emctrl2: example easymesh controller dm package

- Optimize CPU usages
- Remove support to delete all instances at once

bbfdm/Config_bbfdm.in

@@ -1,3 +1,4 @@
+if PACKAGE_libbbfdm
 config BBF_VENDOR_LIST
 	string "Vendor List"
 	default "iopsys"
@@ -10,14 +11,7 @@ config BBF_OBFUSCATION_KEY
 	string "Obfuscation key"
 	default "371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04"
 
-config BBF_TR143
-	bool "Enable TR-143 Data Model Support"
-	default y
-
-config BBF_TR471
-	bool "Enable TR-471 Data Model Support"
-	default y
-
 config BBF_MAX_OBJECT_INSTANCES
 	int "Maximum number of instances per object"
 	default 255
+endif

bbfdm/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bbfdm
-PKG_VERSION:=1.8.14
+PKG_VERSION:=1.10.0
 
 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=681c49fae176845ae0421c66cdb342f608a740e0
+PKG_SOURCE_VERSION:=75195a112e3aef2b07e224afbbffcb15368be58f
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -37,8 +37,8 @@ define Package/libbbfdm
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=Library for broadband forum data model support
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api \
-	    +BBF_TR471:obudpst +libopenssl
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libopenssl
+  MENU:=1
 endef
 
 define Package/bbfdmd
@@ -46,19 +46,36 @@ define Package/bbfdmd
   CATEGORY:=Utilities
   SUBMENU:=TRx69
   TITLE:=Datamodel ubus backend
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm +jq +bbf_configmngr
+endef
+
+define Package/bbf_configmngr
+  SECTION:=utils
+  CATEGORY:=Utilities
+  SUBMENU:=TRx69
+  TITLE:= BBF Config Manager
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json
+  MENU:=1
 endef
 
 define Package/libbbfdm/config
 	source "$(SOURCE)/Config_bbfdm.in"
 endef
 
+define Package/bbf_configmngr/config
+	source "$(SOURCE)/bbf_configmngr.in"
+endef
+
 define Package/libbbfdm-api/description
  Library contains the API(UCI, UBUS, JSON, CLI and Browse) of libbbfdm
 endef
 
 define Package/libbbfdm/description
- Library contains the data model tree. It includes TR181, TR143 data models
+ Library contains the data model tree, It includes basic TR181 nodes.
+endef
+
+define Package/bbf_configmngr/description
+ Daemon for handling bbf reload services via ubus bbf.config
 endef
 
 ifeq ($(USE_LOCAL),1)
@@ -69,17 +86,6 @@ endif
 
 CMAKE_OPTIONS += \
 	-DBBF_TR181=ON
-	-DBBF_WIFI_DATAELEMENTS=ON
-
-ifeq ($(CONFIG_BBF_TR143),y)
-CMAKE_OPTIONS += \
-	-DBBF_TR143=ON
-endif
-
-ifeq ($(CONFIG_BBF_TR471),y)
-CMAKE_OPTIONS += \
-	-DBBF_TR471=ON
-endif
 
 CMAKE_OPTIONS += \
 	-DBBF_VENDOR_LIST:String="$(CONFIG_BBF_VENDOR_LIST)" \
@@ -94,39 +100,37 @@ endif
 define Package/libbbfdm-api/install
 	$(INSTALL_DIR) $(1)/lib
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/lib/
+
 	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.config $(1)/usr/libexec/rpcd/bbf.config
-	$(INSTALL_DIR) $(1)/etc/bbfdm
-	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
+
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_api $(1)/usr/share/bbfdm/scripts/
+
 	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
+	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
 endef
 
 define Package/libbbfdm/install
-	$(INSTALL_DIR) $(1)/lib
-	$(INSTALL_DIR) $(1)/etc/bbfdm
 	$(INSTALL_DIR) $(1)/etc/bbfdm/dmmap
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+
 	$(INSTALL_DIR) $(1)/usr/share/bbfdm/
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/usr/share/bbfdm/libbbfdm.so
+
+	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
-	$(INSTALL_BIN) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/95-portmap-firewall
-	$(INSTALL_BIN) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/97-firewall-service
-	$(INSTALL_BIN) ./files/etc/uci-defaults/99-link-core-plugins $(1)/etc/uci-defaults/99-link-core-plugins
-	$(INSTALL_BIN) ./files/etc/uci-defaults/90-remove-nonexisting-microservices $(1)/etc/uci-defaults/
+
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/firewall.portmap $(1)/etc/firewall.portmap
-	$(INSTALL_BIN) ./files/etc/firewall.service $(1)/etc/firewall.service
+
 ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
 	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/iopsys/libbbfdm_iopsys_ext.so $(1)
 endif
-ifeq ($(CONFIG_BBF_TR143),y)
+
 	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm/scripts/
-	$(LN) /usr/share/bbfdm/scripts/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
-endif
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_activate_handler.sh $(1)/usr/share/bbfdm/scripts/
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_check_idle.sh $(1)/usr/share/bbfdm/scripts/
 endef
 
 define Package/libbbfdm/prerm
@@ -149,6 +153,19 @@ define Package/bbfdmd/install
 	$(INSTALL_BIN) ./files/etc/hotplug.d/iface/85-bbfdm-sysctl $(1)/etc/hotplug.d/iface/85-bbfdm-sysctl
 endef
 
+define Package/bbf_configmngr/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+ifeq ($(CONFIG_BBF_CONFIGMNGR_C_BACKEND),y)
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/bbf_configd $(1)/usr/sbin/
+	$(INSTALL_BIN) ./files/etc/init.d/bbf_configd $(1)/etc/init.d/bbf_configd
+endif
+ifeq ($(CONFIG_BBF_CONFIGMNGR_SCRIPT_BACKEND),y)
+	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
+	$(CP) $(PKG_BUILD_DIR)/utilities/files/usr/libexec/rpcd/bbf.config $(1)/usr/libexec/rpcd/bbf.config
+endif
+endef
+
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
@@ -157,6 +174,7 @@ define Build/InstallDev
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/*.h $(1)/usr/include/
 endef
 
+$(eval $(call BuildPackage,bbf_configmngr))
 $(eval $(call BuildPackage,libbbfdm-api))
 $(eval $(call BuildPackage,libbbfdm))
 $(eval $(call BuildPackage,bbfdmd))

bbfdm/README.md

@@ -8,8 +8,6 @@ bbfdm provides few compile time configuration options and compile time help util
 | -----------------------  | ------------- | ----------- |
 | CONFIG_BBF_VENDOR_LIST   | List of vendor extension directories | iopsys        |
 | CONFIG_BBF_VENDOR_PREFIX | Prefix for Vendor extension datamodel objects/parameters | X_IOPSYS_EU_  |
-| CONFIG_BBF_TR143         | Enable/Add TR-143 Data Model Support | y             |
-| CONFIG_BBF_TR471         | Enable/Add TR-471 Data Model Support | y             |
 | CONFIG_BBF_MAX_OBJECT_INSTANCES | Maximum number of instances per object | 255    |
 | BBF_OBFUSCATION_KEY      | Hash used to encode/decode in `bbf.secure` object | 371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04 |
 

bbfdm/bbf_configmngr.in

@@ -0,0 +1,19 @@
+if PACKAGE_bbf_configmngr
+choice
+	prompt "Select backend daemon for bbf.config"
+	default BBF_CONFIGMNGR_C_BACKEND
+	help
+		Select which backend daemon should be used for ubus bbf.config
+
+config BBF_CONFIGMNGR_SCRIPT_BACKEND
+	bool "Use shell script backend"
+	help
+		Enable this option to use shell script as the backend for bbf.config. This can be useful for quick and easy scripting of configuration tasks.
+
+config BBF_CONFIGMNGR_C_BACKEND
+	bool "Use C code backend"
+	help
+		Enable this option to use a C code implementation as the backend for bbf.config. This option is generally preferred for performance-critical tasks and scenarios requiring more robust and efficient handling.
+
+endchoice
+endif

bbfdm/bbfdm.mk

@@ -47,6 +47,7 @@ BBFDM_INSTALL_CORE_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -p
 # Note:
 # - There could be only one main plugin file, so its bind to PKG_NAME
 # - Micro-service input.json will be auto generated with this call
+# - Use -u (optional argument) to overwrite ubus object name
 #
 # Example:
 #  BBFDM_INSTALL_MS_DM $(PKG_BUILD_DIR)/libcwmp.so $(1) $(PKG_NAME)
@@ -69,6 +70,23 @@ BBFDM_INSTALL_MS_DM:=$(BBFDM_DIR)/tools/bbfdm.sh -m
 #
 BBFDM_INSTALL_MS_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -m -p
 
+# Utility to install the helper scripts in default bbfdm script path
+#
+# Use Case:
+# User want to install some script for running diagnostics
+#
+# ARGS:
+#  $1 => Script with complete path
+#  $2 => package install directory
+#
+# Note:
+# - Use with -d option to install script in bbf.diag directory
+#
+# Example:
+#  BBFDM_INSTALL_SCRIPT $(PKG_BUILD_DIR)/download $(1)
+#  BBFDM_INSTALL_SCRIPT -d $(PKG_BUILD_DIR)/ipping $(1)
+#
+BBFDM_INSTALL_SCRIPT:=$(BBFDM_DIR)/tools/bbfdm.sh -s
 
 # Deprecated functions errors
 define BbfdmInstallPluginInMicroservice

bbfdm/files/etc/init.d/bbf_configd

@@ -0,0 +1,15 @@
+#!/bin/sh /etc/rc.common
+
+START=64
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/sbin/bbf_configd
+
+start_service()
+{
+	procd_open_instance "bbf_configd"
+	procd_set_param command ${PROG}
+	procd_set_param respawn
+	procd_close_instance "bbf_configd"
+}

bbfdm/files/etc/init.d/bbfdm.services

@@ -35,7 +35,7 @@ _add_microservice()
 	name="$(basename ${path})"
 	name="${name//.json}"
 
-	enable="$(jq '.daemon.enable//1' ${path})"
+	enable="$(jq -r '.daemon.enable//1' ${path})"
 	if [ "${enable}" -eq "0" ]; then
 		log "datamodel micro-service ${name} not enabled"
 		return 0

bbfdm/files/etc/uci-defaults/90-remove-nonexisting-microservices

@@ -1,18 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-
-remove_nonexisting_microservice() {
-	local input_json
-
-	config_get input_json "$1" input_json ""
-
-	if [ -z "${input_json}" ]; then
-		uci_remove bbfdm "${1}"
-	fi
-}
-
-config_load bbfdm
-config_foreach remove_nonexisting_microservice "micro_service"
-
-exit 0
-

bbfdm/files/etc/uci-defaults/99-link-core-plugins

@@ -1,34 +0,0 @@
-#!/bin/sh
-
-UNIFIED_PATH="/usr/share/bbfdm/plugins/"
-
-log() {
-	echo "$@" | logger -t bbfdm.uci-default -p info
-}
-
-# Link JSON plugins
-for f in `ls -1 /etc/bbfdm/json/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link DotSo plugins
-for f in `ls -1 /usr/lib/bbfdm/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link JSON plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link DotSo plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-exit 0
-

bbfdm/tools/bbfdm.sh

@@ -2,15 +2,18 @@
 
 BBFDM_BASE_DM_PATH="usr/share/bbfdm"
 BBFDM_INPUT_PATH="etc/bbfdm/micro_services"
-INPUT_TEMPLATE='{"daemon":{"service_name":"template","config":{"loglevel":"1"}}}'
+INPUT_TEMPLATE='{"daemon":{"enable":"1","service_name":"template","config":{"loglevel":"1"}}}'
+OUT_NAME=""
 
 MICRO_SERVICE=0
+SCRIPT=0
+DIAG=0
 PLUGIN=0
 DEST=""
 TOOLS="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
 SRC=""
 
-while getopts ":mp" opt; do
+while getopts ":mpsdu:" opt; do
 	case ${opt} in
 	  m)
 	  	MICRO_SERVICE=1
@@ -18,6 +21,15 @@ while getopts ":mp" opt; do
 	  p)
 	  	PLUGIN=1
 		;;
+	  s)
+	  	SCRIPT=1
+		;;
+	  d)
+	  	DIAG=1
+		;;
+	  u)
+	  	OUT_NAME="${OPTARG}"
+		;;
 	  ?)
 	  	echo "Invalid option: ${OPTARG}"
 		exit 1
@@ -99,7 +111,12 @@ bbfdm_generate_input()
 	ser=${2}
 	dest=${dest_dir}/${ser}.json
 
-	echo ${INPUT_TEMPLATE} | jq --arg service "$ser" '.daemon.service_name = $service' > ${dest}
+	if [ -n "${OUT_NAME}" ]; then
+		echo ${INPUT_TEMPLATE} | jq --arg service "${ser}" --arg OUT "${OUT_NAME}" '.daemon |= (.service_name = $service |.output.name = $OUT)' > ${dest}
+	else
+		echo ${INPUT_TEMPLATE} | jq --arg service "${ser}" '.daemon.service_name = $service' > ${dest}
+	fi
+
 	chmod 466 ${dest}
 }
 
@@ -108,6 +125,17 @@ if [ -z "$SRC" ] || [ -z "${DEST}" ] ; then
 	exit 1
 fi
 
+if [ "${SCRIPT}" -eq "1" ]; then
+	if [ "${DIAG}" -eq "1" ]; then
+		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/bbf_diag
+		install_bin ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/bbf_diag/
+	else
+		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/scripts
+		install_bin ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/scripts/
+	fi
+	exit 0
+fi
+
 if [ "${MICRO_SERVICE}" -eq "1" ]; then
 	if [ -z "${DATA}" ]; then
 		echo "# service_name[${DATA}] not provided"

bridgemngr/Config.in

@@ -0,0 +1,11 @@
+if PACKAGE_bridgemngr
+
+menu "Configuration"
+
+config BRIDGEMNGR_BRIDGE_VLAN
+	bool "Use bridge-vlan backend"
+	help
+	   Set this option to use bridge-vlan as backend for VLAN objects.
+
+endmenu
+endif

bridgemngr/Makefile

@@ -0,0 +1,61 @@
+#
+# Copyright (C) 2020-2024 iopsys
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=bridgemngr
+PKG_VERSION:=1.0.5
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr
+PKG_SOURCE_VERSION:=c0f2e17f6d4f96aecfe72ab90be885939413176d
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+define Package/bridgemngr
+ CATEGORY:=Utilities
+ TITLE:=Bridge Manager
+ DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api
+endef
+
+define Package/bridgemngr/description
+	Package to add Device.Bridging. data model support.
+endef
+
+define Package/$(PKG_NAME)/config
+	source "$(SOURCE)/Config.in"
+endef
+
+MAKE_PATH:=src
+
+TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
+
+ifeq ($(CONFIG_BRIDGEMNGR_BRIDGE_VLAN),y)
+	TARGET_CFLAGS += -DBRIDGE_VLAN_BACKEND
+endif
+
+define Package/bridgemngr/install
+	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libbridgemngr.so $(1) $(PKG_NAME)
+ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
+	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/src/libbridgeext.so $(1) $(PKG_NAME)
+endif
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) ~/git/bridgemngr/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+$(eval $(call BuildPackage,bridgemngr))

bulkdata/Makefile

@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.10
+PKG_VERSION:=2.1.11
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=e472e90feec31d9f318ea8c732ab564002e25db1
+PKG_SOURCE_VERSION:=5dd9cd3cfc95e9dce5f64fe9cadd274bb31b8fa6
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

bulkdata/files/etc/init.d/bulkdatad

@@ -12,12 +12,21 @@ start_service() {
 	config_load bulkdata
 	config_get_bool enable bulkdata enable 1
 
-	[ "$enable" -eq "1" ] && {
+	if [ ! -f "/var/state/bulkdatad" ]; then
+		touch /var/state/bulkdatad
+		uci -q -c /var/state set bulkdatad.global='global'
+		uci -q -c /var/state commit bulkdatad
+	fi
+
+	if [ "$enable" -eq "1" ]; then
 		procd_open_instance "bulkdata"
 		procd_set_param command "$PROG"
 		procd_set_param respawn
 		procd_close_instance "bulkdata"
-	}
+	else
+		uci -q -c /var/state set bulkdatad.global.status='Disabled'
+		uci -q -c /var/state commit bulkdatad
+	fi
 }
 
 reload_service() {

csmngr/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=csmngr
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.0.2
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=92c62f8df86066bd1718a6a6036195b113e74032
+PKG_SOURCE_VERSION:=5e50fe388fff29b08d895c1c580152cccfa290ad
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/csmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

ddnsmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ddnsmngr
-PKG_VERSION:=1.0.4
+PKG_VERSION:=1.0.7
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
-PKG_SOURCE_VERSION:=d0d37df44644ef2c1a0b11d3a4f92dc694ae1010
+PKG_SOURCE_VERSION:=4b0c679c4dc3e3725de5c0c55ed60f24b87c6edd
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

decollector/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=decollector
-PKG_VERSION:=6.0.0.1
+PKG_VERSION:=6.0.0.13
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=aaf79b36c05d7ac7a7d704db03a9c97905452025
+PKG_SOURCE_VERSION:=d75639d9ae82538103123b32fc0de9280e84cabb
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip

dectmngr/Makefile

@@ -2,13 +2,13 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dectmngr
 PKG_RELEASE:=3
-PKG_VERSION:=3.6.6
+PKG_VERSION:=3.6.7
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/dectmngr.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=85c173d1fac535726b2e750be8c282b74fb7dbca
+PKG_SOURCE_VERSION:=98999eb75755f79a3c8a7e802e024b42914d1efc
 PKG_MIRROR_HASH:=skip
 endif
 

dhcpmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dhcpmngr
-PKG_VERSION:=1.0.0
+PKG_VERSION:=1.0.2
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dhcpmngr.git
-PKG_SOURCE_VERSION:=cf8ef8ce1db100e5a34957ed1b09e28d417bf6d1
+PKG_SOURCE_VERSION:=4c89a3f12686343e3cca23819255744ac06dfb22
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

dnsmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dnsmngr
-PKG_VERSION:=1.0.4
+PKG_VERSION:=1.0.7
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dnsmngr.git
-PKG_SOURCE_VERSION:=60e2f64f5584a3b47f1a4cd7fae0edb478607bd6
+PKG_SOURCE_VERSION:=f6223f6034a57753ae9d1552ab1334194b1deaff
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -43,6 +43,7 @@ endif
 
 define Package/dnsmngr/install
 	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdnsmngr.so $(1) $(PKG_NAME)
+	$(BBFDM_INSTALL_SCRIPT) -d $(PKG_BUILD_DIR)/scripts/nslookup $(1)
 endef
 
 $(eval $(call BuildPackage,dnsmngr))

dslmngr/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=dslmngr
-PKG_VERSION:=1.2.4
+PKG_VERSION:=1.2.6
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
-PKG_SOURCE_VERSION:=d71bef278b8222dee1c278723f8264aa8faf5e40
+PKG_SOURCE_VERSION:=2b1ecbd2079dbd88ed6d58b277b91dcf5038d869
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip

easy-qos/Makefile

@@ -1,47 +0,0 @@
-#
-# Copyright (C) 2019 iopsys Software Solutions AB
-#
-# This is free software, licensed under the GNU General Public License v2.
-# 
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=easy-qos
-PKG_VERSION:=1.1
-PKG_RELEASE:=0
-
-PKG_LICENSE:=GPLv2
-PKG_LICENSE_FILES:=none
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/easy-qos
-  SECTION:=net
-  CATEGORY:=Network
-  TITLE:=Easy QoS
-  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha)
-endef
-
-define Package/easy-qos/description
-	This package contains Easy QoS utility
-endef
-
-define Build/Prepare
-	mkdir -p $(PKG_BUILD_DIR)
-	$(CP) ./files/* $(PKG_BUILD_DIR)/
-endef
-
-define Build/Compile
-endef
-
-define Package/easy-qos/install
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(CP) ./files/etc/config/easy_qos $(1)/etc/config/
-	$(CP) ./files/etc/init.d/easy_qos.iptables $(1)/etc/init.d/easy_qos
-	$(CP) ./files/etc/uci-defaults/* $(1)/etc/uci-defaults/
-	$(CP) ./files/etc/firewall.easyqos $(1)/etc/firewall.easyqos
-endef
-
-$(eval $(call BuildPackage,easy-qos))

easy-qos/files/etc/firewall.easyqos

@@ -1 +0,0 @@
-/etc/init.d/easy_qos reload

easy-qos/files/etc/init.d/easy_qos.ebtables

@@ -1,140 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=99
-USE_PROCD=1
-
-log() {
-	echo "${@}"|logger -t easy_qos.ebtable -p debug
-}
-
-exec_log() {
-	${@}
-	if [ "${?}" -ne 0 ]; then
-		log "Failed to create ${@}";
-	fi
-}
-
-get_priority() {
-	local prio=$(echo $1|tr 'A-Z' 'a-z');
-	case "${prio}" in
-		"lowest")
-			echo 0;;
-		"low")
-			echo 1;;
-		"besteffort")
-			echo 2;;
-		"normal")
-			echo 3;;
-		"video")
-			echo 4;;
-		"medium")
-			echo 5;;
-		"high")
-			echo 6;;
-		"highest")
-			echo 7;;
-	esac
-}
-
-validate_rule_section()
-{
-	uci_validate_section easy_qos rule "${1}" \
-		'priority:string' \
-		'macaddr:string' \
-		'proto:string:none' \
-		'port:list(uinteger)' \
-		'comment:string:none'
-}
-
-# Clear existing rules before applying new rules
-clear_existing_rules() {
-	local rule=$(ebtables --concurrent -t broute -L BROUTING|grep -m 1 mark)
-	while [ -n "${rule}" ]; do
-		exec_log ebtables --concurrent -t broute -D BROUTING ${rule}
-		rule=$(ebtables --concurrent -t broute -L BROUTING|grep -m 1 mark)
-	done
-}
-
-create_rule() {
-	local protocol=$1; shift
-	local mac=$1; shift
-	local mark="0x$1"; shift
-	local forward_port=$1;
-	local cmd="";
-	local protocol_number
-
-	cmd="-j mark --mark-or ${mark}";
-	if [ -n "${forward_port}" ]; then
-		cmd="--ip-destination-port ${forward_port} ${cmd}";
-	fi
-	
-	case "${protocol}" in
-		"tcp")
-			protocol_number=6;;
-		"udp")
-			protocol_number=17;;
-		"dccp")
-			protocol_number=33;;
-		"sctp")
-			protocol_number=132;;
-		*)
-			log "Protocol ${protocol} not supported in ebtables"
-			return;;
-	esac
-			
-	cmd="--ip-proto ${protocol_number} $cmd"
-	cmd="-p ip $cmd"
-
-	cmd="-s ${mac} $cmd"
-	exec_log ebtables --concurrent -t broute -A BROUTING ${cmd}
-}
-
-manage_rule() {
-	local cfg="$1"
-	local priority macaddr proto port comment prio_num protocol
-
-	validate_rule_section "${1}" || {
-		log "Validation of section failed"
-		return 1;
-	}
-
-	protocol=$(echo ${proto}|tr 'A-Z' 'a-z')
-	prio_num=$(get_priority ${priority})
-	if [ -n "${macaddr}" -a -n "${prio_num}" ]; then
-		for p in ${port}; do
-			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
-				create_rule tcp ${macaddr} ${prio_num} ${p}
-				create_rule udp ${macaddr} ${prio_num} ${p}
-			else
-				create_rule ${protocol} ${macaddr} ${prio_num} ${p}
-			fi
-		done
-		# Create rule for all ports if port is not mentioned in uci
-		if [ -z "${port}" ]; then
-			if [ "${protocol}" == "none" -o "${protocol}" == "tcpudp" ]; then
-				create_rule tcp ${macaddr} ${prio_num}
-				create_rule udp ${macaddr} ${prio_num}
-			else
-				create_rule ${protocol} ${macaddr} ${prio_num}
-			fi
-		fi
-	fi
-}
-
-reload_service() {
-	# Do not apply rules if ebtables is not present in system
-	[ -x /usr/sbin/ebtables ] || return;
-
-	clear_existing_rules
-	config_load easy_qos
-	config_foreach manage_rule rule
-}
-
-start_service() {
-	reload_service
-}
-
-service_triggers() {
-	procd_add_reload_trigger "easy_qos"
-}
-

