing the reports here is only necessary when switching protocol from HTTP to USP event, and where HTTP had some unsent reports
      bulkdata_clear_retained_reports(bp);
-@@ -2367,7 +2388,7 @@ void bulkdata_process_profile_usp_event(
+@@ -2333,7 +2354,7 @@ void bulkdata_process_profile_usp_event(bulkdata_profile_t *bp)
      bp->num_retained_reports = 1;
  
      // Exit if unable to generate the report
@@ -136,7 +142,7 @@
      if (json_report == NULL)
      {
          USP_ERR_SetMessage("%s: bulkdata_generate_json_report failed", __FUNCTION__);
-@@ -2579,21 +2600,7 @@ int bulkdata_reduce_to_alt_name(char *sp
+@@ -2545,21 +2566,7 @@ int bulkdata_reduce_to_alt_name(char *spec, char *path, char *alt_name, char *ou
      return USP_ERR_OK;
  }
  
@@ -159,7 +165,7 @@
  {
      JsonNode *top;          // top of report
      JsonNode *array;        // array of reports (retained + current)
-@@ -2608,7 +2615,6 @@ char *bulkdata_generate_json_report(bulk
+@@ -2574,7 +2581,6 @@ char *bulkdata_generate_json_report(bulkdata_profile_t *bp, char *report_timesta
      long long value_as_ll;
      unsigned long long value_as_ull;
      bool value_as_bool;
@@ -167,7 +173,7 @@
      int i, j;
      char buf[32];
      kv_pair_t *kv;
-@@ -2631,7 +2637,7 @@ char *bulkdata_generate_json_report(bulk
+@@ -2597,7 +2603,7 @@ char *bulkdata_generate_json_report(bulkdata_profile_t *bp, char *report_timesta
          }
          else if (strcmp(report_timestamp, "ISO-8601")==0)
          {
@@ -176,16 +182,16 @@
              if (result != NULL)
              {
                  json_append_member(element, "CollectionTime", json_mkstring(buf));
-@@ -2690,11 +2696,174 @@ char *bulkdata_generate_json_report(bulk
+@@ -2656,11 +2662,174 @@ char *bulkdata_generate_json_report(bulkdata_profile_t *bp, char *report_timesta
      json_append_member(top, "Report", array);
  
      // Serialize the JSON tree
 -    result = json_stringify(top, " ");
 +    char *output = json_stringify(top, " ");
- 
-     // Clean up the JSON tree
-     json_delete(top);        // Other JsonNodes which are children of this top level tree will be deleted
- 
++
++    // Clean up the JSON tree
++    json_delete(top);        // Other JsonNodes which are children of this top level tree will be deleted
++
 +    return output;
 +}
 +
@@ -318,10 +324,10 @@
 +
 +    // Serialize the JSON tree
 +    char *output = json_stringify(top, " ");
-+
-+    // Clean up the JSON tree
-+    json_delete(top);        // Other JsonNodes which are children of this top level tree will be deleted
-+
+ 
+     // Clean up the JSON tree
+     json_delete(top);        // Other JsonNodes which are children of this top level tree will be deleted
+ 
 +    return output;
 +}
 +
@@ -352,7 +358,7 @@
      return result;
  }
  
-@@ -2851,6 +3020,11 @@ int bulkdata_schedule_sending_http_repor
+@@ -2817,6 +2986,11 @@ int bulkdata_schedule_sending_http_report(profile_ctrl_params_t *ctrl, bulkdata_
          flags |= BDC_FLAG_DATE_HEADER;
      }
  

obuspa/patches/0007-bdc_csv_format.patch

@@ -1,6 +1,6 @@
 --- a/src/core/bdc_exec.c
 +++ b/src/core/bdc_exec.c
-@@ -548,11 +548,19 @@ int StartSendingReport(bdc_connection_t
+@@ -547,11 +547,19 @@
  
      // Set the list of headers
      bc->headers = NULL;
@@ -25,7 +25,7 @@
      {
 --- a/src/core/bdc_exec.h
 +++ b/src/core/bdc_exec.h
-@@ -53,6 +53,9 @@ void BDC_EXEC_ScheduleExit(void);
+@@ -53,6 +53,9 @@
  #define BDC_FLAG_PUT            0x00000001  // If set, HTTP PUT should be used instead of HTTP POST when sending the report to the BDC server
  #define BDC_FLAG_GZIP           0x00000002  // If set, the reports contants are Gzipped
  #define BDC_FLAG_DATE_HEADER    0x00000004  // If set, the date header should be included in the HTTP post.
@@ -38,7 +38,7 @@
  #endif
 --- a/src/core/device_bulkdata.c
 +++ b/src/core/device_bulkdata.c
-@@ -70,9 +70,12 @@
+@@ -67,9 +67,12 @@
  
  //------------------------------------------------------------------------------
  // Definitions for formats that we support
@@ -52,7 +52,7 @@
  
  
  // Definitions for Device.BulkData.Profile.{i}.JSONEncoding.ReportTimestamp
-@@ -156,6 +159,7 @@ static char *profile_push_event_args[] =
+@@ -153,6 +156,7 @@
  typedef struct
  {
      int num_retained_failed_reports;
@@ -60,7 +60,7 @@
      char report_timestamp[33];
      char url[1025];
      char username[257];
-@@ -164,6 +168,11 @@ typedef struct
+@@ -161,6 +165,11 @@
      char method[9];
      bool use_date_header;
      char report_format[20];
@@ -72,7 +72,7 @@
  } profile_ctrl_params_t;
  
  //------------------------------------------------------------------------------
-@@ -211,6 +220,7 @@ int Validate_BulkDataEncodingType(dm_req
+@@ -208,6 +217,7 @@
  int Validate_BulkDataReportingInterval(dm_req_t *req, char *value);
  int Validate_BulkDataReference(dm_req_t *req, char *value);
  int Validate_BulkDataReportFormat(dm_req_t *req, char *value);
@@ -80,7 +80,7 @@
  int Validate_BulkDataReportTimestamp(dm_req_t *req, char *value);
  int Validate_BulkDataCompression(dm_req_t *req, char *value);
  int Validate_BulkDataHTTPMethod(dm_req_t *req, char *value);
-@@ -239,6 +249,8 @@ bulkdata_profile_t *bulkdata_find_profil
+@@ -236,6 +246,8 @@
  int bulkdata_calc_report_map(bulkdata_profile_t *bp, kv_vector_t *report_map);
  int bulkdata_reduce_to_alt_name(char *spec, char *path, char *alt_name, char *out_buf, int buf_len);
  char *bulkdata_generate_json_report(bulkdata_profile_t *bp, char *report_timestamp, char *report_format);
@@ -89,7 +89,7 @@
  unsigned char *bulkdata_compress_report(profile_ctrl_params_t *ctrl, char *input_buf, int input_len, int *p_output_len);
  int bulkdata_schedule_sending_http_report(profile_ctrl_params_t *ctrl, bulkdata_profile_t *bp, unsigned char *json_report, int report_len);
  int bulkdata_start_profile(bulkdata_profile_t *bp);
-@@ -253,6 +265,8 @@ char *bulkdata_platform_calc_uri_query_s
+@@ -250,6 +262,8 @@
  int bulkdata_platform_get_param_refs(int profile_id, param_ref_vector_t *param_refs);
  void bulkdata_expand_param_ref(param_ref_entry_t *pr, group_get_vector_t *ggv);
  void bulkdata_append_to_result_map(param_ref_entry_t *pr, group_get_vector_t *ggv, kv_vector_t *report_map);
@@ -98,7 +98,7 @@
  
  /*********************************************************************//**
  **
-@@ -285,7 +299,7 @@ int DEVICE_BULKDATA_Init(void)
+@@ -282,7 +296,7 @@
      err |= USP_REGISTER_VendorParam_ReadOnly("Device.BulkData.Status", Get_BulkDataGlobalStatus, DM_STRING);
      err |= USP_REGISTER_Param_Constant("Device.BulkData.MinReportingInterval", BULKDATA_MINIMUM_REPORTING_INTERVAL_STR, DM_UINT);
      err |= USP_REGISTER_Param_SupportedList("Device.BulkData.Protocols", bdc_protocols, NUM_ELEM(bdc_protocols));
@@ -107,7 +107,7 @@
      err |= USP_REGISTER_Param_Constant("Device.BulkData.ParameterWildCardSupported", "true", DM_BOOL);
      err |= USP_REGISTER_Param_Constant("Device.BulkData.MaxNumberOfProfiles", BULKDATA_MAX_PROFILES_STR, DM_INT);
      err |= USP_REGISTER_Param_Constant("Device.BulkData.MaxNumberOfParameterReferences", "-1", DM_INT);
-@@ -300,7 +314,7 @@ int DEVICE_BULKDATA_Init(void)
+@@ -297,7 +311,7 @@
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.Name", "", NULL, NULL, DM_STRING);
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.NumberOfRetainedFailedReports", "0", Validate_NumberOfRetainedFailedReports, NULL, DM_INT);
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.Protocol", BULKDATA_PROTOCOL_HTTP, Validate_BulkDataProtocol, NULL, DM_STRING);
@@ -116,7 +116,7 @@
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.ReportingInterval", "86400", Validate_BulkDataReportingInterval, NotifyChange_BulkDataReportingInterval, DM_UINT);
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.TimeReference", UNKNOWN_TIME_STR, NULL, NotifyChange_BulkDataTimeReference, DM_DATETIME);
  