easy-qos/files/etc/init.d/easy_qos.iptables

@@ -1,186 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-. /usr/share/libubox/jshn.sh
-
-START=99
-USE_PROCD=1
-
-CLIENT_LIST="/tmp/easy_qos_client.list"
-
-log() {
-	echo "${@}"|logger -t easy_qos -p debug
-}
-
-exec_log() {
-	${@}
-	if [ "${?}" -ne 0 ]; then
-		log "Failed to create ${@}";
-	fi
-}
-
-get_priority() {
-	local prio=$(echo $1|tr 'A-Z' 'a-z');
-	case "${prio}" in
-		"lowest")
-			echo 0;;
-		"low")
-			echo 1;;
-		"besteffort")
-			echo 2;;
-		"normal")
-			echo 3;;
-		"video")
-			echo 4;;
-		"medium")
-			echo 5;;
-		"high")
-			echo 6;;
-		"highest")
-			echo 7;;
-	esac
-}
-
-clean_client_entries() {
-	[ -f ${CLIENT_LIST} ] && rm ${CLIENT_LIST}
-}
-
-map_client_entries() {
-	local clients ip mac host
-
-	json_load "$(ubus call router.network 'clients')"
-	json_get_keys keys
-
-	for key in ${keys};
-	do
-		json_select ${key}
-		json_get_vars ipaddr macaddr hostname
-		clients="${macaddr} ${ipaddr} ${hostname};${clients}"
-		json_select ..
-	done
-
-	json_init
-
-#	json_add_array "clients"
-	IFS=";"
-	for client in ${clients};
-	do
-		macaddr=$(echo ${client} | cut -d" " -f1)
-		json_add_object "${macaddr//:/_}"
-		json_add_string "ip" "$(echo ${client} | cut -d" " -f2)"
-		json_add_string "macaddr" "$(echo ${client} | cut -d" " -f1)"
-		json_add_string "host" "$(echo ${client} | cut -d" " -f3)"
-		json_close_object
-	done
-
-	IFS=' '
-	echo `json_dump` > ${CLIENT_LIST}
-	json_cleanup
-}
-
-# Find the IP of a corresponding mac from arp table
-get_ipaddress() {
-	local clients ip mac host
-
-	json_load "$(cat ${CLIENT_LIST})"
-	json_get_keys keys
-
-	# jshn seems a bit iffy on having : in key, replace by _
-	json_select "${1//:/_}" 2 > /dev/null
-	json_get_var ip ip
-
-	echo "$ip"
-}
-
-validate_rule_section()
-{
-	uci_validate_section easy_qos rule "${1}" \
-		'priority:string' \
-		'macaddr:string' \
-		'proto:string:none' \
-		'port:list(uinteger)' \
-		'comment:string:none'
-}
-
-# Clear existing rules before applying new rules
-clear_existing_rules() {
-	local rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
-	while [ -n "${rule}" ]; do
-		exec_log iptables -t mangle ${rule}
-		rule=$(iptables -t mangle -S PREROUTING | grep -m 1 MARK |sed 's/-A/-D/1')
-	done
-}
-
-check_and_create() {
-	iptables -t mangle -C PREROUTING ${@} 2>/dev/null
-	# Create rule if not exists
-	if [ ${?} -ne 0 ]; then
-		exec_log iptables -t mangle -A PREROUTING ${@}
-	else
-		log "Rule exists for ${@}"
-	fi
-}
-
-create_rule() {
-	local proto=$1; shift
-	local src_ip=$1; shift
-	local mark="0x$1/0x$1"; shift
-	local ports=$1;
-	local cmd="";
-
-	cmd="-j MARK --set-xmark ${mark}";
-	if [ -n "${ports}" ]; then
-		cmd="--match multiport --dports ${ports} ${cmd}";
-	fi
-
-	if [ "${proto}" == "icmp" ]; then
-		cmd="-p icmp -m icmp --icmp-type 8 $cmd"
-	elif [ "${proto}" == "all" ]; then
-		cmd="-p all $cmd"
-	else
-		cmd="-p ${proto} -m ${proto} $cmd"
-	fi
-	cmd="-s ${src_ip} $cmd"
-
-	check_and_create ${cmd} 
-}
-
-manage_rule() {
-	local cfg="$1"
-	local priority macaddr proto port comment prio_num ip port_list
-
-	validate_rule_section "${1}" || {
-		log "Validation of section failed"
-		return 1;
-	}
-
-	prio_num=$(get_priority ${priority})
-	ip=$(get_ipaddress ${macaddr})
-	port_list=$(echo ${port}|sed 's/ /,/g')
-
-	if [ -n "${ip}" -a -n "${prio_num}" ]; then
-		if [ "${proto}" == "none" -o "${proto}" == "tcpudp" ]; then
-			create_rule tcp ${ip} ${prio_num} ${port_list}
-			create_rule udp ${ip} ${prio_num} ${port_list}
-		else
-			create_rule ${proto} ${ip} ${prio_num} ${port_list}
-		fi
-	fi
-}
-
-reload_service() {
-	clear_existing_rules
-	map_client_entries
-	config_load easy_qos
-	config_foreach manage_rule rule
-	clean_client_entries
-}
-
-start_service() {
-	reload_service
-	echo "Easy QoS installed">/dev/console;
-}
-
-service_triggers() {
-	procd_add_reload_trigger "easy_qos"
-}
-

easy-qos/files/etc/uci-defaults/60-easyqos-reqs

@@ -1,8 +0,0 @@
-# Add firewall include
-uci -q batch <<-EOT
-        delete firewall.easyqos
-        set firewall.easyqos=include
-        set firewall.easyqos.path=/etc/firewall.easyqos
-        set firewall.easyqos.reload=1
-        commit firewall
-EOT

ebtables-extensions/Makefile

@@ -0,0 +1,80 @@
+#
+# Copyright (C) 2024 IOPSYS Software Solutions AB
+#
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=ebtables-extensions
+PKG_VERSION:=1.0.4
+PKG_LICENSE:=GPL-2.0
+
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=35fb79f95c47d90e3791c7e126048b451f078f24
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ebtables-extensions.git
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+include $(INCLUDE_DIR)/package.mk
+
+define KernelPackage/vlantranslation
+  SUBMENU:=Other modules
+  TITLE:=Kernel module for ebtables VLAN translation
+  FILES:=$(PKG_BUILD_DIR)/src/ebt_vlantranslation.ko
+  DEPENDS+=+kmod-ebtables
+  AUTOLOAD:=$(call AutoLoad,30,ebt_vlantranslation,1)
+  KCONFIG:=
+endef
+
+define KernelPackage/dscp2pbit
+  SUBMENU:=Other modules
+  TITLE:=Kernel module for DSCP-to-Pbit mapping
+  DEPENDS+=+kmod-ebtables
+  FILES:=$(PKG_BUILD_DIR)/src/ebt_dscp2pbit.ko
+  AUTOLOAD:=$(call AutoLoad,30,ebt_dscp2pbit,1)
+  KCONFIG:=
+endef
+
+define KernelPackage/vlantranslation/description
+	Kernel module to enable VLAN translation for ebtables
+endef
+
+define KernelPackage/dscp2pbit/description
+	Kernel module to enableDSCP-to-Pbit mapping for ebtables
+endef
+
+ifeq ($(CONFIG_TARGET_brcmbca),y)
+	include ../../broadcom/bcmkernel/bcm-kernel-toolchain.mk
+endif
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) -rf ./src/* $(PKG_BUILD_DIR)/
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
+endef
+else
+define Build/Prepare
+	$(Build/Prepare/Default)
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(LINUX_DIR)/include/uapi/linux/netfilter_bridge/
+endef
+endif
+
+define Build/InstallDev
+	$(INSTALL_DIR) $(1)/include/uapi/linux/netfilter_bridge/
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_vlantranslation.h $(1)/include/uapi/linux/netfilter_bridge/
+	$(CP) $(PKG_BUILD_DIR)/src/ebt_dscp2pbit.h $(1)/include/uapi/linux/netfilter_bridge/
+endef
+
+KERNEL_MAKE_FLAGS += -I$(LINUX_DIR)/include
+
+define Build/Compile
+	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/src" modules
+endef
+
+$(eval $(call KernelPackage,vlantranslation))
+$(eval $(call KernelPackage,dscp2pbit))

emctrl2/Makefile

@@ -0,0 +1,29 @@
+#
+# Copyright (C) 2020-2024 iopsys
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=emctrl2
+PKG_VERSION:=1.0.0
+
+PKG_LICENSE:=BSD-3-Clause
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+define Package/emctrl2
+ CATEGORY:=Utilities
+ TITLE:= EasyMesh Controller V2
+ DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api
+endef
+
+define Package/emctrl2/description
+	Em Controller to provide extended WiFi DataElement features
+endef
+
+define Package/emctrl2/install
+	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/libemctrl2.so $(1) wifidmd
+endef
+
+$(eval $(call BuildPackage,emctrl2))

emctrl2/src/Makefile

@@ -0,0 +1,21 @@
+LIBOUT := libemctrl2.so
+
+LIBOBJS := datamodel_override.o
+
+PROG_CFLAGS = $(CFLAGS) -Wno-unused-parameter -fstrict-aliasing -g
+LIB_LDFLAGS = $(LDFLAGS)
+
+FPIC := -fPIC
+
+.PHONY: all
+
+%.o: %.c
+	$(CC) $(PROG_CFLAGS) $(FPIC) -c -o $@ $<
+
+all: $(LIBOUT)
+
+$(LIBOUT): $(LIBOBJS)
+	$(CC) $(PROG_CFLAGS) $(LIB_LDFLAGS) -shared -o $@ $^
+
+clean:
+	rm -f *.o $(LIBOUT)

emctrl2/src/datamodel_override.c

@@ -0,0 +1,546 @@
+/*
+ * Copyright (C) 2023 iopsys Software Solutions AB
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 2.1
+ * as published by the Free Software Foundation
+ *
+ *	Author: <Name> <Surname> <name.surname@iopsys.eu>
+ */
+
+#include <libbbfdm-api/dmcommon.h>
+
+
+/*************************************************************
+* ENTRY METHOD
+**************************************************************/
+static int browseWiFiDataElementsNetworkSSIDInst(struct dmctx *dmctx, DMNODE *parent_node, void *prev_data, char *prev_instance)
+{
+	//TODO
+	struct dm_data *curr_data = NULL;
+	char *inst = NULL, *mld_id = NULL;
+
+	// loop to create multiple multi-instance objects
+	for(int i=0; i<=1; i++) {
+		char inst[3] = {0};
+
+		// inst is instance number for the object
+		snprintf(inst, sizeof(inst), "%d", i+1);
+		// This API creates instance, curr_data is to pass some instance specific information to child object, children can access this info from *prev_data
+		if (DM_LINK_INST_OBJ(dmctx, parent_node, (void *)curr_data, inst) == DM_STOP)
+			break;
+	}
+	return 0;
+}
+
+static int browseWiFiDataElementsNetworkDeviceDefault8021QInst(struct dmctx *dmctx, DMNODE *parent_node, void *prev_data, char *prev_instance)
+{
+	//TODO
+	BBF_ERR("Debug print");
+	// Instances can be created statically as well
+	DM_LINK_INST_OBJ(dmctx, parent_node, prev_data, "1");
+	return 0;
+}
+
+static int browseWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistoryInst(struct dmctx *dmctx, DMNODE *parent_node, void *prev_data, char *prev_instance)
+{
+	//TODO
+	BBF_ERR("Debug print");
+	return 0;
+}
+
+/*************************************************************
+* ADD & DEL OBJ
+**************************************************************/
+static int addObjWiFiDataElementsNetworkDeviceDefault8021Q(char *refparam, struct dmctx *ctx, void *data, char **instance)
+{
+	//TODO
+	return 0;
+}
+
+static int delObjWiFiDataElementsNetworkDeviceDefault8021Q(char *refparam, struct dmctx *ctx, void *data, char *instance, unsigned char del_action)
+{
+	//TODO
+	return 0;
+}
+
+/*************************************************************
+* GET & SET PARAM
+**************************************************************/
+static int get_WiFiDataElementsNetwork_SSIDNumberOfEntries(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	int cnt = get_number_of_entries(ctx, data, instance, browseWiFiDataElementsNetworkSSIDInst);
+	dmasprintf(value, "%d", cnt);
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_SSID(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_Band(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_Enable(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_AKMsAllowed(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_SuiteSelector(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_AdvertisementEnabled(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_MFPConfig(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_MobilityDomain(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkSSID_HaulType(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDevice_TrafficSeparationAllowed(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDevice_Default8021QNumberOfEntries(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	int cnt = get_number_of_entries(ctx, data, instance, browseWiFiDataElementsNetworkDeviceDefault8021QInst);
+	dmasprintf(value, "%d", cnt);
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceDefault8021Q_Enable(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int set_WiFiDataElementsNetworkDeviceDefault8021Q_Enable(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+	switch (action)	{
+		case VALUECHECK:
+			if (bbfdm_validate_boolean(ctx, value))
+				return FAULT_9007;
+			break;
+		case VALUESET:
+			//TODO
+			break;
+	}
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceDefault8021Q_PrimaryVID(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int set_WiFiDataElementsNetworkDeviceDefault8021Q_PrimaryVID(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+	switch (action)	{
+		case VALUECHECK:
+			if (bbfdm_validate_unsignedInt(ctx, value, RANGE_ARGS{{NULL,"4095"}}, 1))
+				return FAULT_9007;
+			break;
+		case VALUESET:
+			//TODO
+			break;
+	}
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceDefault8021Q_DefaultPCP(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int set_WiFiDataElementsNetworkDeviceDefault8021Q_DefaultPCP(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+	switch (action)	{
+		case VALUECHECK:
+			if (bbfdm_validate_unsignedInt(ctx, value, RANGE_ARGS{{NULL,"7"}}, 1))
+				return FAULT_9007;
+			break;
+		case VALUESET:
+			//TODO
+			break;
+	}
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_Time(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_APOrigin(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_TriggerEvent(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_SteeringApproach(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_APDestination(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_SteeringDuration(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	//TODO
+	return 0;
+}
+
+static int get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_SteeringHistoryNumberOfEntries(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+	int cnt = get_number_of_entries(ctx, data, instance, browseWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistoryInst);
+	dmasprintf(value, "%d", cnt);
+	return 0;
+}
+
+/*************************************************************
+* OPERATE COMMANDS
+**************************************************************/
+static operation_args wifidataelementsnetwork_settrafficseparation_args = {
+    .in = (const char *[]) {
+        "Enable",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetwork_SetTrafficSeparation(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetwork_settrafficseparation_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetwork_SetTrafficSeparation(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetwork_setpreferredbackhauls_args = {
+    .in = (const char *[]) {
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetwork_SetPreferredBackhauls(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetwork_setpreferredbackhauls_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetwork_SetPreferredBackhauls(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetwork_setssid_args = {
+    .in = (const char *[]) {
+        "SSID",
+        "Enable",
+        "AddRemoveChange",
+        "PassPhrase",
+        "Band",
+        "AKMsAllowed",
+        "SuiteSelector",
+        "AdvertisementEnabled",
+        "MFPConfig",
+        "MobilityDomain",
+        "HaulType",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetwork_SetSSID(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetwork_setssid_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetwork_SetSSID(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetwork_setmscsdisallowed_args = {
+    .in = (const char *[]) {
+        "MSCSDisallowedStaList",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static operation_args wifidataelementsnetworkdevice_setstasteeringstate_args = {
+    .in = (const char *[]) {
+        "Disallowed",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetworkDevice_SetSTASteeringState(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetworkdevice_setstasteeringstate_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetworkDevice_SetSTASteeringState(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetworkdevicemultiapdevicebackhaul_steerwifibackhaul_args = {
+    .in = (const char *[]) {
+        "TargetBSS",
+        "Channel",
+        "TimeOut",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetworkDeviceMultiAPDeviceBackhaul_SteerWiFiBackhaul(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetworkdevicemultiapdevicebackhaul_steerwifibackhaul_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetworkDeviceMultiAPDeviceBackhaul_SteerWiFiBackhaul(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetworkdeviceradio_channelscanrequest_args = {
+    .in = (const char *[]) {
+        "OpClass",
+        "ChannelList",
+        "ScanType",
+        "DwellTime",
+        "DFSDwellTime",
+        "HomeTime",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetworkDeviceRadio_ChannelScanRequest(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetworkdeviceradio_channelscanrequest_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetworkDeviceRadio_ChannelScanRequest(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+
+static operation_args wifidataelementsnetworkdeviceradiobssstamultiapsta_btmrequest_args = {
+    .in = (const char *[]) {
+        "DisassociationImminent",
+        "DisassociationTimer",
+        "BSSTerminationDuration",
+        "ValidityInterval",
+        "SteeringTimer",
+        "TargetBSS",
+        NULL
+    },
+    .out = (const char *[]) {
+        "Status",
+        NULL
+    }
+};
+
+static int get_operate_args_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_BTMRequest(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
+{
+    *value = (char *)&wifidataelementsnetworkdeviceradiobssstamultiapsta_btmrequest_args;
+    return 0;
+}
+
+static int operate_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_BTMRequest(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
+{
+    //TODO
+    return 0;
+}
+/**********************************************************************************************************************************
+*                                            OBJ & PARAM DEFINITION
+***********************************************************************************************************************************/
+DMLEAF tWiFiDataElementsNetworkParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"SSIDNumberOfEntries", &DMREAD, DMT_UNINT, get_WiFiDataElementsNetwork_SSIDNumberOfEntries, NULL, BBFDM_BOTH},
+{"SetTrafficSeparation()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetwork_SetTrafficSeparation, operate_WiFiDataElementsNetwork_SetTrafficSeparation, BBFDM_USP},
+{"SetPreferredBackhauls()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetwork_SetPreferredBackhauls, operate_WiFiDataElementsNetwork_SetPreferredBackhauls, BBFDM_USP},
+{"SetSSID()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetwork_SetSSID, operate_WiFiDataElementsNetwork_SetSSID, BBFDM_USP},
+{0}
+};
+
+/* *** Device.WiFi.DataElements.Network.SSID.{i}. *** */
+DMLEAF tWiFiDataElementsNetworkSSIDParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"SSID", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_SSID, NULL, BBFDM_BOTH},
+{"Band", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_Band, NULL, BBFDM_BOTH},
+{"Enable", &DMREAD, DMT_BOOL, get_WiFiDataElementsNetworkSSID_Enable, NULL, BBFDM_BOTH},
+{"AKMsAllowed", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_AKMsAllowed, NULL, BBFDM_BOTH},
+{"SuiteSelector", &DMREAD, DMT_HEXBIN, get_WiFiDataElementsNetworkSSID_SuiteSelector, NULL, BBFDM_BOTH},
+{"AdvertisementEnabled", &DMREAD, DMT_BOOL, get_WiFiDataElementsNetworkSSID_AdvertisementEnabled, NULL, BBFDM_BOTH},
+{"MFPConfig", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_MFPConfig, NULL, BBFDM_BOTH},
+{"MobilityDomain", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_MobilityDomain, NULL, BBFDM_BOTH},
+{"HaulType", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkSSID_HaulType, NULL, BBFDM_BOTH},
+{0}
+};
+
+/* *** Device.WiFi.DataElements.Network. *** */
+DMOBJ tWiFiDataElementsNetworkObj[] = {
+/* OBJ, permission, addobj, delobj, checkdep, browseinstobj, nextdynamicobj, dynamicleaf, nextobj, leaf, linker, bbfdm_type, uniqueKeys */
+{"SSID", &DMREAD, NULL, NULL, NULL, browseWiFiDataElementsNetworkSSIDInst, NULL, NULL, NULL, tWiFiDataElementsNetworkSSIDParams, NULL, BBFDM_BOTH, NULL},
+{0}
+};
+
+DMLEAF tWiFiDataElementsNetworkDeviceParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"TrafficSeparationAllowed", &DMREAD, DMT_BOOL, get_WiFiDataElementsNetworkDevice_TrafficSeparationAllowed, NULL, BBFDM_BOTH},
+{"SetSTASteeringState()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetworkDevice_SetSTASteeringState, operate_WiFiDataElementsNetworkDevice_SetSTASteeringState, BBFDM_USP},
+{"Default8021QNumberOfEntries", &DMREAD, DMT_UNINT, get_WiFiDataElementsNetworkDevice_Default8021QNumberOfEntries, NULL, BBFDM_BOTH},
+{0}
+};
+
+/* *** Device.WiFi.DataElements.Network.Device.{i}.Default8021Q.{i}. *** */
+DMLEAF tWiFiDataElementsNetworkDeviceDefault8021QParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"Enable", &DMWRITE, DMT_BOOL, get_WiFiDataElementsNetworkDeviceDefault8021Q_Enable, set_WiFiDataElementsNetworkDeviceDefault8021Q_Enable, BBFDM_BOTH},
+{"PrimaryVID", &DMWRITE, DMT_UNINT, get_WiFiDataElementsNetworkDeviceDefault8021Q_PrimaryVID, set_WiFiDataElementsNetworkDeviceDefault8021Q_PrimaryVID, BBFDM_BOTH},
+{"DefaultPCP", &DMWRITE, DMT_UNINT, get_WiFiDataElementsNetworkDeviceDefault8021Q_DefaultPCP, set_WiFiDataElementsNetworkDeviceDefault8021Q_DefaultPCP, BBFDM_BOTH},
+{0}
+};
+
+DMOBJ tWiFiDataElementsNetworkDeviceObj[] = {
+/* OBJ, permission, addobj, delobj, checkdep, browseinstobj, nextdynamicobj, dynamicleaf, nextobj, leaf, linker, bbfdm_type, uniqueKeys, version*/
+{"Default8021Q", &DMWRITE, addObjWiFiDataElementsNetworkDeviceDefault8021Q, delObjWiFiDataElementsNetworkDeviceDefault8021Q, NULL, browseWiFiDataElementsNetworkDeviceDefault8021QInst, NULL, NULL, NULL, tWiFiDataElementsNetworkDeviceDefault8021QParams, NULL, BBFDM_BOTH, NULL},
+{0}
+};
+
+DMLEAF tWiFiDataElementsNetworkDeviceMultiAPDeviceBackhaulParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"SteerWiFiBackhaul()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetworkDeviceMultiAPDeviceBackhaul_SteerWiFiBackhaul, operate_WiFiDataElementsNetworkDeviceMultiAPDeviceBackhaul_SteerWiFiBackhaul, BBFDM_USP},
+{0}
+};
+
+
+DMLEAF tWiFiDataElementsNetworkDeviceRadioParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"ChannelScanRequest()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetworkDeviceRadio_ChannelScanRequest, operate_WiFiDataElementsNetworkDeviceRadio_ChannelScanRequest, BBFDM_USP},
+{0}
+};
+
+/* *** Device.WiFi.DataElements.Network.Device.{i}.Radio.{i}.BSS.{i}.STA.{i}.MultiAPSTA.SteeringHistory.{i}. *** */
+DMLEAF tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistoryParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"Time", &DMREAD, DMT_TIME, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_Time, NULL, BBFDM_BOTH},
+{"APOrigin", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_APOrigin, NULL, BBFDM_BOTH},
+{"TriggerEvent", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_TriggerEvent, NULL, BBFDM_BOTH},
+{"SteeringApproach", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_SteeringApproach, NULL, BBFDM_BOTH},
+{"APDestination", &DMREAD, DMT_STRING, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_APDestination, NULL, BBFDM_BOTH},
+{"SteeringDuration", &DMREAD, DMT_UNINT, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistory_SteeringDuration, NULL, BBFDM_BOTH},
+{0}
+};
+
+/* *** Device.WiFi.DataElements.Network.Device.{i}.Radio.{i}.BSS.{i}.STA.{i}.MultiAPSTA. *** */
+DMOBJ tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTAObj[] = {
+/* OBJ, permission, addobj, delobj, checkdep, browseinstobj, nextdynamicobj, dynamicleaf, nextobj, leaf, linker, bbfdm_type, uniqueKeys */
+{"SteeringHistory", &DMREAD, NULL, NULL, NULL, browseWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistoryInst, NULL, NULL, NULL, tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTASteeringHistoryParams, NULL, BBFDM_BOTH, NULL},
+{0}
+};
+
+DMLEAF tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTAParams[] = {
+/* PARAM, permission, type, getvalue, setvalue, bbfdm_type */
+{"SteeringHistoryNumberOfEntries", &DMREAD, DMT_UNINT, get_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_SteeringHistoryNumberOfEntries, NULL, BBFDM_BOTH},
+{"BTMRequest()", &DMASYNC, DMT_COMMAND, get_operate_args_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_BTMRequest, operate_WiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTA_BTMRequest, BBFDM_USP},
+{0}
+};
+
+DM_MAP_OBJ tDynamicObj[] = {
+/* parentobj, nextobject, parameter */
+{"Device.WiFi.DataElements.Network.", tWiFiDataElementsNetworkObj, tWiFiDataElementsNetworkParams},
+{"Device.WiFi.DataElements.Network.Device.{i}.", tWiFiDataElementsNetworkDeviceObj, tWiFiDataElementsNetworkDeviceParams},
+{"Device.WiFi.DataElements.Network.Device.{i}.MultiAPDevice.Backhaul.", NULL, tWiFiDataElementsNetworkDeviceMultiAPDeviceBackhaulParams},
+{"Device.WiFi.DataElements.Network.Device.{i}.Radio.{i}.", NULL, tWiFiDataElementsNetworkDeviceRadioParams},
+{"Device.WiFi.DataElements.Network.Device.{i}.Radio.{i}.BSS.{i}.STA.{i}.MultiAPSTA.", tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTAObj,tWiFiDataElementsNetworkDeviceRadioBSSSTAMultiAPSTAParams},
+{0}
+};