-@@ -315,6 +329,13 @@ int DEVICE_BULKDATA_Init(void)
+@@ -312,6 +326,13 @@
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.JSONEncoding.ReportFormat", BULKDATA_JSON_REPORT_FORMAT_NAME_VALUE, Validate_BulkDataReportFormat, NULL, DM_STRING);
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.JSONEncoding.ReportTimestamp", BULKDATA_JSON_TIMESTAMP_FORMAT_EPOCH, Validate_BulkDataReportTimestamp, NULL, DM_STRING);
  
@@ -130,7 +130,7 @@
      // Device.BulkData.Profile.{i}.HTTP
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.HTTP.URL", "", NULL, NotifyChange_BulkDataURL, DM_STRING);
      err |= USP_REGISTER_DBParam_ReadWrite("Device.BulkData.Profile.{i}.HTTP.Username", "", NULL, NULL, DM_STRING);
-@@ -594,9 +615,10 @@ int Validate_BulkDataProtocol(dm_req_t *
+@@ -591,9 +612,10 @@
  int Validate_BulkDataEncodingType(dm_req_t *req, char *value)
  {
      // Exit if trying to set a value outside of the range we accept
@@ -143,7 +143,7 @@
          return USP_ERR_INVALID_VALUE;
      }
  
-@@ -713,6 +735,32 @@ int Validate_BulkDataReportFormat(dm_req
+@@ -676,6 +698,32 @@
  
  /*********************************************************************//**
  **
@@ -176,7 +176,7 @@
  ** Validate_BulkDataReportTimestamp
  **
  ** Validates Device.BulkData.Profile.{i}.JSONEncoding.ReportTimestamp
-@@ -2004,6 +2052,14 @@ int bulkdata_platform_get_profile_contro
+@@ -1970,6 +2018,14 @@
          return err;
      }
  
@@ -191,7 +191,7 @@
      // Exit if unable to get ReportTimestamp
      USP_SNPRINTF(path, sizeof(path), "Device.BulkData.Profile.%d.JSONEncoding.ReportTimestamp", bp->profile_id);
      err = DATA_MODEL_GetParameterValue(path, ctrl_params->report_timestamp, sizeof(ctrl_params->report_timestamp), 0);
-@@ -2020,6 +2076,46 @@ int bulkdata_platform_get_profile_contro
+@@ -1986,6 +2042,46 @@
          return err;
      }
  
@@ -238,7 +238,7 @@
      return USP_ERR_OK;
  }
  
-@@ -2256,7 +2352,7 @@ void bulkdata_process_profile_http(bulkd
+@@ -2222,7 +2318,7 @@
  {
      int err;
      report_t *cur_report;
@@ -247,7 +247,7 @@
      profile_ctrl_params_t ctrl;
      unsigned char *compressed_report;
      int compressed_len;
-@@ -2295,10 +2391,23 @@ void bulkdata_process_profile_http(bulkd
+@@ -2261,10 +2357,23 @@
      }
  
      // Exit if unable to generate the report
@@ -275,7 +275,7 @@
          return;
      }
  
-@@ -2307,14 +2416,14 @@ void bulkdata_process_profile_http(bulkd
+@@ -2273,14 +2382,14 @@
      USP_LOG_Info("BULK DATA: using compression method=%s", ctrl.compression);
      if (enable_protocol_trace)
      {
@@ -294,7 +294,7 @@
      }
      // NOTE: From this point on, only the compressed_report exists
  
-@@ -2344,9 +2453,15 @@ void bulkdata_process_profile_usp_event(
+@@ -2310,9 +2419,15 @@
      kv_vector_t event_args;
      kv_pair_t kv;
      report_t *cur_report;
@@ -311,7 +311,7 @@
  
      // Exit if the MTP has not been connected to successfully after bootup
      // This is to prevent BDC events being enqueued before the Boot! event is sent (the Boot! event is only sent after successfully connecting to the MTP).
-@@ -2355,20 +2470,62 @@ void bulkdata_process_profile_usp_event(
+@@ -2321,20 +2436,62 @@
          goto exit;
      }
  
@@ -385,7 +385,7 @@
      }
  
      // When sending via USP events, only one report is ever sent in each USP event
-@@ -2388,10 +2545,16 @@ void bulkdata_process_profile_usp_event(
+@@ -2354,10 +2511,16 @@
      bp->num_retained_reports = 1;
  
      // Exit if unable to generate the report
@@ -405,7 +405,7 @@
          return;
      }
  
-@@ -2399,15 +2562,15 @@ void bulkdata_process_profile_usp_event(
+@@ -2365,15 +2528,15 @@
  
      // Construct event_args manually to avoid the overhead of a malloc and copy of the report in KV_VECTOR_Add()
      kv.key = "Data";
@@ -424,7 +424,7 @@
  
      // From the point of view of this code, the report(s) have been successfully sent, so don't retain them
      // NOTE: Sending of the reports successfully is delegated to the USP notification retry mechanism
-@@ -2869,6 +3032,319 @@ char *bulkdata_generate_json_report(bulk
+@@ -2835,6 +2998,319 @@
  
  /*********************************************************************//**
  **
@@ -744,7 +744,7 @@
  **  bulkdata_compress_report
  **
  **  Compresses the report to send
-@@ -3020,9 +3496,18 @@ int bulkdata_schedule_sending_http_repor
+@@ -2986,9 +3462,18 @@
          flags |= BDC_FLAG_DATE_HEADER;
      }
  

obuspa/patches/0008-fix_cmake_warning.patch

@@ -1,6 +1,8 @@
+diff --git a/src/protobuf-c/protobuf-c.c b/src/protobuf-c/protobuf-c.c
+index 3dc5473..0a6bde7 100644
 --- a/src/protobuf-c/protobuf-c.c
 +++ b/src/protobuf-c/protobuf-c.c
-@@ -1926,6 +1926,7 @@ repeated_field_pack_to_buffer(const Prot
+@@ -1926,6 +1926,7 @@ repeated_field_pack_to_buffer(const ProtobufCFieldDescriptor *field,
  		buffer->append(buffer, rv, scratch);
  		tmp = pack_buffer_packed_payload(field, count, array, buffer);
  		assert(tmp == payload_len);

obuspa/patches/0010-Return-error-when-XSI-compliant-strerror_r-fails-in-.patch

@@ -1,6 +1,8 @@
+diff --git a/src/core/usp_err.c b/src/core/usp_err.c
+index 1626e58..6db1d42 100755
 --- a/src/core/usp_err.c
 +++ b/src/core/usp_err.c
-@@ -189,7 +189,9 @@ char *USP_ERR_ToString(int err, char *bu
+@@ -189,7 +189,9 @@ char *USP_ERR_ToString(int err, char *buf, int len)
  {
  #if HAVE_STRERROR_R && !STRERROR_R_CHAR_P
      // XSI version of strerror_r

obuspa/patches/0011-max_controllers.patch

@@ -1,6 +1,8 @@
+diff --git a/src/core/mqtt.c b/src/core/mqtt.c
+index 04a1a9c..8cb2ad7 100644
 --- a/src/core/mqtt.c
 +++ b/src/core/mqtt.c
-@@ -233,6 +233,8 @@ void HandleMqttDisconnect(mqtt_client_t
+@@ -234,6 +234,8 @@ void HandleMqttDisconnect(mqtt_client_t *client);
  #define DEFINE_MQTT_TrustCertVerifyCallbackIndex(index) \
  int MQTT_TrustCertVerifyCallback_##index (int preverify_ok, X509_STORE_CTX *x509_ctx) \
  {\
@@ -9,7 +11,7 @@
      return DEVICE_SECURITY_TrustCertVerifyCallbackWithCertChain(preverify_ok, x509_ctx, &mqtt_clients[index].cert_chain);\
  }
  
-@@ -243,6 +245,11 @@ DEFINE_MQTT_TrustCertVerifyCallbackIndex
+@@ -244,6 +246,11 @@ DEFINE_MQTT_TrustCertVerifyCallbackIndex(1);
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(2);
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(3);
  DEFINE_MQTT_TrustCertVerifyCallbackIndex(4);
@@ -21,7 +23,7 @@
  // Add more, with incrementing indexes here, if you change MAX_MQTT_CLIENTS
  
  //------------------------------------------------------------------------------------
-@@ -253,10 +260,15 @@ ssl_verify_callback_t* mqtt_verify_callb
+@@ -254,10 +261,15 @@ ssl_verify_callback_t* mqtt_verify_callbacks[] = {
      MQTT_TrustCertVerifyCallbackIndex(2),
      MQTT_TrustCertVerifyCallbackIndex(3),
      MQTT_TrustCertVerifyCallbackIndex(4),

obuspa/patches/0012-check_mqtt_host_alive.patch

@@ -1,3 +1,5 @@
+diff --git a/src/core/mqtt.c b/src/core/mqtt.c
+index 70a10c2..e8a39cf 100644
 --- a/src/core/mqtt.c
 +++ b/src/core/mqtt.c
 @@ -63,6 +63,8 @@
@@ -9,7 +11,7 @@
  // Defines for MQTT Property Values
  #define PUBLISH 0x30
  #define CONTENT_TYPE 3
-@@ -2192,6 +2194,75 @@ exit:
+@@ -2180,6 +2182,75 @@ exit:
      }
  }
  
@@ -85,7 +87,7 @@
  /*********************************************************************//**
  **
  ** PerformMqttClientConnect
-@@ -2261,6 +2332,14 @@ int PerformMqttClientConnect(mqtt_client
+@@ -2249,6 +2320,14 @@ int PerformMqttClientConnect(mqtt_client_t *client)
          keep_alive = 5;
      }
  

obuspa/patches/0013-mqtt-retry-param-change.patch

@@ -1,76 +0,0 @@
-diff --git a/src/core/device_mqtt.c b/src/core/device_mqtt.c
-index 7438e59..231d941 100755
---- a/src/core/device_mqtt.c
-+++ b/src/core/device_mqtt.c
-@@ -1612,14 +1612,23 @@ int NotifyChange_MQTTRequestProblemInfo(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryTime(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-     // Set the new value.
-+    if ((mp->retry.connect_retrytime != val_uint) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     mp->retry.connect_retrytime = val_uint;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 
-@@ -1638,14 +1647,23 @@ int NotifyChange_MQTTConnectRetryTime(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryIntervalMultiplier(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-+    if ((mp->retry.interval_multiplier != val_int) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     // Set the new value.
-     mp->retry.interval_multiplier = val_int;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 
-@@ -1664,14 +1682,23 @@ int NotifyChange_MQTTConnectRetryIntervalMultiplier(dm_req_t *req, char *value)
- int NotifyChange_MQTTConnectRetryMaxInterval(dm_req_t *req, char *value)
- {
-     mqtt_conn_params_t *mp;
-+    bool schedule_reconnect = false;
- 
-     // Determine mqtt client to be updated
-     mp = FindMqttParamsByInstance(inst1);
-     USP_ASSERT(mp != NULL);
- 
-+    if ((mp->retry.max_interval != val_uint) && (mp->enable)) {
-+        schedule_reconnect = true;
-+    }
-+
-     // Set the new value.
-     mp->retry.max_interval = val_uint;
- 
-+    if (schedule_reconnect) {
-+        ScheduleMqttReconnect(mp);
-+    }
-+
-     return USP_ERR_OK;
- }
- 

obuspa/patches/0014-persist-connack-clientid.patch

@@ -1,78 +0,0 @@
---- a/src/core/mqtt.c
-+++ b/src/core/mqtt.c
-@@ -55,6 +55,8 @@
- #include "retry_wait.h"
- #include "text_utils.h"
- #include "msg_handler.h"
-+#include "data_model.h"
-+#include "usp_api.h"
- 
- #include <openssl/ssl.h>
- #include <openssl/bio.h>
-@@ -2517,6 +2519,37 @@ exit:
- 
- /*********************************************************************//**
- **
-+** handle_db_set_client_id
-+**
-+** Allows the caller to set client Id in DB from the data model thread
-+**
-+** \param   arg1 - pointer to the client id path
-+** \param   arg2 - pointer to the client id value
-+**
-+** \return  None
-+**
-+**************************************************************************/
-+void handle_db_set_client_id(void *arg1, void *arg2)
-+{
-+    if ((arg1 == NULL) || (arg2 == NULL)) {
-+        USP_SAFE_FREE(arg1);
-+        USP_SAFE_FREE(arg2);
-+        return;
-+    }
-+
-+    char *param_path = (char *)arg1;
-+    char *param_val = (char *)arg2;
-+
-+    if (USP_ERR_OK != DATA_MODEL_SetParameterInDatabase(param_path, param_val)) {
-+        USP_LOG_Debug("%s: Failed to set %s=>%s from CONNACK", __FUNCTION__, param_path, param_val);
-+    }
-+
-+    USP_SAFE_FREE(param_path);
-+    USP_SAFE_FREE(param_val);
-+}
-+
-+/*********************************************************************//**
-+**
- ** ConnectV5Callback
- **
- ** Called by Libmosquitto when the CONNACK packet is received on an MQTTv5 connection
-@@ -2590,8 +2623,26 @@ void ConnectV5Callback(struct mosquitto
-               &client_id_ptr, false /* skip first */) != NULL)
-         {
-             USP_LOG_Debug("%s: Received client_id: \"%s\"", __FUNCTION__, client_id_ptr);
--            USP_SAFE_FREE(client->conn_params.client_id);
--            client->conn_params.client_id = USP_STRDUP(client_id_ptr);
-+
-+            if (client->conn_params.client_id == NULL || strcmp(client->conn_params.client_id, client_id_ptr) != 0) {
-+                USP_SAFE_FREE(client->conn_params.client_id);
-+                client->conn_params.client_id = USP_STRDUP(client_id_ptr);
-+
-+                // Persist client id from CONNACK in DB
-+                char buf[128] = {0}, *param_path = NULL, *param_val = NULL;
-+
-+                snprintf(buf, 128, "Device.MQTT.Client.%d.ClientID", instance);
-+
-+                param_path = USP_STRDUP(buf);
-+                param_val = USP_STRDUP(client_id_ptr);
-+
-+                if (USP_ERR_OK != USP_PROCESS_DoWork(handle_db_set_client_id, param_path, param_val)) {
-+                    USP_LOG_Debug("%s: Failed to schedule set in data model thread for client id from CONNACK", __FUNCTION__);
-+                    USP_SAFE_FREE(param_path);
-+                    USP_SAFE_FREE(param_val);
-+                }
-+            }
-+
-             free(client_id_ptr);
-         }
- 

obuspa/patches/0020-fix_segfault_invalid_uds.patch

@@ -1,14 +0,0 @@
---- a/src/core/device_uds.c
-+++ b/src/core/device_uds.c
-@@ -182,10 +182,7 @@ int DEVICE_UDS_Start(void)
-             USP_SNPRINTF(path, sizeof(path), "%s.%d", device_uds_conn_root, instance);
-             USP_LOG_Warning("%s: Deleting %s as it contained invalid parameters.", __FUNCTION__, path);
-             err = DATA_MODEL_DeleteInstance(path, 0);
--            if (err != USP_ERR_OK)
--            {
--                goto exit;
--            }
-+            goto exit;
-         }
- 
-         ucp = FindUdsParamsByInstance(instance);

qosmngr/Makefile

@@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=qosmngr
-PKG_VERSION:=1.0.14
+PKG_VERSION:=1.0.11
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=c4db530aae2392f94494814eefc977118519089b
+PKG_SOURCE_VERSION:=56829e15bdce24a3eb4f8dfa43355d4b25632c48
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/qosmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -36,8 +36,6 @@ define Package/qosmngr/description
 	Configures L2 QoS and collects queue statistics
 endef
 
-TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
-
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
         $(CP) -rf ./qosmngr/* $(PKG_BUILD_DIR)/
@@ -56,7 +54,6 @@ endif
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/qosmngr $(1)/usr/sbin
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/bbf_plugin/libqos_bbf.so $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/bbf_plugin/libqos_vendor_bbf.so $(1) $(PKG_NAME)
 endef
 
 $(eval $(call BuildPackage,qosmngr))

qosmngr/files/airoha/lib/qos/airoha.sh

@@ -190,18 +190,11 @@ hw_commit_all() {
             ;;
     esac
 
-    rm -f "/tmp/qos/wan_link_shape_rate"
-    rm -f "/tmp/qos/wan_link_speed"
     if [ "${glob_alg}" != "" ] ; then
         /userfs/bin/qosrule discpline $(hw_sc_alg2str ${glob_alg}) ${weight_list} \
                             uplink-bandwidth ${shape_rate:-10000000} \
                             queuemask "$(((1 << q_count) - 1))"
         echo ${mac_qos_flag} > /proc/qdma_wan/mac_qos_flag
-        if [ -n "${shape_rate}" ]; then
-            echo "${shape_rate}" > "/tmp/qos/wan_link_shape_rate"
-        else
-            /usr/sbin/qos-uplink-bandwidth
-        fi
     else
         /userfs/bin/qosrule discpline Enable 0
     fi

qosmngr/files/airoha/usr/sbin/qos-uplink-bandwidth

@@ -2,10 +2,8 @@
 
 readonly WANPORT="$(jsonfilter -i /etc/board.json -e @.network.wan.device)"
 readonly LINKSPEED_FILE="/tmp/qos/wan_link_speed"
-readonly LINKSHAPE_FILE="/tmp/qos/wan_link_shape_rate"
 
-[ -z "${PORT}" -o "${WANPORT}" = "${PORT}" ] || exit 0
-[ -f "${LINKSHAPE_FILE}" ] && exit 0
+[ "${WANPORT}" = "${PORT}" ] || exit 0
 