ethmngr/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ethmngr
-PKG_VERSION:=2.1.7
+PKG_VERSION:=2.1.9
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/ethmngr.git
-PKG_SOURCE_VERSION:=d029ce86fe99b7896f096f68eda3f6caa000ee5f
+PKG_SOURCE_VERSION:=2d35e86cc8dfd7ef4e0d8579f5d314e90faadc90
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

firewallmngr/Config.in

@@ -0,0 +1,12 @@
+if PACKAGE_firewallmngr
+
+menu "Configuration"
+
+config FIREWALLMNGR_PORT_TRIGGER
+	bool "Include Device.NAT.PortTrigger"
+	default y
+	help
+	   Set this option to include support for PortTrigger object.
+
+endmenu
+endif

firewallmngr/Makefile

@@ -0,0 +1,74 @@
+#
+# Copyright (C) 2024 IOPSYS Software Solutions AB
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=firewallmngr
+PKG_VERSION:=1.0.5
+
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
+PKG_SOURCE_VERSION:=94246676dc2e2db29b94fcffec1be3cee3ec8e9f
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+MAKE_PATH:=src
+
+define Package/firewallmngr
+  SECTION:=net
+  CATEGORY:=Network
+  TITLE:=Package to add Device.Firewall and Device.NAT. data model support.
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +firewall
+  DEPENDS+=+FIREWALLMNGR_PORT_TRIGGER:kmod-ipt-trigger +FIREWALLMNGR_PORT_TRIGGER:kmod-ip6t-trigger
+  DEPENDS+=+FIREWALLMNGR_PORT_TRIGGER:iptables-mod-nfqueue
+endef
+
+define Package/firewallmngr/description
+  Package to add Device.Firewall. and Device.NAT. data model support.
+endef
+
+define Package/$(PKG_NAME)/config
+        source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) -rf ~/git/firewallmngr/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
+	TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
+endif
+
+define Package/firewallmngr/install
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/lib/port-trigger
+
+	$(INSTALL_BIN) ./files/port-trigger/etc/init.d/port-trigger $(1)/etc/init.d/
+	$(INSTALL_DATA) ./files/port-trigger/etc/config/port-trigger $(1)/etc/config/
+	$(INSTALL_DATA) ./files/port-trigger/lib/port-trigger/port_trigger.sh $(1)/lib/port-trigger/
+endif
+	$(INSTALL_BIN) ./files/firewall.portmap $(1)/etc/
+	$(INSTALL_DATA) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/
+
+	$(INSTALL_BIN) ./files/firewall.service $(1)/etc/
+	$(INSTALL_DATA) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/
+
+	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libfirewallmngr.so $(1) $(PKG_NAME)
+endef
+
+$(eval $(call BuildPackage,firewallmngr))

firewallmngr/files/port-trigger/etc/config/port-trigger

@@ -0,0 +1 @@
+#port trigger uci file

firewallmngr/files/port-trigger/etc/init.d/port-trigger

@@ -0,0 +1,21 @@
+#!/bin/sh /etc/rc.common
+
+START=65
+STOP=20
+USE_PROCD=1
+
+. /lib/port-trigger/port_trigger.sh
+
+start_service() {
+	port_trigger_handling
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger firewall
+	procd_add_reload_trigger port-trigger
+}
+
+reload_service() {
+	start
+}

firewallmngr/files/port-trigger/lib/port-trigger/port_trigger.sh

@@ -0,0 +1,157 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+process_port_trigger() {
+	local rule_id="$1"
+	local is_enabled=""
+	local duration=""
+	local trigger_dport=""
+	local trigger_dport_end=""
+	local protocol=""
+	local interface=""
+	local open_dport=""
+	local open_dport_end=""
+	local open_protocol=""
+	local ptg_id=""
+	local IP_RULE=""
+	local IP6_RULE=""
+	local IP_RULE_FWD=""
+
+	get_port_trigger() {
+		local ptg_name
+		config_get ptg_name "$1" "name"
+		if [ "$ptg_name" == "$2" ]; then
+			ptg_id="$1"
+			return
+		fi
+	}
+
+	ptg_id=""
+	config_get name "$rule_id" "port_trigger"
+	config_foreach get_port_trigger  "port_trigger" "$name"
+	[ -z "$ptg_id" ] && return
+
+	is_enabled=$(uci -q get port-trigger."$ptg_id".enable)
+
+	if [ -z "$is_enabled" ] || [ "$is_enabled" = "0" ]; then
+		return
+	fi
+
+	protocol=$(uci -q get port-trigger."$ptg_id".protocol)
+	[ -z "$protocol" ] && return
+
+	if [ "$protocol" = "UDP" ] || [ "$protocol" = "udp" ]; then
+		IP_RULE="$IP_RULE -p udp"
+		IP6_RULE="$IP6_RULE -p udp"
+		IP_RULE_FWD="$IP_RULE_FWD -p udp"
+	elif [ "$protocol" = "TCP" ] || [ "$protocol" = "tcp" ]; then
+		IP_RULE="$IP_RULE -p tcp"
+		IP6_RULE="$IP6_RULE -p tcp"
+		IP_RULE_FWD="$IP_RULE_FWD -p tcp"
+	else
+		return
+	fi
+
+	trigger_dport=$(uci -q get port-trigger."$ptg_id".port)
+	[ -z "$trigger_dport" ] && return
+	IP_RULE="$IP_RULE --dport $trigger_dport"
+	IP6_RULE="$IP6_RULE --dport $trigger_dport"
+
+	trigger_dport_end=$(uci -q get port-trigger."$ptg_id".end_port_range)
+	if [ -n "$trigger_dport_end" ]; then
+		IP_RULE="$IP_RULE:$trigger_dport"
+		IP6_RULE="$IP6_RULE:$trigger_dport"
+	fi
+
+	config_get open_protocol "$rule_id" "protocol"
+	if [ "$open_protocol" = "UDP" ] || [ "$open_protocol" = "udp" ]; then
+		IP_RULE="$IP_RULE -j TRIGGER --trigger-type out --trigger-proto udp"
+		IP6_RULE="$IP6_RULE -j TRIGGER --trigger-type out --trigger-proto udp"
+	elif [ "$open_protocol" = "TCP" ] || [ "$open_protocol" = "tcp" ]; then
+		IP_RULE="$IP_RULE -j TRIGGER --trigger-type out --trigger-proto tcp"
+		IP6_RULE="$IP6_RULE -j TRIGGER --trigger-type out --trigger-proto tcp"
+	else
+		return
+	fi
+
+	config_get open_dport "$rule_id" "port"
+	[ -z "$open_dport" ] && return
+	IP_RULE="$IP_RULE --trigger-match $open_dport"
+	IP6_RULE="$IP6_RULE --trigger-match $open_dport"
+	IP_RULE_FWD="$IP_RULE_FWD --dport $open_dport"
+
+	config_get open_dport_end "$rule_id" "end_port_range"
+	if [ -z "$open_dport_end" ]; then
+		IP_RULE="$IP_RULE --trigger-relate $open_dport"
+		IP6_RULE="$IP6_RULE --trigger-relate $open_dport"
+	else
+		IP_RULE="$IP_RULE-$open_dport_end --trigger-relate $open_dport-$open_dport_end"
+		IP6_RULE="$IP6_RULE-$open_dport_end --trigger-relate $open_dport-$open_dport_end"
+		IP_RULE_FWD="$IP_RULE_FWD:$open_dport_end"
+	fi
+
+	duration=$(uci -q get port-trigger."$ptg_id".auto_disable_duration)
+        if [ -n "$duration" ]; then
+                IP_RULE="$IP_RULE --trigger-timeout $duration"
+                IP6_RULE="$IP6_RULE --trigger-timeout $duration"
+        fi
+
+	interface=$(uci -q get port-trigger."$ptg_id".src)
+	[ -z "$interface" ] && return
+	device=$(uci -q get network.$interface.device)
+       	IP_RULE_1="iptables -w -t nat -A prerouting_porttrigger -i $device $IP_RULE"
+       	echo "$IP_RULE_1">>/tmp/port_trigger_iptables
+
+       	IP_RULE_1="ip6tables -w -t nat -A prerouting_porttrigger -i $device $IP6_RULE"
+       	echo "$IP_RULE_1">>/tmp/port_trigger_ip6tables
+
+        if [ -n "$duration" ]; then
+		echo "iptables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in --trigger-timeout $duration">>/tmp/port_trigger_iptables
+		echo "ip6tables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in --trigger-timeout $duration">>/tmp/port_trigger_ip6tables
+
+		echo "iptables -w -t nat -A prerouting_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type dnat --trigger-timeout $duration">>/tmp/port_trigger_iptables
+	else
+		echo "iptables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in">>/tmp/port_trigger_iptables
+		echo "ip6tables -w -t filter -A forwarding_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type in">>/tmp/port_trigger_ip6tables
+
+		echo "iptables -w -t nat -A prerouting_wan_porttrigger $IP_RULE_FWD -j TRIGGER --trigger-type dnat">>/tmp/port_trigger_iptables
+	fi
+}
+
+port_trigger_handling() {
+	rm /tmp/port_trigger_iptables 2> /dev/null
+	rm /tmp/port_trigger_ip6tables 2> /dev/null
+	touch /tmp/port_trigger_iptables
+	touch /tmp/port_trigger_ip6tables
+
+	echo "iptables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	echo "iptables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	echo "iptables -w -t nat -F prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	echo "ip6tables -w -t nat -F prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+	echo "ip6tables -w -t filter -F forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+
+	echo "iptables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	ret=$?
+	[ $ret -eq 0 ] && echo "iptables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	echo "iptables -w -t filter -N forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	ret=$?
+	[ $ret -eq 0 ] && echo "iptables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	echo "iptables -w -t nat -N prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+	ret=$?
+	[ $ret -eq 0 ] && echo "iptables -w -t nat -I prerouting_wan_rule -j prerouting_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_iptables
+
+	echo "ip6tables -w -t nat -N prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+	ret=$?
+	[ $ret -eq 0 ] && echo "ip6tables -w -t nat -I PREROUTING -j prerouting_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+	echo "ip6tables -w -t filter -N forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+	ret=$?
+	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I forwarding_wan_rule -j forwarding_wan_porttrigger 2> /dev/null">>/tmp/port_trigger_ip6tables
+
+	# Load /etc/config/port-trigger UCI file
+	config_load port-trigger
+	config_foreach process_port_trigger rule
+
+	sh /tmp/port_trigger_iptables
+	sh /tmp/port_trigger_ip6tables
+}

fluent-bit/Makefile

@@ -0,0 +1,176 @@
+#
+# Copyright (C) 2024 IOPSYS
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fluent-bit
+PKG_VERSION:=3.1.0
+PKG_RELEASE:=1
+
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://github.com/fluent/fluent-bit.git
+PKG_SOURCE_VERSION=v$(PKG_VERSION)
+PKG_MIRROR_HASH:=9bedfabf859b88a2cfcf51cc17669b83a170e85427ce562131366cb1542b52ae
+endif
+
+PKG_LICENSE:=Apache-2.0
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/fluent-bit
+	CATEGORY:=Utilities
+	DEPENDS:= +libyaml +libopenssl +libcurl +libatomic +musl-fts +flex +bison
+	TITLE:=Fluent-Bit
+	URL:=https://fluentbit.io/
+endef
+
+define Package/fluent-bit/description
+	Fluent Bit is a super fast, lightweight, and highly scalable logging and metrics processor and forwarder.
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+        $(CP) -rf ./fluent-bit/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+# General options
+TARGET_LDFLAGS +=-lfts -latomic
+
+CMAKE_OPTIONS+= \
+	-DFLB_RELEASE=Yes \
+	-DFLB_SMALL=No \
+	-DEXCLUDE_FROM_ALL=true \
+	-DFLB_SHARED_LIBS=Yes \
+	-DFLB_DEBUG=Yes \
+	-DFLB_ALL=No \
+	-DFLB_JEMALLOC=No \
+	-DFLB_EXAMPLES=No \
+	-DFLB_CHUNK_TRACE=No \
+	-DFLB_BACKTRACE=No \
+	-DFLB_WASM=No \
+	-DFLB_LUAJIT=No
+
+# In plugins
+CMAKE_OPTIONS += \
+	-DFLB_IN_SYSLOG=Yes \
+	-DFLB_IN_CPU=Yes \
+	-DFLB_IN_MEM=Yes \
+	-DFLB_IN_DISK=Yes \
+	-DFLB_IN_EXEC=Yes \
+	-DFLB_IN_HEAD=Yes \
+	-DFLB_IN_FORWARD=No \
+	-DFLB_IN_KMSG=No \
+	-DFLB_IN_PROC=No \
+	-DFLB_IN_RANDOM=No \
+	-DFLB_IN_SERIAL=No \
+	-DFLB_IN_MQTT=No \
+	-DFLB_IN_STDIN=No \
+	-DFLB_IN_SYSTEMD=No \
+	-DFLB_IN_TAIL=No \
+	-DFLB_IN_TCP=No \
+	-DFLB_IN_THERMAL=No \
+	-DFLB_IN_UDP=No \
+	-DFLB_IN_DOCKER=No \
+	-DFLB_IN_EXEC_WASI=No \
+	-DFLB_IN_EVENT_TYPE=No \
+	-DFLB_IN_FLUENTBIT_METRICS=No \
+	-DFLB_IN_KUBERNETES_EVENTS=No \
+	-DFLB_IN_KAFKA=No \
+	-DFLB_IN_LIB=No \
+	-DFLB_IN_SYSTEMD=No \
+	-DFLB_IN_DUMMY=No \
+	-DFLB_IN_NETIF=No \
+	-DFLB_IN_COLLECTD=No \
+	-DFLB_IN_PROMETHEUS_SCRAPE=No \
+	-DFLB_IN_STATSD=No \
+	-DFLB_IN_STORAGE_BACKLOG=No \
+	-DFLB_IN_PODMAN_METRICS=No \
+	-DFLB_IN_OPENTELEMETRY=No \
+	-DFLB_IN_ELASTICSEARCH=No \
+	-DFLB_IN_CALYPTIA_FLEET=No \
+	-DFLB_IN_SPLUNK=No
+	-DFLB_IN_HEALTH=No \
+	-DFLB_IN_WINLOG=No \
+	-DFLB_IN_WINEVTLOG=No
+
+
+# Filter options
+CMAKE_OPTIONS += 
+	-DFLB_FILTER_AWS=No \
+	-DFLB_FILTER_ECS=No \
+	-DFLB_FILTER_KUBERNETES=No \
+	-DFLB_FILTER_LUA=No \
+	-DFLB_FILTER_NEST=No \
+	-DFLB_FILTER_RECORD_MODIFIER=No \
+	-DFLB_FILTER_THROTTLE=No \
+	-DFLB_FILTER_TYPE_CONVERTER=No \
+	-DFLB_FILTER_WASM=No \
+	-DFLB_FILTER_TENSORFLOW=No \
+	-DFLB_FILTER_GEOIP2=No \
+	-DFLB_FILTER_NIGHTFALL=No
+
+# out plugins
+CMAKE_OPTIONS += \
+	-DFLB_OUT_EXIT=Yes \
+	-DFLB_OUT_FORWARD=Yes \
+	-DFLB_OUT_HTTP=Yes \
+	-DFLB_OUT_NATS=Yes \
+	-DFLB_OUT_TCP=Yes \
+	-DFLB_OUT_UDP=Yes \
+	-DFLB_OUT_FILE=Yes \
+	-DFLB_OUT_STDOUT=Yes \
+	-DFLB_OUT_SYSLOG=Yes \
+	-DFLB_OUT_NULL=Yes \
+	-DFLB_OUT_PLOT=No \
+	-DFLB_OUT_AZURE=No \
+	-DFLB_OUT_AZURE_BLOB=No \
+	-DFLB_OUT_AZURE_LOGS_INGESTION=No \
+	-DFLB_OUT_AZURE_KUSTO=No \
+	-DFLB_OUT_BIGQUERY=No \
+	-DFLB_OUT_CALYPTIA=No \
+	-DFLB_OUT_COUNTER=No \
+	-DFLB_OUT_DATADOG=No \
+	-DFLB_OUT_ES=No \
+	-DFLB_OUT_GELF=No \
+	-DFLB_OUT_INFLUXDB=No \
+	-DFLB_OUT_NRLOGS=No \
+	-DFLB_OUT_OPENSEARCH=No \
+	-DFLB_OUT_TD=No \
+	-DFLB_OUT_SKYWALKING=No \
+	-DFLB_OUT_SLACK=No \
+	-DFLB_OUT_SPLUNK=No \
+	-DFLB_OUT_STACKDRIVER=No \
+	-DFLB_OUT_LIB=No \
+	-DFLB_OUT_FLOWCOUNTER=No \
+	-DFLB_OUT_LOGDNA=No \
+	-DFLB_OUT_LOKI=No \
+	-DFLB_OUT_KAFKA=No \
+	-DFLB_OUT_KAFKA_REST=No \
+	-DFLB_OUT_CLOUDWATCH_LOGS=No \
+	-DFLB_OUT_KINESIS_FIREHOSE=No \
+	-DFLB_OUT_KINESIS_STREAMS=No \
+	-DFLB_OUT_OPENTELEMETRY=No \
+	-DFLB_OUT_PROMETHEUS_EXPORTER=No \
+	-DFLB_OUT_PROMETHEUS_REMOTE_WRITE=No \
+	-DFLB_OUT_S3=No \
+	-DFLB_OUT_VIVO_EXPORTER=No \
+	-DFLB_OUT_WEBSOCKET=No \
+	-DFLB_OUT_ORACLE_LOG_ANALYTICS=No \
+	-DFLB_OUT_CHRONICLE=No \
+	-DFLB_OUT_PGSQL=No
+
+define Package/fluent-bit/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/fluent-bit
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bin/fluent-bit $(1)/usr/sbin/
+	$(INSTALL_DATA) ./files/fluent-bit.conf $(1)/etc/fluent-bit/fluent-bit.conf
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/conf/parsers.conf $(1)/etc/fluent-bit/parsers.conf
+endef
+
+$(eval $(call BuildPackage,fluent-bit))

fluent-bit/files/fluent-bit.conf

@@ -0,0 +1,15 @@
+[SERVICE]
+    flush           3
+    daemon          Off
+    log_level       info
+    parsers_file    /etc/fluent-bit/parsers.conf
+
+[INPUT]
+    name            syslog
+    tag             syslog
+    path            /dev/log
+
+[OUTPUT]
+    name            null
+    match           *
+

fluent-bit/patches/0001-fix_out_file_plugin.patch

@@ -0,0 +1,14 @@
+diff --git a/plugins/out_file/file.c b/plugins/out_file/file.c
+index 2e47c9666..42ace24c6 100644
+--- a/plugins/out_file/file.c
++++ b/plugins/out_file/file.c
+@@ -45,6 +45,9 @@
+ #define NEWLINE "\n"
+ #endif
+ 
++#undef PATH_MAX
++#define PATH_MAX 256
++
+ struct flb_file_conf {
+     const char *out_path;
+     const char *out_file;

gryphon-led-module/Makefile

@@ -28,7 +28,7 @@ define KernelPackage/$(PKG_NAME)
   FILES:=$(PKG_BUILD_DIR)/$(PKG_NAME).$(LINUX_KMOD_SUFFIX)
   KCONFIG:=CONFIG_PACKAGE_kmod-gryphon-led-kernel-module=y
   AUTOLOAD:=$(call AutoLoad,60,$(PKG_NAME))
-  DEPENDS:= +(TARGET_brcmbca):bcmkernel
+  DEPENDS:= +(TARGET_brcmbca):bcm963xx-bsp
   PKG_LICENSE:=GPLv2
   PKG_LICENSE_URL:=
 endef

hostmngr/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=hostmngr
-PKG_VERSION:=1.2.4
+PKG_VERSION:=1.2.6
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b4990b384461f2d1ff75a122a7fa5d9276f211bb
+PKG_SOURCE_VERSION:=aa365710b227ba82b1c43f9cdf497261edb21852
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

icwmp/Config.in

@@ -0,0 +1,6 @@
+menu "Configuration"
+
+config ICWMP_MGMT_FROM_USP
+	bool "Support configuration of ManagementServer from USP"
+	default y
+endmenu

icwmp/Makefile

@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icwmp
-PKG_VERSION:=9.7.12
+PKG_VERSION:=9.8.8
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=d2041138fc086dccf5f306d4426ab7a2f823ce86
+PKG_SOURCE_VERSION:=580f923cfc89aa9f151096d8606dde71e4604d08
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -32,8 +32,21 @@ define Package/icwmp
   SUBMENU:=TRx69
   TITLE:=TR069 CWMP client
   DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api +libopenssl
+  MENU:=1
 endef
 
+define Package/icwmp/description
+ TR069 client implementation with bbfdm backend for TR181 support
+endef
+
+define Package/icwmp/config
+	source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(CONFIG_ICWMP_MGMT_FROM_USP),y)
+EXTRA_CFLAGS += -DCWMP_DUAL_SUPPORT=BBFDM_BOTH
+endif
+
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/icwmp/* $(PKG_BUILD_DIR)/
@@ -51,6 +64,7 @@ define Package/icwmp/install
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
 	$(INSTALL_BIN) ./files/etc/firewall.cwmp $(1)/etc/firewall.cwmp
+	$(INSTALL_BIN) ./files/etc/critical_services.json $(1)/etc/icwmpd/critical_services.json
 	$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/

icwmp/files/etc/config/cwmp

@@ -41,6 +41,7 @@ config cpe 'cpe'
 	option active_notif_throttle '0'
 	option disable_gatewayinfo '0'
 	option fw_upgrade_keep_settings '1'
+	option clock_sync_timeout '128'
 	
 config lwn 'lwn'
 	option enable '0'

icwmp/files/etc/critical_services.json

@@ -0,0 +1,11 @@
+{
+	"services_list": [
+			"firewall",
+			"network",
+			"dhcp",
+			"stunc",
+			"xmpp",
+			"wireless",
+			"time"
+	]
+}

icwmp/files/etc/firewall.cwmp

@@ -6,7 +6,7 @@ log() {
 }
 
 get_firewall_zone() {
-	zone="$(uci show firewall|grep network|grep ${1}|cut -d. -f 2)"
+	zone="$(uci show firewall|grep network|grep -w ${1}|cut -d. -f 2)"
 	zone="${zone:-wan}" # defaults to wan zone
 	echo "$zone"
 }

ieee1905/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ieee1905
-PKG_VERSION:=8.4.0
+PKG_VERSION:=8.5.1
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=d631dc9520b3486efbe202241425118a603b6171
+PKG_SOURCE_VERSION:=b0e9ef0934888281ba7db7843738e56e6541665a
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -22,6 +22,7 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
 
 include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
 
 
 define Package/ieee1905/Default
@@ -38,7 +39,7 @@ define Package/libieee1905
   $(call Package/ieee1905/Default)
   TITLE:=libieee1905.so (library for CMDU and TLV handling)
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
-	   +libjson-c +libblobmsg-json
+	   +libjson-c +libblobmsg-json +libwifiutils
 endef
 
 define Package/ieee1905
@@ -46,7 +47,8 @@ define Package/ieee1905
   TITLE:=ieee1905d (daemon implementing 1905.1 and provides cli)
   DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ubus +libpthread \
-	   +libieee1905 +IEEE1905_PLATFORM_HAS_WIFI:libwifi
+	   +libieee1905 +IEEE1905_PLATFORM_HAS_WIFI:libwifi \
+	   +libwifiutils +libbbfdm-api
 endef
 
 include $(wildcard plugins/*.mk)
@@ -107,6 +109,7 @@ define Package/ieee1905/install
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/ieee1905d $(1)/usr/sbin/
+	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/tr181/ieee1905dm.so $(1) $(PKG_NAME)
 endef
 
 define Package/libieee1905/install

iopsys-analytics/Makefile

@@ -4,7 +4,7 @@ PKG_NAME:=iopsys-analytics
 PKG_RELEASE:=$(COMMITCOUNT)
 PKG_LICENSE:=PROPRIETARY
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=837c28bb2587b348fa7dd6b98135752aaf5f5212
+PKG_SOURCE_VERSION:=aea91816de703cf1c72490f51c2aa73c2f61640d
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/iopsys-analytics.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

ipt-trigger/Makefile

@@ -6,15 +6,24 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=ipt-trigger
-PKG_VERSION:=1.0.0
+PKG_VERSION:=1.0.2
 PKG_LICENSE:=GPL-2.0
 
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=4f3d4427403e0a9be7653c1b92907ae8ae5f21ae
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ipt-trigger.git
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
 include $(INCLUDE_DIR)/package.mk
 
 define KernelPackage/ipt-trigger
   SUBMENU:=Other modules
   TITLE:=Kernel module for iptables port trigger
-  FILES:=$(PKG_BUILD_DIR)/ipv4/ipt_TRIGGER.ko
+  FILES:=$(PKG_BUILD_DIR)/src/ipv4/ipt_TRIGGER.ko
   DEPENDS+=+kmod-nf-nat +xtables-legacy
   AUTOLOAD:=$(call AutoLoad,30,ipt_TRIGGER,1)
   KCONFIG:=
@@ -24,7 +33,7 @@ define KernelPackage/ip6t-trigger
   SUBMENU:=Other modules
   TITLE:=Kernel module for ip6tables port trigger
   DEPENDS+=+kmod-nf-nat +xtables-legacy
-  FILES:=$(PKG_BUILD_DIR)/ipv6/ip6t_TRIGGER.ko
+  FILES:=$(PKG_BUILD_DIR)/src/ipv6/ip6t_TRIGGER.ko
   AUTOLOAD:=$(call AutoLoad,30,ip6t_TRIGGER,1)
   KCONFIG:=
 endef
@@ -41,21 +50,28 @@ ifeq ($(CONFIG_TARGET_brcmbca),y)
 	include ../../broadcom/bcmkernel/bcm-kernel-toolchain.mk
 endif
 
+ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
-	$(CP) -rf ./src/* $(PKG_BUILD_DIR)/
-	$(CP) $(PKG_BUILD_DIR)/ipt_TRIGGER.h $(LINUX_DIR)/include/linux/netfilter_ipv4/
+	$(CP) -rf ./ipt-trigger/* $(PKG_BUILD_DIR)/
+	$(CP) ./ipt-trigger/include/ipt_TRIGGER.h $(LINUX_DIR)/include/linux/netfilter_ipv4/
 endef
+else
+define Build/Prepare
+	$(Build/Prepare/Default)
+	$(CP) $(PKG_BUILD_DIR)/include/ipt_TRIGGER.h $(LINUX_DIR)/include/linux/netfilter_ipv4/
+endef
+endif
 
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/include/linux/netfilter_ipv4
-	$(CP) $(PKG_BUILD_DIR)/ipt_TRIGGER.h $(1)/include/linux/netfilter_ipv4/
+	$(CP) $(PKG_BUILD_DIR)/include/ipt_TRIGGER.h $(1)/include/linux/netfilter_ipv4/
 endef
 
 KERNEL_MAKE_FLAGS += -I$(LINUX_DIR)/include
 
 define Build/Compile
-	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/ipv4/" modules
-	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/ipv6/" modules
+	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/src/ipv4/" modules
+	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/src/ipv6/" modules
 endef
 
 $(eval $(call KernelPackage,ipt-trigger))

ipt-trigger/src/ipt_TRIGGER.h

@@ -1,26 +0,0 @@
-#ifndef _IPT_TRIGGER_H_target
-#define _IPT_TRIGGER_H_target
-
-#define TRIGGER_TIMEOUT 600	/* 600 secs */
-
-enum ipt_trigger_type
-{
-	IPT_TRIGGER_DNAT = 1,
-	IPT_TRIGGER_IN = 2,
-	IPT_TRIGGER_OUT = 3,
-	IPT_TRIGGER_REFRESH = 4
-};
-
-struct ipt_trigger_ports {
-	u_int16_t mport[2];	/* Related destination port range */
-	u_int16_t rport[2];	/* Port range to map related destination port range to */
-};
-
-struct ipt_trigger_info {
-	enum ipt_trigger_type type;
-	u_int16_t proto;		/* Related protocol */
-	u_int16_t trigger_timeout;	/* Auto disable duration */
-	struct ipt_trigger_ports ports;
-};
-
-#endif /*_IPT_TRIGGER_H_target*/

ipt-trigger/src/ipv4/Makefile

@@ -1 +0,0 @@
-obj-m +=ipt_TRIGGER.o

ipt-trigger/src/ipv4/ipt_TRIGGER.c

@@ -1,407 +0,0 @@
-/* Kernel module to match the port-ranges, trigger related port-ranges,
- * and alters the destination to a local IP address.
- *
- * Copyright (C) 2003, CyberTAN Corporation
- * All Rights Reserved.
- *
- * Description:
- *   This is kernel module for port-triggering.
- *
- *   The module follows the Netfilter framework, called extended packet
- *   matching modules.
- */
-
-#include <linux/types.h>
-#include <linux/ip.h>
-#include <linux/tcp.h>
-#include <linux/timer.h>
-#include <linux/module.h>
-#include <linux/netfilter.h>
-#include <linux/netdevice.h>
-#include <linux/if.h>
-#include <linux/inetdevice.h>
-#include <linux/list.h>
-#include <net/protocol.h>
-#include <net/checksum.h>
-#include <linux/spinlock.h>
-
-#include <linux/netfilter_ipv4.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <net/netfilter/nf_conntrack.h>
-#include <net/netfilter/nf_conntrack_core.h>
-#include <net/netfilter/nf_conntrack_tuple.h>
-#include <net/netfilter/nf_nat.h>
-#include <linux/netfilter_ipv4/ipt_TRIGGER.h>
-
-/* This rwlock protects the main hash table, protocol/helper/expected
- *    registrations, conntrack timers*/
-
-
-static DEFINE_SPINLOCK(nf_trigger_lock);
-
-
-
-#define NF_IP_PRE_ROUTING	0
-#define NF_IP_FORWARD		2
-#define IPT_CONTINUE XT_CONTINUE
-
-
-
-/***********************lock help**********************/
-#define MUST_BE_READ_LOCKED(l)
-#define MUST_BE_WRITE_LOCKED(l)
-
-
-#define LOCK_BH(l) spin_lock_bh(l)
-#define UNLOCK_BH(l) spin_unlock_bh(l)
-
-#define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&nf_trigger_lock)
-#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&nf_trigger_lock)
-
-
-
-
-/***********************list help**********************/
-#define LIST_FIND(head, cmpfn, type, args...)           \
-({                                                      \
-        const struct list_head *__i, *__j = NULL;       \
-                                                        \
-        ASSERT_READ_LOCK(head);                         \
-        list_for_each(__i, (head))                      \
-                if (cmpfn((const type)__i , ## args)) { \
-                        __j = __i;                      \
-                        break;                          \
-                }                                       \
-        (type)__j;                                      \
-})
-
-static inline int
-__list_cmp_same(const void *p1, const void *p2) { return p1 == p2; }
-
-static inline void
-list_prepend(struct list_head *head, void *new)
-{
-	ASSERT_WRITE_LOCK(head);
-	list_add(new, head);
-}
-
-#define list_named_find(head, name)                     \
-LIST_FIND(head, __list_cmp_name, void *, name)
-
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
-MODULE_DESCRIPTION("iptables trigger target module");
-
-#if 0
-#define DEBUGP printk
-#else
-#define DEBUGP(format, args...)
-#endif
-
-struct ipt_trigger {
-        struct list_head list;          /* Trigger list */
-        struct timer_list timeout;      /* Timer for list destroying */
-        u_int32_t srcip;                /* Outgoing source address */
-        u_int32_t dstip;                /* Outgoing destination address */
-        u_int16_t mproto;               /* Trigger protocol */
-        u_int16_t rproto;               /* Related protocol */
-        u_int16_t trigger_timeout;      /* Auto disable duration */
-        struct ipt_trigger_ports ports; /* Trigger and related ports */
-        u_int8_t reply;                 /* Confirm a reply connection */
-};
-
-LIST_HEAD(ipt_trigger_list);
-
-static void trigger_refresh(struct ipt_trigger *trig, unsigned long extra_jiffies)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	LOCK_BH(&nf_trigger_lock);
-	/* Need del_timer for race avoidance (may already be dying). */
-	if (del_timer(&trig->timeout)) {
-		trig->timeout.expires = jiffies + extra_jiffies;
-		add_timer(&trig->timeout);
-	}
-
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static void __del_trigger(struct ipt_trigger *trig)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	MUST_BE_WRITE_LOCKED(&nf_trigger_lock);
-
-	/* delete from 'ipt_trigger_list' */
-	list_del(&trig->list);
-	kfree(trig);
-}
-
-static void trigger_timeout(struct timer_list *t)
-{
-	struct ipt_trigger *trig = from_timer(trig, t, timeout);
-
-	DEBUGP("trigger list %p timed out\n", trig);
-	LOCK_BH(&nf_trigger_lock);
-	__del_trigger(trig);
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static unsigned int
-add_new_trigger(struct ipt_trigger *trig)
-{
-	struct ipt_trigger *new = NULL;
-
-	DEBUGP("!!!!!!!!!!!! %s !!!!!!!!!!!\n", __FUNCTION__);
-
-	LOCK_BH(&nf_trigger_lock);
-	new = (struct ipt_trigger *)
-		kmalloc(sizeof(struct ipt_trigger), GFP_ATOMIC);
-
-	if (!new) {
-		UNLOCK_BH(&nf_trigger_lock);
-		DEBUGP("%s: OOM allocating trigger list\n", __FUNCTION__);
-		return -ENOMEM;
-	}
-
-	memset(new, 0, sizeof(*trig));
-	INIT_LIST_HEAD(&new->list);
-	memcpy(new, trig, sizeof(*trig));
-
-	/* add to global table of trigger */
-	list_prepend(&ipt_trigger_list, &new->list);
-
-	/* add and start timer if required */
-	timer_setup(&new->timeout, trigger_timeout, 0);
-	mod_timer(&new->timeout, jiffies + (trig->trigger_timeout * HZ));
-
-	UNLOCK_BH(&nf_trigger_lock);
-
-	return 0;
-}
-
-/*
- *      Service-Name    OutBound        InBound
- * 1.   TMD             UDP:1000        TCP/UDP:2000..2010
- * 2.   WOKAO           UDP:1000        TCP/UDP:3000..3010
- * 3.   net2phone-1     UDP:6801        TCP:30000..30000
- * 4.   net2phone-2     UDP:6801        UDP:30000..30000
- *
- * For supporting to use the same outgoing port to trigger different port rules,
- * it should check the inbound protocol and port range value. If all conditions
- * are matched, it is a same trigger item, else it needs to create a new one.
- */
-static inline int trigger_out_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport, const struct ipt_trigger_info *info)
-{
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, mproto= %d, mport[0..1]=%d, %d, ", __FUNCTION__,
-			i->mproto, i->ports.mport[0], i->ports.mport[1]);
-	DEBUGP("rproto= %d, rport[0..1]=%d, %d.\n",
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	return ((i->mproto == proto) &&
-			(i->ports.mport[0] <= dport)  &&
-			(i->ports.mport[1] >= dport) &&
-			(i->rproto == info->proto) &&
-			(i->ports.rport[0] == info->ports.rport[0]) &&
-			(i->ports.rport[1] == info->ports.rport[1]));
-}
-
-static unsigned int
-trigger_out(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger trig, *found;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	/* Check if the trigger range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_out_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest), info);
-
-
-	if (found) {
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		/* In order to allow multiple hosts use the same port range, we update
-		   the 'saddr' after previous trigger has a reply connection. */
-		if (found->reply)
-			found->srcip = iph->saddr;
-	}
-	else {
-		/* Create new trigger */
-		memset(&trig, 0, sizeof(trig));
-		trig.srcip = iph->saddr;
-		trig.mproto = iph->protocol;
-		trig.rproto = info->proto;
-		trig.trigger_timeout = info->trigger_timeout;
-		memcpy(&trig.ports, &info->ports, sizeof(struct ipt_trigger_ports));
-		add_new_trigger(&trig); /* Add the new 'trig' to list 'ipt_trigger_list'. */
-	}
-
-	return IPT_CONTINUE;        /* We don't block any packet. */
-}
-
-static inline int trigger_in_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport)
-{
-	u_int16_t rproto = i->rproto;
-
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, rproto= %d, rport[0..1]=%d, %d.\n", __FUNCTION__,
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	if (!rproto)
-		rproto = proto;
-
-	return ((rproto == proto) && (i->ports.rport[0] <= dport)
-			&& (i->ports.rport[1] >= dport));
-}
-
-static unsigned int
-trigger_in(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger *found;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############\n", __FUNCTION__);
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		return NF_ACCEPT;       /* Accept it, or the imcoming packet could be
-					   dropped in the FORWARD chain */
-	}
-
-	return IPT_CONTINUE;        /* Our job is the interception. */
-}
-
-static unsigned int
-trigger_dnat(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	struct ipt_trigger *found = NULL;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-	struct nf_conn *ct = NULL;
-	enum ip_conntrack_info ctinfo;
-	struct nf_nat_range2 newrange;
-
-	DEBUGP("############# %s ############%d\n", __FUNCTION__, __LINE__);
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############%d srcip:%d\n", __FUNCTION__, __LINE__, found->srcip);
-	}
-
-	if (!found || !found->srcip)
-		return IPT_CONTINUE;    /* We don't block any packet. */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	found->reply = 1;   /* Confirm there has been a reply connection. */
-	ct = nf_ct_get(skb, &ctinfo);
-
-	DEBUGP("%s: got ", __FUNCTION__);
-
-
-	/* Alter the destination of imcoming packet. */
-	/* Transfer from original range. */
-	memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
-	memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
-	memset(&newrange.min_proto, 0, sizeof(newrange.min_proto));
-	memset(&newrange.max_proto, 0, sizeof(newrange.max_proto));
-	newrange.flags	     = NF_NAT_RANGE_MAP_IPS;
-	newrange.min_addr.ip = found->srcip;
-	newrange.max_addr.ip = found->srcip;
-	DEBUGP("%s: found->srcip = %x\n", __FUNCTION__,  found->srcip);
-
-	/* Hand modified range to generic setup. */
-	return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
-}
-
-static unsigned int
-trigger_target(struct sk_buff *skb,
-			       const struct xt_action_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-	const struct iphdr *iph = ip_hdr(skb);
-	unsigned int hooknum = xt_hooknum(par);
-
-	DEBUGP("%s: type = %s\n", __FUNCTION__,
-			(info->type == IPT_TRIGGER_DNAT) ? "dnat" :
-			(info->type == IPT_TRIGGER_IN) ? "in" : "out");
-
-	/* The Port-trigger only supports TCP and UDP. */
-	if ((iph->protocol != IPPROTO_TCP) && (iph->protocol != IPPROTO_UDP))
-		return IPT_CONTINUE;
-
-	if (info->type == IPT_TRIGGER_OUT)
-		return trigger_out(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_IN)
-		return trigger_in(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_DNAT)
-		return trigger_dnat(skb, hooknum, info);
-
-	return IPT_CONTINUE;
-}
-static int
-trigger_check(const struct xt_tgchk_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-
-	if ((strcmp(par->table, "mangle") == 0)) {
-		DEBUGP("trigger_check: bad table `%s'.\n", par->table);
-		return -EINVAL;
-	}
-	if (par->hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_FORWARD))) {
-		DEBUGP("trigger_check: bad hooks %x.\n", par->hook_mask);
-		return -EINVAL;
-	}
-
-	if (info->proto) {
-		if (info->proto != IPPROTO_TCP && info->proto != IPPROTO_UDP) {
-			DEBUGP("trigger_check: bad proto %d.\n", info->proto);
-			return -EINVAL;
-		}
-	}
-	if (info->type == IPT_TRIGGER_OUT) {
-		if (!info->ports.mport[0] || !info->ports.rport[0]) {
-			DEBUGP("trigger_check: Try 'iptbles -j TRIGGER -h' for help.\n");
-			return -EINVAL;
-		}
-	}
-
-	return 0;
-}
-
-
-static struct xt_target redirect_reg = {
-        .name           = "TRIGGER",
-        .family         = NFPROTO_IPV4,
-        .target         = trigger_target,
-        .targetsize     = sizeof(struct ipt_trigger_info),
-        .checkentry     = trigger_check,
-        .me             = THIS_MODULE,
-};
-
-static int __init init(void)
-{
-	return xt_register_target(&redirect_reg);
-}
-
-static void __exit fini(void)
-{
-	xt_unregister_target(&redirect_reg);
-}
-
-module_init(init);
-module_exit(fini);