 LINKSPEED="$(devstatus "${WANPORT}" | jsonfilter -e '@["speed"]' | tr -d 'A-Z')"
 PREV_LINKSPEED=$(cat ${LINKSPEED_FILE} 2>/dev/null)

qosmngr/files/common/lib/qos/classify.sh

@@ -43,7 +43,6 @@ sort_classify_by_order() {
 handle_classify() {
 
     local corder_file="/tmp/qos/classify.order"
-    local interf=""
 
     while read -r line; do
         line_cid=${line#*_}
@@ -61,19 +60,6 @@ handle_classify() {
 	    handle_policer_rules $line_cid
         fi
     done < "$corder_file"
-    # Handling config for DSCP to pbit conversion:
-    # For a given port there can be 64 dscp2pbit mapping and each mapping is
-    # represented by one UCI config classify section. So there can be 64 possible
-    # config classify.
-    #
-    # For each port, traverse all config classify section and
-    # extract DSCP to P-bit conversion info.
-    # generate, dscp2pbit mapping list.
-    # Then apply dscp2pbit rule
-    for interf in $(jsonfilter -i /etc/board.json -e @.network.lan.ports[*] -e @.network.lan.device -e @.network.wan.device | xargs); do
-        handle_ebtables_dscp2pbit "$interf"
-        [ -n "$BR_RULE_DSCP2PBIT" ] && broute_apply_dscp2pbit_rule
-    done
 }
 
 # Configure classifier based on UCI subtree 'qos.classify'
@@ -121,7 +107,7 @@ setup_qos() {
         touch /tmp/qos/qos
         cp /etc/config/qos /tmp/qos/qos
     fi
-
+	
     create_ebtables_chains
     create_iptables_chains
 }

qosmngr/files/common/lib/qos/ebtables.sh

@@ -3,23 +3,12 @@
 
 BR_RULE=""
 BR6_RULE=""
-BR_RULE_DSCP2PBIT=""
-DSCP2PBIT_MAPPING=""
 
 init_broute_rule() {
     BR_RULE=""
     BR6_RULE=""
 }
 
-init_broute_dscp2pbit_rule() {
-    BR_RULE_DSCP2PBIT=""
-    DSCP2PBIT_MAPPING=""
-}
-
-broute_filter_on_l3_if() {
-    BR_RULE="$BR_RULE --logical-in $1"
-}
-
 broute_filter_on_src_if() {
     BR_RULE="$BR_RULE --in-if $1"
 }
@@ -114,7 +103,7 @@ ebt_match_ip_icmp_type() {
 ebt_match_ipv6_protocol() {
     #when ethertype is not configured by user then both proto rules of ipv4
     #and ipv6 to be installed so update BR6_RULE string as well otherwise
-    #update BR_RULE only for installation of ipv6 proto rule only.
+    #update BR_RULE only for installation of ipv6 proto rule only.	
     if [ -n "$BR6_RULE" ]; then
         BR6_RULE="$BR6_RULE --ip6-proto $1"
     else
@@ -150,39 +139,14 @@ broute_filter_on_vid() {
 }
 
 broute_append_rule() {
-    # if src_if is loopback, then add the rule to OUTPUT(qos_output) chain of nat table
-    if [ "$src_if" = "lo" ]; then
-        echo "ebtables --concurrent -t nat -A qos_output $BR_RULE" >> /tmp/qos/classify.ebtables
-        if [ -n "$BR6_RULE" ]; then
-            echo "ebtables --concurrent -t nat -A qos_output $BR6_RULE" >> /tmp/qos/classify.ebtables
-        fi
-	return
-    fi
-
-    local broute_chain="$1"
     #when ethertype is not configured by user then both proto rules of ipv4
     #and ipv6 to be installed otherwise install ipv6 proto rule only.
-    echo "ebtables --concurrent -t broute -A $broute_chain $BR_RULE" >> /tmp/qos/classify.ebtables
+    echo "ebtables --concurrent -t broute -A qos $BR_RULE" >> /tmp/qos/classify.ebtables
     if [ -n "$BR6_RULE" ]; then
-        echo "ebtables --concurrent -t broute -A $broute_chain $BR6_RULE" >> /tmp/qos/classify.ebtables
+        echo "ebtables --concurrent -t broute -A qos $BR6_RULE" >> /tmp/qos/classify.ebtables
     fi
 }
 
-broute_apply_dscp2pbit_rule() {
-    # Write dscp2pbit broute rule to classify.ebtables file
-    echo "ebtables --concurrent -t broute -A dscp2pbits -p 0x8100 $BR_RULE_DSCP2PBIT" >> /tmp/qos/classify.ebtables
-}
-
-broute_rule_set_xlate_vid_pbit() {
-    local vid_mark="$1"
-    local pcp_mark="$2"
-
-    BR_RULE="$BR_RULE -j vlantranslation"
-    [ -n "$vid_mark" ] && BR_RULE="$BR_RULE --vlanxlate-vid-set $vid_mark"
-    [ -n "$pcp_mark" ] && BR_RULE="$BR_RULE --vlanxlate-prio-set $pcp_mark"
-    BR_RULE="$BR_RULE --vlanxlate-target CONTINUE"
-}
-
 set_ip_addr()
 {
     local cid="$1"
@@ -270,18 +234,12 @@ handle_ebtables_rules() {
     local protocol=""
     local ip_version=""
 
-    config_get pcp_mark "$sid" "pcp_mark"
-    config_get dscp_filter "$sid" "dscp_filter"
-    # return if its a classfy section for DSCP to p-bit mapping
-    if [ -n "$pcp_mark" ] && [ -n "$dscp_filter" ]; then
-        return
-    fi
-
     init_broute_rule
 
     config_get src_if "$sid" "ifname"
     config_get src_mac "$sid" "src_mac"
     config_get dst_mac "$sid" "dst_mac"
+    config_get dscp_filter "$sid" "dscp_filter"
     config_get pcp_check "$sid" "pcp_check"
     config_get eth_type "$sid" "ethertype"
     config_get vid "$sid" "vid_check"
@@ -295,13 +253,6 @@ handle_ebtables_rules() {
     config_get traffic_class "$sid" "traffic_class"
     config_get protocol "$sid" "proto"
     config_get all_interfaces "$sid" "all_interfaces"
-    config_get l3_ifname "$sid" "l3_ifname"
-    config_get vid_mark "$sid" "vid_mark"
-
-    if [ -n "$l3_ifname" ]; then
-        broute_filter_on_l3_if "$l3_ifname"
-        is_l2_rule=1
-    fi
 
     if [ "$all_interfaces" == "1" ]; then
 	is_l2_rule=1
@@ -452,83 +403,11 @@ handle_ebtables_rules() {
 
     [ -n "$traffic_class" ] && broute_rule_set_traffic_class "$traffic_class"
 
-    if [ -n "$vid_mark" ] || [ -n "$pcp_mark" ]; then
-        broute_rule_set_xlate_vid_pbit "$vid_mark" "$pcp_mark"
-    fi
-
-    if [ -n "$BR_RULE" ]; then
-        if [ -n "$vid_mark" ] || [ -n "$pcp_mark" ]; then
-            broute_append_rule "prevlanxlate" "$src_if"
-        else
-            broute_append_rule "qos" "$src_if"
-        fi
-    fi
-}
-
-handle_ebtables_dscp2pbit() {
-    local in_if=$1
-    local dscp_filter=""
-    local pcp_mark=""
-    local ifname=""
-    local dscp2pbit_mapping_list=""
-    local corder_file="/tmp/qos/classify.order"
-
-    if [ -z "$in_if" ]; then
-        return
-    fi
-
-    init_broute_dscp2pbit_rule
-    while read -r line; do
-        line_cid=${line#*_}
-        config_get dscp_filter "$line_cid" "dscp_filter"
-        config_get pcp_mark "$line_cid" "pcp_mark"
-
-        # return if not a dscp to p-bit rule
-        if [ -z "$dscp_filter" ] || [ -z "$pcp_mark" ]; then
-            continue
-        fi
-
-        config_get ifname "$line_cid" "ifname"
-
-        # return if this config is not for the currently processing interface (in_if)
-        if [ -n "$ifname" ] && [ "$ifname" != "$in_if" ]; then
-            continue
-        fi
-
-        dscp2pbit_mapping_list="$dscp2pbit_mapping_list,$dscp_filter=$pcp_mark"
-    done < "$corder_file"
-
-    # if not dscp2pbit config found for our interface, return
-    [ -z "$dscp2pbit_mapping_list" ] && return
-
-    # remove first character(comma) from the dscp2pbit_mapping_list, not required.
-    dscp2pbit_mapping_list="${dscp2pbit_mapping_list:1}"
-
-    # construct ebtables rule:
-    BR_RULE_DSCP2PBIT=" -i $in_if -j dscp2pbit --dscp2pbit-mapping $dscp2pbit_mapping_list --dscp2pbit-target CONTINUE"
+    [ -n "$BR_RULE" ] && broute_append_rule
 }
 