ipt-trigger/src/ipv6/Makefile

@@ -1 +0,0 @@
-obj-m +=ip6t_TRIGGER.o

ipt-trigger/src/ipv6/ip6t_TRIGGER.c

@@ -1,429 +0,0 @@
-/* Kernel module to match the port-ranges, trigger related port-ranges,
- * and alters the destination to a local IPv6 address.
- *
- * Copyright (C) 2024, IOPSYS
- * All Rights Reserved.
- *
- * Description:
- *   This is kernel module for port-triggering.
- *
- *   The module follows the Netfilter framework, called extended packet
- *   matching modules.
- */
-
-#include <linux/types.h>
-#include <linux/tcp.h>
-#include <linux/timer.h>
-#include <linux/module.h>
-#include <linux/netfilter.h>
-#include <linux/netdevice.h>
-#include <linux/if.h>
-#include <linux/inetdevice.h>
-#include <linux/list.h>
-#include <net/protocol.h>
-#include <net/checksum.h>
-#include <linux/spinlock.h>
-
-#include <linux/netfilter_ipv6.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <net/netfilter/nf_conntrack.h>
-#include <net/netfilter/nf_conntrack_core.h>
-#include <net/netfilter/nf_conntrack_tuple.h>
-#include <net/netfilter/nf_nat.h>
-#include <linux/netfilter_ipv4/ipt_TRIGGER.h>
-
-/* This rwlock protects the main hash table, protocol/helper/expected
- *    registrations, conntrack timers*/
-
-
-static DEFINE_SPINLOCK(nf_trigger_lock);
-
-
-
-#define NF_IP_PRE_ROUTING	0
-#define NF_IP_FORWARD		2
-#define IPT_CONTINUE XT_CONTINUE
-
-
-
-/***********************lock help**********************/
-#define MUST_BE_READ_LOCKED(l)
-#define MUST_BE_WRITE_LOCKED(l)
-
-
-#define LOCK_BH(l) spin_lock_bh(l)
-#define UNLOCK_BH(l) spin_unlock_bh(l)
-
-#define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&nf_trigger_lock)
-#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&nf_trigger_lock)
-
-
-
-
-/***********************list help**********************/
-#define LIST_FIND(head, cmpfn, type, args...)           \
-({                                                      \
-        const struct list_head *__i, *__j = NULL;       \
-                                                        \
-        ASSERT_READ_LOCK(head);                         \
-        list_for_each(__i, (head))                      \
-                if (cmpfn((const type)__i , ## args)) { \
-                        __j = __i;                      \
-                        break;                          \
-                }                                       \
-        (type)__j;                                      \
-})
-
-static inline int
-__list_cmp_same(const void *p1, const void *p2) { return p1 == p2; }
-
-static inline void
-list_prepend(struct list_head *head, void *new)
-{
-	ASSERT_WRITE_LOCK(head);
-	list_add(new, head);
-}
-
-#define list_named_find(head, name)                     \
-LIST_FIND(head, __list_cmp_name, void *, name)
-
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("IOPSYS Network Team");
-MODULE_DESCRIPTION("iptables trigger target module");
-
-#if 0
-#define DEBUGP printk
-#else
-#define DEBUGP(format, args...)
-#endif
-
-struct ipt_trigger {
-        struct list_head list;          /* Trigger list */
-        struct timer_list timeout;      /* Timer for list destroying */
-        struct in6_addr srcip;                /* Outgoing source address */
-        struct in6_addr dstip;                /* Outgoing destination address */
-        u_int16_t mproto;               /* Trigger protocol */
-        u_int16_t rproto;               /* Related protocol */
-	u_int16_t trigger_timeout;      /* Auto disable duration */
-        struct ipt_trigger_ports ports; /* Trigger and related ports */
-        u_int8_t reply;                 /* Confirm a reply connection */
-};
-
-LIST_HEAD(ipt_trigger_list);
-
-static unsigned char *ipv6_header_get_L4_header_offset(const struct ipv6hdr *ip6h_p)
-{
-        unsigned int ext_head_count = 8;
-        const struct ipv6_opt_hdr *ip_ext_p;
-        unsigned int payload_offset = 0;
-	char *tcpudp_hdr = NULL;
-	uint8_t nextHdr_p;
-
-        nextHdr_p = ip6h_p->nexthdr;
-        ip_ext_p = (const struct ipv6_opt_hdr *)(ip6h_p + 1);
-        payload_offset = sizeof(struct ipv6hdr);
-
-        do {
-                if ((nextHdr_p == IPPROTO_TCP) || (nextHdr_p == IPPROTO_UDP)) {
-			tcpudp_hdr = (unsigned char *)ip6h_p + payload_offset;
-                        break;
-		}
-
-                payload_offset += (ip_ext_p->hdrlen + 1U) << 3U;
-                nextHdr_p = ip_ext_p->nexthdr;
-                ip_ext_p = (struct ipv6_opt_hdr *)((uint8_t *)ip6h_p + payload_offset);
-                ext_head_count--; /* at most 8 extension headers */
-        } while (ext_head_count);
-
-        return tcpudp_hdr;
-}
-
-static void trigger_refresh(struct ipt_trigger *trig, unsigned long extra_jiffies)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	LOCK_BH(&nf_trigger_lock);
-	/* Need del_timer for race avoidance (may already be dying). */
-	if (del_timer(&trig->timeout)) {
-		trig->timeout.expires = jiffies + extra_jiffies;
-		add_timer(&trig->timeout);
-	}
-
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static void __del_trigger(struct ipt_trigger *trig)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	MUST_BE_WRITE_LOCKED(&nf_trigger_lock);
-
-	/* delete from 'ipt_trigger_list' */
-	list_del(&trig->list);
-	kfree(trig);
-}
-
-static void trigger_timeout(struct timer_list *t)
-{
-	struct ipt_trigger *trig = from_timer(trig, t, timeout);
-
-	DEBUGP("trigger list %p timed out\n", trig);
-	LOCK_BH(&nf_trigger_lock);
-	__del_trigger(trig);
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static unsigned int
-add_new_trigger(struct ipt_trigger *trig)
-{
-	struct ipt_trigger *new = NULL;
-
-	DEBUGP("!!!!!!!!!!!! %s !!!!!!!!!!!\n", __FUNCTION__);
-
-	LOCK_BH(&nf_trigger_lock);
-	new = (struct ipt_trigger *)
-		kmalloc(sizeof(struct ipt_trigger), GFP_ATOMIC);
-
-	if (!new) {
-		UNLOCK_BH(&nf_trigger_lock);
-		DEBUGP("%s: OOM allocating trigger list\n", __FUNCTION__);
-		return -ENOMEM;
-	}
-
-	memset(new, 0, sizeof(*trig));
-	INIT_LIST_HEAD(&new->list);
-	memcpy(new, trig, sizeof(*trig));
-
-	/* add to global table of trigger */
-	list_prepend(&ipt_trigger_list, &new->list);
-
-	/* add and start timer if required */
-	timer_setup(&new->timeout, trigger_timeout, 0);
-	mod_timer(&new->timeout, jiffies + (trig->trigger_timeout * HZ));
-
-	UNLOCK_BH(&nf_trigger_lock);
-
-	return 0;
-}
-
-/*
- *      Service-Name    OutBound        InBound
- * 1.   TMD             UDP:1000        TCP/UDP:2000..2010
- * 2.   WOKAO           UDP:1000        TCP/UDP:3000..3010
- * 3.   net2phone-1     UDP:6801        TCP:30000..30000
- * 4.   net2phone-2     UDP:6801        UDP:30000..30000
- *
- * For supporting to use the same outgoing port to trigger different port rules,
- * it should check the inbound protocol and port range value. If all conditions
- * are matched, it is a same trigger item, else it needs to create a new one.
- */
-static inline int trigger_out_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport, const struct ipt_trigger_info *info)
-{
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, mproto= %d, mport[0..1]=%d, %d, ", __FUNCTION__,
-			i->mproto, i->ports.mport[0], i->ports.mport[1]);
-	DEBUGP("rproto= %d, rport[0..1]=%d, %d.\n",
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	return ((i->mproto == proto) &&
-			(i->ports.mport[0] <= dport)  &&
-			(i->ports.mport[1] >= dport) &&
-			(i->rproto == info->proto) &&
-			(i->ports.rport[0] == info->ports.rport[0]) &&
-			(i->ports.rport[1] == info->ports.rport[1]));
-}
-
-static unsigned int
-trigger_out(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger trig, *found;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph = (struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	/* Check if the trigger range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_out_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest), info);
-
-
-	if (found) {
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		/* In order to allow multiple hosts use the same port range, we update
-		   the 'saddr' after previous trigger has a reply connection. */
-		if (found->reply)
-			found->srcip = ip6h->saddr;
-	}
-	else {
-		/* Create new trigger */
-		memset(&trig, 0, sizeof(trig));
-		memcpy(&trig.srcip, &ip6h->saddr, sizeof(trig.srcip));
-		trig.mproto = ip6h->nexthdr;
-		trig.rproto = info->proto;
-		trig.trigger_timeout = info->trigger_timeout;
-		memcpy(&trig.ports, &info->ports, sizeof(struct ipt_trigger_ports));
-		add_new_trigger(&trig); /* Add the new 'trig' to list 'ipt_trigger_list'. */
-	}
-
-	return IPT_CONTINUE;        /* We don't block any packet. */
-}
-
-static inline int trigger_in_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport)
-{
-	u_int16_t rproto = i->rproto;
-
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, rproto= %d, rport[0..1]=%d, %d.\n", __FUNCTION__,
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	if (!rproto)
-		rproto = proto;
-
-	return ((rproto == proto) && (i->ports.rport[0] <= dport)
-			&& (i->ports.rport[1] >= dport));
-}
-
-static unsigned int
-trigger_in(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger *found;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph =(struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############\n", __FUNCTION__);
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		return NF_ACCEPT;       /* Accept it, or the imcoming packet could be
-					   dropped in the FORWARD chain */
-	}
-
-	return IPT_CONTINUE;        /* Our job is the interception. */
-}
-
-static unsigned int
-trigger_dnat(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	struct ipt_trigger *found = NULL;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph =(struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-	struct nf_conn *ct = NULL;
-	enum ip_conntrack_info ctinfo;
-	struct nf_nat_range2 newrange;
-
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest));
-
-	if (!found)
-		return IPT_CONTINUE;    /* We don't block any packet. */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	found->reply = 1;   /* Confirm there has been a reply connection. */
-	ct = nf_ct_get(skb, &ctinfo);
-
-	DEBUGP("%s: got ", __FUNCTION__);
-
-
-	/* Alter the destination of imcoming packet. */
-	/* Transfer from original range. */
-	memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
-	memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
-	memset(&newrange.min_proto, 0, sizeof(newrange.min_proto));
-	memset(&newrange.max_proto, 0, sizeof(newrange.max_proto));
-	newrange.flags	     = NF_NAT_RANGE_MAP_IPS;
-	memcpy(&newrange.min_addr.ip, &found->srcip, sizeof(newrange.min_addr.ip));
-	memcpy(&newrange.max_addr.ip, &found->srcip, sizeof(newrange.max_addr.ip));
-	DEBUGP("%s: found->srcip = %x\n", __FUNCTION__,  found->srcip);
-
-	/* Hand modified range to generic setup. */
-	return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
-}
-
-static unsigned int
-trigger_target(struct sk_buff *skb,
-			       const struct xt_action_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	unsigned int hooknum = xt_hooknum(par);
-
-	DEBUGP("%s: type = %s\n", __FUNCTION__,
-			(info->type == IPT_TRIGGER_DNAT) ? "dnat" :
-			(info->type == IPT_TRIGGER_IN) ? "in" : "out");
-
-	/* The Port-trigger only supports TCP and UDP. */
-	if ((ip6h->nexthdr != IPPROTO_TCP) && (ip6h->nexthdr != IPPROTO_UDP))
-		return IPT_CONTINUE;
-
-	if (info->type == IPT_TRIGGER_OUT)
-		return trigger_out(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_IN)
-		return trigger_in(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_DNAT)
-		return trigger_dnat(skb, hooknum, info);
-
-	return IPT_CONTINUE;
-}
-static int
-trigger_check(const struct xt_tgchk_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-
-	if ((strcmp(par->table, "mangle") == 0)) {
-		DEBUGP("trigger_check: bad table `%s'.\n", par->table);
-		return -EINVAL;
-	}
-	if (par->hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_FORWARD))) {
-		DEBUGP("trigger_check: bad hooks %x.\n", par->hook_mask);
-		return -EINVAL;
-	}
-
-	if (info->proto) {
-		if (info->proto != IPPROTO_TCP && info->proto != IPPROTO_UDP) {
-			DEBUGP("trigger_check: bad proto %d.\n", info->proto);
-			return -EINVAL;
-		}
-	}
-	if (info->type == IPT_TRIGGER_OUT) {
-		if (!info->ports.mport[0] || !info->ports.rport[0]) {
-			DEBUGP("trigger_check: Try 'iptbles -j TRIGGER -h' for help.\n");
-			return -EINVAL;
-		}
-	}
-
-	return 0;
-}
-
-
-static struct xt_target redirect_reg = {
-        .name           = "TRIGGER",
-        .family         = NFPROTO_IPV6,
-        .target         = trigger_target,
-        .targetsize     = sizeof(struct ipt_trigger_info),
-        .checkentry     = trigger_check,
-        .me             = THIS_MODULE,
-};
-
-static int __init init(void)
-{
-	return xt_register_target(&redirect_reg);
-}
-
-static void __exit fini(void)
-{
-	xt_unregister_target(&redirect_reg);
-}
-
-module_init(init);
-module_exit(fini);

libdpp/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libdpp
-PKG_VERSION:=2.1.0
+PKG_VERSION:=2.1.1
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=1f82436531d4bb094b0b74e99613e0dfc84eada3
+PKG_SOURCE_VERSION:=6024efd3db9dd490c07465ea9b0c15120063165c
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/libdpp.git
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz

libethernet/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libethernet
-PKG_VERSION:=7.2.109
+PKG_VERSION:=7.2.110
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=cc72f5ab0171cd0fc29bb48dafff6751ab2f0d9c
+PKG_SOURCE_VERSION:=d94e3029e4e9d14907fd6b283218defb4d319f5a
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libethernet.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -66,7 +66,7 @@ define Package/libethernet
   SUBMENU:=IOPSYS HAL libs
   MENU:=1
   TITLE:= Ethernet library (libethernet)
-  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_airoha:ecnt_api +TARGET_brcmbca:bcmkernel
+  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_airoha:ecnt_api +TARGET_brcmbca:bcm963xx-bsp
 endef
 
 define Package/libethernet/description

libpicoevent-bcm/Makefile

@@ -26,7 +26,7 @@ define Package/libpicoevent-bcm
   CATEGORY:=Libraries
   TITLE:=Libpicoevent-bcm
   URL:=
-  DEPENDS:= +TARGET_brcmbca:bcmkernel
+  DEPENDS:= +TARGET_brcmbca:bcm963xx-bsp
   include $(TOPDIR)/feeds/broadcom/bcmkernel/bcm-toolchain.mk
 endef
 

libqos/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libqos
-PKG_VERSION:=7.2.106
+PKG_VERSION:=7.2.108
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=0e54d7a992c506d6302d7cc32a39eb64e9b2c42e
+PKG_SOURCE_VERSION:=6a72e35e1a662e2f707e4901679676a9c09b3bc2
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libqos.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -65,7 +65,7 @@ define Package/libqos
   SUBMENU:=IOPSYS HAL libs
   MENU:=1
   TITLE:= QoS library (libqos)
-  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_brcmbca:bcmkernel
+  DEPENDS+=+libnl +libnl-route +libeasy +TARGET_brcmbca:bcm963xx-bsp
 endef
 
 define Package/libqos/config

libvoice-broadcom/Makefile

@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libvoice-broadcom
 PKG_RELEASE:=1
-PKG_VERSION:=1.0.12
+PKG_VERSION:=1.0.14
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE
 
@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=475aa02e4fb9f8241ac4c38f622e87464cfc7154
+PKG_SOURCE_VERSION:=7fde62b9634c63b9bc71d1c20541798971a78dc8
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

libvoice-d2/Makefile

@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libvoice-d2
 PKG_RELEASE:=1
-PKG_VERSION:=1.1.10
+PKG_VERSION:=1.1.12
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE
 
@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=983528e257256ead689f58c7ee7157c00a9fcb14
+PKG_SOURCE_VERSION:=772955d814af8bbf91cf5c76f128cd1d17755625
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

libwifi/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libwifi
-PKG_VERSION:=7.4.63
+PKG_VERSION:=7.5.2
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=f3925af4cd2d8cf2ce805cd71f562639779a652e
+PKG_SOURCE_VERSION:=e93fcd63354489846e5bb2450c7e8059774577d5
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
@@ -131,7 +131,7 @@ endef
 define Package/libwifi
   $(call Package/libwifi-common)
   TITLE:= WiFi library (libwifi)
-  DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcmkernel
+  DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcm963xx-bsp
 endef
 
 define Package/libwifi/config

logmngr/Config.in

@@ -0,0 +1,26 @@
+if PACKAGE_logmngr
+choice
+	prompt "Select backend for syslog management"
+	default LOGMNGR_BACKEND_FLUENTBIT
+	depends on PACKAGE_logmngr
+	help
+		Select which backend daemon to use for syslog management
+
+config LOGMNGR_BACKEND_FLUENTBIT
+	bool "Use fluent-bit for log management"
+	help
+		Enable this option to use fluent-bit for log management.
+
+config LOGMNGR_BACKEND_SYSLOG_NG
+	bool "Use syslog-ng for log management"
+	help
+		Enable this option to use syslog-ng for log management.
+
+endchoice
+config LOGMNGR_LOGROTATE
+	bool "Logrotate support"
+	depends on PACKAGE_logmngr
+	default y
+	help
+		It adds support for logrotate functionality.
+endif

logmngr/Makefile

@@ -0,0 +1,74 @@
+#
+# Copyright (C) 2024 iopsys
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=logmngr
+PKG_VERSION:=1.0.1
+LOCAL_DEV:=0
+ifneq ($(LOCAL_DEV),1)
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/system/logmngr.git
+PKG_SOURCE_VERSION:=ec10abb3cc0f3b96eb806c9c67e18d9d134287e9
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+endif
+
+PKG_LICENSE:=GPL-2.0-only
+PKG_LICENSE_FILES:=LICENSE
+
+include $(INCLUDE_DIR)/package.mk
+include ../bbfdm/bbfdm.mk
+
+MAKE_PATH:=bbf_plugin
+
+define Package/logmngr
+ SECTION:=utils
+ CATEGORY:=Utilities
+ TITLE:=Logging Manager
+ DEPENDS:=+libbbfdm-api +LOGMNGR_BACKEND_FLUENTBIT:fluent-bit +LOGMNGR_LOGROTATE:logrotate
+ DEPENDS+=+LOGMNGR_BACKEND_SYSLOG_NG:syslog-ng
+endef
+
+define Package/logmngr/description
+	Configure log management. This package has the datamodel as well as the
+	the backend implementation for handling syslog.
+endef
+
+define Package/$(PKG_NAME)/config
+        source "$(SOURCE)/Config.in"
+endef
+
+ifeq ($(LOCAL_DEV),1)
+define Build/Prepare
+	$(CP) -rf ./logmngr/* $(PKG_BUILD_DIR)/
+endef
+endif
+
+define Package/logmngr/install
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_BIN) ./files/logmngr.init $(1)/etc/init.d/logmngr
+
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) ./files/logread $(1)/usr/sbin
+
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(INSTALL_BIN) ./files/10-logmngr_config_generate $(1)/etc/uci-defaults/
+
+	$(INSTALL_DIR) $(1)/lib/logmngr
+ifeq ($(CONFIG_LOGMNGR_BACKEND_FLUENTBIT),y)
+	$(INSTALL_DATA) ./files/lib/logmngr/fluent-bit.sh $(1)/lib/logmngr/.
+endif
+ifeq ($(CONFIG_LOGMNGR_BACKEND_SYSLOG_NG),y)
+	$(INSTALL_DATA) ./files/lib/logmngr/syslog-ng.sh $(1)/lib/logmngr/.
+endif
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/bbf_plugin/libbbfsyslog.so $(1)
+ifeq ($(CONFIG_LOGMNGR_LOGROTATE),y)
+	$(INSTALL_BIN) ./files/11-logmngr_logrotate_config_generate $(1)/etc/uci-defaults/
+	$(INSTALL_DATA) ./files/lib/logmngr/logrotate.sh $(1)/lib/logmngr/.
+	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/bbf_plugin/libbbflogrotate.so $(1)
+endif
+endef
+
+$(eval $(call BuildPackage,logmngr))

logmngr/files/10-logmngr_config_generate

@@ -0,0 +1,23 @@
+#!/bin/sh
+
+if [ -s "/etc/config/logmngr" ]; then
+	if uci -q get logmngr.@globals[0] >/dev/null; then
+		# return if there is any valid content
+		exit
+	else
+		rm -f /etc/config/logmngr
+	fi
+fi
+touch /etc/config/logmngr
+
+uci set logmngr.globals=globals
+uci set logmngr.globals.enable=1
+
+uci set logmngr.a1=action
+uci set logmngr.a1.name="ac1"
+
+uci set logmngr.lf1=log_file
+uci set logmngr.lf1.enable=1
+uci set logmngr.lf1.action="ac1"
+uci set logmngr.lf1.file="/var/log/messages"
+uci commit logmngr

logmngr/files/11-logmngr_logrotate_config_generate

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -s "/etc/config/logmngr" ]; then
+	if uci -q get logmngr.@log_rotate[0] >/dev/null; then
+		# return if there is any valid content
+		exit
+	fi
+	uci set logmngr.lro1=log_rotate
+	uci set logmngr.lro1.enable=1
+	uci set logmngr.lro1.file_name="/var/log/messages"
+	uci set logmngr.lro1.file_count=1
+	uci set logmngr.lro1.max_file_size=1000000
+	uci commit logmngr
+fi

logmngr/files/lib/logmngr/fluent-bit.sh

@@ -0,0 +1,319 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/logmngr/logrotate.sh
+
+CONF_FILE=/etc/fluent-bit/fluent-bit.conf
+TMP_CONF_FILE=/tmp/fluent-bit/fluent-bit.conf
+
+create_config_file() {
+	mkdir -p /tmp/fluent-bit
+	rm -f ${TMP_CONF_FILE}
+	touch ${TMP_CONF_FILE}
+}
+
+create_service_section() {
+	# the service section of the fluent-bit.conf file has hardcoded values,
+	# no need to lookup any uci section to configure this section
+	echo "[SERVICE]" >> ${TMP_CONF_FILE}
+	echo "    flush        3" >> ${TMP_CONF_FILE}
+	echo "    daemon       off" >> ${TMP_CONF_FILE}
+	echo "    log_level    info" >> ${TMP_CONF_FILE}
+	echo "    parsers_file /etc/fluent-bit/parsers.conf" >> ${TMP_CONF_FILE}
+}
+
+create_input_section() {
+	local tag="$1"
+	# the input in our case is always syslog, hence, this section of the
+	# fluent-bit.conf file has hardcoded values as well that do not depend
+	# on any uci value
+	echo "[INPUT]" >> ${TMP_CONF_FILE}
+	echo "    name        syslog" >> ${TMP_CONF_FILE}
+	echo "    tag         $tag" >> ${TMP_CONF_FILE}
+	echo "    path        /dev/log" >> ${TMP_CONF_FILE}
+}
+
+generate_facility_regex() {
+	local facility_level=$1
+	local pri=0
+
+	if [ "$facility_level" == "24" ]; then
+		# value 24 means all facility level, which is as good as not
+		# generating a filter section, so return
+		return
+	fi
+
+	# facility_level is a list value, hence, generate regex for
+	# each value
+	IFS=" "
+	for val in $facility_level; do
+		# as per rfc 5424 and 3164, pri in syslog msg is
+		# facility*8+severity. Severity value can range from 0-7 hence
+		# generate regex for each.
+		for sval in 0 1 2 3 4 5 6 7; do
+			pri=`expr $val \* 8 + $sval`
+			echo "    regex        pri $pri" >> ${TMP_CONF_FILE}
+		done
+	done
+
+}
+
+generate_severity_regex() {
+	local sev_level="$1"
+	local sev_compare="$2"
+	local sev_action="$3"
+
+	local pri=0
+	local param="exclude"
+
+	if [ "$sev_action" == "0" ]; then
+		param="regex"
+	fi
+
+	local fval=0
+	if [ "$sev_compare" == "0" ]; then
+		# generate regex for all facility values, with severity=sev_level
+		while [ $fval -le 23 ] ; do
+			pri=`expr $fval \* 8 + $sev_level`
+			echo "    $param        pri $pri" >> ${TMP_CONF_FILE}
+			fval=$((fval + 1))
+		done
+	elif [ "$sev_compare" == "1" ]; then
+		# generate regex for all severity value greater than or equal to
+		# sev_level. please, lower value have higher precedence, so sev_level
+		# 0 which is emergency has higher precedence than error which is 3
+		while [ $fval -le 23 ] ; do
+			sval=0
+			while [ $sev_level -ge $sval ]; do
+				pri=`expr $fval \* 8 + $sval`
+				echo "    $param        pri $pri" >> ${TMP_CONF_FILE}
+				sval=$((sval + 1))
+			done
+			fval=$((fval + 1))
+		done
+	fi
+}
+
+handle_filter_conf() {
+	local section="$1" # config filter
+	local filter_name="$2"
+	local name
+
+	# no need to proceed if name of filter section is not one of the values
+	# listed in option filter in config action section
+	config_get name $section name
+	if [ "$name" != "$filter_name" ]; then
+		return
+	fi
+
+	# as per data model, at a time either facility_level or severity_level can
+	# be specified along with pattern_match. hence, first process and generate
+	# regex for pattern_match which is common in both condition. Next, we will
+	# process facility_level and return if facility level is defined and not
+	# process severity related params at all.
+
+	local pattern_match
+	config_get pattern_match $section pattern_match
+	if [ -n "$pattern_match" ]; then
+		echo "    regex        $pattern_match" >> ${TMP_CONF_FILE}
+	fi
+
+	local facility_level
+	config_get facility_level $section facility_level
+
+	if [ -n "$facility_level" ]; then
+		generate_facility_regex $facility_level
+		# return from here since if facility_level is defined, then no
+		# need to process severity_level
+		return
+	fi
+
+	local sev_level
+	local sev_compare
+	local sev_action
+	config_get sev_level $section severity_level
+
+	if [ -n "$sev_level" ]; then
+		# value 1 of severity compare corresponds to data model
+		# and system default which is EqualorHigher
+		config_get sev_compare $section severity_compare 1
+		# value 0 of severity action corresponds to data model
+		# and system default that is log
+		config_get sev_action $section severity_action 0
+
+		generate_severity_regex $sev_level $sev_compare $sev_action
+	fi
+}
+
+create_filter_section() {
+	local match="$1"
+
+	echo "[FILTER]" >> ${TMP_CONF_FILE}
+	echo "    name        grep" >> ${TMP_CONF_FILE}
+	echo "    match       $match" >> ${TMP_CONF_FILE}
+	echo "    logical_op  or" >> ${TMP_CONF_FILE} # handle multiple filters
+}
+
+handle_filter_ref() {
+	local filter_name="$1"
+	config_foreach handle_filter_conf filter "$filter_name"
+}
+
+handle_log_file() {
+	local section="$1" # out_file section
+	local match="$2"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+	echo "[OUTPUT]" >> ${TMP_CONF_FILE}
+	echo "    name         file" >> ${TMP_CONF_FILE}
+	echo "    match        $match" >> ${TMP_CONF_FILE}
+	echo "    file        $file" >> ${TMP_CONF_FILE}
+}
+
+handle_log_remote() {
+	local section="$1"
+	local match="$2"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+
+	local address
+	config_get address $section log_ip
+	if [ -z "$address" ]; then
+		return
+	fi
+
+	echo "[OUTPUT]" >> ${TMP_CONF_FILE}
+	echo "    name         syslog" >> ${TMP_CONF_FILE}
+	echo "    match        $match" >> ${TMP_CONF_FILE}
+	echo "    host         $address" >> ${TMP_CONF_FILE}
+
+	local proto # holds value tcp or udp
+	config_get proto $section proto
+	if [ -n "$proto" ]; then
+		if [ "$proto" == "tls" ]; then
+			echo "    mode         tcp" >> ${TMP_CONF_FILE}
+			echo "    tls          on" >> ${TMP_CONF_FILE}
+		else
+			echo "    mode         $proto" >> ${TMP_CONF_FILE}
+		fi
+	fi
+
+	local port
+	config_get port $section port
+	if [ -n "$port" ]; then
+		echo "    port         $port" >> ${TMP_CONF_FILE}
+	fi
+
+	local cert
+	local peer_verify
+	config_get cert $section cert
+	if [ -n "$cert" ]; then
+		echo "    tls.crt_file $cert" >> ${TMP_CONF_FILE}
+
+		config_get peer_verify $section peer_verify
+		if [ "$peer_verify" == "1" ]; then
+			echo "    tls.verify     on" >> ${TMP_CONF_FILE}
+		fi
+	fi
+}
+
+handle_action() {
+	local section="$1"
+
+	local filter
+	config_get filter $section filter
+
+	# use config action option name as tag for input
+	local tag
+	config_get tag $section name
+	if [ -z "$tag" ]; then
+		return
+	fi
+
+	create_input_section $tag
+	if [ -n "$filter" ]; then
+		# the only fluentbit filter that is useful for the datamodel is
+		# grep. Also, fluentbit does not seem to handle multiple instances
+		# of FILTER of same kind. Hence, each filter section corresponding
+		# to an action entry in the uci would translate for us into a set of
+		# regex/exclude values instead of individual FILTER section per uci
+		# section filter is a list, treat according
+		create_filter_section $tag
+
+		IFS=" "
+		for finst in $filter; do
+			handle_filter_ref $finst
+		done
+	fi
+
+	# handle output, each action can be associated with a out_log and out_syslog
+	# section so figure out if any out_log or out_syslog section is associated
+	# with this and action and setup output accordingly.
+	config_foreach handle_log_file log_file "$tag"
+	config_foreach handle_log_remote log_remote "$tag"
+
+
+}
+
+handle_action_section() {
+	config_foreach handle_action action
+}
+
+apply_config_file() {
+	cp ${TMP_CONF_FILE} ${CONF_FILE}
+}
+
+PROG=/usr/sbin/fluent-bit
+logmngr_init() {
+	create_config_file
+
+	config_load logmngr
+	local enabled
+	config_get enabled globals enable
+
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	create_service_section
+	handle_action_section
+	apply_config_file
+
+	if [ -f /lib/logmngr/logrotate.sh ]; then
+		logrotate_init
+	fi
+
+	procd_open_instance logmngr
+	procd_set_param command $PROG -c $CONF_FILE
+	procd_set_param file $CONF_FILE
+	procd_set_param respawn
+	procd_close_instance
+}