 create_ebtables_chains() {
-
-    ebtables --concurrent -t nat -N qos_output -P RETURN 2> /dev/null
-    ret=$?
-    if [ $ret -eq 0 ]; then
-        ebtables --concurrent -t nat -A OUTPUT -j qos_output
-    else
-        ebtables --concurrent -t nat -D OUTPUT -j qos_output
-        ebtables --concurrent -t nat -A OUTPUT -j qos_output
-    fi
-
-    ebtables --concurrent -t broute -N dscp2pbits -P RETURN 2> /dev/null
-    ret=$?
-    if [ $ret -eq 0 ]; then
-        ebtables --concurrent -t broute -A BROUTING -j dscp2pbits
-    else
-        ebtables --concurrent -t broute -D BROUTING -j dscp2pbits
-        ebtables --concurrent -t broute -A BROUTING -j dscp2pbits
-    fi
-
-    ebtables --concurrent -t broute -N qos -P RETURN 2> /dev/null
+    ebtables --concurrent -t broute -N qos 2> /dev/null
     ret=$?
     if [ $ret -eq 0 ]; then
         ebtables --concurrent -t broute -A BROUTING -j qos
@@ -536,22 +415,9 @@ create_ebtables_chains() {
         ebtables --concurrent -t broute -D BROUTING -j qos
         ebtables --concurrent -t broute -A BROUTING -j qos
     fi
-
-    ebtables --concurrent -t broute -N prevlanxlate -P RETURN 2> /dev/null
-    ret=$?
-
-    if [ $ret -eq 0 ]; then
-        ebtables --concurrent -t broute -I BROUTING -j prevlanxlate
-    else
-        ebtables --concurrent -t broute -D BROUTING -j prevlanxlate
-        ebtables --concurrent -t broute -I BROUTING -j prevlanxlate
-    fi
 }
 
 flush_ebtables_chains() {
-    echo "ebtables -t nat -F qos_output" > /tmp/qos/classify.ebtables
     echo "ebtables -t broute -F qos" > /tmp/qos/classify.ebtables
-    echo "ebtables -t broute -F dscp2pbits" >> /tmp/qos/classify.ebtables
-    echo "ebtables -t broute -F prevlanxlate" >> /tmp/qos/classify.ebtables
 }
 

qosmngr/files/common/lib/qos/iptables.sh

@@ -137,7 +137,6 @@ handle_iptables_rules() {
     config_get ifname "$cid" "ifname"
     config_get all_interfaces "$cid" "all_interfaces"
     config_get icmp_type "$cid" "icmp_type"
-    config_get l3_ifname "$cid" "l3_ifname"
 
     #check version of ip
     case $src_ip$dest_ip in
@@ -155,8 +154,6 @@ handle_iptables_rules() {
     if ! [ "$all_interfaces" == "1" ]; then
 	if [ -n "$ifname" -a "$ifname" != "lo" ]; then
 	    iptables_filter_intf "$ifname"
-	elif [ -n "$l3_ifname" -a "$l3_ifname" != "lo" ]; then
-	    iptables_filter_intf "$l3_ifname"
 	fi
     fi
 

ssdpd/src/datamodel.c

@@ -14,6 +14,7 @@ struct upnpdiscovery {
 	char *uuid;
 	char *urn;
 	char *descurl;
+	struct uci_section *dmmap_sect;
 };
 
 struct upnp_device_inst {
@@ -31,6 +32,7 @@ struct upnp_device_inst {
 	char *preentation_url;
 	char *parentudn;
 	char *upc;
+	struct uci_section *dmmap_sect;
 };
 
 struct upnp_service_inst {
@@ -40,10 +42,12 @@ struct upnp_service_inst {
 	char *scpdurl;
 	char *controlurl;
 	char *eventsuburl;
+	struct uci_section *dmmap_sect;
 };
 
 struct upnp_description_file_info {
 	char *desc_url;
+	struct uci_section *dmmap_sect;
 };
 
 /*************************************************************
@@ -54,9 +58,9 @@ static int browseUPnPDiscoveryRootDeviceInst(struct dmctx *dmctx, DMNODE *parent
 	json_object *res = NULL, *root_devices = NULL, *device = NULL;
 	struct upnpdiscovery upnp_dev = {0};
 	char *descurl = NULL, *st = NULL, *usn = NULL, *inst = NULL;
+	struct uci_section *dmmap_sect = NULL;
 	char buf[512] = {0};
 	int root_inst = 0;
-	struct dm_data data = {0};
 
 	dmubus_call("upnp", "discovery", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -93,11 +97,16 @@ static int browseUPnPDiscoveryRootDeviceInst(struct dmctx *dmctx, DMNODE *parent
 		upnp_dev.st = dmstrdup(st);
 		upnp_dev.usn = dmstrdup(usn);
 
-		data.additional_data = (void *)&upnp_dev;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_root_device", "uuid", upnp_dev.urn)) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_root_device", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "uuid", upnp_dev.urn);
+		}
+
+		upnp_dev.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, ++root_inst);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_dev, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -108,8 +117,8 @@ static int browseUPnPDiscoveryDeviceInst(struct dmctx *dmctx, DMNODE *parent_nod
 	json_object *res = NULL, *devices = NULL, *device = NULL;
 	struct upnpdiscovery upnp_dev = {0};
 	char *dev_descurl = NULL, *dev_st = NULL, *dev_usn = NULL, *inst = NULL;
+	struct uci_section *dmmap_sect = NULL;
 	char buf[512] = {0};
-	struct dm_data data = {0};
 
 	dmubus_call("upnp", "discovery", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -146,11 +155,16 @@ static int browseUPnPDiscoveryDeviceInst(struct dmctx *dmctx, DMNODE *parent_nod
 		upnp_dev.st = dmstrdup(dev_st);
 		upnp_dev.usn = dmstrdup(dev_usn);
 
-		data.additional_data = (void *)&upnp_dev;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_device", "uuid", upnp_dev.uuid)) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_device", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "uuid", upnp_dev.uuid);
+		}
+
+		upnp_dev.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, i+1);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_dev, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -161,8 +175,8 @@ static int browseUPnPDiscoveryServiceInst(struct dmctx *dmctx, DMNODE *parent_no
 	json_object *res = NULL,  *services = NULL, *service = NULL;
 	struct upnpdiscovery upnp_dev = {0};
 	char *srv_descurl = NULL, *srv_st = NULL, *srv_usn = NULL, *inst = NULL;
+	struct uci_section* dmmap_sect = NULL;
 	char buf[512] = {0};
-	struct dm_data data = {0};
 
 	dmubus_call("upnp", "discovery", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -200,11 +214,16 @@ static int browseUPnPDiscoveryServiceInst(struct dmctx *dmctx, DMNODE *parent_no
 		upnp_dev.st = dmstrdup(srv_st);
 		upnp_dev.usn = dmstrdup(srv_usn);
 
-		data.additional_data = (void *)&upnp_dev;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_service", "usn", srv_usn)) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_service", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "usn", srv_usn);
+		}
+
+		upnp_dev.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, i+1);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_dev, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -215,7 +234,7 @@ static int browseUPnPDescriptionDeviceDescriptionInst(struct dmctx *dmctx, DMNOD
 	json_object *res = NULL, *descriptions = NULL, *description = NULL;
 	struct upnp_description_file_info upnp_desc = {0};
 	char *descurl = NULL, *inst = NULL;
-	struct dm_data data = {0};
+	struct uci_section* dmmap_sect = NULL;
 
 	dmubus_call("upnp", "description", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -230,11 +249,15 @@ static int browseUPnPDescriptionDeviceDescriptionInst(struct dmctx *dmctx, DMNOD
 		descurl = dmjson_get_value(description, 1, "desc_url");
 		upnp_desc.desc_url = dmstrdup(descurl);
 
-		data.additional_data = (void *)&upnp_desc;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_description", "descurl", descurl)) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_description", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "descurl", descurl);
+		}
+		upnp_desc.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, i+1);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_desc, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -245,8 +268,8 @@ static int browseUPnPDescriptionDeviceInstanceInst(struct dmctx *dmctx, DMNODE *
 	json_object *res = NULL,  *devices_instances = NULL, *device_inst = NULL;
 	struct upnp_device_inst upnp_dev_inst = {};
 	char *inst = NULL;
+	struct uci_section* dmmap_sect = NULL;
 	int i;
-	struct dm_data data = {0};
 
 	dmubus_call("upnp", "description", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -271,11 +294,16 @@ static int browseUPnPDescriptionDeviceInstanceInst(struct dmctx *dmctx, DMNODE *
 		dmasprintf(&upnp_dev_inst.udn, "%s", dmjson_get_value(device_inst, 1, "UDN"));
 		dmasprintf(&upnp_dev_inst.upc, "%s", dmjson_get_value(device_inst, 1, "UPC"));
 
-		data.additional_data = (void *)&upnp_dev_inst;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_device_inst", "udn", dmjson_get_value(device_inst, 1, "UDN"))) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_device_inst", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "udn", dmjson_get_value(device_inst, 1, "UDN"));
+		}
+
+		upnp_dev_inst.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, i+1);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_dev_inst, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -286,8 +314,8 @@ static int browseUPnPDescriptionServiceInstanceInst(struct dmctx *dmctx, DMNODE
 	json_object *res = NULL, *services_instances = NULL, *service_inst = NULL;
 	struct upnp_service_inst upnp_services_inst = {};
 	char *inst = NULL;
+	struct uci_section* dmmap_sect = NULL;
 	int i;
-	struct dm_data data = {0};
 
 	dmubus_call("upnp", "description", UBUS_ARGS{{}}, 0, &res);
 	if (res == NULL)
@@ -305,11 +333,16 @@ static int browseUPnPDescriptionServiceInstanceInst(struct dmctx *dmctx, DMNODE
 		dmasprintf(&upnp_services_inst.controlurl, "%s", dmjson_get_value(service_inst, 1, "controlURL"));
 		dmasprintf(&upnp_services_inst.eventsuburl, "%s", dmjson_get_value(service_inst, 1, "eventSubURL"));
 