logmngr/files/lib/logmngr/logrotate.sh

@@ -0,0 +1,96 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+LOGROTATE_FILE=/etc/logrotate.conf
+LOGROTATE_TMP_FILE=/tmp/logrotate/logrotate.conf
+
+create_logrotate_file() {
+	mkdir -p /tmp/logrotate
+	rm -f ${LOGROTATE_TMP_FILE}
+	touch ${LOGROTATE_FILE}
+}
+
+
+handle_logrotate() {
+	local section="$1"
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	local file_name
+	config_get file_name $section file_name
+	if [ -z "$file_name" ]; then
+		# no file to rotate, return
+		return
+	fi
+
+	echo -e "$file_name {" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tcreate" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tmissingok" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tnotifempty" >> ${LOGROTATE_TMP_FILE}
+
+	local file_count
+	config_get file_count $section file_count
+	if [ -n "$file_count" ]; then
+		echo -e "\trotate $file_count" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local max_file_size
+	config_get max_file_size $section max_file_size
+	if [ -n "$max_file_size" ]; then
+		echo -e "\tmaxsize $max_file_size" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local duration
+	config_get duration $section duration
+	if [ -n "$duration" ]; then
+		echo -e "\tminutes $duration" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local retention
+	config_get retention $section retention
+	if [ -n "$retention" ]; then
+		echo -e "\tmaxage $retention" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	local compression
+	config_get compression $section compression
+	if [ -n "$compression" ]; then
+		echo -e "\tcompress" >> ${LOGROTATE_TMP_FILE}
+		echo -e "\tcompresscmd $compression" >> ${LOGROTATE_TMP_FILE}
+	fi
+
+	echo -e "\tpostrotate" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\t\tservice logmngr restart" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\t\tsleep 1" >> ${LOGROTATE_TMP_FILE}
+	echo -e "\tendscript" >> ${LOGROTATE_TMP_FILE}
+	echo -e "}" >> ${LOGROTATE_TMP_FILE} # close the logfile section
+}
+
+apply_logrotate_file() {
+	cp ${LOGROTATE_TMP_FILE} ${LOGROTATE_FILE}
+}
+
+config_cron_job() {
+	# taking the liberty to configure the cron job hourly, that is, at the end
+	# of each hour, check if logrotation is needed. The logrotate daemon, when
+	# triggered hourly, will still honour the configure log rotation duration,
+	# the only slight different being that if the minutes for log rotation
+	# are configured in such a way that it falls within the hour, then the
+	# log rotation will be done at the completion of hour and not before. I do
+	# not think this is a drawback in the interest of keeping things simple.
+	sed -i '/logrotate/d' /etc/crontabs/root
+	echo "0 * * * * logrotate ${LOGROTATE_FILE}" >> /etc/crontabs/root
+	/etc/init.d/cron restart
+}
+
+logrotate_init() {
+	create_logrotate_file
+	config_foreach handle_logrotate log_rotate
+	apply_logrotate_file
+	config_cron_job
+}

logmngr/files/lib/logmngr/syslog-ng.sh

@@ -0,0 +1,345 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /lib/logmngr/logrotate.sh
+
+CONF_FILE=/etc/syslog-ng.conf
+TMP_CONF_FILE=/tmp/syslog-ng/syslog-ng.conf
+
+create_config_file() {
+	mkdir -p /tmp/syslog-ng
+	rm -f ${TMP_CONF_FILE}
+	touch ${TMP_CONF_FILE}
+}
+
+create_option_section() {
+	# the option section of the syslog-ng.conf file has hardcoded values,
+	# no need to lookup any uci section to configure this section
+	echo -e "@version: 4.4" >> ${TMP_CONF_FILE}
+	echo -e '@include "scl.conf"' >> ${TMP_CONF_FILE}
+	echo -e "options {" >> ${TMP_CONF_FILE}
+	echo -e "\tchain_hostnames(no);" >> ${TMP_CONF_FILE}
+	echo -e "\tcreate_dirs(yes);" >> ${TMP_CONF_FILE}
+	echo -e "\tkeep_hostname(yes);" >> ${TMP_CONF_FILE}
+	echo -e "\tlog_fifo_size(256);" >> ${TMP_CONF_FILE}
+	echo -e "\tlog_msg_size(1024);" >> ${TMP_CONF_FILE}
+	echo -e "\tstats(freq(0));" >> ${TMP_CONF_FILE}
+	echo -e "\tflush_lines(0);" >> ${TMP_CONF_FILE}
+	echo -e "\tuse_fqdn(no);" >> ${TMP_CONF_FILE}
+	echo "};" >> ${TMP_CONF_FILE}
+
+}
+
+create_input_section() {
+	local tag="$1"
+	# the input in our case is always syslog, hence, this section of the
+	# fluent-bit.conf file has hardcoded values as well that do not depend
+	# on any uci value
+	echo -e "source $tag {" >> ${TMP_CONF_FILE}
+	echo -e "\tinternal();" >> ${TMP_CONF_FILE}
+	echo -e "\tunix-dgram("/dev/log");" >> ${TMP_CONF_FILE}
+	echo "};" >> ${TMP_CONF_FILE}
+}
+
+generate_facility_regex() {
+	local facility_level=$1
+
+	if [ "$facility_level" == "24" ]; then
+		# value 24 means all facility level, which is as good as not
+		# generating a filter section, so return
+		return
+	fi
+
+	# facility_level is a list value, hence, generate regex for
+	# each value
+	IFS=" "
+	for val in $facility_level; do
+		echo -e "\tfacility($val);" >> ${TMP_CONF_FILE}
+	done
+
+}
+
+generate_severity_regex() {
+	local sev_level="$1"
+	local sev_compare="$2"
+	local sev_action="$3"
+
+	if [ "$sev_compare" == "0" ]; then
+		case $sev_level in
+		"0") echo -e "\tlevel(emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"1") echo -e "\tlevel(alert)" >> ${TMP_CONF_FILE}
+		;;
+		"2") echo -e "\tlevel(crit)" >> ${TMP_CONF_FILE}
+		;;
+		"3") echo -e "\tlevel(err)" >> ${TMP_CONF_FILE}
+		;;
+		"4") echo -e "\tlevel(warning)" >> ${TMP_CONF_FILE}
+		;;
+		"5") echo -e "\tlevel(notice)" >> ${TMP_CONF_FILE}
+		;;
+		"6") echo -e "\tlevel(info)" >> ${TMP_CONF_FILE}
+		;;
+		"7") echo -e "\tlevel(debug)" >> ${TMP_CONF_FILE}
+		;;
+		esac
+	elif [ "$sev_compare" == "1" ]; then
+		# generate regex for all severity value greater than or equal to
+		# sev_level
+		case $sev_level in
+		"0") echo -e "\tlevel(emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"1") echo -e "\tlevel(alert..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"2") echo -e "\tlevel(crit..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"3") echo -e "\tlevel(err..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"4") echo -e "\tlevel(warning..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"5") echo -e "\tlevel(notice..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"6") echo -e "\tlevel(info..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		"7") echo -e "\tlevel(debug..emerg)" >> ${TMP_CONF_FILE}
+		;;
+		esac
+	fi
+}
+
+handle_filter_conf() {
+	local section="$1" # config filter
+	local filter_name="$2"
+	local name
+
+	# no need to proceed if name of filter section is not one of the values
+	# listed in option filter in config action section
+	config_get name $section name
+	if [ "$name" != "$filter_name" ]; then
+		return
+	fi
+	echo -e "filter $name {" >> ${TMP_CONF_FILE}
+
+	# as per data model, at a time either facility_level or severity_level can
+	# be specified along with pattern_match. hence, first process and generate
+	# regex for pattern_match which is common in both condition. Next, we will
+	# process facility_level and return if facility level is defined and not
+	# process severity related params at all.
+
+	local pattern_match
+	config_get pattern_match $section pattern_match
+	if [ -n "$pattern_match" ]; then
+		# the pattern here is in tag=>value pair, hence, break the pattern
+		# and fill this filed
+		local tag=$(echo $pattern_match | awk '{print $1}')
+		local value=$(echo $pattern_match | awk '{print $2}')
+		echo -e "\tmatch("$value" value("$tag"))" >> ${TMP_CONF_FILE}
+	fi
+
+	local facility_level
+	config_get facility_level $section facility_level
+
+	if [ -n "$facility_level" ]; then
+		generate_facility_regex $facility_level
+		# return from here since if facility_level is defined, then no
+		# need to process severity_level
+		echo "};" >> ${TMP_CONF_FILE}
+		return
+	fi
+
+	local sev_level
+	local sev_compare
+	local sev_action
+	config_get sev_level $section severity_level
+
+	if [ -n "$sev_level" ]; then
+		# value 1 of severity compare corresponds to data model
+		# and system default which is EqualorHigher
+		config_get sev_compare $section severity_compare 1
+		# value 0 of severity action corresponds to data model
+		# and system default that is log
+		config_get sev_action $section severity_action 0
+
+		generate_severity_regex $sev_level $sev_compare $sev_action
+	fi
+	echo "};" >> ${TMP_CONF_FILE}
+}
+
+handle_filter_ref() {
+	local filter_name="$1"
+	config_foreach handle_filter_conf filter "$filter_name"
+}
+
+handle_log_file() {
+	local section="$1" # out_file section
+	local match="$2"
+	local filter="$3"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+
+	echo -e "destination file_$match {" >> ${TMP_CONF_FILE}
+	echo -e "\tfile("$file");" >> ${TMP_CONF_FILE}
+	echo -e "};" >> ${TMP_CONF_FILE}
+
+	# now generate the log section for each action section to bring into effect
+	# the filter, destination, source sections create above
+	echo -e "log {" >> ${TMP_CONF_FILE}
+	echo -e "\tsource($tag);" >> ${TMP_CONF_FILE}
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			echo -e "\tfilter($finst);" >> ${TMP_CONF_FILE}
+		done
+	fi
+	echo -e "\tdestination(file_$match);" >> ${TMP_CONF_FILE} # log_file
+	echo -e "};" >> ${TMP_CONF_FILE} # close log section
+}
+
+handle_log_remote() {
+	local section="$1"
+	local match="$2"
+	local filter="$3"
+	local action_ref
+
+	config_get action_ref $section action
+	if [ "$action_ref" != "$match" ]; then
+		return
+	fi
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+
+	local address
+	config_get address $section log_ip
+	if [ -z "$address" ]; then
+		return
+	fi
+
+	echo -e "destination remote_$match {" >> ${TMP_CONF_FILE}
+	echo -e "\tsyslog(" >> ${TMP_CONF_FILE}
+	echo -e "\t\t"$address"" >> ${TMP_CONF_FILE}
+
+	local proto # holds value tcp or udp
+	config_get proto $section proto
+	if [ -n "$proto" ]; then
+		echo -e "\t\ttransport($proto)" >> ${TMP_CONF_FILE}
+	fi
+
+	local port
+	config_get port $section port
+	if [ -n "$port" ]; then
+		echo -e "\t\tport($port)" >> ${TMP_CONF_FILE}
+	fi
+
+	local cert
+	local peer_verify
+	config_get cert $section cert
+	if [ -n "$cert" ]; then
+		echo -e "\t\ttls(" >> ${TMP_CONF_FILE}
+		echo -e "\t\t\tcert-file($cert)" >> ${TMP_CONF_FILE}
+
+		config_get peer_verify $section peer_verify
+		if [ "$peer_verify" == "1" ]; then
+			echo -e "\t\t\tpeer-verify(required-trusted)" >> ${TMP_CONF_FILE}
+		fi
+		echo -e "\t\t)" >> ${TMP_CONF_FILE} # close tls section
+	fi
+	echo -e "\t);" >> ${TMP_CONF_FILE} # close syslog section
+	echo -e "};" >> ${TMP_CONF_FILE} # close destination section
+
+	# now generate the log section for each action section to bring into effect
+	# the filter, destination, source sections create above
+	echo -e "log {" >> ${TMP_CONF_FILE}
+	echo -e "\tsource($tag);" >> ${TMP_CONF_FILE}
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			echo -e "\tfilter($finst);" >> ${TMP_CONF_FILE}
+		done
+	fi
+	echo -e "\tdestination(remote_$match);" >> ${TMP_CONF_FILE} # log_file
+	echo -e "};" >> ${TMP_CONF_FILE} # close log section
+}
+
+handle_action() {
+	local section="$1"
+
+	local filter
+	config_get filter $section filter
+
+	# use config action option name as tag for input
+	local tag
+	config_get tag $section name
+	if [ -z "$tag" ]; then
+		return
+	fi
+
+	create_input_section $tag
+	if [ -n "$filter" ]; then
+		IFS=" "
+		for finst in $filter; do
+			handle_filter_ref $finst
+		done
+	fi
+
+	# handle output, each action can be associated with a out_log and out_syslog
+	# section so figure out if any out_log or out_syslog section is associated
+	# with this and action and setup output accordingly.
+	config_foreach handle_log_file log_file "$tag" "$filter"
+	config_foreach handle_log_remote log_remote "$tag" "$filter"
+}
+
+handle_action_section() {
+	config_foreach handle_action action
+}
+
+apply_config_file() {
+	cp ${TMP_CONF_FILE} ${CONF_FILE}
+}
+
+PROG=/usr/sbin/syslog-ng-ctl
+
+logmngr_init() {
+	create_config_file
+
+	config_load logmngr
+	local enabled
+	config_get enabled globals enable
+
+	if [ "$enabled" == "0" ]; then
+		return
+	fi
+
+	create_option_section
+	handle_action_section
+	apply_config_file
+
+	if [ -f /lib/logmngr/logrotate.sh ]; then
+		logrotate_init
+	fi
+
+	procd_open_instance logmngr
+	procd_set_param command $PROG reload
+	procd_close_instance
+}

logmngr/files/logmngr.init

@@ -0,0 +1,16 @@
+#!/bin/sh /etc/rc.common
+
+START=12
+STOP=89
+USE_PROCD=1
+
+. /lib/functions.sh
+include /lib/logmngr
+
+start_service() {
+	logmngr_init
+}
+
+service_triggers() {
+	procd_add_reload_trigger logmngr
+}

logmngr/files/logread

@@ -0,0 +1,108 @@
+#!/bin/sh
+# Shell script compatibility wrapper for /sbin/logread
+#
+# Copyright (C) 2019 Dirk Brenken <dev@brenken.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+. /lib/functions.sh
+
+# use /var/log/messages as default
+logfile="/var/log/messages"
+
+
+handle_log_file() {
+	local section="$1"
+
+	local enabled
+	config_get enabled $section enable
+	if [ "$enabled" == 0 ]; then
+		return
+	fi
+
+	local file
+	config_get file $section file
+	if [ -z "$file" ]; then
+		return
+	fi
+
+	logfile="$file"
+}
+
+config_load logmngr
+config_get logmngr_enabled globals enable
+if [ "$logmngr_enabled" == "0" ]; then
+	printf "%s\n" "Error: logmngr is not enabled!"
+	exit 2
+fi
+
+# treat the last enabled log_file as logfile
+config_foreach handle_log_file log_file
+
+if [ ! -f "${logfile}" ]
+then
+	printf "%s\n" "Error: logfile $logfile not found!"
+	exit 2
+fi
+
+usage()
+{
+	printf "%s\n" "Usage: logread [options]"
+	printf "%s\n" "Options:"
+	printf "%5s %-10s%s\n" "-l" "<count>" "Got only the last 'count' messages"
+	printf "%5s %-10s%s\n" "-e" "<pattern>" "Filter messages with a regexp"
+	printf "%5s %-10s%s\n" "-f" "" "Follow log messages"
+	printf "%5s %-10s%s\n" "-h" "" "Print this help message"
+}
+
+if [ -z "${1}" ]
+then
+	cat "${logfile}"
+	exit 0
+else
+	while [ "${1}" ]
+	do
+		case "${1}" in
+			-l)
+				shift
+				count="${1//[^0-9]/}"
+				tail -n "${count:-50}" "${logfile}"
+				exit 0
+				;;
+			-e)
+				shift
+				pattern="${1}"
+				grep -E "${pattern}" "${logfile}"
+				exit 0
+				;;
+			-f)
+				tail -f "${logfile}"
+				exit 0
+				;;
+			-fe)
+				shift
+				pattern="${1}"
+				tail -f "${logfile}" | grep -E "${pattern}"
+				exit 0
+				;;
+			-h|*)
+				usage
+				exit 1
+				;;
+		esac
+		shift
+	done
+fi

map-agent/Config.in

@@ -59,5 +59,8 @@ config AGENT_CHECK_PARTIAL_WIFI_RELOAD
 	bool "Option that allow SSID/PSK simple reload"
 	default y
 
+config DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER
+	bool "Let dynbhd through AP-Autoconfiguration Search and DHCP Discovery determine the controller or agent role"
+
 endmenu
 endif

map-agent/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-agent
-PKG_VERSION:=6.0.0.5
+PKG_VERSION:=6.1.1.9
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=e9c6515c053aa49b7cdcda86548904ff7fcdd6b0
+PKG_SOURCE_VERSION:=8779b993dc8075aa48525340b9e86e13fa7ac54b
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 PKG_LICENSE:=BSD-3-Clause
@@ -109,6 +109,10 @@ ifeq ($(CONFIG_AGENT_CHECK_PARTIAL_WIFI_RELOAD),y)
 TARGET_CFLAGS += -DCHECK_PARTIAL_WIFI_RELOAD
 endif
 
+ifeq ($(CONFIG_DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER),y)
+TARGET_CFLAGS += -DPERSIST_CONTROLLER
+endif
+
 MAKE_PATH:=src
 
 define Package/map-agent/install

map-agent/files/lib/multiap/map_genconfig

@@ -86,9 +86,18 @@ generate_multiap_config() {
 			[ "$disable_mlo" == "1" ] || {
 				uci set wireless.$dev.mlo="1"
 				uci set wireless.$dev.mlo_capable="1"
-			}
 
-			uci commit wireless
+				# Prevent driver crash for extender - remove it after fix
+				[ "$network_mode" == "extender" -a "$mode_band" == "6" ] && {
+					uci set wireless.$dev.mlo="0"
+					uci set wireless.$dev.mlo_capable="0"
+				}
+				uci commit wireless
+
+				# Disable for MLD/MLO
+				uci set mapagent.agent.island_prevention="0"
+				uci commit mapagent
+			}
 		else
 			ifprefix="wlan%-"
 			ifname="wlan$devidx"
@@ -190,19 +199,24 @@ map_genconf () {
 			uci -q set mapagent.@controller_select[0].local=1
 		fi
 		uci -q commit mapagent
-	fi
 
-	if [ "$multiap_mode" == "agent" -o "$multiap_mode" == "none" ]; then
-		uci set mapcontroller.controller.enabled="0"
-	else
-		uci set mapcontroller.controller.enabled="1"
-		[ "$disable_mlo" == "1" ] && {
-			mapcontroller_disable_mld() {
-				uci set mapcontroller.$1.enabled='0'
+		if [ "$multiap_mode" == "agent" -o "$multiap_mode" == "none" ]; then
+			uci set mapcontroller.controller.enabled="0"
+		else
+			uci set mapcontroller.controller.enabled="1"
+			[ "$disable_mlo" == "1" ] && {
+				mapcontroller_remove_mld() {
+					uci delete mapcontroller.$1
+				}
+				mapcontroller_remove_mld_id() {
+					uci delete mapcontroller.$1.mld_id
+				}
+
+				config_load mapcontroller
+				config_foreach mapcontroller_remove_mld mld
+				config_foreach mapcontroller_remove_mld_id ap
 			}
-			config_load mapcontroller
-			config_foreach mapcontroller_disable_mld mld
-		}
+		fi
+		uci -q commit mapcontroller
 	fi
-	uci -q commit mapcontroller
 }

map-controller/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-controller
-PKG_VERSION:=6.0.0.4
+PKG_VERSION:=6.1.1.5
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=882d1d9652ad5f3853edf26ef55c4c461620d9f9
+PKG_SOURCE_VERSION:=cb27de727b787bdb58bc4bf42fdef8732cb78134
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 
 LOCAL_DEV=0

map-controller/files/etc/config/mapcontroller

@@ -40,6 +40,7 @@ config ap
 	option key '$WIFI_FH_KEY'
 	option vid '1'
 	option type 'fronthaul'
+	option mld_id '1'
 
 config ap
 	option band '5'
@@ -48,6 +49,7 @@ config ap
 	option key '$WIFI_FH_KEY'
 	option vid '1'
 	option type 'fronthaul'
+	option mld_id '1'
 
 config ap
 	option band '6'
@@ -56,6 +58,7 @@ config ap
 	option key '$WIFI_FH_KEY'
 	option vid '1'
 	option type 'fronthaul'
+	option mld_id '1'
 
 config ap
 	option band '2'
@@ -64,6 +67,7 @@ config ap
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
 	option vid '1'
+	option mld_id '2'
 
 config ap
 	option band '5'
@@ -72,6 +76,7 @@ config ap
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
 	option vid '1'
+	option mld_id '2'
 
 config ap
 	option band '6'
@@ -80,42 +85,22 @@ config ap
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
 	option vid '1'
-
-config ap
-	option band '2'
-	option ssid '$DEVICE_MANUFACTURER-$BASEMAC_ADDR-2.4GHz-MLDlink'
-	option encryption 'sae-mixed'
-	option key '$WIFI_FH_KEY'
-	option vid '1'
-	option type 'fronthaul'
-	option mld_id '1'
-
-config ap
-	option band '5'
-	option ssid '$DEVICE_MANUFACTURER-$BASEMAC_ADDR-5GHz-MLDlink'
-	option encryption 'sae-mixed'
-	option key '$WIFI_FH_KEY'
-	option vid '1'
-	option type 'fronthaul'
-	option mld_id '1'
-
-config ap
-	option band '6'
-	option ssid '$DEVICE_MANUFACTURER-$BASEMAC_ADDR-6GHz-MLDlink'
-	option encryption 'sae'
-	option key '$WIFI_FH_KEY'
-	option vid '1'
-	option type 'fronthaul'
-	option mld_id '1'
+	option mld_id '2'
 
 config mld
 	option id '1'
-	option ssid 'MAP-$BASEMAC_ADDR-MLD'
-	option encryption 'sae'
+	option ssid '$DEVICE_MANUFACTURER-$BASEMAC_ADDR'
 	option key '$WIFI_FH_KEY'
 #	option vid '1'
 	option type 'fronthaul'
 