-		data.additional_data = (void *)&upnp_services_inst;
+		if ((dmmap_sect = get_dup_section_in_dmmap_opt("dmmap_upnp", "upnp_service_inst", "serviceid", dmjson_get_value(service_inst, 1, "serviceId"))) == NULL) {
+			dmuci_add_section_bbfdm("dmmap_upnp", "upnp_service_inst", &dmmap_sect);
+			dmuci_set_value_by_section_bbfdm(dmmap_sect, "serviceid", dmjson_get_value(service_inst, 1, "serviceId"));
+		}
+
+		upnp_services_inst.dmmap_sect = dmmap_sect;
 
 		inst = handle_instance_without_section(dmctx, parent_node, i+1);
 
-		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)&data, inst) == DM_STOP)
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, &upnp_services_inst, inst) == DM_STOP)
 			break;
 	}
 	return 0;
@@ -384,76 +417,67 @@ static int get_UPnPDiscovery_ServiceNumberOfEntries(char *refparam, struct dmctx
 /*#Device.UPnP.Discovery.RootDevice.{i}.UUID!UBUS:upnpc/discovery//devices[i-1].st*/
 static int get_UPnPDiscoveryRootDevice_UUID(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->uuid;
+	*value = ((struct upnpdiscovery *)data)->uuid;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.RootDevice.{i}.USN!UBUS:upnpc/discovery//devices[i-1].usn*/
 static int get_UPnPDiscoveryRootDevice_USN(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->usn;
+	*value = ((struct upnpdiscovery *)data)->usn;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.RootDevice.{i}.Location!UBUS:upnpc/discovery//devices[i-1].descurl*/
 static int get_UPnPDiscoveryRootDevice_Location(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->descurl;
+	*value = ((struct upnpdiscovery *)data)->descurl;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.Device.{i}.UUID!UBUS:upnpc/discovery//devices[i-1].st*/
 static int get_UPnPDiscoveryDevice_UUID(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->uuid;
+	*value = ((struct upnpdiscovery *)data)->uuid;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.Device.{i}.USN!UBUS:upnpc/discovery//devices[i-1].usn*/
 static int get_UPnPDiscoveryDevice_USN(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->usn;
+	*value = ((struct upnpdiscovery *)data)->usn;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.Device.{i}.Location!UBUS:upnpc/discovery//devices[i-1].descurl*/
 static int get_UPnPDiscoveryDevice_Location(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->descurl;
+	*value = ((struct upnpdiscovery *)data)->descurl;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.Service.{i}.USN!UBUS:upnpc/discovery//services[i-1].usn*/
 static int get_UPnPDiscoveryService_USN(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->usn;
+	*value = ((struct upnpdiscovery *)data)->usn;
 	return 0;
 }
 
 /*#Device.UPnP.Discovery.Service.{i}.Location!UBUS:upnpc/discovery//services[i-1].descurl*/
 static int get_UPnPDiscoveryService_Location(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnpdiscovery *)(p->additional_data))->descurl;
+	*value = ((struct upnpdiscovery *)data)->descurl;
 	return 0;
 }
 
 static int get_UPnPDiscoveryService_ParentDevice(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
 	char buf[256] = {0};
-	struct dm_data *p = (struct dm_data *)data;
 
-	bbfdm_get_references(ctx, MATCH_FIRST, "Device.UPnP.Discovery.Device.", "UUID", ((struct upnpdiscovery *)(p->additional_data))->uuid, buf, sizeof(buf));
+	bbfdm_get_references(ctx, MATCH_FIRST, "Device.UPnP.Discovery.Device.", "UUID", ((struct upnpdiscovery *)data)->uuid, buf, sizeof(buf));
 
 	if (!DM_STRLEN(buf))
-		bbfdm_get_references(ctx, MATCH_FIRST, "Device.UPnP.Discovery.RootDevice.", "UUID", ((struct upnpdiscovery *)(p->additional_data))->uuid, buf, sizeof(buf));
+		bbfdm_get_references(ctx, MATCH_FIRST, "Device.UPnP.Discovery.RootDevice.", "UUID", ((struct upnpdiscovery *)data)->uuid, buf, sizeof(buf));
 
 	*value = dmstrdup(buf);
 	return 0;
@@ -483,30 +507,26 @@ static int get_UPnPDescription_ServiceInstanceNumberOfEntries(char *refparam, st
 /*#Device.UPnP.Description.DeviceDescription.{i}.URLBase!UBUS:upnpc/description//descriptions[i-1].descurl*/
 static int get_UPnPDescriptionDeviceDescription_URLBase(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_description_file_info *)(p->additional_data))->desc_url;
+	*value = ((struct upnp_description_file_info *)data)->desc_url;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.UDN!UBUS:upnpc/description//devicesinstances[i-1].UDN*/
 static int get_UPnPDescriptionDeviceInstance_UDN(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->udn;
+	*value = ((struct upnp_device_inst *)data)->udn;
 	return 0;
 }
 
 static int get_UPnPDescriptionDeviceInstance_ParentDevice(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	_bbfdm_get_references(ctx, "Device.UPnP.Description.DeviceInstance.", "UDN", ((struct upnp_device_inst *)(p->additional_data))->parentudn, value);
+	_bbfdm_get_references(ctx, "Device.UPnP.Description.DeviceInstance.", "UDN", ((struct upnp_device_inst *)data)->parentudn, value);
 	return 0;
 }
 
 static int get_UPnPDescriptionDeviceInstance_DiscoveryDevice(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	struct upnp_device_inst *upnpdevinst = (struct upnp_device_inst *)(p->additional_data);
+	struct upnp_device_inst *upnpdevinst = (struct upnp_device_inst *)data;
 
 	if (upnpdevinst->udn && upnpdevinst->udn[0]) {
 		char buf[256] = {0};
@@ -531,112 +551,98 @@ static int get_UPnPDescriptionDeviceInstance_DiscoveryDevice(char *refparam, str
 /*#Device.UPnP.Description.DeviceInstance.{i}.DeviceType!UBUS:upnpc/description//devicesinstances[i-1].deviceType*/
 static int get_UPnPDescriptionDeviceInstance_DeviceType(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->device_type;
+	*value = ((struct upnp_device_inst *)data)->device_type;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.FriendlyName!UBUS:upnpc/description//devicesinstances[i-1].friendlyName*/
 static int get_UPnPDescriptionDeviceInstance_FriendlyName(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->friendly_name;
+	*value = ((struct upnp_device_inst *)data)->friendly_name;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.Manufacturer!UBUS:upnpc/description//devicesinstances[i-1].manufacturer*/
 static int get_UPnPDescriptionDeviceInstance_Manufacturer(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->manufacturer;
+	*value = ((struct upnp_device_inst *)data)->manufacturer;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.ManufacturerURL!UBUS:upnpc/description//devicesinstances[i-1].manufacturerURL*/
 static int get_UPnPDescriptionDeviceInstance_ManufacturerURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->manufacturer_url;
+	*value = ((struct upnp_device_inst *)data)->manufacturer_url;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.ModelDescription!UBUS:upnpc/description//devicesinstances[i-1].modelDescription*/
 static int get_UPnPDescriptionDeviceInstance_ModelDescription(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->model_description;
+	*value = ((struct upnp_device_inst *)data)->model_description;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.ModelName!UBUS:upnpc/description//devicesinstances[i-1].modelName*/
 static int get_UPnPDescriptionDeviceInstance_ModelName(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->model_name;
+	*value = ((struct upnp_device_inst *)data)->model_name;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.ModelNumber!UBUS:upnpc/description//devicesinstances[i-1].modelNumber*/
 static int get_UPnPDescriptionDeviceInstance_ModelNumber(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->model_number;
+	*value = ((struct upnp_device_inst *)data)->model_number;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.ModelURL!UBUS:upnpc/description//devicesinstances[i-1].modelURL*/
 static int get_UPnPDescriptionDeviceInstance_ModelURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->model_url;
+	*value = ((struct upnp_device_inst *)data)->model_url;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.SerialNumber!UBUS:upnpc/description//devicesinstances[i-1].serialNumber*/
 static int get_UPnPDescriptionDeviceInstance_SerialNumber(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->serial_number;
+	*value = ((struct upnp_device_inst *)data)->serial_number;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.UPC!UBUS:upnpc/description//devicesinstances[i-1].UPC*/
 static int get_UPnPDescriptionDeviceInstance_UPC(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->upc;
+	*value = ((struct upnp_device_inst *)data)->upc;
 	return 0;
 }
 
 /*#Device.UPnP.Description.DeviceInstance.{i}.PresentationURL!UBUS:upnpc/description//devicesinstances[i-1].preentation_url*/
 static int get_UPnPDescriptionDeviceInstance_PresentationURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_device_inst *)(p->additional_data))->preentation_url;
+	*value = ((struct upnp_device_inst *)data)->preentation_url;
 	return 0;
 }
 
 static int get_UPnPDescriptionServiceInstance_ParentDevice(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	_bbfdm_get_references(ctx, "Device.UPnP.Description.DeviceInstance.", "UDN", ((struct upnp_service_inst *)(p->additional_data))->parentudn, value);
+	_bbfdm_get_references(ctx, "Device.UPnP.Description.DeviceInstance.", "UDN", ((struct upnp_service_inst *)data)->parentudn, value);
 	return 0;
 }
 
 /*#Device.UPnP.Description.ServiceInstance.{i}.ServiceId!UBUS:upnpc/description//servicesinstances[i-1].serviceId*/
 static int get_UPnPDescriptionServiceInstance_ServiceId(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_service_inst *)(p->additional_data))->serviceid;
+	*value = ((struct upnp_service_inst *)data)->serviceid;
 	return 0;
 }
 
 static int get_UPnPDescriptionServiceInstance_ServiceDiscovery(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
 	char usn[512] = {0};
-	struct dm_data *p = (struct dm_data *)data;
 
-	snprintf(usn, sizeof(usn), "%s::%s", ((struct upnp_service_inst *)(p->additional_data))->parentudn, ((struct upnp_service_inst *)(p->additional_data))->servicetype);
+	snprintf(usn, sizeof(usn), "%s::%s", ((struct upnp_service_inst *)data)->parentudn, ((struct upnp_service_inst *)data)->servicetype);
 
 	_bbfdm_get_references(ctx, "Device.UPnP.Discovery.Service.", "USN", usn, value);
 	return 0;
@@ -645,32 +651,28 @@ static int get_UPnPDescriptionServiceInstance_ServiceDiscovery(char *refparam, s
 /*#Device.UPnP.Description.ServiceInstance.{i}.ServiceType!UBUS:upnpc/description//servicesinstances[i-1].serviceType*/
 static int get_UPnPDescriptionServiceInstance_ServiceType(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_service_inst *)(p->additional_data))->servicetype;
+	*value = ((struct upnp_service_inst *)data)->servicetype;
 	return 0;
 }
 
 /*#Device.UPnP.Description.ServiceInstance.{i}.SCPDURL!UBUS:upnpc/description//servicesinstances[i-1].SCPDURL*/
 static int get_UPnPDescriptionServiceInstance_SCPDURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_service_inst *)(p->additional_data))->scpdurl;
+	*value = ((struct upnp_service_inst *)data)->scpdurl;
 	return 0;
 }
 
 /*#Device.UPnP.Description.ServiceInstance.{i}.ControlURL!UBUS:upnpc/description//servicesinstances[i-1].controlURL*/
 static int get_UPnPDescriptionServiceInstance_ControlURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_service_inst *)(p->additional_data))->controlurl;
+	*value = ((struct upnp_service_inst *)data)->controlurl;
 	return 0;
 }
 
 /*#Device.UPnP.Description.ServiceInstance.{i}.EventSubURL!UBUS:upnpc/description//servicesinstances[i-1].eventSubURL*/
 static int get_UPnPDescriptionServiceInstance_EventSubURL(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
-	struct dm_data *p = (struct dm_data *)data;
-	*value = ((struct upnp_service_inst *)(p->additional_data))->eventsuburl;
+	*value = ((struct upnp_service_inst *)data)->eventsuburl;
 	return 0;
 }
 

sshmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sshmngr
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.2
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/sshmngr.git
-PKG_SOURCE_VERSION:=c56a09b2ffd7b944dff4ef7c9ae3a98c68e2427f
+PKG_SOURCE_VERSION:=790689b6ccc89ca90623b6b93b95ee4642cb789e
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

sulu/sulu-builder/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sulu-builder
-PKG_VERSION:=3.1.61
+PKG_VERSION:=3.1.60
 PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
-PKG_SOURCE_VERSION:=31fecc47a3d4100e00e8545ea861bb7362938e98
+PKG_SOURCE_VERSION:=51c0d46343b3b1122b4f1df73399526160f968dd
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_DIR:=$(BUILD_DIR)/sulu-$(PKG_VERSION)/sulu-builder-$(PKG_SOURCE_VERSION)

swmodd/Config.in

@@ -81,11 +81,3 @@ config SWMODD_NETWORKING
 	select PACKAGE_kmod-macvlan
 	help
 	  Enable "veth pair device" and "macvlan"
-
-config SWMODD_LEGACY_CGROUPS
-	bool "Enables CGroups V1 Support"
-	depends on PACKAGE_swmodd
-	default y
-	help
-	  If this option is selected, it selects swmod-cgroup package, which mounts
-	  GGroupV1 hierarchy on system start

swmodd/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=swmodd
-PKG_VERSION:=2.5.12
+PKG_VERSION:=2.5.7
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/lcm/swmodd.git
-PKG_SOURCE_VERSION:=088ac916a87b4faf1aaafadc6ee77ae56674fd1c
+PKG_SOURCE_VERSION:=4d228d6be9759d285b49a20e191c6ca23ab40a51
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -33,8 +33,7 @@ define Package/swmodd
   DEPENDS:=+libuci +libubox +ubus +libuuid +opkg +libcurl \
 	    +PACKAGE_lxc:lxc +PACKAGE_liblxc:liblxc +@BUSYBOX_CONFIG_BUSYBOX \
 	    +@BUSYBOX_CONFIG_FEATURE_SHOW_SCRIPT +@BUSYBOX_CONFIG_SCRIPT \
-	    +jq +libbbfdm-api +@CONFIG_KERNEL_CGROUPS \
-	    +SWMODD_LEGACY_CGROUPS:swmodd-cgroup
+	    +swmodd-cgroup +jq +libbbfdm-api
 endef
 
 define Package/swmodd/description
@@ -50,6 +49,7 @@ define Package/swmodd-cgroup
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:= Cgroup mount handler for Software modules daemon
+  DEPENDS:=+@CONFIG_KERNEL_CGROUPS
 endef
 
 TARGET_CFLAGS += \

swmodd/files/etc/config/swmodd

@@ -3,7 +3,3 @@ config globals 'globals'
         option debug '1'
         option log_level '3'
         option lan_bridge 'br-lan'
-        option root '/container'
-
-config execenv 'execenv_1'
-        option name 'oci'

swmodd/files/etc/init.d/crun

@@ -241,7 +241,7 @@ start_service() {
 
 	env=$(uci -q get swmodd.@execenv[0].name)
 	if [ -z "${root}" ] || [ -z "${bridge}" ]; then
-		log "# Base bundle root[$root] or bridge[$bridge] not defined"
+		log "Base bundle root[$root] or bridge[$bridge] not defined"
 		return 0;
 	fi
 

swmodd/files/etc/init.d/swmodd

@@ -90,15 +90,14 @@ start_service() {
 	# crun default runtime directory /run, if not present then create
 	[ ! -d "/run" ] && ln -fs /var/run /run
 
-	if [ -L "${root}" ]; then
-		if [ ! -d "${root}" ]; then
-			mkdir -p $(realpath ${root})
-		fi
-	fi
-
 	if [ ! -d "${root}" ]; then
-		log "# Not starting, Base root [${root}] not accessible/defined"
-		return 1
+		log "# root [${root}] not present, creating ..."
+		if [ -n "${root}" ]; then
+			mkdir -p "${root}"
+		else
+			log "# Not starting, root [${root}] not defined"
+			return 1
+		fi
 	fi
 
 	# Currently only one execenv supported

swmodd/files/etc/swmodd/run.sh

@@ -74,7 +74,7 @@ setup_container_network() {
 }
 
 run_container() {
-	local bundle name bridge network
+	local bundle name bridge
 
 	bundle="${1}"
 	name="${2}"
@@ -85,13 +85,7 @@ run_container() {
 		return 1
 	fi
 
-	# Only do the network setup if defined in config
-	network="$(cat ${BUNDLE}/${NAME}/config.json |jq '.linux.namespaces[] |select (.type == "network")')"
-	if [ -n "${network}" ] ; then
-		setup_container_network "${name}" "${bridge}"
-	else
-		log "Network not defined in config, using host network..."
-	fi
+	setup_container_network "${name}" "${bridge}"
 	
         script -q -c "crun run -b ${bundle}/${name} ${name}" /dev/null
 }
@@ -145,6 +139,7 @@ update_config_json() {
 	fi
 
 	# Update cabalities
+	log "## PERM [$PERM], Name [${NAME}] ##"
 	if [ -n "${PERM}" ]; then
 		log "Updating Permission in the json ..."
 		PERM="${PERM//,/ }"

swmodd/files/etc/uci-defaults/01-fix-bundle-path

@@ -10,31 +10,32 @@ configure_ee_path() {
 	config_get oci_bundle globals oci_bundle_root ""
 
 	mkdir -p /etc/lxc
-	if [ -n "${lxc_bundle}" ]; then
-		# if lxc_bundle_root define in swmodd, then remove it
-		name=$(echo ${lxc_bundle##/*/})
-		root=$(echo ${lxc_bundle%/$name})
-		echo "lxc.lxcpath = ${lxc_bundle}" > /etc/lxc/lxc.conf
-		uci_set swmodd globals lxc_bundle_root ""
-	fi
-
 	if [ -n "${oci_bundle}" ]; then
 		# if oci_bundle_root define in swmodd, then remove it
 		name=$(echo ${oci_bundle##/*/})
 		root=$(echo ${oci_bundle%/$name})
 		echo "lxc.lxcpath = ${oci_bundle}" > /etc/lxc/lxc.conf
-		uci_set swmodd globals oci_bundle_root ""
+	elif [ -n "${lxc_bundle}" ]; then
+		# if lxc_bundle_root define in swmodd, then remove it
+		name=$(echo ${lxc_bundle##/*/})
+		root=$(echo ${lxc_bundle%/$name})
+		echo "lxc.lxcpath = ${lxc_bundle}" > /etc/lxc/lxc.conf
+	elif [ -f /etc/lxc/lxc.conf ]; then
+		bundle_path=$(cat /etc/lxc/lxc.conf | grep "lxc.lxcpath" | cut -d "=" -f 2 | sed 's/[[:blank:]]//g')
+		name=$(echo ${bundle_path##/*/})
+		root=$(echo ${bundle_path%/$name})
+	else
+		name="lxc"
+		root="/srv"
+		echo "lxc.lxcpath = /srv/lxc" > /etc/lxc/lxc.conf
 	fi
 