+config mld
+	option id '2'
+	option ssid 'MAP-$BASEMAC_ADDR-BH'
+	option key '$WIFI_BH_KEY'
+#	option vid '1'
+	option type 'backhaul'
+
 # node and radio sections (per node) are auto
 # generated per Multi-AP Agent in the network
 #

mcastmngr/Makefile

@@ -6,14 +6,14 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=mcastmngr
-PKG_VERSION:=1.2.2
+PKG_VERSION:=1.2.3
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/mcastmngr.git
-PKG_SOURCE_VERSION:=fcdaa46f1c7467e82d612070ec583d8311ba2576
+PKG_SOURCE_VERSION:=117acf7a29e3a343756aab9b0ae330022892c15b
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

mcastmngr/files/common/etc/hotplug.d/ethernet/mcast.hotplug

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+[ "$LINK" = "up" -a -n "$PORT" ] || exit 0
+
+compare_mcast_snooping_interface() {
+	local interface dev running
+
+	config_get interface "$1" interface
+
+	for dev in $interface; do
+		if [ "$PORT" = "$dev" ]; then
+			running=$(ubus call service list '{"name": "mcast"}' | jsonfilter -e '@.mcast.instances')
+			if [ -z "${running}" ]; then
+				/etc/init.d/mcast start
+			else
+				ubus call uci commit '{"config":"mcast"}'
+			fi
+			exit
+		fi
+	done
+}
+
+config_load mcast
+config_foreach compare_mcast_snooping_interface "snooping"

mcastmngr/files/common/etc/hotplug.d/iface/mcast.hotplug

@@ -1,27 +1,22 @@
 #!/bin/sh
 
-[ "$ACTION" = ifup ] || exit 0
+[ "$ACTION" = "ifup" -a -n "$INTERFACE" ] || exit 0
 
 . /lib/functions/network.sh
 
-network_get_device l3device $INTERFACE
+network_get_device l3device "$INTERFACE"
 
 [ -n "$l3device" ] || exit 0
 
 compare_mcast_proxy_upstream() {
-        local upstream
-	local mode="$2"
+	local upstream dev running
 
-	if [ "$mode" == "proxy" ]; then
-		config_get upstream $1 upstream_interface
-	else
-		config_get upstream $1 interface
-	fi
+	config_get upstream "$1" upstream_interface
 
 	for dev in $upstream; do
-		if [ "$l3device" == "$dev" ]; then
+		if [ "$l3device" = "$dev" ]; then
 			running=$(ubus call service list '{"name": "mcast"}' | jsonfilter -e '@.mcast.instances')
-			if [ -z "${running}" ];then
+			if [ -z "${running}" ]; then
 				/etc/init.d/mcast start
 			else
 				ubus call uci commit '{"config":"mcast"}'
@@ -32,5 +27,4 @@ compare_mcast_proxy_upstream() {
 }
 
 config_load mcast
-config_foreach compare_mcast_proxy_upstream "proxy" "proxy"
-config_foreach compare_mcast_proxy_upstream "snooping" "snooping"
+config_foreach compare_mcast_proxy_upstream "proxy"

mcastmngr/files/linux/lib/mcast/linux.sh

@@ -117,6 +117,7 @@ config_sysfs_mcast_snooping() {
 
 	for downstream in $downstreams; do
 		if device_is_bridge "$downstream"; then
+			echo 0 > /sys/class/net/$downstream/bridge/multicast_snooping
 			echo $snooping > /sys/class/net/$downstream/bridge/multicast_snooping
 		fi
 	done
@@ -261,10 +262,6 @@ config_mcproxy_instance() {
 		downstreams=$igmp_p_down_interfaces
 		mcast_mode=$igmp_p_mode
 
-		# mcproxy reserves two multicast subscriptions for igmp router service groups
-		local mg=$(cat /proc/sys/net/ipv4/igmp_max_memberships)
-		mg=$((mg+2))
-		echo $mg > /proc/sys/net/ipv4/igmp_max_memberships
 	elif [ "$protocol" == "mld" ]; then
 		case "$version" in
 			[1-2])

obuspa/Config.in

@@ -22,6 +22,11 @@ config OBUSPA_CONTROLLER_MTP_VERIFY
 config OBUSPA_ENABLE_TEST_CONTROLLER
 	bool "Adds a test controller by default"
 	default n
+	select OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
+
+config OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
+	bool "Adds a test controller by default (local access only)"
+	default n
 
 config OBUSPA_MAX_CONTROLLERS_NUM
 	int "The maximum number of controllers to be supported"
@@ -30,4 +35,25 @@ config OBUSPA_MAX_CONTROLLERS_NUM
 	help
 	 This value must be in range of 1 to 10. (default 5)
 
+config OBUSPA_DOWNLOAD_EXTENSION
+	bool "Adds Device.LocalAgent.X_IOPSYS_EU_Download()"
+	default y
+	help
+	 Adds Device.LocalAgent.X_IOPSYS_EU_Download() operate command
+	 for local file download to cpe
+
+config OBUSPA_UPLOAD_EXTENSION
+	bool "Adds Device.LocalAgent.X_IOPSYS_EU_Upload()"
+	default y
+	help
+	 Adds Device.LocalAgent.X_IOPSYS_EU_Upload() operate command
+	 for pull a file from cpe
+
+config OBUSPA_SESSION_EXTENSION
+	bool "Adds Device.LocalAgent.X_IOPSYS_EU_Session."
+	default y
+	help
+	 Adds Device.LocalAgent.X_IOPSYS_EU_Session. object to simulate
+	 a CWMP like session
+
 endif

obuspa/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=obuspa
-PKG_VERSION:=7.0.5.23
+PKG_VERSION:=8.0.5.4
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=371d2c96d1d410b3d52cfe65505750843f2d1d6e
+PKG_SOURCE_VERSION:=eb7bddb8c0bd00b7e5d33daa9d51725309ac50b9
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -32,7 +32,9 @@ define Package/obuspa
   SUBMENU:=TRx69
   TITLE:=USP agent
   MENU:=1
-  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl
+  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl +ca-certificates \
+		+OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-ssl +OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-client-ssl \
+		+OBUSPA_ENABLE_TEST_CONTROLLER:mosquitto-auth-shadow
 endef
 
 define Package/obuspa/description
@@ -81,6 +83,18 @@ else
 CMAKE_OPTIONS += -DENABLE_WEBSOCKETS=OFF
 endif
 
+ifeq ($(CONFIG_OBUSPA_DOWNLOAD_EXTENSION),y)
+TARGET_CFLAGS += -DOBUSPA_ENABLE_DOWNLOAD_EXT
+endif
+
+ifeq ($(CONFIG_OBUSPA_UPLOAD_EXTENSION),y)
+TARGET_CFLAGS += -DOBUSPA_ENABLE_UPLOAD_EXT
+endif
+
+ifeq ($(CONFIG_OBUSPA_SESSION_EXTENSION),y)
+TARGET_CFLAGS += -DOBUSPA_ENABLE_SESSION_EXT
+endif
+
 ifdef $(CONFIG_OBUSPA_MAX_CONTROLLERS_NUM)
 TARGET_CFLAGS += -DOBUSPA_MAX_CONTROLLERS_NUM=$(CONFIG_OBUSPA_MAX_CONTROLLERS_NUM)
 endif
@@ -97,18 +111,27 @@ define Package/obuspa/install
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/etc/obuspa
+	$(INSTALL_DIR) $(1)/etc/users/roles
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
+	$(INSTALL_DIR) $(1)/etc/hotplug.d/iface
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/obuspa $(1)/usr/sbin/
 	$(INSTALL_BIN) ./files/etc/init.d/obuspa $(1)/etc/init.d/
 	$(INSTALL_DATA) ./files/etc/config/obuspa $(1)/etc/config/
-	$(INSTALL_DATA) ./files/etc/obuspa/roles.json $(1)/etc/obuspa/roles.json
+	$(INSTALL_DATA) ./files/etc/users/roles/*.json $(1)/etc/users/roles/
+	$(INSTALL_DATA) ./files/etc/obuspa/usp_utils.sh $(1)/etc/obuspa/
+	echo "$(CONFIG_BBF_VENDOR_PREFIX)" > $(1)/etc/obuspa/vendor_prefix
 	$(INSTALL_DATA) ./files/etc/obuspa/dmcaching_exclude.json $(1)/etc/obuspa/dmcaching_exclude.json
 	$(INSTALL_BIN) ./files/etc/uci-defaults/01-fix-upgrade-uci $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/02-obuspa-dhcp-option $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/60-generate-ctrust-defaults $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/obuspa-set-dhcp-option $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user
+	$(INSTALL_BIN) ./files/obuspa.hotplug $(1)/etc/hotplug.d/iface/21-obuspa
 	$(BBFDM_INSTALL_CORE_PLUGIN) ./files/etc/bbfdm/json/USPAgent.json $(1)
 ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER),y)
+	$(INSTALL_BIN) ./files/etc/uci-defaults/54-test-usp-remote $(1)/etc/uci-defaults/
+endif
+ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL),y)
 	$(INSTALL_BIN) ./files/etc/init.d/usptest $(1)/etc/init.d/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/55-test-usp-controller $(1)/etc/uci-defaults/
 endif

obuspa/files/etc/config/obuspa

@@ -5,7 +5,6 @@ config obuspa 'global'
 	option log_level '2'
 	option prototrace '0'
 	option db_file '/etc/obuspa/usp.db'
-	option role_file '/etc/obuspa/roles.json'
 	option dm_caching_exclude '/etc/obuspa/dmcaching_exclude.json'
 	#option trust_cert '/etc/obuspa/ca.pem'
 	#option client_cert '/etc/obuspa/client.pem'

obuspa/files/etc/init.d/obuspa

@@ -10,7 +10,7 @@ CONFIGURATION=obuspa
 ENV_PROFILE="/root/.profile"
 KEEP_FILE="/lib/upgrade/keep.d/obuspa"
 
-RESET_FILE="/tmp/obuspa/obuspa_param_reset.txt"
+RESET_FILE="/tmp/obuspa/fw_defaults"
 SQL_DB_FILE="/tmp/obuspa/usp.db"
 DB_DUMP="/tmp/obuspa/usp.dump_$(date +%s)"
 
@@ -19,6 +19,7 @@ INSTANCE_COUNT=0
 
 . /lib/functions/network.sh
 . /usr/share/libubox/jshn.sh
+. /etc/obuspa/usp_utils.sh
 
 global_init()
 {
@@ -76,7 +77,7 @@ db_set()
 
 dump_db()
 {
-	${PROG} -v0 -f ${SQL_DB_FILE} -c show database |awk '/^Device./ || /^Internal./ {print $1 " \"" $3 "\""}' | sort  > ${DB_DUMP}
+	${PROG} -v0 -f ${SQL_DB_FILE} -c show database |grep "^Internal.\|^Device."|sed '{s/=> /"/g;s/$/"/g}' | sort  > ${DB_DUMP}
 }
 
 # if db present then check if it matches with existing instances
@@ -147,44 +148,6 @@ update_keep()
 	fi
 }
 
-get_role_index_from_json()
-{
-	local role="$1"
-	local role_def_file="$2"
-	local num=0
-	local roles_obj
-
-	# In case of role is empty or file not present
-	if [ -z "${role}" ] || [ ! -f "${role_def_file}" ]; then
-		echo "${num}"
-		return ${num}
-	fi
-
-	json_init
-	json_load_file "${role_def_file}"
-
-	json_select roles
-	json_get_keys roles_obj
-
-	for k in ${roles_obj}; do
-		local rname
-		json_select "$k"
-		json_get_var rname name
-		json_select ..
-
-		if [ "${rname}" != "Untrusted" ] && [ "${rname}" != "full_access" ]; then
-			num=$(( num + 1 ))
-		fi
-
-		if [ "${role}" = "${rname}" ]; then
-			echo "${num}"
-			return ${num}
-		fi
-	done
-
-	return ${num}
-}
-
 validate_obuspa_section()
 {
 	uci_validate_section ${CONFIGURATION} obuspa "${1}" \
@@ -201,8 +164,7 @@ validate_obuspa_section()
 		'max_cache_time:uinteger' \
 		'ipc_timeout:uinteger' \
 		'log_dest:string' \
-		'db_file:string' \
-		'role_file:file'
+		'db_file:string'
 }
 
 validate_localagent_section()
@@ -217,12 +179,10 @@ validate_controller_section()
 		'Enable:bool:1' \
 		'EndpointID:string' \
 		'assigned_role_name:string' \
-		'AssignedRole:string' \
 		'Protocol:or("STOMP","CoAP","MQTT", "WebSocket")' \
 		'Destination:string' \
 		'Topic:string' \
 		'ParameterName:list(string)' \
-		'Reference:string' \
 		'mqtt:string' \
 		'stomp:string' \
 		'Host:string' \
@@ -230,7 +190,7 @@ validate_controller_section()
 		'Path:string' \
 		'EnableEncryption:bool' \
 		'PeriodicNotifInterval:uinteger' \
-		'SessionMode:string:Allow' \
+		'SessionMode:string' \
 		'ProvisioningCode:string'
 }
 
@@ -255,7 +215,6 @@ validate_mtp_section()
 		'Path:string' \
 		'mqtt:string' \
 		'stomp:string' \
-		'Reference:string' \
 		'PublishQoS:uinteger' \
 		'EnableEncryption:bool'
 }
@@ -319,12 +278,39 @@ update_reset_reason()
 	fi
 }
 
+get_role_index()
+{
+	local name drole
+
+	name="${1}"
+	drole="Device.LocalAgent.ControllerTrust.Role.2"
+	if [ -z "${name}" ]; then
+		log "No role name provided, use Untrusted role index 2"
+		echo "${drole}"
+		return 0
+	fi
+
+	# Get if from CTRUST file first if present, then from dbdump and then use default Untrusted role
+	if [ -f "${CTRUST_RESET_FILE}" ]; then
+		val="$(grep "Device.LocalAgent.ControllerTrust.Role.\d.Name" ${CTRUST_RESET_FILE} |grep $name)"
+		val="$(echo ${val/.Name /,}|cut -d, -f 1)"
+		echo "$val"
+	elif [ -f "${DB_DUMP}" ]; then
+		val="$(grep "Device.LocalAgent.ControllerTrust.Role.\d.Name" ${DB_DUMP} |grep $name)"
+		val="$(echo ${val/.Name /,}|cut -d, -f 1)"
+		echo "$val"
+	else
+		log "Not able to get role ${name}, use Untrusted role"
+		echo "${drole}"
+	fi
+}
+
 configure_controller()
 {
 	local EndpointID Enable 
 	local Protocol Destination
 	local Topic mqtt stomp assigned_role_name AssignedRole ParameterName ProvisioningCode
-	local Host Port Path EnableEncryption Reference SessionMode PeriodicNotifInterval
+	local Host Port Path EnableEncryption PeriodicNotifInterval
 	local dm_ref sec
 
 	sec="${1}"
@@ -346,16 +332,12 @@ configure_controller()
 	fi
 
 	dm_ref=""
-	if [ -z "${Reference}" ]; then
-		if [ "${Protocol}" = "STOMP" ]; then
-			stomp="${stomp/stomp_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
-		elif [ "${Protocol}" = "MQTT" ]; then
-			mqtt="${mqtt/mqtt_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
-		fi
-	else
-		dm_ref="${Reference}"
+	if [ "${Protocol}" = "STOMP" ]; then
+		stomp="${stomp/stomp_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
+	elif [ "${Protocol}" = "MQTT" ]; then
+		mqtt="${mqtt/mqtt_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
 	fi
 
 	db_set "${BASEPATH}.Alias" "${sec}"
@@ -370,16 +352,15 @@ configure_controller()
 		db_set "${BASEPATH}.PeriodicNotifInterval" "${PeriodicNotifInterval}"
 	fi
 
-	if [ -n "${SessionMode}" ]; then
-		db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
-	fi
+	#if [ -n "${SessionMode}" ]; then
+	#	db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
+	#fi
 
 	if [ -n "${assigned_role_name}" ]; then
 		AssignedRole=$(get_role_index "${assigned_role_name}")
-	fi
-
-	if [ -n "${AssignedRole}" ]; then
-		db_set "${BASEPATH}.AssignedRole" "${AssignedRole}"
+		if [ -n "${AssignedRole}" ]; then
+			db_set "${BASEPATH}.AssignedRole" "${AssignedRole}"
+		fi
 	fi
 
 	db_set "${BASEPATH}.MTP.1.Alias" "${sec}"
@@ -455,49 +436,6 @@ configure_subscription()
 	uci_remove obuspa "${1}"
 }
 
-check_json_load()
-{
-	local ret
-
-	ret=0
-	if [ -f "${role_def_file}" ]; then
-		json_init
-		if json_load_file "${role_def_file}" 2>&1 |grep -q Failed; then
-			log "failed to load [${role_def_file}]"
-			ret=1
-		fi
-	fi
-	json_init
-	return ${ret}
-}
-
-get_role_index()
-{
-	local role="Device.LocalAgent.ControllerTrust.Role"
-	local idx=0
-	local role_name="$1"
-	local role_def_file
-
-	role_def_file=$(uci -q get obuspa.global.role_file 2>/dev/null)
-	case "${role_name}" in
-	'full_access')
-		idx=1;
-		;;
-	'Untrusted')
-		idx=2;
-		;;
-	 *)
-		local ji=0
-
-		if check_json_load; then
-			ji=$(get_role_index_from_json "${role_name}" "${role_def_file}")
-		fi
-		idx=$(( ji + 2 )) # Add predefined roles
-	 esac
-
-	 echo "${role}.${idx}"
-}
-
 configure_challenges()
 {
 	local Enable Description role_name Role Value Retries LockoutPeriod
@@ -559,16 +497,12 @@ configure_mtp() {
 	fi
 
 	dm_ref=""
-	if [ -z "${Reference}" ]; then
-		if [ "${Protocol}" = "STOMP" ]; then
-			stomp="${stomp/stomp_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
-		elif [ "${Protocol}" = "MQTT" ]; then
-			mqtt="${mqtt/mqtt_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
-		fi
-	else
-		dm_ref="${Reference}"
+	if [ "${Protocol}" = "STOMP" ]; then
+		stomp="${stomp/stomp_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
+	elif [ "${Protocol}" = "MQTT" ]; then
+		mqtt="${mqtt/mqtt_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
 	fi
 
 	db_set "${BASEPATH}.Alias" "${sec}"
@@ -776,8 +710,8 @@ sync_db_controller()
 {
 	local cntrs copts sec pvalue protocol
 
-	copts="Enable EndpointID AssignedRole PeriodicNotifInterval"
-	popts="Destination Topic Reference Host Port Path EnableEncryption"
+	copts="Enable EndpointID PeriodicNotifInterval"
+	popts="Destination Topic Host Port Path EnableEncryption"
 
 	cntrs="$(get_instances_from_db_dump Device.LocalAgent.Controller.)"
 	for cntr in $cntrs; do
@@ -809,8 +743,7 @@ sync_db_localagent_mtp()
 	local mtps opts popts sec pvalue protocol
 
 	opts="Enable"
-	popts="ResponseTopicConfigured Destination Port Path Reference EnableEncryption PublishQoS"
-	ropts="mqtt stomp"
+	popts="ResponseTopicConfigured Destination Port Path EnableEncryption PublishQoS"
 
 	mtps="$(get_instances_from_db_dump Device.LocalAgent.MTP.)"
 	for inst in $mtps; do
@@ -833,9 +766,6 @@ sync_db_localagent_mtp()
 			pvalue="$(get_param_value_from_dump "${inst}"."${protocol}"."${param}")"
 			uci_set obuspa "${sec}" "${param}" "${pvalue}"
 		done
-		for param in ${ropts}; do
-			uci_set obuspa "${sec}" "${param}" ""
-		done
 	done
 }
 
@@ -886,6 +816,7 @@ sync_update_sec()
 	config_get _sync "${1}" _sync ""
 	if [ -z "${_sync}" ]; then
 		uci_remove obuspa "${1}"
+		log "Deleting obuspa.${1} section ..."
 	else
 		uci_remove obuspa "${1}" _sync
 	fi
@@ -966,7 +897,7 @@ reverse_update_db_with_uci()
 # Create factory reset file
 db_init()
 {
-	local reason
+	local reason role_file
 
 	reason="${1}"
 	mkdir -p /tmp/obuspa/
@@ -974,12 +905,19 @@ db_init()
 	# Load configuration
 	config_load $CONFIGURATION
 	config_get SQL_DB_FILE global db_file "/tmp/obuspa/usp.db"
+	config_get role_file global role_file ""
 
 	if [ -f "${SQL_DB_FILE}.old" ] && [ ! -f "${SQL_DB_FILE}" ]; then
 		log "Copying old db, since new db not present ..."
 		mv ${SQL_DB_FILE}.old ${SQL_DB_FILE}
 	fi
 
+	if [ -f "${role_file}" ]; then
+		configure_ctrust_role "${role_file}"
+		uci_set obuspa global role_file ""
+		uci commit ${CONFIGURATION}
+	fi
+
 	# Dump datamodel parameters from DB
 	if [ -f "${SQL_DB_FILE}" ]; then
 		dump_db
@@ -1030,7 +968,10 @@ db_init()
 		mv ${DB_DUMP} ${RESET_FILE}
 	fi
 
-	return 0;
+	if [ -f "${CTRUST_RESET_FILE}" ]; then
+		cat ${CTRUST_RESET_FILE} >> ${RESET_FILE}
+		rm ${CTRUST_RESET_FILE}
+	fi
 }
 
 start_service() {

obuspa/files/etc/obuspa/roles.json

@@ -1,724 +0,0 @@
-{
-  "roles": [
-    {
-      "name": "full_access",
-      "permission": [
-        {
-          "object": "Device.",
-          "perm": [
-            "PERMIT_ALL"
-          ]
-        }
-      ]
-    },
-    {
-      "name": "Untrusted",
-      "permission": [
-        {
-          "object": "Device.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.ProcessStatus.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.VendorConfigFile.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.VendorLogFile.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.Processor.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        }
-      ]
-    },
-    {
-      "name": "admin",
-      "permission": [
-        {
-          "object": "Device.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.Reboot()",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.SelfTestDiagnostics()",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.FactoryReset()",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Time.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.UPnP.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Bridging.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Ethernet.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.DHCPv4.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.DHCPv4.Server.Pool.{i}.StaticAddress.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.DHCPv6.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Hosts.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.{BBF_VENDOR_PREFIX}URLFilter.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.{BBF_VENDOR_PREFIX}OpenVPN.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.NAT.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.PPP.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Routing.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.IEEE1905.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.InterfaceStack.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.DynamicDNS.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.LANConfigSecurity.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Security.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.RouterAdvertisement.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Services.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.UserInterface.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.PeriodicStatistics.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.SoftwareModules.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Users.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.LocalAgent.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.LocalAgent.Subscription.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.WiFi.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.DNS.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.IP.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.SSH.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SET",
-            "PERMIT_ADD",
-            "PERMIT_DEL",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        }
-      ]
-    },
-    {
-      "name": "user",
-      "permission": [
-        {
-          "object": "Device.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.DeviceInfo.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.Hosts.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.IEEE1905.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.DynamicDNS.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object":"Device.PeriodicStatistics.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.LocalAgent.Subscription.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_ADD",
-            "PERMIT_SET",
-            "PERMIT_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.WiFi.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL"
-          ]
-        },
-        {
-          "object": "Device.WiFi.AccessPoint.{i}.WPS.InitiateWPSPBC()",
-          "perm": [
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.WiFi.DataElements.Network.SetSSID()",
-          "perm": [
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        }
-      ]
-    },
-    {
-      "name": "extender",
-      "permission": [
-        {
-          "object": "Device.",
-          "perm": [
-            "PERMIT_NONE"
-          ]
-        },
-        {
-          "object": "Device.SSH.",
-          "perm": [
-            "PERMIT_GET",
-            "PERMIT_GET_INST",
-            "PERMIT_OBJ_INFO",
-            "PERMIT_CMD_INFO",
-            "PERMIT_OPER",
-            "PERMIT_SUBS_VAL_CHANGE",
-            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        }
-      ]
-    },
-    {
-      "name": "undefined-4"
-    }
-  ]
-}

obuspa/files/etc/obuspa/usp_utils.sh

@@ -0,0 +1,217 @@
+#!/bin/sh
+
+CTRUST_RESET_FILE="/tmp/obuspa/ctrust_reset"
+VENDOR_PREFIX_FILE="/etc/obuspa/vendor_prefix"
+FW_DEFAULT_ROLE_DIR="/etc/users/roles"
+
+
+# include jshn.sh
+if [ -f "/usr/local/share/libubox/jshn.sh" ]; then
+	. /usr/local/share/libubox/jshn.sh
+else
+	. /usr/share/libubox/jshn.sh
+fi
+
+db_add()
+{
+	local param value
+
+	param="${1}"
+	shift
+	value="$*"
+
+	if [ -n "${param}" ] && [ -n "${value}" ]; then
+		echo "${param} \"${value}\"">>${CTRUST_RESET_FILE}
+	else
+		echo >>${CTRUST_RESET_FILE}
+	fi
+}
+
+get_param_permission()
+{
+	local input rinst pinst path prefix
+	local pperm operm cperm iperm
+
+	pperm="----"
+	operm="----"
+	cperm="----"
+	iperm="----"
+
+	path="${1}"
+	shift
+	rinst="${1}"
+	shift
+	pinst="${1}"
+	shift
+	input="${@}"
+
+	for p in ${input}; do
+		case ${p} in
+		PERMIT_GET)
+			pperm="r${pperm:1:4}"
+		;;
+		PERMIT_SET)
+			pperm="${pperm:0:1}w${pperm:2:4}"
+		;;
+		PERMIT_SUBS_VAL_CHANGE)
+			pperm="${pperm:0:3}n"
+		;;
+		PERMIT_OBJ_INFO)
+			operm="r${operm:1:4}"
+		;;
+		PERMIT_ADD)
+			operm="${operm:0:1}w${operm:2:4}"
+		;;
+		PERMIT_SUBS_OBJ_ADD)
+			operm="${operm:0:3}n"
+		;;
+		PERMIT_GET_INST)
+			iperm="r${iperm:1:4}"
+		;;
+		PERMIT_DEL)
+			iperm="${iperm:0:1}w${iperm:2:4}"
+		;;
+		PERMIT_SUBS_OBJ_DEL)
+			iperm="${iperm:0:3}n"
+		;;
+		PERMIT_CMD_INFO)
+			cperm="r${cperm:1:4}"
+		;;
+		PERMIT_OPER)
+			cperm="${cperm:0:2}x${cperm:3:4}"
+		;;
+		PERMIT_SUBS_EVT_OPER_COMP)
+			cperm="${cperm:0:3}n"
+		;;
+		PERMIT_NONE)
+			pperm="----"
+			iperm="----"
+			cperm="----"
+			operm="----"
+		;;
+		PERMIT_ALL)
+			pperm="rw-n"
+			iperm="rw-n"
+			operm="rw-n"
+			cperm="r-xn"
+		;;
+		esac
+	done
+
+	if [ -f "${VENDOR_PREFIX_FILE}" ]; then
+		prefix="$(cat ${VENDOR_PREFIX_FILE})"
+	else
+		prefix="X_IOPSYS_XX_"
+	fi
+
+	path="${path//\{i\}/*}"
+	path="${path//\{BBF_VENDOR_PREFIX\}/${prefix}}"
+
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Alias cpe-${pinst}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Enable 1
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Order ${pinst}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Targets ${path}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Param ${pperm}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.Obj ${operm}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.InstantiatedObj ${iperm}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Permission.${pinst}.CommandEvent ${cperm}
+}
+
+configure_permission()
+{
+	local obj inst name rinst
+
+	obj="${1}"
+	inst="${2}"
+	name="${3}"
+	rinst="${4}"
+
+	if [ -z "${inst}" ]; then
+		return 0
+	fi
+
+	json_select ${inst}
+
+	json_get_var path object
+	json_get_values perm perm
+
+	get_param_permission "${path}" "${rinst}" "${inst}" "${perm}"
+	db_add
+
+	json_select ..
+}
+
+
+configure_roles()
+{
+	local rinst rname
+
+	if [ "$#" -ne 2 ]; then
+	    echo "Illegal number of parameters"
+	    exit 1
+	fi
+
+	json_select $2
+	json_get_var rname name
+
+	if [ "${rname}" = "full_access" ]; then
+		rinst=1
+		rname="Full Access"
+	elif [ "${rname}" = "Untrusted" ]; then
+		rinst=2
+	else
+		rinst="$2"
+	fi
+
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Alias cpe-${rinst}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Enable 1
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Name ${rname}
+
+	json_for_each_item configure_permission permission "${name}" ${rinst}
+	json_select ..
+}
+
+configure_roles_dir()
+{
+	local rinst rname
+
+	if [ "$#" -ne 2 ]; then
+	    echo "Illegal number of parameters"
+	    exit 1
+	fi
+
+	rname="${1}"
+	rinst="${2}"
+
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Alias cpe-${rinst}
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Enable 1
+	db_add Device.LocalAgent.ControllerTrust.Role.${rinst}.Name ${rname}
+
+	json_for_each_item configure_permission permission "${name}" ${rinst}
+	json_select ..
+}
+
+configure_ctrust_role()
+{
+	local num
+	local roles_obj
+
+	mkdir -p /tmp/obuspa/
+	if [ -f "${1}" ]; then
+		json_init
+		json_load_file "${1}"
+		json_for_each_item configure_roles roles
+	else
+		num=3
+		for f in $(ls -1 ${FW_DEFAULT_ROLE_DIR}); do
+			echo "Loading $f ....."
+			json_init
+			json_load_file "${FW_DEFAULT_ROLE_DIR}/${f}"
+			json_select tr181
+			configure_roles_dir "${f/.json/}" "${num}"
+			num=$((num + 1))
+		done
+	fi
+}
+
+# configure_ctrust_role "${@}"

obuspa/files/etc/uci-defaults/02-obuspa-dhcp-option

@@ -1,59 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-configure_dhcp_options() {
-	local enabled inerface discovery
-	config_load obuspa
-	config_get_bool enabled global enabled 1
-	config_get interface global interface "wan"
-	config_get_bool discovery global dhcp_discovery 1
-
-	if [ "${enabled}" -eq 0 ]; then
-		return 0
-	fi
-
-	if [ "${discovery}" -eq 1 ]; then
-		network_uci_update=0
-		reqopts="$(uci -q get network."${interface}".reqopts)"
-		proto="$(uci -q get network."${interface}".proto)"
-		local req125_present=0
-
-		for ropt in $reqopts; do
-			case $ropt in
-				125) req125_present=1 ;;
-				*) ;;
-			esac
-		done
-
-		sendopts="$(uci -q get network."${interface}".sendopts)"
-		opt124="124:"
-		send124_present=0
-		for sopt in $sendopts; do
-			if [[ "$sopt" == "$opt124"* ]]; then
-				send124_present=1
-				break
-			fi
-		done
-
-		if [ "${proto}" = "dhcp" ]; then
-			if [ ${req125_present} -eq 0 ]; then
-				newreqopts="$reqopts 125"
-				uci -q set network."${interface}".reqopts="$newreqopts"
-				network_uci_update=1
-			fi
-
-			if [ ${send124_present} -eq 0 ]; then
-				newsendopts="${sendopts} 124:00:00:0D:E9:04:03:75:73:70"
-				uci -q set network."${interface}".sendopts="$newsendopts"
-				network_uci_update=1
-			fi
-		fi
-
-		if [ ${network_uci_update} -eq 1 ]; then
-			uci commit network
-		fi
-	fi
-}
-
-configure_dhcp_options

obuspa/files/etc/uci-defaults/54-test-usp-remote

@@ -0,0 +1,20 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+if [ ! -f "/etc/config/mosquitto" ]; then
+	echo "Local mosquitto broker not available"
+	return 0
+fi
+
+add_usp_test()
+{
+	uci_add mosquitto listener usptest
+	uci_set mosquitto usptest enabled 1
+	uci_set mosquitto usptest port '9001'
+	uci_set mosquitto usptest protocol 'websockets'
+	uci_set mosquitto usptest auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
+}
+
+# Install test MQTT over WS listener
+add_usp_test

obuspa/files/etc/uci-defaults/55-test-usp-controller

@@ -40,16 +40,6 @@ add_obuspa_test_controller()
 	uci_set obuspa testcontroller assigned_role_name 'full_access'
 }
 
-add_usp_test()
-{
-	uci_add mosquitto listener usptest
-	uci_set mosquitto usptest enabled 1
-	uci_set mosquitto usptest port '9001'
-	uci_set mosquitto usptest protocol 'websockets'
-	uci_set mosquitto usptest require_certificates '0'
-	uci_set mosquitto usptest auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-}
-
 add_obuspa_config()
 {
 	uci_add mosquitto listener obuspa
@@ -60,11 +50,8 @@ add_obuspa_config()
 }
 
 # Install test usp controller config
-uci_load mosquitto
-add_usp_test
 add_obuspa_config
 
-uci_load obuspa
 add_obuspa_test_mtp
 add_obuspa_test_mqtt
 add_obuspa_test_controller

obuspa/files/etc/uci-defaults/60-generate-ctrust-defaults

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /etc/obuspa/usp_utils.sh
+
+rfile="$(uci -q get obuspa.global.role_file)"
+
+# Reset the role_file if present
+if [ -n "${rfile}" ]; then
+	uci -q set obuspa.global.role_file=""
+fi
+
+configure_ctrust_role "${rfile}"
+
+exit 0

obuspa/files/etc/uci-defaults/obuspa-set-dhcp-option

@@ -0,0 +1,88 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+get_access_role()
+{
+	local mode lan_proto
+
+	lan_proto="$(uci -q get network.lan.proto)"
+
+	if [ "${lan_proto}" == "dhcp" ]; then
+		mode="extender"
+	else
+		mode="full_access"
+	fi
+
+	echo "$mode"
+}
+
+configure_dhcp_options() {
+	local enabled inerface discovery
+	config_load obuspa
+	config_get_bool enabled global enabled 1
+	config_get interface global interface
+	config_get_bool discovery global dhcp_discovery 1
+
+	if [ "${enabled}" -eq 0 ]; then
+		return 0
+	fi
+
+	if [ "${discovery}" -eq 0 ]; then
+		return 0
+	fi
+
+	if [ -z "${interface}" ]; then
+		role="$(get_access_role)"
+
+		if [ "${role}" = "extender" ]; then
+			interface="lan"
+			uci -q set obuspa.global.interface="lan"
+			uci commit obuspa
+		else
+			interface="wan"
+		fi
+	fi
+
+	network_uci_update=0
+	reqopts="$(uci -q get network."${interface}".reqopts)"
+	proto="$(uci -q get network."${interface}".proto)"
+	local req125_present=0
+
+	for ropt in $reqopts; do
+		case $ropt in
+			125) req125_present=1 ;;
+			*) ;;
+		esac
+	done
+
+	sendopts="$(uci -q get network."${interface}".sendopts)"
+	opt124="124:"
+	send124_present=0
+	for sopt in $sendopts; do
+		if [[ "$sopt" == "$opt124"* ]]; then
+			send124_present=1
+			break
+		fi
+	done
+
+	if [ "${proto}" = "dhcp" ]; then
+		if [ ${req125_present} -eq 0 ]; then
+			newreqopts="$reqopts 125"
+			uci -q set network."${interface}".reqopts="$newreqopts"
+			network_uci_update=1
+		fi
+
+		if [ ${send124_present} -eq 0 ]; then
+			newsendopts="${sendopts} 124:00:00:0D:E9:04:03:75:73:70"
+			uci -q set network."${interface}".sendopts="$newsendopts"
+			network_uci_update=1
+		fi
+	fi
+
+	if [ ${network_uci_update} -eq 1 ]; then
+		uci commit network
+	fi
+}
+
+configure_dhcp_options

obuspa/files/etc/users/roles/extender.json

@@ -0,0 +1,26 @@
+{
+  "tr181": {
+    "permission": [
+      {
+        "object": "Device.",
+        "perm": [
+          "PERMIT_NONE"
+        ]
+      },
+      {
+        "object": "Device.SSH.",
+        "perm": [
+          "PERMIT_GET",
+          "PERMIT_GET_INST",
+          "PERMIT_OBJ_INFO",
+          "PERMIT_CMD_INFO",
+          "PERMIT_OPER",
+          "PERMIT_SUBS_VAL_CHANGE",
+          "PERMIT_SUBS_OBJ_ADD",
+          "PERMIT_SUBS_OBJ_DEL",
+          "PERMIT_SUBS_EVT_OPER_COMP"
+        ]
+      }
+    ]
+  }
+}

obuspa/files/etc/users/roles/full_access.json

@@ -0,0 +1,12 @@
+{
+  "tr181": {
+    "permission": [
+      {
+        "object": "Device.",
+        "perm": [
+          "PERMIT_ALL"
+        ]
+      }
+    ]
+  }
+}

obuspa/files/obuspa.hotplug

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+get_access_role() {
+	local mode lan_proto
+
+	lan_proto="$(uci -q get network.lan.proto)"
+
+	if [ "${lan_proto}" == "dhcp" ]; then
+		mode="extender"
+	else
+		mode="full_access"
+	fi
+
+	echo "$mode"
+}
+
+config_load obuspa
+config_get_bool enable_obuspa global enabled 1
+config_get intf global interface
+
+if [ "$enable_obuspa" = "0" ]; then
+	return 0;
+fi
+
+if [ -z "${intf}" ]; then
+	role="$(get_access_role)"
+
+	if [ "${role}" = "extender" ]; then
+		intf="lan"
+	else
+		intf="wan"
+	fi
+fi
+
+[ "$ACTION" = "ifup" -a "${intf}" = "${INTERFACE}" ] && {
+	sleep 1
+	obuspa -c event Device.LocalAgent.WakeUp!
+}
+

obuspa/patches/0001-validate-controller-mtp.patch

@@ -1,22 +1,19 @@
-diff --git a/src/core/device.h b/src/core/device.h
-index 5ca0782..ee6d88c 100644
 --- a/src/core/device.h
 +++ b/src/core/device.h
-@@ -157,6 +157,9 @@ int DEVICE_CONTROLLER_Start(void);
- void DEVICE_CONTROLLER_Stop(void);
- int DEVICE_CONTROLLER_FindInstanceByEndpointId(char *endpoint_id);
- int DEVICE_CONTROLLER_QueueBinaryMessage(mtp_send_item_t *msi, char *endpoint_id, char *usp_msg_id, mtp_reply_to_t *mtp_reply_to, time_t expiry_time);
+@@ -336,6 +336,10 @@ void DEVICE_CONTROLLER_SetInheritedRole(
+ int DEVICE_CONTROLLER_CountEnabledWebsockClientConnections(void);
+ #endif
+ 
 +#ifdef OBUSPA_CONTROLLER_MTP_VERIFY
-+bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_reply_to_t *mrt);
++bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_conn_t *mpc);
 +#endif
- bool DEVICE_CONTROLLER_IsMTPConfigured(char *endpoint_id, mtp_protocol_t protocol);
- char *DEVICE_CONTROLLER_FindEndpointIdByInstance(int instance);
- char *DEVICE_CONTROLLER_FindEndpointByMTP(mtp_reply_to_t *mrt);
-diff --git a/src/core/device_controller.c b/src/core/device_controller.c
-index ae609f5..a6335f5 100644
++
+ #ifndef REMOVE_USP_BROKER
+ int DEVICE_SUBSCRIPTION_RouteNotification(Usp__Msg *usp, int instance);
+ bool DEVICE_SUBSCRIPTION_MarkVendorLayerSubs(int broker_instance, subs_notify_t notify_type, char *path, int group_id);
 --- a/src/core/device_controller.c
 +++ b/src/core/device_controller.c
-@@ -900,6 +900,78 @@ int DEVICE_CONTROLLER_QueueBinaryMessage(mtp_send_item_t *msi, char *endpoint_id
+@@ -967,6 +967,78 @@ int DEVICE_CONTROLLER_QueueBinaryMessage
      return USP_ERR_OK;
  }
  
@@ -29,12 +26,12 @@ index ae609f5..a6335f5 100644
 +** This function is used by ValidateUspRecord() to determine whether to process a received USP message
 +**
 +** \param   endpoint_id - Endpoint ID of controller that sent a USP message
-+** \param   mrt - pointer to structure specifying on which MTP the message was received
++** \param   mpc - pointer to structure specifying on which MTP the message was received
 +**
 +** \return  true if the MTP is allowed, false otherwise
 +**
 +**************************************************************************/
-+bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_reply_to_t *mrt)
++bool DEVICE_CONTROLLER_IsMTPAllowed(char *endpoint_id, mtp_conn_t *mpc)
 +{
 +    controller_t *cont = FindEnabledControllerByEndpointId(endpoint_id);
 +    controller_mtp_t *mtp;
@@ -45,18 +42,18 @@ index ae609f5..a6335f5 100644
 +        return false;
 +    }
 +
-+    mtp = FindFirstEnabledMtp(cont, mrt->protocol);
++    mtp = FindFirstEnabledMtp(cont, mpc->protocol);
 +
 +#ifdef ENABLE_WEBSOCKETS
 +    // Allow websocket server if no other MTP is configured
-+    if ((mrt->protocol == kMtpProtocol_WebSockets) && (mrt->wsserv_conn_id != INVALID))
++    if ((mpc->protocol == kMtpProtocol_WebSockets) && (mpc->ws.serv_conn_id != INVALID))
 +    {
 +        return mtp == NULL;
 +    }
 +#endif
 +
 +    // Disallow if there is no MTP configured with matching protocol
-+    if ((mtp == NULL) || (mtp->protocol != mrt->protocol))
++    if ((mtp == NULL) || (mtp->protocol != mpc->protocol))
 +    {
 +        return false;
 +    }
@@ -66,7 +63,7 @@ index ae609f5..a6335f5 100644
 +    {
 +#ifndef DISABLE_STOMP
 +        case kMtpProtocol_STOMP:
-+            return mtp->stomp_connection_instance == mrt->stomp_instance;
++            return mtp->stomp_connection_instance == mpc->stomp.instance;
 +#endif
 +
 +#ifdef ENABLE_COAP
@@ -76,12 +73,12 @@ index ae609f5..a6335f5 100644
 +
 +#ifdef ENABLE_MQTT
 +        case kMtpProtocol_MQTT:
-+            return mtp->mqtt_connection_instance == mrt->mqtt_instance;
++            return mtp->mqtt_connection_instance == mpc->mqtt.instance;
 +#endif
 +
 +#ifdef ENABLE_WEBSOCKETS
 +        case kMtpProtocol_WebSockets:
-+            return (mrt->wsclient_cont_instance == cont->instance) && (mrt->wsclient_mtp_instance == mtp->instance);
++            return (mpc->ws.client_cont_instance == cont->instance) && (mpc->ws.client_mtp_instance == mtp->instance);
 +#endif
 +        default:
 +            TERMINATE_BAD_CASE(mtp->protocol);
@@ -95,23 +92,21 @@ index ae609f5..a6335f5 100644
  /*********************************************************************//**
  **
  ** DEVICE_CONTROLLER_IsMTPConfigured
-diff --git a/src/core/msg_handler.c b/src/core/msg_handler.c
-index 8313342..a953562 100644
 --- a/src/core/msg_handler.c
 +++ b/src/core/msg_handler.c
-@@ -759,6 +759,15 @@ int ValidateUspRecord(UspRecord__Record *rec, mtp_reply_to_t *mrt)
-         return USP_ERR_RECORD_FIELD_INVALID;
-     }
+@@ -1210,6 +1210,15 @@ int ValidateUspRecord(UspRecord__Record
+     usp_service_instance = USP_BROKER_GetUspServiceInstance(rec->from_id, 0);
+ #endif
  
 +#ifdef OBUSPA_CONTROLLER_MTP_VERIFY
 +    // Exit if the controller is not allowed to use the MTP on which the message was received
-+    if (DEVICE_CONTROLLER_IsMTPAllowed(rec->from_id, mrt) == false)
++    if (DEVICE_CONTROLLER_IsMTPAllowed(rec->from_id, mtpc) == false)
 +    {
 +        USP_ERR_SetMessage("%s: Ignoring message from endpoint_id=%s (unauthorized MTP)", __FUNCTION__, rec->from_id);
 +        return USP_ERR_PERMISSION_DENIED;
 +    }
 +#endif
 +
-     // Exit if the controller is unknown
+     // Exit if the endpoint sending the message is unknown
      cur_msg_controller_instance = DEVICE_CONTROLLER_FindInstanceByEndpointId(rec->from_id);
-     if (cur_msg_controller_instance == INVALID)
+     if ((cur_msg_controller_instance == INVALID) && (usp_service_instance == INVALID))

obuspa/patches/0002-supress-group-get-error.patch

@@ -1,8 +1,6 @@
-diff --git a/src/core/cli_server.c b/src/core/cli_server.c
-index 701cbd9..103361e 100644
 --- a/src/core/cli_server.c
 +++ b/src/core/cli_server.c
-@@ -733,10 +733,6 @@ int ExecuteCli_Get(char *arg1, char *arg2, char *usage)
+@@ -785,10 +785,6 @@ int ExecuteCli_Get(char *arg1, char *arg
              USP_ASSERT(gge->value != NULL);
              SendCliResponse("%s => %s\n", gge->path, gge->value);
          }
@@ -13,37 +11,3 @@ index 701cbd9..103361e 100644
      }
  
      GROUP_GET_VECTOR_Destroy(&ggv);
-diff --git a/src/core/handle_get.c b/src/core/handle_get.c
-index e1055e0..16b9ceb 100755
---- a/src/core/handle_get.c
-+++ b/src/core/handle_get.c
-@@ -260,26 +260,16 @@ void FormPathExprResponse(int get_expr_index, char *path_expr, get_expr_info_t *
-         return;
-     }
- 
--    // If there was an error in getting any of the parameters associated with the path expression,
--    // then just add the first error, without any of the parameter values, for this path expression result
--    for (i=0; i < gi->num_entries; i++)
--    {
--        gge = &ggv->vector[gi->index + i];
--        if (gge->err_code != USP_ERR_OK)
--        {
--            (void)AddGetResp_ReqPathRes(resp, path_expr, gge->err_code, gge->err_msg);
--            return;
--        }
--    }
--
-     // If the code gets here, then the value of all parameters were retrieved successfully, so add their values to the result_params
-     req_path_result = AddGetResp_ReqPathRes(resp, path_expr, USP_ERR_OK, "");
-     for (i=0; i < gi->num_entries; i++)
-     {
-         gge = &ggv->vector[gi->index + i];
- 
--        // Simple format contains a resolved_path_result for every object (and sub object)
--        AddResolvedPathResult(req_path_result, gge->path, gge->value);
-+        if (gge->err_code == USP_ERR_OK) {
-+            // Simple format contains a resolved_path_result for every object (and sub object)
-+            AddResolvedPathResult(req_path_result, gge->path, gge->value);
-+	}
-     }
- }