+	uci_set swmodd globals oci_bundle_root ""
+	uci_set swmodd globals lxc_bundle_root ""
+
 	# configure root in globals section
-	if [ -n "${root}" ]; then
-		if ! uci_get swmodd globals root >/dev/null; then
-			uci_set swmodd globals root ${root}
-		fi
-	fi
-
-	if [ -z "${name}" ]; then
-		name="oci"
+	if ! uci_get swmodd globals root >/dev/null; then
+		uci_set swmodd globals root ${root}
 	fi
 
 	# configure execenv in swmodd

timemngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=timemngr
-PKG_VERSION:=1.0.20
+PKG_VERSION:=1.0.19
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/timemngr.git
-PKG_SOURCE_VERSION:=f0b026bb5fffbd1c9a18b6814251b4c724aabad6
+PKG_SOURCE_VERSION:=c9fb0a58c5a928dd397edc5d3f5c1ccf0485dccc
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

tr104/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=tr104
-PKG_VERSION:=1.0.31
+PKG_VERSION:=1.0.28
 
 LOCAL_DEV:=0
 ifeq ($(LOCAL_DEV),0)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/voice/tr104.git
-PKG_SOURCE_VERSION:=57a713d6dbb4a39b41f0f0fd4674e7bcd3562852
+PKG_SOURCE_VERSION:=8792d5bf496a4c25c31f4e84ec825b02bf097cc2
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

twamp/Makefile

@@ -6,13 +6,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=twamp
-PKG_VERSION:=1.4.5
+PKG_VERSION:=1.4.4
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/twamp-light.git
-PKG_SOURCE_VERSION:=678a980b9433e34c3ea24af003e6ee987f2bce75
+PKG_SOURCE_VERSION:=d31b2128e6ea4ab42538b88db91b2cc84091ef4d
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -52,13 +52,9 @@ define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/twampd $(1)/usr/sbin/
 	$(INSTALL_DATA) ./files/etc/config/twamp $(1)/etc/config/twamp
-ifneq ($(CONFIG_FIREWALLMNGR_BACKEND_FIREWALLMNGR),y)
 	$(INSTALL_BIN) ./files/etc/init.d/twampd $(1)/etc/init.d/twampd
 	$(INSTALL_BIN) ./files/etc/firewall.twamp $(1)/etc/firewall.twamp
 	$(INSTALL_BIN) ./files/etc/uci-defaults/92-twampfirewall $(1)/etc/uci-defaults/92-twampfirewall
-else
-	$(INSTALL_BIN) ./files/etc/twamp_backend_firewallmngr/init.d/twampd $(1)/etc/init.d/twampd
-endif
 	$(INSTALL_BIN) ./files/etc/uci-defaults/93-twamp_fix_reflector $(1)/etc/uci-defaults/93-twamp_fix_reflector
 	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libtwamp.so $(1)
 endef

twamp/files/etc/twamp_backend_firewallmngr/init.d/twampd

@@ -1,31 +0,0 @@
-#!/bin/sh /etc/rc.common
-# TWAMP Reflector software
-# Copyright (C) 2020-2022 IOPSYS Software Solutions AB
-# Author: Amin Ben Ramdhane <amin.benramdhane@pivasoftware.com>
-
-START=99
-STOP=10
-
-. /lib/fwmngr/fwmngr_twamp.sh
-USE_PROCD=1
-PROG="/usr/sbin/twampd"
-
-start_service() {
-	local enable=$(uci -q get twamp.twamp.enable)
-	if [ "$enable" = "1" ]; then
-		procd_open_instance
-		procd_set_param command "$PROG"
-		procd_set_param respawn "3" "7" "0"
-		procd_close_instance
-	fi
-	handle_twamp_rules
-}
-
-reload_service() {
-        stop
-        start
-}
-
-service_triggers() {
-	procd_add_reload_trigger twamp
-}

usbmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=usbmngr
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.1
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/system/usbmngr.git
-PKG_SOURCE_VERSION:=4f5f5dd701d40cdb134b98734db75446e5736a2e
+PKG_SOURCE_VERSION:=bace625f9bba99c2093982878dfe08cab2b920d4
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

userinterface/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=userinterface
-PKG_VERSION:=1.1.4
+PKG_VERSION:=1.1.3
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/userinterface.git
-PKG_SOURCE_VERSION:=98f016c93c162f0f4c4854398ff5936f040e5a77
+PKG_SOURCE_VERSION:=07dd97620309df416ff449c64fdd73dc4c5950c1
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

usermngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=usermngr
-PKG_VERSION:=1.2.17
+PKG_VERSION:=1.2.16
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/usermngr.git
-PKG_SOURCE_VERSION:=4ea2dfc2843b4cdf87e48deff512ee358c93298f
+PKG_SOURCE_VERSION:=8eeff3205a0e2705a9cede28ed215af64aa97e26
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

usp-js/Makefile

@@ -6,7 +6,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=usp-js
-PKG_VERSION:=1.2.6
+PKG_VERSION:=1.2.5
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/usp-js.git
@@ -23,7 +23,7 @@ define Package/usp-js
   SECTION:=libs
   CATEGORY:=Libraries
   TITLE:=A JS library for USP(TR369) protocol
-  DEPENDS:=+quickjs +quickjs-websocket +@OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
+  DEPENDS:=+quickjs +quickjs-websocket +@OBUSPA_ENABLE_TEST_CONTROLLER
   EXTRA_DEPENDS:=obuspa mosquitto-ssl
 endef
 
@@ -37,7 +37,9 @@ endef
 
 define Package/usp-js/install
 	$(INSTALL_DIR) $(1)/usr/lib/usp-js
+	$(INSTALL_DIR) $(1)/etc
 	$(CP) $(PKG_BUILD_DIR)/qjs/* $(1)/usr/lib/usp-js/
+	$(CP) ./files/etc/* $(1)/etc/
 endef
 
 $(eval $(call BuildPackage,usp-js))

usp-js/files/etc/init.d/uspjs

@@ -0,0 +1,68 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=01
+USE_PROCD=1
+
+log()
+{
+	echo "$*"|logger -t usp-js -p debug
+}
+
+get_oui_from_db()
+{
+	db -q get device.deviceinfo.ManufacturerOUI
+}
+
+get_serial_from_db()
+{
+	db -q get device.deviceinfo.SerialNumber
+}
+
+publish_endpoint()
+{
+	local AgentEndpointID serial oui user pass
+
+	if ! uci -q get obuspa.testmqtt; then
+		return 0;
+	fi
+
+	# return if mosquitto_pub is not present
+	if [ ! "$(command -v mosquitto_pub)" ]; then
+		log "mosquitto_pub not present can't publish EndpointID"
+		return 0;
+	fi
+
+	# Get endpoint id from obuspa config first
+	config_load obuspa
+	config_get AgentEndpointID localagent EndpointID ""
+	if [ -z "${AgentEndpointID}" ]; then
+		serial=$(get_serial_from_db)
+		oui=$(get_oui_from_db)
+		AgentEndpointID="os::${oui}-${serial//+/%2B}"
+	fi
+
+	config_get user testmqtt Username ""
+	config_get pass testmqtt Password ""
+
+	# publish Agent's EndpointID in mosquito broker for discovery by usp-js
+	# This is a work around till obuspa adds supports for mDNS discovery
+	if [ -n "${user}" ] && [ -n "${pass}" ]; then
+		log "Publishing EndpointID ${AgentEndpointID} to local mqtt broker with username, password"
+		mosquitto_pub -r -t "obuspa/EndpointID" -m "${AgentEndpointID}" -u "${user}" -P "${pass}"
+	elif [ -n "${user}" ]; then
+		log "Publishing EndpointID ${AgentEndpointID} to local mqtt broker with username only"
+		mosquitto_pub -r -t "obuspa/EndpointID" -m "${AgentEndpointID}" -u "${user}"
+	else
+		log "Publishing EndpointID ${AgentEndpointID} to local mqtt broker"
+		mosquitto_pub -r -t "obuspa/EndpointID" -m "${AgentEndpointID}"
+	fi
+}
+
+start_service() {
+	publish_endpoint
+}
+
+service_triggers() {
+	procd_add_reload_trigger "obuspa"
+}

wifidmd/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=wifidmd
-PKG_VERSION:=1.0.3
+PKG_VERSION:=1.0.2
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/wifidmd.git
-PKG_SOURCE_VERSION:=eb3a21f1baec749cfd2d53fd3e38fdab3a6d7a4c
+PKG_SOURCE_VERSION:=fb68ef09a6faea7b3bce1f29a8ab44d31b8ae5b5
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif