icwmp: flag based enable/disable annex-f params as inform parameter

2025-12-26 12:03:44 +08:00 · 2025-12-24 18:36:59 +05:30
28 changed files with 404 additions and 9565 deletions
--- a/icwmp/Config.in
+++ b/icwmp/Config.in
@@ -19,4 +19,8 @@ config ICWMP_VENDOR_PREFIX
 config ICWMP_ENABLE_SMM_SUPPORT
 	bool "Enable software module management support"
 	default n
+
+config ICWMP_ENABLE_ANNEX_F_INFORM_PARAM
+	bool "Enable Device.Gateway. and Device.ManagementServer.ManageableDevice. as inform parameter"
+	default y
 endmenu
--- a/icwmp/Makefile
+++ b/icwmp/Makefile
@@ -90,6 +90,9 @@ define Package/icwmp/install
 	$(INSTALL_BIN) ./files/etc/uci-defaults/95-set-random-inform-time $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/85-migrate-gw-info $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/999-cwmp-conn-config $(1)/etc/uci-defaults/
+ifeq ($(CONFIG_ICWMP_ENABLE_ANNEX_F_INFORM_PARAM),y)
+	$(INSTALL_BIN) ./files/etc/uci-defaults/999-cwmp-annex-f-config $(1)/etc/uci-defaults/
+endif
 	$(INSTALL_BIN) ./files/etc/icwmpd/vendor_log.sh $(1)/etc/icwmpd/vendor_log.sh
 	$(INSTALL_BIN) ./files/etc/icwmpd/firewall.cwmp $(1)/etc/icwmpd/firewall.cwmp
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
--- a/icwmp/files/etc/uci-defaults/999-cwmp-annex-f-config
+++ b/icwmp/files/etc/uci-defaults/999-cwmp-annex-f-config
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+. /lib/functions.sh
+
+validate_inform_parameter() {
+	local section="${1}"
+	local target_param="${2}"
+	local parameter_name
+
+	config_get parameter_name "${section}" parameter_name
+	if [ "${parameter_name}" = "${target_param}" ]; then
+		return 0
+	fi
+
+	return 1
+}
+
+check_param_exists() {
+	local target_param="${1}" 
+	local found=1
+
+	check_section() {
+		local section="${1}"
+		if validate_inform_parameter "${section}" "${target_param}"; then
+			found=0
+		fi
+	}
+
+	config_foreach check_section inform_parameter
+	return "${found}"
+}
+
+configure_annex_f_inform_param() {
+	config_load cwmp
+
+	if ! check_param_exists "Device.GatewayInfo."; then
+		uci -q set cwmp.gw_info_param=inform_parameter
+		uci -q set cwmp.gw_info_param.enable='1'
+		uci -q set cwmp.gw_info_param.events_list='0 BOOTSTRAP,1 BOOT'
+		uci -q set cwmp.gw_info_param.parameter_name='Device.GatewayInfo.'
+	fi
+
+	if ! check_param_exists "Device.ManagementServer.ManageableDevice."; then
+		uci -q set cwmp.mng_dev_param=inform_parameter
+		uci -q set cwmp.mng_dev_param.enable='1'
+		uci -q set cwmp.mng_dev_param.events_list='0 BOOTSTRAP,1 BOOT'
+		uci -q set cwmp.mng_dev_param.parameter_name='Device.ManagementServer.ManageableDevice.'
+	fi
+}
+
+configure_annex_f_inform_param
--- a/netmode/README.md
+++ b/netmode/README.md
@@ -0,0 +1,109 @@
+# Creating Custom Netmodes in IOWRT
+
+This guide provides developers with detailed instructions on how to create and manage custom network modes (netmodes) in IOWRT. The `netmode` script allows for flexible network configuration, and developers can define their own modes by structuring the necessary files and scripts within the `/etc/netmodes/` directory.
+
+## Table of Contents
+1. [Overview of Netmodes](#overview-of-netmodes)
+2. [Directory Structure](#directory-structure)
+3. [Creating a Custom Netmode](#creating-a-custom-netmode)
+   - [Step 1: Pre-Execution Scripts](#step-1-pre-execution-scripts)
+   - [Step 2: UCI Configuration Files](#step-2-uci-configuration-files)
+   - [Step 3: Custom Execution Scripts](#step-3-custom-execution-scripts)
+   - [Step 4: Post-Execution Scripts](#step-4-post-execution-scripts)
+4. [Enabling and Switching Netmodes](#enabling-and-switching-netmodes)
+
+## Overview of Netmodes
+
+Netmodes in IOWRT provide a way to switch between different network configurations based on the needs of the environment. Developers can create custom netmodes by organizing scripts and configuration files in specific directories under `/etc/netmodes/<NETMODE_NAME>`.
+
+## Directory Structure
+
+A custom netmode is defined within the `/etc/netmodes/<NETMODE_NAME>` directory, which should contain the following subdirectories:
+
+- **/lib/netmode/pre/**: Generic scripts executed before the netmode-specific configurations are applied.
+- **/etc/netmodes/<NETMODE_NAME>/uci/**: Contains UCI configuration files that will be copied to `/etc/config/` during the application of the netmode.
+- **/etc/netmodes/<NETMODE_NAME>/scripts/**: Custom scripts specific to the netmode that are executed after the UCI configurations are applied.
+- **/lib/netmode/post/**: Generic scripts executed after the netmode-specific configurations are completed.
+
+## Creating a Custom Netmode
+
+To create a new netmode, follow these steps:
+
+### Step 1: Pre-Execution Scripts
+
+Scripts located in `/lib/netmode/pre/` are executed before any mode-specific actions. These are typically used for preparing the system or cleaning up configurations from the previous netmode.
+
+- **Create Pre-Execution Scripts**:
+  - Place your generic pre-execution scripts in `/lib/netmode/pre/`.
+  - Example script (`/lib/netmode/pre/cleanup.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Cleaning up old network configurations..."
+    # Add commands here
+    ```
+
+### Step 2: UCI Configuration Files
+
+The UCI configuration files stored in `/etc/netmodes/<NETMODE_NAME>/uci/` will be copied to `/etc/config/`, effectively applying the desired network configuration.
+
+- **Place UCI Config Files**:
+  - Create UCI configuration files under `/etc/netmodes/<NETMODE_NAME>/uci/`.
+  - Example (`/etc/netmodes/bridge/uci/network`):
+````bash
+config device 'br_lan'
+        option name 'br-lan'
+        option type 'bridge'
+        option multicast_to_unicast '0'
+        option bridge_empty '1'
+        list ports 'eth1'
+        list ports 'eth3'
+        list ports 'eth4'
+
+config interface 'lan'
+        option proto 'dhcp'
+        option device 'br-lan'
+        option force_link '1'
+        option reqopts '43 125'
+````
+
+### Step 3: Custom Execution Scripts
+
+After the UCI files are applied, any scripts in `/etc/netmodes/<NETMODE_NAME>/scripts/` are executed. These can be used to perform additional configuration tasks that are specific to the netmode.
+
+- **Create Custom Scripts**:
+  - Add scripts to `/etc/netmodes/<NETMODE_NAME>/scripts/`.
+  - Example (`/etc/netmodes/bridge/scripts/setup_bridge.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Setting up bridge mode..."
+    # Additional configuration commands here
+    ```
+
+### Step 4: Post-Execution Scripts
+
+Finally, the generic scripts in `/lib/netmode/post/` are executed. These scripts typically finalize the setup or perform any necessary cleanups.
+
+- **Create Post-Execution Scripts**:
+  - Place scripts in `/lib/netmode/post/`.
+  - Example script (`/lib/netmode/post/restart_services.sh`):
+    ```bash
+    #!/bin/sh
+    echo "Restarting network services..."
+    # Add commands here
+    ```
+
+## Enabling and Switching Netmodes
+
+The netmode mechanism can be enabled or disabled via the UCI configuration, and you can switch between netmodes using UCI commands.
+
+- **Enable Netmode**:
+  ```bash
+  uci set netmode.global.enabled=1
+  uci commit netmode
+    ```
+    
+- **Switch Netmode**:
+  ```bash
+  uci set netmode.global.mode='<NETMODE_NAME>'
+  uci commit netmode
+    ```
--- a/netmode/docs/ADVANCED_MODE_GUIDE.md
+++ b/netmode/docs/ADVANCED_MODE_GUIDE.md
@@ -1,901 +0,0 @@
-# Advanced Mode - Complete Configuration Guide
-
-## Table of Contents
-1. [Overview](#overview)
-2. [Interface Types](#interface-types)
-3. [Configuration Examples](#configuration-examples)
-4. [Use Case Scenarios](#use-case-scenarios)
-5. [TR-069/USP Configuration](#tr-069usp-configuration)
-6. [Troubleshooting](#troubleshooting)
-
---
-
-## Overview
-
-The **advanced** mode is a unified, flexible network configuration mode for OpenWrt/iopsys routers. It provides a single, powerful interface for configuring:
-
- **Bridge interfaces** with VLAN/QinQ support (traditional VLAN devices)
- **Bridge VLAN filtering** (modern kernel bridge features - recommended)
- **Routed interfaces** with VLAN/MACVLAN support
- **Standalone interfaces** (direct VLAN without bridge)
- **Mixed scenarios** (combine bridges and routed interfaces)
-
-### Key Features
-
- ✅ Unified configuration syntax
- ✅ Multiple interface types in one configuration
- ✅ VLAN (802.1Q) and QinQ (802.1ad) support
- ✅ Modern bridge VLAN filtering for better performance
- ✅ MACVLAN support for multi-service routing
- ✅ Per-interface port assignment
- ✅ Flexible protocol configuration (DHCP, none, static)
- ✅ UCI device name resolution (LAN1 → eth1)
- ✅ Automatic reconfiguration on parameter changes
-
-### Configuration Parameters
-
-| Parameter | Description | Example |
-|-----------|-------------|---------|
-| `interface_names` | Comma-separated interface names | `wan,iptv,mgmt` |
-| `interface_types` | Comma-separated interface types | `bridge:transparent,brvlan:wan-tagged:1499,route:vlan:100,direct:200` |
-| `ports` | Comma-separated port assignments | `ALL,LAN1-LAN2-WAN,WAN` |
-| `macaddrs` | Comma-separated MAC addresses (optional) | `BaseMACAddress,BaseMACAddressP1,AA:BB:CC:DD:EE:FF` |
-
-### How It Works
-
-When you change any configuration parameter and restart netmode:
-1. The system detects the configuration change automatically
-2. Old network configuration is cleaned up (interfaces, bridges, VLANs)
-3. System configuration is preserved (loopback, physical devices)
-4. New configuration is applied based on your parameters
-5. No manual intervention needed!
-
---
-
-## Interface Types
-
-### Bridge Types (Traditional VLAN Devices)
-
-Bridge types create L2 bridge interfaces using traditional VLAN devices (eth0.100, etc.).
-
-| Type | Syntax | Description |
-|------|--------|-------------|
-| **Transparent** | `bridge:transparent` | No VLAN tagging on any port |
-| **Tagged** | `bridge:tagged:VID` | All ports tagged with same VLAN ID |
-| **WAN-Tagged** | `bridge:wan-tagged:VID` | Only WAN port tagged, LAN ports untagged |
-| **Transparent QinQ** | `bridge:transparent-qinq:SVID` | LAN untagged, WAN single S-tag (802.1ad) |
-| **Transparent QinQ (Double)** | `bridge:transparent-qinq:CVID:SVID` | LAN untagged, WAN double-tagged (C+S) |
-| **Tagged QinQ** | `bridge:tagged-qinq:CVID:SVID` | LAN C-tagged, WAN double-tagged (C+S) |
-| **QinQ (All ports)** | `bridge:qinq:CVID:SVID` | All ports double-tagged |
-
-### Bridge VLAN Filtering Types (Modern Approach)
-
-Bridge VLAN filtering uses kernel bridge VLAN filtering instead of creating VLAN devices. **Recommended for new deployments.**
-
-| Type | Syntax | Description |
-|------|--------|-------------|
-| **Tagged** | `brvlan:tagged:VID` | All ports tagged with VLAN ID (uses bridge-vlan) |
-| **WAN-Tagged** | `brvlan:wan-tagged:VID` | WAN tagged, LAN untagged (uses bridge-vlan) |
-| **Mixed** | `brvlan:mixed:VID` | Custom tagged/untagged configuration |
-
-**See [BRIDGE_VLAN_FILTERING.md](BRIDGE_VLAN_FILTERING.md) for detailed documentation.**
-
-### Routed Types
-
-Routed types create L3 routed interfaces (with NAT/firewall).
-
-| Type | Syntax | Description |
-|------|--------|-------------|
-| **VLAN Routing** | `route:vlan:VID` | Routed interface on VLAN |
-| **MACVLAN Routing** | `route:macvlan:MAC` | MACVLAN device with custom MAC (supports macros) |
-| **VLAN + MAC Routing** | `route:vlan:VID:MAC` | Routed interface on VLAN with custom MAC |
-| **Transparent Routing** | `route:transparent` | Routed interface on base device (no VLAN) |
-
-### Standalone Types
-
-Standalone types create VLAN interfaces without bridges or routing (proto=none by default).
-
-| Type | Syntax | Description |
-|------|--------|-------------|
-| **Direct VLAN** | `direct:VID` | Standalone VLAN interface, proto=none |
-
-### Device Reference Types
-
-Device reference types allow multiple interfaces to share the same underlying device.
-
-| Type | Syntax | Description |
-|------|--------|-------------|
-| **Device Reference** | `device-ref:INTERFACE` | References the device from another interface |
-
-**Use Case**: Create separate IPv4 and IPv6 interfaces (wan and wan6) that share the same bridge or VLAN device.
-
-**Example**:
-```bash
-# wan creates bridge on VLAN 2501 with DHCP
-# wan6 shares the same br-wan device with DHCPv6
-interface_names='wan,wan6'
-interface_types='bridge:tagged:2501,device-ref:wan-dhcpv6'
-ports='WAN,WAN'
-```
-
-**Result**:
- `wan`: Creates `br-wan` bridge device on VLAN 2501, proto=dhcp
- `wan6`: Uses same `br-wan` device, proto=dhcpv6
-
-**Note**: The referenced interface must be defined before the device-ref interface in the interface_names list.
-
-### Modifiers
-
-Modifiers can be appended to any interface type:
-
-| Modifier | Effect | Example |
-|----------|--------|---------|
-| `-pppoe` | Set proto=pppoe (PPPoE authentication) | `route:vlan:101-pppoe` |
-| `-dhcpv6` | Set proto=dhcpv6 (DHCPv6 client) | `bridge:tagged:2501-dhcpv6` |
-| `-dhcp` | Set proto=dhcp (DHCP client - explicit) | `bridge:transparent-dhcp` |
-| `-static` | Set proto=static (static IP) | `bridge:transparent-static` |
-| `-none`, `-n` | Set proto=none (no IP configuration) | `bridge:tagged:100-none` or `bridge:tagged:100-n` |
-| `-iptv` | Signify that this is an iptv interface (affects firewall and mcast) | `route:vlan:200-iptv` |
-| `-inet` | Signify that this is an internet interface (affects firewall) | `route:vlan:200-inet` |
-| `-mgmt` | Signify that this is a management interface (affects firewall) | `route:vlan:200-mgmt` |
-| `-disabled`, `-d` | Create but mark as disabled | `route:vlan:200-disabled` or `route:vlan:200-d` |
-
-
-#### Notes
-
- The `-none` and `-n` modifiers are equivalent, as are `-disabled` and `-d`.
- If no protocol modifier is specified, interfaces default to `proto=dhcp`.
- Protocols and disabled can be clubbed together, and disabled should be in the last, for example: `transparent-qinq:2-n-d` will set proto as none and disable the interface, similarly other protocols can be used.
- iptv, inet and mgmt modifier can only be used with route interfaces, and they can be clubbed with disabled modifier, but disable should be in the last.
-
-#### Static IP Auto-Configuration
-
-When using the `-static` modifier with an interface named `lan`, the system automatically configures:
-
-**Network Configuration**:
- IP Address: 192.168.1.1
- Netmask: 255.255.255.0
- IPv6 Prefix: /60
-
-**DHCP Server Configuration**:
- Start: 192.168.1.100
- Limit: 150 addresses (100-250)
- Lease time: 1 hour
- DHCPv4: server
- DHCPv6: server
- Router Advertisement: server
- SLAAC: enabled
- RA flags: managed-config, other-config
-
-**Example**:
-```bash
-interface_names='lan,wan'
-interface_types='bridge:transparent-static,bridge:tagged:2501'
-ports='ALL_LAN,WAN'
-```
-
-For non-LAN interfaces with `-static`, only `proto=static` is set without additional configuration.
-
-**Note**: Direct interfaces default to `proto=none`, so `-n` is implicit.
-
-### MAC Address Assignment
-
-You can assign custom MAC addresses to interfaces using the `macaddrs` parameter. This is useful when ISPs require specific MAC addresses per service or for multi-service configurations.
-
-**Supported Formats:**
-
-| Format | Description | Example |
-|--------|-------------|---------|
-| **Explicit MAC** | Direct MAC address assignment | `AA:BB:CC:DD:EE:FF` |
-| **BaseMACAddress** | Use base MAC from `fw_printenv -n ethaddr` | `BaseMACAddress` |
-| **BaseMACAddressP1** | Base MAC + 1 | `BaseMACAddressP1` |
-| **BaseMACAddressPN** | Base MAC + N (any number) | `BaseMACAddressP5` |
-
-**Example:**
-```bash
-# If base MAC is 94:3F:0C:D5:76:00
-uci set netmode.@supported_args[3].value='BaseMACAddress,BaseMACAddressP1,AA:BB:CC:DD:EE:FF'
-# Results in:
-# Interface 1: 94:3F:0C:D5:76:00
-# Interface 2: 94:3F:0C:D5:76:01
-# Interface 3: AA:BB:CC:DD:EE:FF
-```
-
-**Note**: MAC addresses are assigned to interfaces in order. If you have 3 interfaces but only specify 2 MAC addresses, the 3rd interface will use the system default.
-
---
-
-## Configuration Examples
-
-### Example 1: Simple Transparent Bridge
-
-**Scenario**: All ports bridged together, no VLANs
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan'                    # interface_names
-uci set netmode.@supported_args[13].value='bridge:transparent'     # interface_types
-uci set netmode.@supported_args[14].value='ALL'                    # ports
-uci commit netmode
-service netmode restart
-```
-
-**Result**: Creates `br-wan` bridge with all LAN+WAN ports, proto=dhcp
-
---
-
-### Example 2: LAN-Only Bridge with Routed WAN
-
-**Scenario**: Bridge all LAN ports together, WAN as separate routed interface
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='lan,wan'
-uci set netmode.@supported_args[13].value='bridge:transparent,route:transparent'
-uci set netmode.@supported_args[14].value='ALL_LAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**: Creates `br-lan` bridge with all LAN ports only, WAN routed separately
-
---
-
-### Example 3: VLAN-Tagged Bridge (Managed Network)
-
-**Scenario**: All ports tagged with VLAN 100
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='mgmt'
-uci set netmode.@supported_args[13].value='bridge:tagged:100'
-uci set netmode.@supported_args[14].value='ALL'
-uci commit netmode
-service netmode restart
-```
-
-**Result**: Creates `br-mgmt` with all ports tagged as `.100`
-
---
-
-### Example 4: Multiple Service Bridges (VLAN Segregation)
-
-**Scenario**: Separate bridges for Internet (VLAN 100), IPTV (VLAN 200), Management (VLAN 300)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='inet,iptv,mgmt'
-uci set netmode.@supported_args[13].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
-uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `br-inet`: LAN1.100 + LAN2.100 + WAN.100, proto=none
- `br-iptv`: LAN3.200 + LAN4.200 + WAN.200, proto=none
- `br-mgmt`: WAN.300, proto=dhcp
-
---
-
-### Example 5: QinQ Configuration (Wholesale Provider)
-
-**Scenario**: Customer A on C-tag 10 S-tag 100, Customer B on C-tag 20 S-tag 100
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='customer_a,customer_b'
-uci set netmode.@supported_args[13].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n'
-uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `br-customer_a`: All ports double-tagged (100.10)
- `br-customer_b`: All ports double-tagged (100.20)
-
---
-
-### Example 6: Routed Multi-Service with Custom MAC Addresses
-
-**Scenario**: ISP requires different MAC addresses for Internet and IPTV services
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='mgmt_wan,wan,iptv_wan,lan'
-uci set netmode.@supported_args[13].value='route:macvlan:BaseMACAddressP2-mgmt,route:macvlan:BaseMACAddressP3-inet,route:macvlan:BaseMACAddressP4-iptv,bridge:transparent-static'
-uci set netmode.@supported_args[14].value='WAN,WAN,WAN,ALL_LAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `mgmt_wan`: Routed interface on WAN with base MAC + 2(58:00:32:C0:0E:42)
- `wan`: Routed interface on WAN with base MAC + 3 (58:00:32:C0:0E:43)
- `iptv_wan`: Routed interface on WAN with base MAC + 4 (58:00:32:C0:0E:44)
- `lan`: bridged interface on ALL LAN ports with base MAC (58:00:32:C0:0E:40)
-
---
-
-### Example 7: Routed Multi-Service (VLAN-based)
-
-**Scenario**: Internet on VLAN 100, IPTV on VLAN 200, Management on VLAN 300, all routed
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='mgmt_wan,wan,iptv_wan,lan'
-uci set netmode.@supported_args[13].value='route:vlan:300-mgmt,route:vlan:100-inet,route:vlan:200-iptv,bridge:transparent-static'
-uci set netmode.@supported_args[14].value='WAN,WAN,WAN,ALL_LAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `wan`: Routed on WAN.100, proto=dhcp
- `iptv`: Routed on WAN.200, proto=dhcp
- `mgmt`: Routed on WAN.300, proto=dhcp
-
---
-
-### Example 8: Routed Multi-Service (MACVLAN with Macros)
-
-**Scenario**: Internet and IPTV using MACVLAN devices with MAC address macros
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv'
-uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:BaseMACAddressP1'
-uci set netmode.@supported_args[14].value='WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `wan`: Routed on WAN with default MAC (94:3F:0C:D5:76:00)
- `iptv`: MACVLAN device on WAN with base MAC + 1 (94:3F:0C:D5:76:01)
-
-**Alternative with explicit MAC:**
-```bash
-uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:AA:BB:CC:DD:EE:FF'
-```
-
---
-
-### Example 9: Routed Multi-Service (VLAN + MACVLAN)
-
-**Scenario**: Internet on VLAN 100, IPTV on VLAN 200 with custom MAC
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv'
-uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200:AA:BB:CC:DD:EE:FF'
-uci set netmode.@supported_args[14].value='WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `wan`: Routed on WAN.100 (default MAC), proto=dhcp
- `iptv`: Routed on WAN.200 with custom MAC, proto=dhcp
-
---
-
-### Example 10: Standalone VLAN Interface (Direct)
-
-**Scenario**: WAN as standalone VLAN 2501 interface (no bridge, no routing)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan'
-uci set netmode.@supported_args[13].value='direct:2501'
-uci set netmode.@supported_args[14].value='WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**: Creates WAN.2501 interface, proto=none (no DHCP)
-
---
-
-### Example 11: Mixed Bridge and Routed Interfaces
-
-**Scenario**: IPTV bridged on VLAN 200, Internet routed on VLAN 100
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv'
-uci set netmode.@supported_args[13].value='route:vlan:100,bridge:tagged:200-n'
-uci set netmode.@supported_args[14].value='WAN,LAN1-LAN2-WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Result**:
- `wan`: Routed on WAN.100, proto=dhcp (firewall enabled)
- `br-iptv`: Bridge on LAN1.200 + LAN2.200 + WAN.200, proto=none
-
---
-
-## Use Case Scenarios
-
-### Scenario 1: ISP Triple-Play Service (Routed)
-
-**Requirement**: Internet on VLAN 100, IPTV on VLAN 200, VoIP on VLAN 300, all routed
-
-**Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv,voip'
-uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.@supported_args[14].value='WAN,WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Network Topology**:
-```
-WAN (ae_wan)
-  ├── wan (VLAN 100) - Internet - Routed
-  ├── iptv (VLAN 200) - IPTV - Routed
-  └── voip (VLAN 300) - VoIP - Routed
-```
-
---
-
-### Scenario 2: ISP Triple-Play with MACVLAN
-
-**Requirement**: Internet normal MAC, IPTV with custom MAC, VoIP with custom MAC
-
-**Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv,voip'
-uci set netmode.@supported_args[13].value='route:transparent,route:macvlan:AA:BB:CC:DD:EE:01,route:macvlan:AA:BB:CC:DD:EE:02'
-uci set netmode.@supported_args[14].value='WAN,WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
---
-
-### Scenario 3: Enterprise VLAN Segregation (Bridged)
-
-**Requirement**: Guest WiFi on VLAN 100, Corporate on VLAN 200, Management on VLAN 300, all bridged
-
-**Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='guest,corporate,mgmt'
-uci set netmode.@supported_args[13].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
-uci set netmode.@supported_args[14].value='LAN1-WAN,LAN2-LAN3-WAN,WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Network Topology**:
-```
-LAN1.100 ──┬── WAN.100 ──[ br-guest ] (proto=none)
-LAN2.200 ──┬── WAN.200 ──[ br-corporate ] (proto=none)
-LAN3.200 ──┘
-WAN.300 ────[ br-mgmt ] (proto=dhcp)
-```
-
---
-
-### Scenario 4: Wholesale QinQ Provider
-
-**Requirement**: Multiple customers on single fiber, S-tag 100, different C-tags
-
-**Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='cust_a,cust_b,cust_c'
-uci set netmode.@supported_args[13].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n,bridge:qinq:30:100-n'
-uci set netmode.@supported_args[14].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,LAN5-LAN6-WAN'
-uci commit netmode
-service netmode restart
-```
-
---
-
-### Scenario 5: Hybrid Bridge + Routed
-
-**Requirement**: Internet routed, IPTV bridged to STBs
-
-**Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv'
-uci set netmode.@supported_args[13].value='route:vlan:100,bridge:tagged:200-n'
-uci set netmode.@supported_args[14].value='WAN,LAN1-LAN2-LAN3-WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Network Topology**:
-```
-WAN.100 ─── [ wan - routed ] (NAT, firewall enabled)
-
-LAN1.200 ──┐
-LAN2.200 ──┼─ WAN.200 ──[ br-iptv ] (transparent bridge, proto=none)
-LAN3.200 ──┘
-```
-
---
-
-## Port List Specifications
-
-### Port List Syntax
-
- **`ALL`**: All LAN ports + WAN port + EXT port (resolved from UCI or board.json)
- **`ALL_LAN`**: All LAN ports only (no WAN, no EXT) - useful for LAN-only bridges
- **`LAN`**: Single LAN port (for devices with one LAN port)
- **`WAN`**: Only WAN port
- **`EXT`**: Only EXT port
- **`LAN-WAN`**: Single LAN port and WAN
- **`LAN1-LAN2-WAN`**: LAN1, LAN2, and WAN
- **`LAN1-LAN3-EXT`**: LAN1, LAN3, and EXT
- **`WAN-EXT`**: WAN and EXT ports
-
-**Note**: For devices with a single LAN port, use `LAN`. For devices with multiple LAN ports, use `LAN1-8`. The `ALL` and `ALL_LAN` macros automatically detect which configuration is present.
-
-#### Individual untagged port
-
- Suppose we have a bridge:tagged type interface, so all the ports are going to be tagged in this case. To mark any of the ports untagged individually, ":u" modifier can be used with the port, for example, to make LAN3 untagged (transparent) here: "LAN2-LAN3:u-LAN4-WAN".
-
-### Device Name Resolution
-
-Port macros (LAN, LAN1-LAN8, WAN, EXT) are automatically resolved to actual device names:
- `LAN` → `uci get network.LAN.name` → e.g., `eth1` (single LAN port devices)
- `LAN1` → `uci get network.LAN1.name` → e.g., `eth1` (multi-port devices)
- `WAN` → `uci get network.WAN.name` → e.g., `ae_wan`
- `EXT` → `uci get network.EXT.name` → e.g., `eth5`
-
-If UCI device section doesn't exist, the system falls back to board.json.
-
---
-
-## TR-069/USP Configuration
-
-### TR-181 Data Model Mapping
-
-The advanced mode uses three arguments in TR-181:
-
-1. **SupportedArguments.1** = `interface_names`
-2. **SupportedArguments.2** = `interface_types`
-3. **SupportedArguments.3** = `ports`
-
-### Example 1: Transparent Bridge via TR-069
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>bridge:transparent</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>ALL</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-### Example 2: Routed Multi-Service via TR-069
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan,iptv,mgmt</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>route:vlan:100,route:vlan:200,route:vlan:300</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>WAN,WAN,WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-### Example 3: QinQ Bridge via TR-069
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>customer_a,customer_b</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>bridge:qinq:10:100-n,bridge:qinq:20:100-n</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-LAN2-WAN,LAN3-LAN4-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
---
-
-## Troubleshooting
-
-### Issue: VLANs Not Working
-
-**Diagnosis**:
-```bash
-# Check VLAN devices created
-uci show network | grep 8021q
-
-# Check interface status
-ip link show
-ip addr show
-
-# Verify VLAN traffic
-tcpdump -i eth4 -e -n vlan
-```
-
-**Solution**:
-```bash
-# Ensure kernel module loaded
-modprobe 8021q
-lsmod | grep 8021
-
-# Check switch configuration (if applicable)
-swconfig dev switch0 show
-```
-
---
-
-### Issue: QinQ Not Working
-
-**Diagnosis**:
-```bash
-# Check for 8021ad devices
-uci show network | grep 8021ad
-
-# Verify kernel support
-modprobe 8021q
-lsmod | grep 8021
-```
-
-**Solution**:
-```bash
-# Install QinQ support
-opkg install kmod-8021q
-
-# Verify S-tag ethertype (0x88a8)
-tcpdump -i eth4 -e -n -xx vlan
-```
-
---
-
-### Issue: MACVLAN Interface Not Getting IP
-
-**Diagnosis**:
-```bash
-# Check MACVLAN device
-ip link show | grep macvlan
-
-# Check MAC address
-ip link show <interface>_macvlan | grep ether
-
-# Test DHCP
-udhcpc -i <interface>_macvlan -n
-```
-
-**Solution**:
-```bash
-# Verify passthru mode
-uci show network | grep -A5 macvlan
-
-# Ensure MAC is unique
-# Some ISPs require specific MAC format
-```
-
---
-
-### Issue: Mixed Bridge/Route Not Working
-
-**Diagnosis**:
-```bash
-# Check firewall status
-uci show firewall.globals.enabled
-
-# Verify interfaces
-ip addr show
-
-# Check routing table
-ip route show
-```
-
-**Solution**:
-Firewall is always enabled. For debugging:
-```bash
-# Temporarily disable firewall
-uci set firewall.globals.enabled='0'
-uci commit firewall
-/etc/init.d/firewall restart
-```
-
---
-
-### Issue: Port Not Added to Bridge
-
-**Diagnosis**:
-```bash
-# Check UCI device resolution
-uci get network.LAN1.name
-
-# Check bridge ports
-brctl show
-
-# Check UCI bridge configuration
-uci show network | grep -A10 "type='bridge'"
-```
-
-**Solution**:
-```bash
-# Verify device sections exist
-uci show network | grep "device="
-
-# Check board.json for defaults
-cat /etc/board.json | grep -A20 network
-```
-
---
-
-## Verification Commands
-
-### Check Configuration
-
-```bash
-# View current mode
-cat /etc/netmodes/.last_mode
-
-# View netmode configuration
-uci show netmode
-
-# View network configuration
-uci show network
-
-# View environment variables (during mode switch)
-logread | grep "Interface names:"
-```
-
-### Check Interface Status
-
-```bash
-# All interfaces
-ip addr show
-
-# Bridges
-brctl show
-bridge link show
-
-# VLAN devices
-ip -d link show type vlan
-
-# MACVLAN devices
-ip -d link show type macvlan
-```
-
-### Check Connectivity
-
-```bash
-# DHCP on interface
-udhcpc -i wan -n
-
-# Ping gateway
-ping -c 3 $(ip route | grep default | awk '{print $3}')
-
-# DNS resolution
-nslookup google.com
-
-# VLAN traffic capture
-tcpdump -i eth4 -e -n vlan
-```
-
-### Check Logs
-
-```bash
-# Netmode logs
-logread | grep netmode-advanced
-
-# Network logs
-logread | grep network
-
-# Live monitoring
-logread -f | grep -E "(netmode|network)"
-```
-
---
-
-## Migration from Old Modes
-
-### From `bridged` Mode
-
-**Old Configuration**:
-```bash
-uci set netmode.global.mode='bridged'
-uci set netmode.@supported_args[0].value='wan'
-uci set netmode.@supported_args[1].value='transparent'
-uci set netmode.@supported_args[2].value='ALL'
-```
-
-**New Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan'
-uci set netmode.@supported_args[13].value='bridge:transparent'
-uci set netmode.@supported_args[14].value='ALL'
-```
-
-**Change**: Add `bridge:` prefix to interface type.
-
---
-
-### From `routed-multi-service` Mode
-
-**Old Configuration**:
-```bash
-uci set netmode.global.mode='routed-multi-service'
-uci set netmode.@supported_args[0].value='100'  # inet_vlanid
-uci set netmode.@supported_args[2].value='200'  # iptv_vlanid
-uci set netmode.@supported_args[4].value='300'  # mgmt_vlanid
-```
-
-**New Configuration**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[12].value='wan,iptv,mgmt'
-uci set netmode.@supported_args[13].value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.@supported_args[14].value='WAN,WAN,WAN'
-```
-
-**Change**: Explicit interface names and unified syntax.
-
---
-
-## Best Practices
-
-1. **VLAN Planning**: Document all VLAN IDs before deployment
-2. **Port Assignment**: Create clear mapping of ports to services
-3. **Testing**: Test on lab environment before production
-4. **Monitoring**: Use `tcpdump` to verify VLAN tags
-5. **Firewall**: Be aware that routed interfaces enable firewall
-6. **Naming**: Use descriptive interface names (iptv, mgmt, voip)
-7. **Documentation**: Keep ISP-specific requirements documented
-8. **Backup**: Always backup configuration before major changes
-
---
-
-**Document Version**: 1.0
-**Package Version**: 1.1.11+
-**Last Updated**: 2024-12-12
-**Mode Status**: Production Ready
--- a/netmode/docs/ADVANCED_MODE_IMPLEMENTATION.md
+++ b/netmode/docs/ADVANCED_MODE_IMPLEMENTATION.md
@@ -1,567 +0,0 @@
-# Advanced Mode - Implementation Summary
-
-## Overview
-
-The **advanced** mode is a unified network configuration mode that consolidates and extends the functionality of the previous `bridged` and `routed-multi-service` modes into a single, flexible interface.
-
-## Design Rationale
-
-### Problems with Old Approach
-
-1. **Mode Fragmentation**: Separate modes for bridged and routed scenarios
-2. **Limited Flexibility**: Couldn't mix bridges and routed interfaces
-3. **Confusing Naming**: "bridged" mode actually supported standalone interfaces too
-4. **Parameter Proliferation**: routed-multi-service had 6+ parameters for just 3 services
-5. **No Scalability**: Adding new services required new parameters
-
-### New Unified Approach
-
-The advanced mode uses a **declarative, array-based configuration**:
-
-```
-interface_names:  wan,    iptv,           mgmt
-interface_types:  route:vlan:100, bridge:tagged:200, direct:300
-ports:       WAN,    LAN1-LAN2-WAN,  WAN
-```
-
-**Benefits**:
- ✅ Single mode for all scenarios
- ✅ Scalable (add N interfaces without new parameters)
- ✅ Flexible (mix bridge/route/standalone)
- ✅ Intuitive syntax
- ✅ Self-documenting configuration
-
-## Architecture
-
-### File Structure
-
-```
-netmode/
-├── files/
-│   ├── etc/netmodes/advanced/
-│   │   └── scripts/
-│   │       └── 10-advanced           # Main mode script
-│   ├── lib/netmode/
-│   │   └── advanced_helper.sh        # Helper library
-│   └── etc/netmodes/supported_modes.json
-└── docs/
-    ├── ADVANCED_MODE_GUIDE.md         # Complete guide
-    └── ADVANCED_MODE_QUICK_REFERENCE.md
-```
-
-### Components
-
-#### 1. advanced_helper.sh
-
-**Purpose**: Core library for interface creation
-
-**Key Functions**:
- `parse_interface_type()` - Parse interface type specifications
- `create_bridge()` - Create bridge interfaces with VLAN/QinQ
- `create_routed_interface()` - Create routed interfaces with VLAN/MACVLAN
- `create_standalone_interface()` - Create direct VLAN interfaces
- `parse_port_list()` - Resolve port macros to device names
- `resolve_device_name()` - Resolve LAN1/WAN to actual device names
- `cleanup_interfaces()` - Clean up all interfaces before applying new config
-
-#### 2. 10-advanced Script
-
-**Purpose**: Main mode script
-
-**Flow**:
-1. Parse environment variables (NETMODE_*)
-2. Split comma-separated values
-3. Loop through each interface
-4. Parse interface type
-5. Call appropriate creation function (bridge/route/direct)
-6. Configure multicast, DHCP, firewall
-7. Update service dependencies
-
-#### 3. supported_modes.json
-
-**Purpose**: Mode definition for UCI import
-
-**Configuration**:
-```json
-{
-  "name": "advanced",
-  "description": "Advanced Mode - Unified configuration...",
-  "supported_args": [
-    {
-      "name": "interface_names",
-      "description": "Interface names (comma-separated...)",
-      "type": "string"
-    },
-    ...
-  ]
-}
-```
-
-## Interface Type Syntax
-
-### Design Philosophy
-
-**Format**: `MODE:SUBTYPE[:PARAMS][:MODIFIERS]`
-
-Examples:
- `bridge:transparent` - Mode=bridge, Subtype=transparent
- `bridge:tagged:100` - Mode=bridge, Subtype=tagged, Param=VID
- `route:vlan:100:AA:BB:CC:DD:EE:FF` - Mode=route, Subtype=vlan, Params=VID+MAC
- `direct:2501-n` - Mode=direct, Param=VID, Modifier=proto_none
-
-### Parsing Logic
-
-The `parse_interface_type()` function:
-
-1. **Extract modifiers** (-n, -d)
-2. **Parse mode prefix** (bridge:/route:/direct:)
-3. **Parse subtype** (transparent/tagged/vlan/macvlan)
-4. **Parse parameters** (VID, SVID, MAC address)
-5. **Export to environment variables** for caller
-
-## UCI Device Resolution
-
-### Problem
-
-Port macros (LAN1, LAN2, WAN) are logical names that need to be mapped to actual hardware interfaces.
-
-### Solution
-
-```bash
-resolve_device_name() {
-    local device_id="$1"
-    local resolved_name=""
-
-    # Try UCI device section
-    resolved_name="$(uci -q get network.${device_id}.name)"
-
-    # Fallback to input
-    if [ -z "$resolved_name" ]; then
-        resolved_name="$device_id"
-    fi
-
-    echo "$resolved_name"
-}
-```
-
-**Example**:
-```
-LAN1 → uci get network.LAN1.name → eth1
-WAN  → uci get network.WAN.name  → ae_wan
-```
-
-### Port List Resolution
-
-The `parse_port_list()` function:
-
-1. **Check for "ALL"** → Resolve all LAN1-8 + WAN
-2. **Parse dash-separated** → LAN1-LAN2-WAN → resolve each
-3. **Return space-separated** → "eth1 eth2 ae_wan"
-
-## VLAN Device Creation
-
-### 802.1Q (C-tag)
-
-```bash
-create_vlan_device "eth0" "100" "8021q"
-```
-
-Creates:
-```
-config device 'eth0__100'
-    option type '8021q'
-    option enabled '1'
-    option vid '100'
-    option ifname 'eth0'
-    option name 'eth0.100'
-```
-
-### 802.1ad (S-tag)
-
-```bash
-create_vlan_device "eth0" "300" "8021ad"
-```
-
-Creates:
-```
-config device 'eth0__300'
-    option type '8021ad'
-    option enabled '1'
-    option vid '300'
-    option ifname 'eth0'
-    option name 'eth0.300'
-```
-
-### QinQ (Double Tagging)
-
-For `bridge:qinq:100:300`:
-
-```bash
-# Create S-tag first
-svlan=$(create_vlan_device "eth0" "300" "8021ad")  # eth0.300
-
-# Create C-tag on top of S-tag
-cvlan=$(create_vlan_device "$svlan" "100" "8021q")  # eth0.300.100
-```
-
-Result: `eth0.300.100` (S-tag 300, C-tag 100)
-
-## MACVLAN Device Creation
-
-For `route:macvlan:AA:BB:CC:DD:EE:FF`:
-
-```bash
-create_macvlan_device "ae_wan" "AA:BB:CC:DD:EE:FF" "iptv"
-```
-
-Creates:
-```
-config device 'iptv_macvlan'
-    option type 'macvlan'
-    option enabled '1'
-    option ifname 'ae_wan'
-    option name 'iptv_macvlan'
-    option macaddr 'AA:BB:CC:DD:EE:FF'
-    option mode 'passthru'
-```
-
-## Bridge Creation
-
-### Transparent Bridge
-
-For `bridge:transparent` with `ports='ALL'`:
-
-```bash
-create_bridge "wan" "bridge:transparent" "ALL"
-```
-
-Creates:
-```
-config interface 'wan'
-    option proto 'dhcp'
-    option device 'br-wan'
-
-config device 'br_wan'
-    option name 'br-wan'
-    option type 'bridge'
-    option bridge_empty '1'
-    list ports 'eth1'
-    list ports 'eth2'
-    list ports 'ae_wan'
-```
-
-### VLAN-Tagged Bridge
-
-For `bridge:tagged:100` with `ports='ALL'`:
-
-Creates VLAN devices on all ports first, then adds to bridge:
-```
-config device 'br_mgmt'
-    option name 'br-mgmt'
-    option type 'bridge'
-    list ports 'eth1.100'
-    list ports 'eth2.100'
-    list ports 'ae_wan.100'
-```
-
-## Routed Interface Creation
-
-For `route:vlan:100`:
-
-```bash
-create_routed_interface "wan" "vlan" "100" "" "dhcp" "ae_wan" "0"
-```
-
-Creates:
-```
-config device 'ae_wan__100'
-    option type '8021q'
-    option vid '100'
-    option ifname 'ae_wan'
-    option name 'ae_wan.100'
-
-config interface 'wan'
-    option proto 'dhcp'
-    option device 'ae_wan.100'
-```
-
-## Firewall Logic
-
-The advanced mode has **intelligent firewall handling**:
-
-```bash
-configure_firewall() {
-    local has_routed=0
-
-    # Check if ANY interface is routed
-    for if_type in $interface_types; do
-        if echo "$if_type" | grep -q "^route:"; then
-            has_routed=1
-            break
-        fi
-    done
-
-    if [ "$has_routed" = "1" ]; then
-        uci set firewall.globals.enabled="1"  # Enable for routed
-    else
-        uci set firewall.globals.enabled="0"  # Disable for bridge-only
-    fi
-}
-```
-
-**Logic**:
- If **any** interface is routed → Enable firewall
- If **all** interfaces are bridges → Disable firewall
-
-## Environment Variable Flow
-
-### Input (UCI → Environment)
-
-```bash
-# In netmode init script
-export NETMODE_interface_names="wan,iptv,mgmt"
-export NETMODE_interface_types="route:vlan:100,route:vlan:200,route:vlan:300"
-export NETMODE_ports="WAN,WAN,WAN"
-```
-
-### Parsing (Script)
-
-```bash
-# In 10-advanced script
-local interface_names="${NETMODE_interface_names:-wan}"
-local interface_types="${NETMODE_interface_types:-bridge:transparent}"
-local ports="${NETMODE_ports:-ALL}"
-
-# Split by comma
-IFS=','
-for name in $interface_names; do
-    names_arr="$names_arr $name"
-done
-```
-
-### Output (UCI Network Config)
-
-```
-config interface 'wan'
-    option proto 'dhcp'
-    option device 'ae_wan.100'
-
-config interface 'iptv'
-    option proto 'dhcp'
-    option device 'ae_wan.200'
-...
-```
-
-## Cleanup Strategy
-
-Before applying new configuration, all existing interfaces are cleaned up:
-
-```bash
-cleanup_interfaces() {
-    # Delete VLAN devices (8021q and 8021ad)
-    for vlandev_sec in $(uci show network | grep -E "\.type='(8021q|8021ad)'" ...); do
-        uci delete "$vlandev_sec"
-    done
-
-    # Delete MACVLAN devices
-    for macvlandev_sec in $(uci show network | grep "\.type='macvlan'" ...); do
-        uci delete "$macvlandev_sec"
-    done
-
-    # Delete bridge devices
-    for brdev_sec in $(uci show network | grep "\.type='bridge'" ...); do
-        uci delete "$brdev_sec"
-    done
-
-    # Delete standard interfaces
-    uci delete network.lan
-    uci delete network.wan
-    uci delete network.wan6
-}
-```
-
-This ensures a clean slate for the new configuration.
-
-## Migration Path
-
-### From bridged Mode
-
-**Before**:
-```bash
-mode='bridged'
-interface_names='wan,lan100'
-interface_types='transparent,tagged:100'
-ports='ALL,LAN1-LAN2'
-```
-
-**After**:
-```bash
-mode='advanced'
-interface_names='wan,lan100'
-interface_types='bridge:transparent,bridge:tagged:100'
-ports='ALL,LAN1-LAN2'
-```
-
-**Change**: Add `bridge:` prefix to types.
-
-### From routed-multi-service Mode
-
-**Before**:
-```bash
-mode='routed-multi-service'
-inet_vlanid='100'
-iptv_vlanid='200'
-mgmt_vlanid='300'
-```
-
-**After**:
-```bash
-mode='advanced'
-interface_names='wan,iptv,mgmt'
-interface_types='route:vlan:100,route:vlan:200,route:vlan:300'
-ports='WAN,WAN,WAN'
-```
-
-**Change**: Explicit interface names and unified syntax.
-
-## Testing Approach
-
-### Unit Testing
-
-Test individual helper functions:
-
-```bash
-# Test device resolution
-resolve_device_name "LAN1"  # Should return eth1
-
-# Test port parsing
-parse_port_list "LAN1-LAN2-WAN"  # Should return "eth1 eth2 ae_wan"
-
-# Test type parsing
-parse_interface_type "bridge:qinq:100:300-n"
-# Should set: mode=bridge, vlan_type=qinq, cvid=100, svid=300, proto=none
-```
-
-### Integration Testing
-
-Test complete scenarios:
-
-```bash
-# Test transparent bridge
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan'
-uci set netmode.@supported_args[1].value='bridge:transparent'
-uci set netmode.@supported_args[2].value='ALL'
-uci commit netmode
-service netmode restart
-
-# Verify
-brctl show | grep br-wan
-```
-
-### Validation
-
-```bash
-# Check UCI output
-uci show network
-
-# Check actual interfaces
-ip addr show
-brctl show
-ip -d link show type vlan
-
-# Check logs
-logread | grep netmode-advanced
-```
-
-## Performance Considerations
-
-### Comma Splitting Optimization
-
-The script uses efficient IFS-based splitting:
-
-```bash
-local OLD_IFS="$IFS"
-IFS=','
-for name in $interface_names; do
-    names_arr="$names_arr $name"
-done
-IFS="$OLD_IFS"
-```
-
-This is faster than using `cut` or `awk` in loops.
-
-### UCI Batching
-
-All UCI commands are batched, with a single `uci commit` at the end:
-
-```bash
-# Multiple uci set commands
-uci set ...
-uci set ...
-uci set ...
-
-# Single commit
-uci commit network
-```
-
-### Logging
-
-Logging is selective - info level for major steps, debug for details:
-
-```bash
-_log "Creating interface $idx/$total_interfaces"  # Info
-logger -s -p user.debug -t "$_log_prefix" "Adding port: $port"  # Debug
-```
-
-## Security Considerations
-
-### Input Validation
-
- VLANs IDs: 1-4094
- MAC addresses: Validated format
- Port names: Resolved through UCI (trusted source)
-
-### Privilege Separation
-
- Script runs as root (required for network config)
- No user input directly executed
- Environment variables sanitized through UCI
-
-## Future Enhancements
-
-Possible future additions:
-
-1. **Static IP support**: `route:vlan:100:static:192.168.1.1`
-2. **Port roles**: `ports='LAN1(tagged),LAN2(untagged)'`
-3. **Bridge STP**: `bridge:transparent:stp`
-4. **IPv6 specific**: `route:vlan:100:ipv6`
-5. **Validation**: Pre-flight checks for VLAN conflicts
-
-## Backward Compatibility
-
-**Status**: ⚠️ Breaking change by design
-
-The old `bridged` and `routed-multi-service` modes are **replaced** by advanced mode. This is acceptable because:
-
-1. This is the **first deployment** of advanced features
-2. No existing production deployments use old syntax
-3. Cleaner architecture without legacy baggage
-4. Documentation focuses on new syntax only
-
-## Summary
-
-The advanced mode represents a significant architectural improvement:
-
- ✅ **Unified**: One mode for all scenarios
- ✅ **Scalable**: Array-based configuration
- ✅ **Flexible**: Mix bridges, routed, standalone
- ✅ **Intuitive**: Self-documenting syntax
- ✅ **Powerful**: VLAN, QinQ, MACVLAN support
- ✅ **Clean**: No backward compatibility burden
-
---
-
-**Implementation Version**: 1.0
-**Date**: 2024-12-12
-**Status**: Production Ready
--- a/netmode/docs/ADVANCED_MODE_QUICK_REFERENCE.md
+++ b/netmode/docs/ADVANCED_MODE_QUICK_REFERENCE.md
@@ -1,313 +0,0 @@
-# Advanced Mode - Quick Reference
-
-## Interface Type Syntax
-
-### Bridge Types (Traditional VLAN Devices)
-```
-bridge:transparent              # No VLANs
-bridge:tagged:VID               # All ports tagged
-bridge:wan-tagged:VID           # Only WAN tagged
-bridge:transparent-qinq:SVID    # LAN untagged, WAN S-tag
-bridge:transparent-qinq:C:S     # LAN untagged, WAN C+S tags
-bridge:tagged-qinq:C:S          # LAN C-tag, WAN C+S tags
-bridge:qinq:C:S                 # All ports C+S tags
-```
-
-### Bridge VLAN Filtering (Modern - Recommended)
-```
-brvlan:tagged:VID               # All ports tagged (bridge-vlan)
-brvlan:wan-tagged:VID           # WAN tagged, LAN untagged (bridge-vlan)
-brvlan:mixed:VID                # Custom tagging (bridge-vlan)
-```
-
-### Routed Types
-```
-route:transparent               # No VLAN, default MAC
-route:vlan:VID                  # VLAN routing
-route:macvlan:MAC               # MACVLAN device (supports BaseMACAddress macros)
-route:vlan:VID:MAC              # VLAN + custom MAC
-```
-
-### Standalone Types
-```
-direct:VID                      # Standalone VLAN (proto=none)
-```
-
-### Device Reference Types
-```
-device-ref:INTERFACE            # Reference device from another interface
-                                # Allows multiple interfaces to share the same device
-                                # Example: wan6 sharing wan's device
-```
-
-### Modifiers
-```
-pppoe                          # proto=pppoe (PPPoE authentication)
-dhcpv6                         # proto=dhcpv6 (DHCPv6 client)
-dhcp                           # proto=dhcp (DHCP client - explicit, default if no suffix)
-static                         # proto=static (static IP configuration)
-none, -n                       # proto=none (no IP configuration)
-disabled, -d                   # disabled=1 (interface disabled)
-```
-
-**Default Protocol**: If no protocol modifier is specified, the interface defaults to `-dhcp`.
-
-**Note**: When using `-static` with interface name `lan`, the system automatically configures:
- IP: 192.168.1.1/24
- IPv6 prefix delegation: /60
- DHCP server: 192.168.1.100-250, 1h lease
- DHCPv6 and RA server enabled
-
-### MAC Address Macros
-```
-BaseMACAddress                  # Base MAC from fw_printenv -n ethaddr
-BaseMACAddressP1                # Base MAC + 1
-BaseMACAddressP2                # Base MAC + 2
-BaseMACAddressPN                # Base MAC + N
-AA:BB:CC:DD:EE:FF               # Explicit MAC address
-```
-
---
-
-## Common Configurations
-
-### 1. Transparent Bridge
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan'
-uci set netmode.@supported_args[1].value='bridge:transparent'
-uci set netmode.@supported_args[2].value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### 2. Router Mode (LAN + WAN)
-```bash
-# LAN bridge with static IP + DHCP server, WAN bridge with DHCP client
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='lan,wan'
-uci set netmode.@supported_args[1].value='bridge:transparent-static,bridge:tagged:2501'
-uci set netmode.@supported_args[2].value='ALL_LAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### 3. VLAN-Tagged Bridge
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='mgmt'
-uci set netmode.@supported_args[1].value='bridge:tagged:100'
-uci set netmode.@supported_args[2].value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### 4. Multiple Service Bridges
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='inet,iptv,mgmt'
-uci set netmode.@supported_args[1].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
-uci set netmode.@supported_args[2].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### 5. QinQ Configuration
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='customer_a,customer_b'
-uci set netmode.@supported_args[1].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n'
-uci set netmode.@supported_args[2].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### 6. Routed Multi-Service (VLAN)
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan,iptv,mgmt'
-uci set netmode.@supported_args[1].value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.@supported_args[2].value='WAN,WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### 7. Routed Multi-Service with Custom MAC Addresses
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan,iptv'
-uci set netmode.@supported_args[1].value='route:transparent,route:transparent'
-uci set netmode.@supported_args[2].value='WAN,WAN'
-uci set netmode.@supported_args[3].value='BaseMACAddress,BaseMACAddressP1'
-uci commit netmode && service netmode restart
-```
-
-### 8. IPv4 + IPv6 on Same Device (Device Reference)
-```bash
-# wan uses DHCP, wan6 uses DHCPv6 on the same bridge device
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan,wan6'
-uci set netmode.@supported_args[1].value='bridge:tagged:2501,device-ref:wan-dhcpv6'
-uci set netmode.@supported_args[2].value='WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### 9. Direct VLAN Interface
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan'
-uci set netmode.@supported_args[1].value='direct:2501'
-uci set netmode.@supported_args[2].value='WAN'
-uci commit netmode && service netmode restart
-```
-
-### 10. Hybrid (Routed + Bridged)
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv'
-uci set netmode.mode_4_supprted_args_2.value='route:vlan:100,bridge:tagged:200-n'
-uci set netmode.mode_4_supprted_args_3.value='WAN,LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-### 11. Bridge VLAN Filtering (WAN Tagged)
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1499'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN'
-uci commit netmode && service netmode restart
-```
-
-### 12. Multiple Services with Bridge VLAN Filtering
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet,tv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1499,brvlan:wan-tagged:1510-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
---
-
-## Port List Syntax
-
-| Syntax | Description |
-|--------|-------------|
-| `ALL` | All LAN + WAN + EXT ports (from UCI/board.json) |
-| `ALL_LAN` | All LAN ports only (no WAN, no EXT) |
-| `LAN` | Single LAN port (for devices with one LAN port) |
-| `WAN` | WAN port only |
-| `EXT` | EXT port only |
-| `LAN-WAN` | Single LAN port and WAN |
-| `LAN1-LAN2-WAN` | LAN1, LAN2, and WAN |
-| `LAN1-LAN3-EXT` | LAN1, LAN3, and EXT |
-| `WAN-EXT` | WAN and EXT ports |
-
-**Note**: `LAN` is used for devices with a single LAN port, while `LAN1-8` are used for devices with multiple numbered LAN ports. The system automatically detects which is present in UCI.
-
---
-
-## Verification Commands
-
-```bash
-# Check current mode
-cat /etc/netmodes/.last_mode
-
-# View configuration
-uci show netmode
-
-# View network interfaces
-ip addr show
-
-# View bridges
-brctl show
-
-# View VLAN devices
-ip -d link show type vlan
-
-# View MACVLAN devices
-ip -d link show type macvlan
-
-# View logs
-logread | grep netmode-advanced
-
-# Test DHCP
-udhcpc -i wan -n
-
-# Capture VLAN traffic
-tcpdump -i eth4 -e -n vlan
-```
-
---
-
-## Troubleshooting
-
-### Force mode reapply
-```bash
-rm /etc/netmodes/.last_mode
-service netmode restart
-```
-
-### Check for errors
-```bash
-logread | grep -E "(error|ERROR|failed|FAILED)"
-```
-
-### Verify UCI syntax
-```bash
-uci show netmode
-uci show network
-```
-
-### Reset to DHCP mode
-```bash
-uci set netmode.global.mode='routed-dhcp'
-uci commit netmode
-service netmode restart
-```
-
---
-
-## TR-181 Argument Mapping
-
-```
-Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value = interface_names
-Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value = interface_types
-Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value = ports
-Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.4.Value = macaddrs
-```
-
---
-
-## Examples by Use Case
-
-### ISP Triple-Play (VLAN-based with MAC Addresses)
-```bash
-# Internet VLAN 100, IPTV VLAN 200, VoIP VLAN 300 with different MACs
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan,iptv,voip'
-uci set netmode.@supported_args[1].value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.@supported_args[2].value='WAN,WAN,WAN'
-uci set netmode.@supported_args[3].value='BaseMACAddress,BaseMACAddressP1,BaseMACAddressP2'
-uci commit netmode && service netmode restart
-```
-
-### Enterprise Guest + Corporate Networks
-```bash
-# Guest VLAN 100, Corporate VLAN 200, Management VLAN 300
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='guest,corporate,mgmt'
-uci set netmode.@supported_args[1].value='bridge:tagged:100-n,bridge:tagged:200-n,bridge:tagged:300'
-uci set netmode.@supported_args[2].value='LAN1-WAN,LAN2-LAN3-WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### Wholesale QinQ Provider
-```bash
-# Multiple customers with different C-tags, same S-tag
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='cust_a,cust_b,cust_c'
-uci set netmode.@supported_args[1].value='bridge:qinq:10:100-n,bridge:qinq:20:100-n,bridge:qinq:30:100-n'
-uci set netmode.@supported_args[2].value='LAN1-LAN2-WAN,LAN3-LAN4-WAN,LAN5-LAN6-WAN'
-uci commit netmode && service netmode restart
-```
-
---
-
-**Version**: 1.0
-**Last Updated**: 2024-12-12
--- a/netmode/docs/BRIDGE_VLAN_FILTERING.md
+++ b/netmode/docs/BRIDGE_VLAN_FILTERING.md
@@ -1,333 +0,0 @@
-# Bridge VLAN Filtering Mode
-
-## Overview
-
-The advanced netmode now supports **bridge VLAN filtering**, a modern approach to VLAN configuration that uses the kernel's bridge VLAN filtering feature instead of creating separate VLAN devices.
-
-### Benefits
-
- **Better Performance**: No need to create multiple VLAN devices
- **Cleaner Configuration**: Single bridge with VLAN filtering instead of multiple VLAN interfaces
- **Hardware Offloading**: Better support for hardware VLAN acceleration
- **Simplified Management**: All VLANs configured in one place
-
-## Syntax
-
-Use the `brvlan:` prefix instead of `bridge:` to enable bridge VLAN filtering:
-
-| Traditional Mode | Bridge VLAN Filtering Mode |
-|------------------|---------------------------|
-| `bridge:tagged:100` | `brvlan:tagged:100` |
-| `bridge:wan-tagged:100` | `brvlan:wan-tagged:100` |
-| N/A | `brvlan:mixed:100` |
-
-## Interface Types
-
-### `brvlan:tagged:VID`
-
-All ports are tagged with the specified VLAN ID.
-
-**Example**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:tagged:1499'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
-**Resulting Configuration**:
-```
-config interface 'internet'
-    option device 'br-internet.1499'
-    option proto 'dhcp'
-
-config device br_internet
-    option name 'br-internet'
-    option type 'bridge'
-    option vlan_filtering '1'
-    list ports 'ae_wan'
-    list ports 'eth0'
-    list ports 'eth1'
-
-config bridge-vlan brvlan_1499_internet
-    option device 'br-internet'
-    option vlan '1499'
-    list ports 'ae_wan:t'
-    list ports 'eth0:t'
-    list ports 'eth1:t'
-```
-
---
-
-### `brvlan:wan-tagged:VID`
-
-WAN port is tagged, LAN ports are untagged.
-
-**Example**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='iptv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1510-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Resulting Configuration**:
-```
-config interface 'iptv'
-    option device 'br-iptv.1510'
-    option proto 'none'
-
-config device br_iptv
-    option name 'br-iptv'
-    option type 'bridge'
-    option vlan_filtering '1'
-    list ports 'ae_wan'
-    list ports 'eth0'
-    list ports 'eth1'
-
-config bridge-vlan brvlan_1510_iptv
-    option device 'br-iptv'
-    option vlan '1510'
-    list ports 'ae_wan:t'
-    list ports 'eth0:u'
-    list ports 'eth1:u'
-```
-
---
-
-### `brvlan:mixed:VID` or `brvlan:mixed:VID:TAGGED_PORTS`
-
-Custom tagged/untagged configuration with flexible port-specific tagging.
-
-**Syntax**:
- `brvlan:mixed:VID` - Default behavior: WAN tagged, LAN untagged
- `brvlan:mixed:VID:TAGGED_PORTS` - Specify which ports are tagged (e.g., `LAN1-WAN`)
-
-**Example 1: Default (WAN Tagged)**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='service'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:100'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**: WAN tagged, LAN1 and LAN2 untagged
-
-**Example 2: Custom Tagging (LAN1 and WAN Tagged)**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='corporate'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:200:LAN1-WAN'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Resulting Configuration**:
-```
-config bridge-vlan brvlan_200_corporate
-    option device 'br-corporate'
-    option vlan '200'
-    list ports 'eth0:t'      # LAN1 tagged
-    list ports 'eth1:u'      # LAN2 untagged
-    list ports 'eth2:u'      # LAN3 untagged
-    list ports 'ae_wan:t'    # WAN tagged
-```
-
-**See [BRVLAN_MIXED_MODE_EXAMPLES.md](BRVLAN_MIXED_MODE_EXAMPLES.md) for comprehensive examples.**
-
---
-
-## Comparison: Traditional vs Bridge VLAN Filtering
-
-### Traditional VLAN Device Approach (`bridge:tagged:100`)
-
-Creates separate VLAN devices for each port:
-
-```
-config device eth0_100
-    option type '8021q'
-    option vid '100'
-    option ifname 'eth0'
-    option name 'eth0.100'
-
-config device wan_100
-    option type '8021q'
-    option vid '100'
-    option ifname 'ae_wan'
-    option name 'ae_wan.100'
-
-config device br_internet
-    option type 'bridge'
-    list ports 'eth0.100'
-    list ports 'ae_wan.100'
-```
-
-### Bridge VLAN Filtering Approach (`brvlan:tagged:100`)
-
-Single bridge with VLAN filtering:
-
-```
-config device br_internet
-    option type 'bridge'
-    option vlan_filtering '1'
-    list ports 'eth0'
-    list ports 'ae_wan'
-
-config bridge-vlan brvlan_100_internet
-    option device 'br-internet'
-    option vlan '100'
-    list ports 'eth0:t'
-    list ports 'ae_wan:t'
-```
-
---
-
-## Use Cases
-
-### ISP Internet Service (VLAN 1499, WAN Tagged)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1499'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN'
-uci commit netmode && service netmode restart
-```
-
-### IPTV Service (VLAN 1510, WAN Tagged, No DHCP)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='tv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1510-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### Multiple Services (Internet + IPTV)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet,tv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1499,brvlan:wan-tagged:1510-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### Corporate Network (All Ports Tagged)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='corporate'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:tagged:100'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
---
-
-## Modifiers
-
-Bridge VLAN filtering modes support the same modifiers as traditional bridge modes:
-
-| Modifier | Effect | Example |
-|----------|--------|---------|
-| `-n` | Set proto=none (no DHCP client) | `brvlan:tagged:100-n` |
-| `-d` | Create but mark as disabled | `brvlan:wan-tagged:200-d` |
-
---
-
-## Verification
-
-### Check Bridge VLAN Configuration
-
-```bash
-# View bridge device
-uci show network | grep "vlan_filtering"
-
-# View bridge-vlan sections
-uci show network | grep "bridge-vlan"
-
-# View interface status
-ip addr show
-
-# View bridge VLAN table
-bridge vlan show
-```
-
-### Example Output
-
-```bash
-root@router:~# bridge vlan show
-port              vlan-id
-ae_wan            1499 Tagged
-eth0              1499 Untagged
-eth1              1499 Untagged
-br-internet       1499
-```
-
---
-
-## Limitations
-
-1. **No QinQ Support**: Bridge VLAN filtering does not currently support 802.1ad (QinQ) double tagging
-2. **Single VLAN per Interface**: Each bridge-vlan section defines one VLAN
-3. **Kernel Support Required**: Requires kernel with bridge VLAN filtering support
-
---
-
-## Migration from Traditional Bridge
-
-### Before (Traditional VLAN Devices)
-
-```bash
-uci set netmode.mode_4_supprted_args_2.value='bridge:wan-tagged:100'
-```
-
-### After (Bridge VLAN Filtering)
-
-```bash
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:100'
-```
-
-Simply change the prefix from `bridge:` to `brvlan:`.
-
---
-
-## Troubleshooting
-
-### Check if VLAN Filtering is Enabled
-
-```bash
-cat /sys/class/net/br-internet/bridge/vlan_filtering
-# Should output: 1
-```
-
-### View Bridge VLAN Table
-
-```bash
-bridge vlan show dev br-internet
-```
-
-### Check Kernel Support
-
-```bash
-# Check if bridge module supports vlan_filtering
-cat /sys/module/bridge/parameters/vlan_filtering
-```
-
-### Enable Debug Logging
-
-```bash
-# Monitor netmode logs
-logread -f | grep netmode-advanced
-```
-
---
-
-**Version**: 1.0
-**Last Updated**: 2025-12-12
-**Feature Status**: Production Ready
--- a/netmode/docs/BRVLAN_MIXED_MODE_EXAMPLES.md
+++ b/netmode/docs/BRVLAN_MIXED_MODE_EXAMPLES.md
@@ -1,318 +0,0 @@
-# Bridge VLAN Filtering - Mixed Mode Examples
-
-## Overview
-
-The `brvlan:mixed` mode provides flexible control over which ports are tagged vs untagged in a bridge VLAN configuration. This is useful for complex scenarios where different ports need different VLAN tagging behavior.
-
-## Syntax
-
-### Basic Mixed Mode (Default Behavior)
-```
-brvlan:mixed:VID
-```
-**Behavior**: WAN tagged, LAN ports untagged (same as `brvlan:wan-tagged:VID`)
-
-### Custom Mixed Mode (Specify Tagged Ports)
-```
-brvlan:mixed:VID:TAGGED_PORTS
-```
-**Behavior**: Ports listed in `TAGGED_PORTS` are tagged, all others are untagged
-
-**TAGGED_PORTS Format**: Same as port list specification (`LAN1-LAN2-WAN`, `WAN`, etc.)
-
---
-
-## Examples
-
-### Example 1: Basic Mixed Mode (WAN Tagged by Default)
-
-**Scenario**: Internet service where WAN needs VLAN 100, LAN ports untagged
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:100'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-```
-config interface 'internet'
-    option device 'br-internet.100'
-    option proto 'dhcp'
-
-config device br_internet
-    option name 'br-internet'
-    option type 'bridge'
-    option vlan_filtering '1'
-    list ports 'eth0'        # LAN1
-    list ports 'eth1'        # LAN2
-    list ports 'ae_wan'      # WAN
-
-config bridge-vlan brvlan_100_internet
-    option device 'br-internet'
-    option vlan '100'
-    list ports 'eth0:u'      # LAN1 untagged
-    list ports 'eth1:u'      # LAN2 untagged
-    list ports 'ae_wan:t'    # WAN tagged
-```
-
---
-
-### Example 2: Only Specific LAN Ports Tagged
-
-**Scenario**: Enterprise network where LAN1 and WAN are tagged, LAN2 and LAN3 are untagged
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='corporate'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:200:LAN1-WAN'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-```
-config interface 'corporate'
-    option device 'br-corporate.200'
-    option proto 'dhcp'
-
-config device br_corporate
-    option name 'br-corporate'
-    option type 'bridge'
-    option vlan_filtering '1'
-    list ports 'eth0'        # LAN1
-    list ports 'eth1'        # LAN2
-    list ports 'eth2'        # LAN3
-    list ports 'ae_wan'      # WAN
-
-config bridge-vlan brvlan_200_corporate
-    option device 'br-corporate'
-    option vlan '200'
-    list ports 'eth0:t'      # LAN1 tagged (specified)
-    list ports 'eth1:u'      # LAN2 untagged
-    list ports 'eth2:u'      # LAN3 untagged
-    list ports 'ae_wan:t'    # WAN tagged (specified)
-```
-
---
-
-### Example 3: All LAN Ports Tagged, WAN Untagged
-
-**Scenario**: Reverse scenario where LAN ports carry VLAN tags but WAN doesn't
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='service'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:300:LAN1-LAN2-LAN3'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-```
-config bridge-vlan brvlan_300_service
-    option device 'br-service'
-    option vlan '300'
-    list ports 'eth0:t'      # LAN1 tagged
-    list ports 'eth1:t'      # LAN2 tagged
-    list ports 'eth2:t'      # LAN3 tagged
-    list ports 'ae_wan:u'    # WAN untagged
-```
-
---
-
-### Example 4: Only WAN Tagged (Explicit)
-
-**Scenario**: Same as `wan-tagged` but using mixed mode explicitly
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='iptv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:1510:WAN-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-```
-config interface 'iptv'
-    option device 'br-iptv.1510'
-    option proto 'none'
-
-config bridge-vlan brvlan_1510_iptv
-    option device 'br-iptv'
-    option vlan '1510'
-    list ports 'eth2:u'      # LAN3 untagged
-    list ports 'eth3:u'      # LAN4 untagged
-    list ports 'ae_wan:t'    # WAN tagged
-```
-
---
-
-### Example 5: Multi-Service with Different Tagging
-
-**Scenario**: Internet with LAN1+WAN tagged, IPTV with only WAN tagged
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet,tv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:1499:LAN1-WAN,brvlan:mixed:1510:WAN-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-
-**Internet Service (VLAN 1499)**:
-```
-config bridge-vlan brvlan_1499_internet
-    option device 'br-internet'
-    option vlan '1499'
-    list ports 'eth0:t'      # LAN1 tagged
-    list ports 'eth1:u'      # LAN2 untagged
-    list ports 'ae_wan:t'    # WAN tagged
-```
-
-**TV Service (VLAN 1510)**:
-```
-config bridge-vlan brvlan_1510_tv
-    option device 'br-tv'
-    option vlan '1510'
-    list ports 'eth2:u'      # LAN3 untagged
-    list ports 'eth3:u'      # LAN4 untagged
-    list ports 'ae_wan:t'    # WAN tagged
-```
-
---
-
-### Example 6: Trunk Port Configuration
-
-**Scenario**: LAN1 as trunk port (tagged), others as access ports (untagged)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='vlan100'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:100:LAN1'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-LAN3-LAN4'
-uci commit netmode && service netmode restart
-```
-
-**Result**:
-```
-config bridge-vlan brvlan_100_vlan100
-    option device 'br-vlan100'
-    option vlan '100'
-    list ports 'eth0:t'      # LAN1 tagged (trunk port)
-    list ports 'eth1:u'      # LAN2 untagged (access port)
-    list ports 'eth2:u'      # LAN3 untagged (access port)
-    list ports 'eth3:u'      # LAN4 untagged (access port)
-```
-
---
-
-## Comparison: Mixed Mode vs Other Modes
-
-| Mode | Syntax | Tagged Ports | Untagged Ports |
-|------|--------|--------------|----------------|
-| **tagged** | `brvlan:tagged:100` | ALL | None |
-| **wan-tagged** | `brvlan:wan-tagged:100` | WAN only | All LAN |
-| **mixed (default)** | `brvlan:mixed:100` | WAN only | All LAN |
-| **mixed (custom)** | `brvlan:mixed:100:LAN1-WAN` | LAN1, WAN | All others |
-
---
-
-## Use Cases
-
-### Use Case 1: DMZ Configuration
- **LAN1**: Tagged (DMZ network with VLAN tag)
- **LAN2-4**: Untagged (local network)
- **WAN**: Tagged (ISP requirement)
-
-```bash
-brvlan:mixed:100:LAN1-WAN
-```
-
-### Use Case 2: Guest Network
- **LAN1-2**: Tagged (guest WiFi APs that handle VLANs)
- **LAN3-4**: Untagged (local devices)
- **WAN**: Untagged (local ISP connection)
-
-```bash
-brvlan:mixed:50:LAN1-LAN2
-```
-
-### Use Case 3: Managed Switch Uplink
- **LAN1**: Tagged (uplink to managed switch)
- **LAN2-4**: Untagged (end user devices)
- **WAN**: Tagged (ISP VLAN)
-
-```bash
-brvlan:mixed:200:LAN1-WAN
-```
-
---
-
-## Port Specification Reference
-
-When specifying tagged ports in mixed mode:
-
-| Specification | Resolves To | Example |
-|---------------|-------------|---------|
-| `WAN` | WAN device | `ae_wan` |
-| `LAN1` | LAN1 device from UCI | `eth0` |
-| `LAN1-LAN2` | LAN1 and LAN2 | `eth0`, `eth1` |
-| `LAN1-WAN` | LAN1 and WAN | `eth0`, `ae_wan` |
-| `ALL` | Not supported in tagged ports spec | Use `brvlan:tagged` instead |
-
---
-
-## Troubleshooting
-
-### Verify Port Tagging
-
-```bash
-# View bridge VLAN table
-bridge vlan show
-
-# Expected output shows :t (tagged) or :u (untagged)
-port              vlan-id
-eth0              100 Tagged
-eth1              100 Untagged
-ae_wan            100 Tagged
-```
-
-### Check Configuration
-
-```bash
-# View bridge-vlan sections
-uci show network | grep bridge-vlan -A5
-
-# Look for ports list with :t or :u suffixes
-```
-
-### Common Mistakes
-
-1. **Wrong Syntax**: Must use colon between VID and port spec
-   - ❌ `brvlan:mixed:100-LAN1-WAN`
-   - ✅ `brvlan:mixed:100:LAN1-WAN`
-
-2. **Using ALL**: Don't use ALL in tagged ports
-   - ❌ `brvlan:mixed:100:ALL`
-   - ✅ Use `brvlan:tagged:100` instead
-
-3. **Duplicate Ports**: Port appears in both bridge port list and tagged spec
-   - Ensure the port list in arg 3 includes all ports you reference in arg 2
-
---
-
-## Advanced: Multiple VLANs on Same Bridge
-
-While this guide focuses on single VLAN per bridge, you can create multiple bridge-vlan sections manually after netmode configuration for trunk scenarios. However, this is beyond the scope of netmode automation.
-
---
-
-**Document Version**: 1.0
-**Last Updated**: 2025-12-12
-**Feature**: Bridge VLAN Filtering Mixed Mode
--- a/netmode/docs/CONFIGURATION_SCENARIOS.md
+++ b/netmode/docs/CONFIGURATION_SCENARIOS.md
@@ -1,739 +0,0 @@
-# Advanced Mode - Configuration Scenarios
-
-Complete examples for common use cases with both UCI and TR-181 configuration methods.
-
---
-
-## Scenario 1: Simple Home Router (Transparent Bridge)
-
-**Use Case**: All ports bridged together for simple home network
-
-**Network Topology**:
-```
-All LAN ports + WAN → br-wan (no VLANs)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan'
-uci set netmode.mode_4_supprted_args_2.value='bridge:transparent'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>bridge:transparent</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>ALL</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Single bridge interface `br-wan`
- All ports untagged
- DHCP client enabled
-
---
-
-## Scenario 2: Traditional LAN Bridge with Routed WAN
-
-**Use Case**: Classic router setup with LAN bridge and separate routed WAN
-
-**Network Topology**:
-```
-All LAN ports → br-lan (bridge)
-WAN port → wan (routed interface)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='lan,wan'
-uci set netmode.mode_4_supprted_args_2.value='bridge:transparent,route:transparent'
-uci set netmode.mode_4_supprted_args_3.value='ALL_LAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>lan,wan</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>bridge:transparent,route:transparent</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>ALL_LAN,WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Bridge interface `br-lan` with all LAN ports only
- Routed interface `wan` on WAN port
- Traditional router topology
-
---
-
-## Scenario 3: ISP Internet Service (Single VLAN)
-
-**Use Case**: ISP requires VLAN 100 on WAN port for internet access
-
-**Network Topology**:
-```
-WAN.100 (tagged) + LAN1-4 (untagged) → br-internet.100
-```
-
-### UCI Configuration (Bridge VLAN Filtering - Recommended)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:100'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### UCI Configuration (Traditional VLAN Devices)
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet'
-uci set netmode.mode_4_supprted_args_2.value='bridge:wan-tagged:100'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>internet</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:wan-tagged:100</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>ALL</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- WAN port tagged with VLAN 100
- LAN ports untagged
- DHCP client enabled
-
---
-
-## Scenario 4: ISP Dual Service (Internet + IPTV)
-
-**Use Case**: ISP provides Internet on VLAN 1499 and IPTV on VLAN 1510
-
-**Network Topology**:
-```
-Internet: WAN.1499 (tagged) + LAN1-2 (untagged) → br-internet.1499
-IPTV: WAN.1510 (tagged) + LAN3-4 (untagged) → br-tv.1510
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet,tv'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:1499,brvlan:wan-tagged:1510-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>internet,tv</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:wan-tagged:1499,brvlan:wan-tagged:1510-n</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-LAN2-WAN,LAN3-LAN4-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Internet bridge on VLAN 1499 with LAN1-2
- IPTV bridge on VLAN 1510 with LAN3-4 (proto=none, no DHCP)
- Both services use WAN port with respective VLANs
-
---
-
-## Scenario 5: ISP Triple-Play (Internet + IPTV + VoIP)
-
-**Use Case**: Full triple-play service with Internet, IPTV, and VoIP
-
-**Network Topology**:
-```
-Internet: WAN.100 (tagged) + LAN1-2 (untagged) → br-internet.100
-IPTV: WAN.200 (tagged) + LAN3 (untagged) → br-tv.200
-VoIP: WAN.300 (tagged) + LAN4 (untagged) → br-voip.300
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='internet,tv,voip'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:100,brvlan:wan-tagged:200-n,brvlan:wan-tagged:300-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-WAN,LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>internet,tv,voip</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:wan-tagged:100,brvlan:wan-tagged:200-n,brvlan:wan-tagged:300-n</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-LAN2-WAN,LAN3-WAN,LAN4-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Internet on VLAN 100 with DHCP (LAN1-2)
- IPTV on VLAN 200 without DHCP (LAN3)
- VoIP on VLAN 300 without DHCP (LAN4)
-
---
-
-## Scenario 6: Routed Multi-Service (Internet + IPTV + Management)
-
-**Use Case**: Multiple routed services on different VLANs with NAT/firewall
-
-**Network Topology**:
-```
-WAN.100 → wan (routed, DHCP, firewall)
-WAN.200 → iptv (routed, DHCP, firewall)
-WAN.300 → mgmt (routed, DHCP, firewall)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv,mgmt'
-uci set netmode.mode_4_supprted_args_2.value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.mode_4_supprted_args_3.value='WAN,WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan,iptv,mgmt</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>route:vlan:100,route:vlan:200,route:vlan:300</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>WAN,WAN,WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Three separate routed interfaces
- Each with own firewall zone
- All with DHCP clients enabled
-
---
-
-## Scenario 7: Hybrid Setup (Routed Internet + Bridged IPTV)
-
-**Use Case**: Internet needs routing/NAT, but IPTV needs transparent bridge to STBs
-
-**Network Topology**:
-```
-WAN.100 → wan (routed, firewall)
-WAN.200 + LAN1-3 → br-iptv.200 (bridged, transparent)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv'
-uci set netmode.mode_4_supprted_args_2.value='route:vlan:100,brvlan:wan-tagged:200-n'
-uci set netmode.mode_4_supprted_args_3.value='WAN,LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan,iptv</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>route:vlan:100,brvlan:wan-tagged:200-n</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>WAN,LAN1-LAN2-LAN3-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- WAN interface routed with firewall
- IPTV bridged transparently to LAN ports
- Firewall enabled (because of routed interface)
-
---
-
-## Scenario 8: Corporate Network with Trunk Port
-
-**Use Case**: LAN1 is trunk port to managed switch, other ports are access ports
-
-**Network Topology**:
-```
-VLAN 200: LAN1 (tagged) + WAN (tagged) + LAN2-3 (untagged) → br-corporate.200
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='corporate'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:mixed:200:LAN1-WAN'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-LAN3-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>corporate</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:mixed:200:LAN1-WAN</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-LAN2-LAN3-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- LAN1 and WAN tagged (trunk ports)
- LAN2-3 untagged (access ports)
- All on VLAN 200
-
---
-
-## Scenario 9: Enterprise Multi-VLAN (Separate Networks)
-
-**Use Case**: Separate networks for guest, corporate, and management
-
-**Network Topology**:
-```
-Guest: WAN.100 (tagged) + LAN1 (untagged) → br-guest.100
-Corporate: WAN.200 (tagged) + LAN2-3 (untagged) → br-corporate.200
-Management: WAN.300 (tagged) + LAN4 (untagged) → br-mgmt.300
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='guest,corporate,mgmt'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:wan-tagged:100-n,brvlan:wan-tagged:200-n,brvlan:wan-tagged:300'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-WAN,LAN2-LAN3-WAN,LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>guest,corporate,mgmt</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:wan-tagged:100-n,brvlan:wan-tagged:200-n,brvlan:wan-tagged:300</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-WAN,LAN2-LAN3-WAN,LAN4-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Guest network on VLAN 100 (no DHCP)
- Corporate network on VLAN 200 (no DHCP)
- Management network on VLAN 300 (DHCP enabled)
-
---
-
-## Scenario 10: Wholesale QinQ Provider
-
-**Use Case**: Service provider supporting multiple customers with QinQ (802.1ad)
-
-**Network Topology**:
-```
-Customer A: All ports double-tagged (S-tag 100, C-tag 10)
-Customer B: All ports double-tagged (S-tag 100, C-tag 20)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='customer_a,customer_b'
-uci set netmode.mode_4_supprted_args_2.value='bridge:qinq:10:100-n,bridge:qinq:20:100-n'
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2-WAN,LAN3-LAN4-WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>customer_a,customer_b</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>bridge:qinq:10:100-n,bridge:qinq:20:100-n</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>LAN1-LAN2-WAN,LAN3-LAN4-WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- Customer A bridge with C-tag 10, S-tag 100
- Customer B bridge with C-tag 20, S-tag 100
- Both without DHCP (proto=none)
-
-**Note**: QinQ requires traditional `bridge:` mode, not available with `brvlan:` mode.
-
---
-
-## Scenario 11: MACVLAN Multi-Service (Different MAC Addresses)
-
-**Use Case**: ISP requires different MAC addresses for Internet and IPTV services
-
-**Network Topology**:
-```
-WAN (default MAC) → wan (routed)
-WAN (custom MAC) → iptv (routed)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv'
-uci set netmode.mode_4_supprted_args_2.value='route:transparent,route:macvlan:AA:BB:CC:DD:EE:FF'
-uci set netmode.mode_4_supprted_args_3.value='WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan,iptv</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>route:transparent,route:macvlan:AA:BB:CC:DD:EE:FF</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>WAN,WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- WAN interface with default MAC
- IPTV interface with custom MAC (AA:BB:CC:DD:EE:FF)
- Both routed with firewall
-
---
-
-## Scenario 12: Standalone VLAN Interface
-
-**Use Case**: WAN as standalone VLAN interface (no bridge, no routing, for custom protocols)
-
-**Network Topology**:
-```
-WAN.2501 → wan (standalone, proto=none)
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='wan'
-uci set netmode.mode_4_supprted_args_2.value='direct:2501'
-uci set netmode.mode_4_supprted_args_3.value='WAN'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>wan</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>direct:2501</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>WAN</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- WAN.2501 VLAN device created
- No bridge, no routing layer
- proto=none (manual configuration needed)
-
---
-
-## Scenario 13: All Ports Tagged (Managed Network)
-
-**Use Case**: All ports need VLAN tags for managed switch environment
-
-**Network Topology**:
-```
-VLAN 100: All ports tagged → br-mgmt.100
-```
-
-### UCI Configuration
-
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.mode_4_supprted_args_1.value='mgmt'
-uci set netmode.mode_4_supprted_args_2.value='brvlan:tagged:100'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-```
-
-### TR-181 Configuration
-
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>advanced</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.1.Value</Name>
-      <Value>mgmt</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.2.Value</Name>
-      <Value>brvlan:tagged:100</Value>
-    </ParameterValueStruct>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.SupportedModes.4.SupportedArguments.3.Value</Name>
-      <Value>ALL</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-**Result**:
- All ports (LAN + WAN) tagged with VLAN 100
- Single bridge with VLAN filtering
- DHCP client enabled
-
---
-
-## Quick Reference: Configuration Cheat Sheet
-
-### Interface Types
-
-| Type | Syntax | When to Use |
-|------|--------|-------------|
-| Transparent Bridge | `bridge:transparent` | Simple home network, no VLANs |
-| Bridge VLAN Filtering (Tagged) | `brvlan:tagged:VID` | All ports need VLAN tags, modern approach |
-| Bridge VLAN Filtering (WAN Tagged) | `brvlan:wan-tagged:VID` | ISP VLAN on WAN, LAN untagged (recommended) |
-| Bridge VLAN Filtering (Mixed) | `brvlan:mixed:VID:PORTS` | Custom trunk/access port setup |
-| Traditional Tagged Bridge | `bridge:tagged:VID` | Legacy systems, all ports tagged |
-| Traditional WAN Tagged | `bridge:wan-tagged:VID` | Legacy ISP VLAN setup |
-| QinQ Bridge | `bridge:qinq:CVID:SVID` | Wholesale provider, double tagging |
-| Routed VLAN | `route:vlan:VID` | Need routing/NAT per service |
-| Routed MACVLAN | `route:macvlan:MAC` | Different MAC per service |
-| Direct VLAN | `direct:VID` | Standalone VLAN for custom protocols |
-
-### Modifiers
-
-| Modifier | Effect | Example |
-|----------|--------|---------|
-| `-n` | Disable DHCP client (proto=none) | `brvlan:wan-tagged:100-n` |
-| `-d` | Disable interface | `route:vlan:200-d` |
-
-### Port Specifications
-
-| Syntax | Meaning |
-|--------|---------|
-| `ALL` | All LAN + WAN ports |
-| `WAN` | WAN port only |
-| `LAN1-LAN2-WAN` | LAN1, LAN2, and WAN |
-| `LAN1-LAN3` | LAN1 and LAN3 only |
-
-### MAC Address Macros
-
-| Macro | Description | Example Result |
-|-------|-------------|----------------|
-| `BaseMACAddress` | Base MAC from `fw_printenv -n ethaddr` | `94:3F:0C:D5:76:00` |
-| `BaseMACAddressP1` | Base MAC + 1 | `94:3F:0C:D5:76:01` |
-| `BaseMACAddressP2` | Base MAC + 2 | `94:3F:0C:D5:76:02` |
-| `BaseMACAddressPN` | Base MAC + N | `BaseMACAddressP5` → `94:3F:0C:D5:76:05` |
-| Explicit MAC | Direct assignment | `AA:BB:CC:DD:EE:FF` |
-
---
-
-**Document Version**: 1.0
-**Last Updated**: 2025-12-12
--- a/netmode/docs/DEVELOPER_GUIDE.md
+++ b/netmode/docs/DEVELOPER_GUIDE.md
--- a/netmode/docs/IMPLEMENTATION_GUIDE.md
+++ b/netmode/docs/IMPLEMENTATION_GUIDE.md
--- a/netmode/docs/README.md
+++ b/netmode/docs/README.md
@@ -1,422 +0,0 @@
-# Netmode - Network Mode Switching for OpenWrt/iopsys
-
-**Version**: 1.1.11
-**License**: GPL-2.0-only
-**Maintainer**: iopsys
-
-## Overview
-
-Netmode is a network configuration management package for OpenWrt/iopsys-based routers that enables seamless switching between different WAN connection types. It provides a unified interface for managing network modes including DHCP, PPPoE, Static IP, and Bridge configurations.
-
-### Key Features
-
- **Simple Mode Switching**: Change WAN connection type with a single command
- **Multiple Mode Support**: DHCP, PPPoE, Static IP, and Bridged mode
- **Automatic Configuration**: Handles network, firewall, DHCP, and multicast settings
- **TR-069/USP Integration**: Remote management via BBF data model
- **Extensible Architecture**: Easy to add custom network modes
- **Safe Transitions**: Proper cleanup and validation during mode switches
-
-## Quick Start
-
-### Installation
-
-```bash
-# Install via opkg
-opkg update
-opkg install netmode
-
-# Or build from source
-make package/feeds/iopsys/netmode/compile
-```
-
-### Basic Usage
-
-```bash
-# Check current mode
-cat /etc/netmodes/.last_mode
-
-# Switch to DHCP mode
-uci set netmode.global.mode='routed-dhcp'
-uci commit netmode
-service netmode restart
-
-# Switch to PPPoE mode
-uci set netmode.global.mode='routed-pppoe'
-uci set netmode.@supported_args[2].value='username@isp.com'
-uci set netmode.@supported_args[3].value='password'
-uci commit netmode
-service netmode restart
-```
-
-## Supported Modes
-
-| Mode | Description | Use Case |
-|------|-------------|----------|
-| **routed-dhcp** | Router with DHCP WAN | Cable/Fiber internet with automatic IP |
-| **routed-pppoe** | Router with PPPoE WAN | DSL internet with authentication |
-| **routed-static** | Router with Static IP WAN | Business connections with fixed IP |
-| **advanced** ⭐ | **Unified Advanced Mode** | Bridges, routed interfaces, VLAN, QinQ, MACVLAN - all in one |
-
-### Advanced Mode (v1.1.11+) - Recommended
-
-The **advanced** mode is a unified, powerful configuration mode that replaces both `bridged` and `routed-multi-service` modes. It supports:
-
-✅ **Bridge interfaces** with VLAN/QinQ support (traditional VLAN devices)
-✅ **Bridge VLAN filtering** (modern kernel bridge VLAN filtering - **recommended**)
-✅ **Routed interfaces** with VLAN/MACVLAN support
-✅ **Standalone VLAN interfaces** (direct, no bridge)
-✅ **Mixed scenarios** (combine bridges and routed interfaces)
-✅ **Flexible configuration** with single, intuitive syntax
-✅ **MAC address assignment** with macros (BaseMACAddress, BaseMACAddressPNN)
-✅ **Comprehensive validation** with helpful error messages
-
-**Quick Example - Triple-Play Service**:
-```bash
-uci set netmode.global.mode='advanced'
-uci set netmode.@supported_args[0].value='wan,iptv,mgmt'
-uci set netmode.@supported_args[1].value='route:vlan:100,route:vlan:200,route:vlan:300'
-uci set netmode.@supported_args[2].value='WAN,WAN,WAN'
-uci commit netmode && service netmode restart
-```
-
-See **[ADVANCED_MODE_GUIDE.md](ADVANCED_MODE_GUIDE.md)** for complete documentation.
-
-## Documentation
-
-Comprehensive documentation is available in the following guides:
-
-### For Users
- **[ADVANCED_MODE_GUIDE.md](ADVANCED_MODE_GUIDE.md)** ⭐ - **Complete advanced mode guide** (RECOMMENDED)
-  - All interface types (bridge, routed, standalone)
-  - VLAN, QinQ, MACVLAN configurations
-  - Bridge VLAN filtering (modern approach)
-  - Real-world use case scenarios
-  - TR-069/USP examples
-  - Troubleshooting
- **[BRIDGE_VLAN_FILTERING.md](BRIDGE_VLAN_FILTERING.md)** 🆕 - **Bridge VLAN filtering guide**
-  - Modern bridge VLAN filtering feature
-  - Syntax and configuration examples
-  - Performance benefits
-  - Migration from traditional VLAN devices
- **[ADVANCED_MODE_QUICK_REFERENCE.md](ADVANCED_MODE_QUICK_REFERENCE.md)** - Quick reference for advanced mode
- **[CONFIGURATION_SCENARIOS.md](CONFIGURATION_SCENARIOS.md)** - Real-world configuration examples with UCI and TR-181
- **[VALIDATION_AND_ERROR_HANDLING.md](VALIDATION_AND_ERROR_HANDLING.md)** 🆕 - **Validation and error handling guide**
-  - Input validation rules
-  - Error messages and troubleshooting
-  - Common validation errors
-  - Testing validation
- **[USER_GUIDE.md](USER_GUIDE.md)** - User guide for basic modes (DHCP, PPPoE, Static)
-  - Getting started
-  - Mode descriptions
-  - Common use cases
-  - FAQ
-
-### For Developers
- **[DEVELOPER_GUIDE.md](DEVELOPER_GUIDE.md)** - Developer documentation
-  - Development environment setup
-  - Code organization
-  - API reference
-  - Testing framework
-  - Contributing guidelines
-
-### For Implementers
- **[IMPLEMENTATION_GUIDE.md](IMPLEMENTATION_GUIDE.md)** - Implementation details
-  - Architecture overview
-  - Creating custom modes
-  - Environment variables
-  - Hook system
-  - Data model integration
-
-## Architecture
-
-```
-┌─────────────────────────────────────────┐
-│         Netmode System                   │
-├─────────────────────────────────────────┤
-│  UCI Config → Init Service → Mode Scripts│
-│       ↓             ↓              ↓     │
-│  Environment    Pre-hooks      UCI Copy │
-│   Variables       ↓              ↓       │
-│       ↓       Mode Scripts   Post-hooks │
-│       └──────────┴────────────┘         │
-│              Network Reconfiguration     │
-└─────────────────────────────────────────┘
-```
-
-### Components
-
- **Init Service** (`/etc/init.d/netmode`): Orchestrates mode switching
- **Mode Scripts** (`/etc/netmodes/<mode>/scripts/`): Mode-specific configuration
- **UCI Config** (`/etc/config/netmode`): Mode definitions and parameters
- **Data Model** (`datamodel.json`): BBF TR-181 integration
- **Hooks** (`/lib/netmode/{pre,post}/`): Pre/post mode switch scripts
-
-## Configuration Examples
-
-### DHCP with VLAN
-
-```bash
-uci set netmode.global.mode='routed-dhcp'
-uci set netmode.@supported_args[0].value='100'  # VLAN ID
-uci commit netmode
-service netmode restart
-```
-
-### PPPoE with Custom DNS
-
-```bash
-uci set netmode.global.mode='routed-pppoe'
-uci set netmode.@supported_args[2].value='user@isp.com'
-uci set netmode.@supported_args[3].value='password123'
-uci set netmode.@supported_args[6].value='8.8.8.8,8.8.4.4'
-uci commit netmode
-service netmode restart
-```
-
-### Static IP Business Connection
-
-```bash
-uci set netmode.global.mode='routed-static'
-uci set netmode.@supported_args[6].value='203.0.113.10'
-uci set netmode.@supported_args[7].value='255.255.255.0'
-uci set netmode.@supported_args[8].value='203.0.113.1'
-uci commit netmode
-service netmode restart
-```
-
-## Creating Custom Modes
-
-Custom network modes can be added by following these steps:
-
-1. **Create mode directory structure**:
-   ```bash
-   mkdir -p /etc/netmodes/my-mode/scripts
-   ```
-
-2. **Define mode in supported_modes.json**:
-   ```json
-   {
-     "name": "my-mode",
-     "description": "My Custom Mode",
-     "supported_args": [...]
-   }
-   ```
-
-3. **Create mode script**:
-   ```bash
-   cat > /etc/netmodes/my-mode/scripts/10-my-mode << 'EOF'
-   #!/bin/sh
-   # Configuration logic here
-   EOF
-   chmod +x /etc/netmodes/my-mode/scripts/10-my-mode
-   ```
-
-4. **Import to UCI and test**:
-   ```bash
-   sh /etc/uci-defaults/40_netmode_populated_supported_modes
-   uci set netmode.global.mode='my-mode'
-   service netmode restart
-   ```
-
-See [IMPLEMENTATION_GUIDE.md](IMPLEMENTATION_GUIDE.md#creating-a-new-network-mode) for detailed instructions.
-
-## TR-069/USP Integration
-
-Netmode exposes a BBF TR-181 data model for remote management:
-
-**Data Model Path**: `Device.X_IOWRT_EU_NetMode.`
-
-```
-Device.X_IOWRT_EU_NetMode.
-├── Enable (boolean, r/w)
-├── Mode (string, r/w)
-├── SupportedModesNumberOfEntries (unsignedInt, r)
-└── SupportedModes.{i}.
-    ├── Name (string, r)
-    ├── Description (string, r)
-    └── SupportedArguments.{i}.
-        ├── Name (string, r)
-        ├── Type (string, r)
-        ├── Required (boolean, r)
-        └── Value (string, r/w)
-```
-
-Example TR-069 operation:
-```xml
-<SetParameterValues>
-  <ParameterList>
-    <ParameterValueStruct>
-      <Name>Device.X_IOWRT_EU_NetMode.Mode</Name>
-      <Value>routed-dhcp</Value>
-    </ParameterValueStruct>
-  </ParameterList>
-</SetParameterValues>
-```
-
-## System Requirements
-
- **Platform**: OpenWrt/iopsys
- **Dependencies**:
-  - `dm-service` (BBF data model service)
-  - `uci`
-  - `procd`
-  - `libubox` (jshn)
- **Recommended**:
-  - `logread` for monitoring
-  - `firewall`, `odhcpd`, `mcast` for full functionality
-
-## File Structure
-
-```
-netmode/
-├── Makefile                          # Package build definition
-├── README.md                         # This file
-├── IMPLEMENTATION_GUIDE.md           # Implementation guide
-├── DEVELOPER_GUIDE.md                # Developer documentation
-├── USER_GUIDE.md                     # User documentation
-├── bbfdm_service.json                # BBF service registration
-└── files/
-    ├── etc/
-    │   ├── config/netmode            # UCI configuration
-    │   ├── init.d/netmode            # Init script (START=11)
-    │   ├── uci-defaults/             # First-boot scripts
-    │   └── netmodes/
-    │       ├── supported_modes.json  # Mode definitions
-    │       ├── routed-dhcp/scripts/
-    │       ├── routed-pppoe/scripts/
-    │       ├── routed-static/scripts/
-    │       └── bridged/scripts/
-    └── lib/
-        ├── netmode/
-        │   ├── pre/                  # Pre-switch hooks
-        │   └── post/                 # Post-switch hooks
-        └── upgrade/keep.d/netmode    # Sysupgrade preservation
-```
-
-## Troubleshooting
-
-### Mode Not Switching
-
-```bash
-# Check if enabled
-uci get netmode.global.enabled
-
-# Check logs
-logread | grep netmode
-
-# Force mode change
-rm /etc/netmodes/.last_mode
-service netmode restart
-```
-
-### No Internet After Switch
-
-```bash
-# Verify mode applied
-cat /etc/netmodes/.last_mode
-
-# Check WAN status
-ifconfig wan
-ip route
-
-# Restart network
-/etc/init.d/network restart
-```
-
-### PPPoE Authentication Failed
-
-```bash
-# Check credentials
-uci show network.wan | grep -E "username|password"
-
-# Check logs
-logread | grep ppp
-
-# Verify VLAN if required
-uci get network.wan.device
-```
-
-See [USER_GUIDE.md](USER_GUIDE.md#troubleshooting) for comprehensive troubleshooting.
-
-## Development
-
-### Building
-
-```bash
-# Clone repository
-cd feeds/iopsys/netmode
-
-# Build package
-make package/feeds/iopsys/netmode/compile V=s
-
-# Install on device
-scp bin/packages/*/iopsys/netmode_*.ipk root@192.168.1.1:/tmp/
-ssh root@192.168.1.1 "opkg install /tmp/netmode_*.ipk"
-```
-
-### Testing
-
-```bash
-# Run mode switch test
-./test-mode-switch.sh routed-dhcp
-
-# Monitor logs
-logread -f | grep netmode
-
-# Verify configuration
-uci show network
-cat /etc/netmodes/.last_mode
-```
-
-### Contributing
-
-Contributions are welcome! Please follow these steps:
-
-1. Fork the repository
-2. Create a feature branch
-3. Make your changes
-4. Test thoroughly on target hardware
-5. Update documentation
-6. Submit a pull request
-
-See [DEVELOPER_GUIDE.md](DEVELOPER_GUIDE.md#contributing-guidelines) for detailed guidelines.
-
-## License
-
-This project is licensed under the GNU General Public License v2.0 only.
-
-See `/LICENSE` for more information.
-
-## Support
-
- **Documentation**: See guides in this repository
- **Issues**: Contact iopsys development team
- **Community**: OpenWrt and iopsys forums
-
-## Changelog
-
-### Version 1.1.11
- Current stable release
- Support for DHCP, PPPoE, Static IP, and Bridge modes
- BBF TR-181 data model integration
- Comprehensive documentation
-
-## Acknowledgments
-
- OpenWrt project for the underlying platform
- iopsys for development and maintenance
- Contributors and testers
-
-## Related Projects
-
- [OpenWrt](https://openwrt.org/) - Linux operating system for embedded devices
- [iopsys](https://www.iopsys.eu/) - Broadband device management
- [BBF](https://www.broadband-forum.org/) - Broadband Forum standards
-
---
-
-**For detailed information, please refer to the specific guides:**
- Users: [USER_GUIDE.md](USER_GUIDE.md)
- Developers: [DEVELOPER_GUIDE.md](DEVELOPER_GUIDE.md)
- Implementers: [IMPLEMENTATION_GUIDE.md](IMPLEMENTATION_GUIDE.md)
--- a/netmode/docs/USER_GUIDE.md
+++ b/netmode/docs/USER_GUIDE.md
@@ -1,887 +0,0 @@
-# Netmode User Guide
-
-## Table of Contents
-1. [Introduction](#introduction)
-2. [Getting Started](#getting-started)
-3. [Available Network Modes](#available-network-modes)
-4. [Configuration Methods](#configuration-methods)
-5. [Common Use Cases](#common-use-cases)
-6. [Troubleshooting](#troubleshooting)
-7. [FAQ](#faq)
-8. [Glossary](#glossary)
-
---
-
-## Introduction
-
-### What is Netmode?
-
-Netmode is a network configuration management system for iopsys-based routers that allows you to easily switch between different WAN (Wide Area Network) connection types without manual configuration.
-
-### Why Use Netmode?
-
- **Simplicity**: Switch network modes with a single command
- **Flexibility**: Support for multiple WAN connection types
- **Consistency**: Ensures proper configuration of all related network services
- **Remote Management**: Can be controlled via TR-069/USP protocols
- **Safety**: Automatically handles complex network reconfigurations
-
-### Supported Connection Types
-
- **DHCP**: Automatic IP configuration (most common for cable/fiber connections)
- **PPPoE**: Username/password authentication (common for DSL connections)
- **Static IP**: Manual IP configuration (business connections)
- **Bridged Mode**: Bridge/modem mode (disable routing)
-
---
-
-## Getting Started
-
-### Checking if Netmode is Installed
-
-```bash
-# Check if netmode package is installed
-opkg list-installed | grep netmode
-
-# Check netmode service status
-service netmode status
-```
-
-Expected output:
-```
-netmode - 1.1.11-1 - Network Modes and Utils
-```
-
-### Checking Current Mode
-
-```bash
-# View current configuration
-uci show netmode.global
-
-# Check active mode
-cat /etc/netmodes/.last_mode
-```
-
-Example output:
-```
-netmode.global=netmode
-netmode.global.enabled='1'
-netmode.global.mode='routed-dhcp'
-```
-
-### Viewing Available Modes
-
-```bash
-# List all supported modes
-uci show netmode | grep "supported_modes.*name"
-```
-
-Example output:
-```
-netmode.@supported_modes[0].name='routed-dhcp'
-netmode.@supported_modes[1].name='routed-pppoe'
-netmode.@supported_modes[2].name='routed-static'
-netmode.@supported_modes[3].name='bridged'
-```
-
---
-
-## Available Network Modes
-
-### 1. Routed DHCP Mode
-
-**Mode Name**: `routed-dhcp`
-
-**When to Use**:
- Cable internet connection
- Fiber internet connection
- Any ISP that automatically provides IP configuration
-
-**Features**:
- Automatic IP address assignment
- Built-in router (NAT)
- Firewall enabled
- DHCP server for local devices
- IPv4 and IPv6 support
-
-**Configuration Parameters**:
- `vlanid` (optional): VLAN ID if required by ISP
- `dns_servers` (optional): Custom DNS servers (comma-separated)
-
-**Example Configuration**:
-```bash
-# Basic DHCP mode
-uci set netmode.global.mode='routed-dhcp'
-uci commit netmode
-service netmode restart
-
-# DHCP with VLAN ID 100
-uci set netmode.global.mode='routed-dhcp'
-# Find VLAN argument and set value
-uci set netmode.@supported_args[0].value='100'
-uci commit netmode
-service netmode restart
-```
-
---
-
-### 2. Routed PPPoE Mode
-
-**Mode Name**: `routed-pppoe`
-
-**When to Use**:
- DSL internet connection
- ISP requires username and password authentication
- Connection uses PPPoE protocol
-
-**Features**:
- Username/password authentication
- Built-in router (NAT)
- Firewall enabled
- DHCP server for local devices
- Automatic MTU optimization
-
-**Required Parameters**:
- `username`: PPPoE username (provided by ISP)
- `password`: PPPoE password (provided by ISP)
-
-**Optional Parameters**:
- `vlanid`: VLAN ID if required by ISP
- `mtu`: Maximum transmission unit (default: 1492 for PPPoE)
- `dns_servers`: Custom DNS servers (comma-separated)
-
-**Example Configuration**:
-```bash
-# Set mode
-uci set netmode.global.mode='routed-pppoe'
-
-# Set username (find correct argument index)
-uci set netmode.@supported_args[2].value='myuser@isp.com'
-
-# Set password
-uci set netmode.@supported_args[3].value='mypassword'
-
-# Optional: Set VLAN
-uci set netmode.@supported_args[4].value='100'
-
-# Optional: Set MTU
-uci set netmode.@supported_args[5].value='1492'
-
-# Apply configuration
-uci commit netmode
-service netmode restart
-```
-
-**Important Notes**:
- Device will reboot after configuration
- Keep ISP credentials safe
- Most DSL connections use VLAN ID 7 or 100 (check with ISP)
- MTU typically 1492 for PPPoE (auto-configured)
-
---
-
-### 3. Routed Static IP Mode
-
-**Mode Name**: `routed-static`
-
-**When to Use**:
- Business internet connection with static IP
- ISP provided specific IP address, subnet mask, and gateway
- Fixed IP address required for services (web server, VPN, etc.)
-
-**Features**:
- Manual IP configuration
- Built-in router (NAT)
- Firewall enabled
- DHCP server for local devices
- Fixed WAN IP address
-
-**Required Parameters**:
- `ipaddr`: Static IP address (e.g., 93.21.0.104)
- `netmask`: Subnet mask (e.g., 255.255.255.0)
- `gateway`: Default gateway IP (e.g., 93.21.0.1)
-
-**Optional Parameters**:
- `vlanid`: VLAN ID if required
- `dns_servers`: DNS servers (comma-separated, e.g., 8.8.8.8,8.8.4.4)
-
-**Example Configuration**:
-```bash
-# Set mode
-uci set netmode.global.mode='routed-static'
-
-# Set IP address
-uci set netmode.@supported_args[6].value='93.21.0.104'
-
-# Set subnet mask
-uci set netmode.@supported_args[7].value='255.255.255.0'
-
-# Set gateway
-uci set netmode.@supported_args[8].value='93.21.0.1'
-
-# Optional: Set DNS servers
-uci set netmode.@supported_args[9].value='8.8.8.8,8.8.4.4'
-
-# Apply configuration
-uci commit netmode
-service netmode restart
-```
-
-**Important Notes**:
- Use exact IP settings provided by ISP
- Incorrect settings will result in no internet connectivity
- DNS servers are optional but recommended
- Device will reboot after configuration
-
---
-
-### 4. Bridged Mode
-
-**Mode Name**: `bridged`
-
-**When to Use**:
- Using router as a bridge/modem only
- Another router handles routing and DHCP
- ISP requires bridge mode
- Cascading routers (not recommended, prefer this mode on upstream device)
- Advanced VLAN configurations (multiple bridges, QinQ)
-
-**Features**:
- Supports multiple bridge configurations
- VLAN tagging and QinQ support
- Can create standalone VLAN interfaces (no bridge)
- No routing (NAT disabled)
- Firewall disabled
- DHCP server disabled
- Device acts as transparent bridge
-
-**Configuration Parameters**:
- `interface_names` (optional): Comma-separated interface names (default: wan)
- `interface_types` (optional): Comma-separated types (transparent, tagged:VID, direct:VID, qinq:C:S, etc.)
- `ports` (optional): Comma-separated port lists (default: ALL)
-
-**Basic Configuration**:
-```bash
-# Simple transparent bridge
-uci set netmode.global.mode='bridged'
-uci commit netmode
-service netmode restart
-```
-
-**Advanced Configuration Examples**:
-```bash
-# Multiple VLANs as separate bridges
-uci set netmode.global.mode='bridged'
-uci set netmode.@supported_args[0].value='lan100,lan200'      # interface_names
-uci set netmode.@supported_args[1].value='tagged:100,tagged:200'  # interface_types
-uci set netmode.@supported_args[2].value='LAN1-LAN2,LAN3-LAN4'    # ports
-uci commit netmode
-service netmode restart
-
-# Standalone VLAN interface (no bridge)
-uci set netmode.global.mode='bridged'
-uci set netmode.@supported_args[0].value='wan'
-uci set netmode.@supported_args[1].value='direct:2501'  # Direct VLAN interface
-uci set netmode.@supported_args[2].value='WAN'
-uci commit netmode
-service netmode restart
-```
-
-**Important Notes**:
- Device will obtain IP from upstream router/ISP
- Web interface may be inaccessible until device gets IP
- To access device: connect directly and check DHCP leases on upstream router
- Device will reboot after configuration
- Use this mode carefully - you may lose access to the device
- For advanced VLAN scenarios, see ADVANCED_BRIDGE_GUIDE.md
-
-**Parameter Naming Note**:
-As of version 1.1.11, parameters were renamed for clarity:
- `bridge_names` → `interface_names` (old name still works)
- `bridge_types` → `interface_types` (old name still works)
-
-**Reverting from Bridge Mode**:
-If you lose access, connect via serial console or perform factory reset.
-
---
-
-## Configuration Methods
-
-### Method 1: UCI Command Line (SSH/Console)
-
-**Step-by-step procedure**:
-
-```bash
-# 1. Connect to device
-ssh root@192.168.1.1
-
-# 2. View current configuration
-uci show netmode
-
-# 3. Set desired mode
-uci set netmode.global.mode='routed-dhcp'
-
-# 4. Set any required parameters (example for PPPoE)
-uci set netmode.@supported_args[2].value='username@isp.com'
-uci set netmode.@supported_args[3].value='password123'
-
-# 5. Save configuration
-uci commit netmode
-
-# 6. Apply changes
-service netmode restart
-
-# 7. Monitor logs (optional)
-logread -f | grep netmode
-```
-
-### Method 2: TR-069/CWMP (Remote Management)
-
-If your device is managed by an ACS (Auto Configuration Server):
-
-**Get current mode**:
-```xml
-GetParameterValues
-  Device.X_IOWRT_EU_NetMode.Mode
-```
-
-**Set PPPoE mode**:
-```xml
-SetParameterValues
-  Device.X_IOWRT_EU_NetMode.Mode = "routed-pppoe"
-  Device.X_IOWRT_EU_NetMode.SupportedModes.2.SupportedArguments.1.Value = "username@isp.com"
-  Device.X_IOWRT_EU_NetMode.SupportedModes.2.SupportedArguments.2.Value = "password123"
-```
-
-**Trigger mode change**:
-```bash
-# On device (via TR-069 script)
-service netmode restart
-```
-
-### Method 3: Web Interface (if available)
-
-Some firmware may provide a web interface for netmode configuration.
-
-Typical location: **Network → WAN → Connection Type**
-
---
-
-## Common Use Cases
-
-### Use Case 1: Switching from DHCP to PPPoE
-
-**Scenario**: ISP changed from cable to DSL connection
-
-```bash
-# 1. Connect to router
-ssh root@192.168.1.1
-
-# 2. Find username and password argument indices
-uci show netmode | grep -A3 "name='username'"
-# Note the index numbers
-
-# 3. Set mode and credentials
-uci set netmode.global.mode='routed-pppoe'
-uci set netmode.@supported_args[2].value='newuser@dsl-isp.com'
-uci set netmode.@supported_args[3].value='newpassword'
-
-# 4. If ISP requires VLAN (e.g., VLAN 7)
-uci set netmode.@supported_args[4].value='7'
-
-# 5. Apply
-uci commit netmode
-service netmode restart
-
-# Device will reboot
-```
-
-### Use Case 2: Adding Custom DNS Servers
-
-**Scenario**: Want to use Google DNS or Cloudflare DNS
-
-```bash
-# For DHCP mode
-uci set netmode.global.mode='routed-dhcp'
-
-# Find dns_servers argument index
-uci show netmode | grep -B2 "name='dns_servers'"
-
-# Set custom DNS (Google DNS example)
-uci set netmode.@supported_args[1].value='8.8.8.8,8.8.4.4'
-
-# Or Cloudflare DNS
-uci set netmode.@supported_args[1].value='1.1.1.1,1.0.0.1'
-
-# Apply
-uci commit netmode
-service netmode restart
-```
-
-### Use Case 3: Configuring VLAN for ISP
-
-**Scenario**: ISP requires VLAN tagging (common for fiber)
-
-```bash
-# Identify your mode (example: DHCP)
-uci set netmode.global.mode='routed-dhcp'
-
-# Find VLAN argument
-uci show netmode | grep -B2 "name='vlanid'"
-
-# Set VLAN ID (ISP will provide this, commonly 100, 7, or other)
-uci set netmode.@supported_args[0].value='100'
-
-# Apply
-uci commit netmode
-service netmode restart
-```
-
-### Use Case 4: Setting Up Bridge Mode for Secondary Router
-
-**Scenario**: Using dedicated router behind ISP modem
-
-```bash
-# Configure device as bridge
-uci set netmode.global.mode='bridged'
-uci commit netmode
-service netmode restart
-
-# After reboot, device will be in bridge mode
-# Connect to it via the IP it receives from upstream
-```
-
-### Use Case 5: Business Static IP Setup
-
-**Scenario**: ISP provided static IP configuration
-
-**ISP Information**:
- IP Address: 203.0.113.10
- Subnet Mask: 255.255.255.248
- Gateway: 203.0.113.9
- DNS: 203.0.113.1, 203.0.113.2
-
-```bash
-# Set mode
-uci set netmode.global.mode='routed-static'
-
-# Configure IP settings (find argument indices first)
-uci show netmode | grep -B2 "name='ipaddr'"
-uci show netmode | grep -B2 "name='netmask'"
-uci show netmode | grep -B2 "name='gateway'"
-
-# Set values
-uci set netmode.@supported_args[6].value='203.0.113.10'
-uci set netmode.@supported_args[7].value='255.255.255.248'
-uci set netmode.@supported_args[8].value='203.0.113.9'
-uci set netmode.@supported_args[9].value='203.0.113.1,203.0.113.2'
-
-# Apply
-uci commit netmode
-service netmode restart
-```
-
---
-
-## Troubleshooting
-
-### Problem: No Internet After Mode Switch
-
-**Symptoms**:
- Cannot access websites
- No WAN IP address
- Local network works but no internet
-
-**Diagnosis**:
-```bash
-# Check WAN interface status
-ifconfig wan
-
-# Check if WAN has IP
-ip addr show wan
-
-# Check routing table
-ip route
-
-# Check DNS resolution
-nslookup google.com
-
-# Check mode applied correctly
-cat /etc/netmodes/.last_mode
-uci show netmode.global.mode
-```
-
-**Solutions**:
-
-1. **For DHCP mode**:
-   ```bash
-   # Restart network
-   /etc/init.d/network restart
-
-   # Release and renew DHCP
-   udhcpc -i wan -n
-   ```
-
-2. **For PPPoE mode**:
-   ```bash
-   # Check credentials
-   uci show network.wan.username
-   uci show network.wan.password
-
-   # Check PPPoE connection
-   logread | grep pppd
-
-   # Restart PPPoE
-   ifdown wan
-   ifup wan
-   ```
-
-3. **For Static IP mode**:
-   ```bash
-   # Verify settings
-   uci show network.wan
-
-   # Check if gateway is reachable
-   ping -c 3 $(uci get network.wan.gateway)
-   ```
-
-### Problem: Cannot Access Router After Mode Change
-
-**Symptoms**:
- Cannot reach router web interface
- Cannot SSH to router
- Router appears offline
-
-**Solutions**:
-
-1. **Check router IP address**:
-   - Routed modes: Router should be at `192.168.1.1`
-   - Bridged mode: Router gets IP from upstream device
-
-2. **For bridged mode**:
-   ```bash
-   # Connect to upstream router
-   # Check DHCP leases for your device MAC address
-   # Or connect via serial console
-   ```
-
-3. **Factory reset** (last resort):
-   - Hold reset button for 10 seconds
-   - Device will reset to default configuration
-
-### Problem: Mode Not Switching
-
-**Symptoms**:
- `.last_mode` not updated
- Old configuration still active
- No changes after restart
-
-**Diagnosis**:
-```bash
-# Check if netmode is enabled
-uci get netmode.global.enabled
-
-# Check logs
-logread | grep netmode
-
-# Check if mode exists
-ls /etc/netmodes/*/scripts/
-```
-
-**Solutions**:
-```bash
-# Enable netmode if disabled
-uci set netmode.global.enabled='1'
-uci commit netmode
-
-# Force mode change by removing last_mode
-rm /etc/netmodes/.last_mode
-service netmode restart
-```
-
-### Problem: PPPoE Authentication Failure
-
-**Symptoms**:
- WAN interface shows "connecting" but never connects
- Logs show authentication errors
-
-**Diagnosis**:
-```bash
-# Check PPPoE logs
-logread | grep ppp
-
-# Common errors:
-# - "authentication failed"
-# - "LCP timeout"
-# - "CHAP authentication failed"
-```
-
-**Solutions**:
-```bash
-# Verify credentials (double-check with ISP)
-uci show network.wan.username
-uci show network.wan.password
-
-# Some ISPs require VLAN tagging
-uci set netmode.@supported_args[4].value='7'  # or ISP-specific VLAN
-uci commit netmode
-service netmode restart
-
-# Check if service name is required (rare)
-uci set network.wan.service='ISP-SERVICE-NAME'
-uci commit network
-```
-
-### Problem: Slow Internet After Mode Switch
-
-**Symptoms**:
- Internet works but very slow
- High latency
-
-**Solutions**:
-
-1. **Check MTU settings** (especially for PPPoE):
-   ```bash
-   # Set MTU for PPPoE
-   uci set netmode.@supported_args[5].value='1492'
-   uci commit netmode
-   service netmode restart
-   ```
-
-2. **Check for DNS issues**:
-   ```bash
-   # Test DNS resolution speed
-   time nslookup google.com
-
-   # Use faster DNS
-   uci set netmode.@supported_args[X].value='1.1.1.1,1.0.0.1'
-   uci commit netmode
-   service netmode restart
-   ```
-
-3. **Check WAN speed**:
-   ```bash
-   # Install iperf3 and test
-   opkg update
-   opkg install iperf3
-   ```
-
---
-
-## FAQ
-
-### General Questions
-
-**Q: Will I lose my configuration when switching modes?**
-
-A: Netmode preserves most router settings (WiFi, firewall rules, etc.), but WAN-specific settings are reconfigured. Local network settings remain unchanged.
-
-**Q: How long does a mode switch take?**
-
-A: The mode switch itself takes a few seconds, but the device will reboot, which takes 1-2 minutes total.
-
-**Q: Can I switch modes remotely?**
-
-A: Yes, via SSH or TR-069/USP if configured. However, be careful with bridge mode as you may lose connectivity.
-
-**Q: Do I need to reboot manually?**
-
-A: No, the system automatically reboots after applying a new mode.
-
-**Q: Can I schedule a mode switch?**
-
-A: Yes, using cron:
-```bash
-# Switch to bridged mode at 2 AM
-echo "0 2 * * * uci set netmode.global.mode='bridged' && uci commit && service netmode restart" | crontab -
-```
-
-### Mode-Specific Questions
-
-**Q: Which mode should I use?**
-
-A: Depends on your ISP:
- Cable/Fiber without login: **routed-dhcp**
- DSL with username/password: **routed-pppoe**
- Static IP business connection: **routed-static**
- Using as bridge only: **bridged**
-
-**Q: Can I use PPPoE with VLAN?**
-
-A: Yes, set both the mode and VLAN ID:
-```bash
-uci set netmode.global.mode='routed-pppoe'
-uci set netmode.@supported_args[4].value='100'
-```
-
-**Q: What's the difference between routed and bridged mode?**
-
-A:
- **Routed modes**: Router performs NAT, runs firewall, provides DHCP to local network
- **Bridged mode**: Router acts as transparent bridge, no NAT, no firewall, no DHCP
-
-**Q: Can I customize the LAN IP in routed modes?**
-
-A: Yes, but not through netmode. After mode switch, manually configure:
-```bash
-uci set network.lan.ipaddr='192.168.2.1'
-uci commit network
-/etc/init.d/network restart
-```
-
-### Technical Questions
-
-**Q: Where are my credentials stored?**
-
-A: In `/etc/config/netmode` (UCI configuration). They are cleared from memory after mode application for security.
-
-**Q: Can I create custom modes?**
-
-A: Yes, advanced users can create custom modes. See the IMPLEMENTATION_GUIDE.md and DEVELOPER_GUIDE.md.
-
-**Q: Does netmode support IPv6?**
-
-A: Yes, routed-dhcp and routed-pppoe modes support IPv6 (DHCPv6).
-
-**Q: What happens to firewall rules?**
-
-A: Firewall is enabled for routed modes and disabled for bridged mode. Custom rules are preserved.
-
-**Q: Can I use multiple WAN connections?**
-
-A: Netmode manages the primary WAN. For multi-WAN setups, configure secondary WANs manually after netmode configuration.
-
---
-
-## Glossary
-
-**Bridge Mode**: Operating mode where the router acts as a transparent network bridge without routing or NAT.
-
-**DHCP (Dynamic Host Configuration Protocol)**: Automatic IP address assignment protocol.
-
-**DMZ (Demilitarized Zone)**: Network segment that sits between internal network and external network.
-
-**DNS (Domain Name System)**: Service that translates domain names to IP addresses.
-
-**Gateway**: Router IP address that connects local network to the internet.
-
-**ISP (Internet Service Provider)**: Company providing internet access.
-
-**LAN (Local Area Network)**: Internal network (devices in your home/office).
-
-**MTU (Maximum Transmission Unit)**: Largest packet size that can be transmitted. PPPoE typically uses 1492.
-
-**NAT (Network Address Translation)**: Technology allowing multiple devices to share one public IP address.
-
-**PPPoE (Point-to-Point Protocol over Ethernet)**: Authentication protocol commonly used for DSL connections.
-
-**Static IP**: Fixed IP address that doesn't change (opposite of DHCP).
-
-**Subnet Mask**: Defines the network portion of an IP address (e.g., 255.255.255.0).
-
-**TR-069/CWMP**: Remote management protocol for network devices.
-
-**UCI (Unified Configuration Interface)**: OpenWrt configuration system.
-
-**USP (User Services Platform)**: Next-generation device management protocol.
-
-**VLAN (Virtual LAN)**: Network segmentation using VLAN tags (802.1Q).
-
-**WAN (Wide Area Network)**: External network connection (internet).
-
---
-
-## Getting Help
-
-### Log Collection
-
-When reporting issues, collect these logs:
-
-```bash
-# System logs
-logread > /tmp/system.log
-
-# Network configuration
-uci export network > /tmp/network.conf
-uci export netmode > /tmp/netmode.conf
-
-# Interface status
-ifconfig > /tmp/interfaces.txt
-ip route > /tmp/routes.txt
-
-# Copy to external system
-scp /tmp/*.{log,conf,txt} user@external-host:/path/
-```
-
-### Support Resources
-
- **Documentation**: Check IMPLEMENTATION_GUIDE.md and DEVELOPER_GUIDE.md
- **Community Forums**: OpenWrt and iopsys community forums
- **Issue Tracker**: Report bugs to iopsys development team
- **ISP Support**: Contact ISP for connection-specific parameters (VLAN, credentials, etc.)
-
-### Before Contacting Support
-
-Please have ready:
-1. Current mode: `cat /etc/netmodes/.last_mode`
-2. Netmode version: `opkg info netmode | grep Version`
-3. Error logs: `logread | grep netmode`
-4. Network configuration: `uci export netmode`
-5. What you're trying to achieve
-6. What you've already tried
-
---
-
-## Quick Reference Card
-
-### Common Commands
-
-```bash
-# View current mode
-cat /etc/netmodes/.last_mode
-
-# List available modes
-uci show netmode | grep "supported_modes.*name"
-
-# Switch to DHCP
-uci set netmode.global.mode='routed-dhcp'
-uci commit netmode && service netmode restart
-
-# Switch to PPPoE
-uci set netmode.global.mode='routed-pppoe'
-uci set netmode.@supported_args[2].value='username'
-uci set netmode.@supported_args[3].value='password'
-uci commit netmode && service netmode restart
-
-# Switch to Bridge
-uci set netmode.global.mode='bridged'
-uci commit netmode && service netmode restart
-
-# View logs
-logread | grep netmode
-
-# Reset to last mode
-rm /etc/netmodes/.last_mode
-service netmode restart
-```
-
-### Emergency Recovery
-
-```bash
-# If locked out after bridge mode
-# Connect via serial console and run:
-uci set netmode.global.mode='routed-dhcp'
-uci commit netmode
-service netmode restart
-
-# Factory reset (hold reset button 10 seconds)
-# Or via console:
-firstboot -y && reboot
-```
-
---
-
-**Document Version**: 1.0
-**Package Version**: 1.1.11
-**Last Updated**: 2024
-**License**: GPL-2.0-only
--- a/netmode/docs/VALIDATION_AND_ERROR_HANDLING.md
+++ b/netmode/docs/VALIDATION_AND_ERROR_HANDLING.md
@@ -1,294 +0,0 @@
-# Advanced Mode - Validation and Error Handling
-
-## Overview
-
-The advanced mode includes comprehensive input validation and error handling to ensure configuration correctness and provide helpful error messages when issues occur.
-
-## Validation Functions
-
-### 1. VLAN ID Validation
-
-**Function**: `validate_vlan_id()`
-
-**Validates**:
- VLAN ID is a number
- VLAN ID is in valid range (1-4094)
-
-**Example Error**:
-```
-ERROR: VLAN ID in type 'bridge:tagged:5000' out of range (must be 1-4094): 5000
-```
-
-### 2. MAC Address Validation
-
-**Function**: `validate_mac_address()`
-
-**Validates**:
- MAC address format (XX:XX:XX:XX:XX:XX)
- MAC address macros (BaseMACAddress, BaseMACAddressPNN)
- Hexadecimal characters only
-
-**Example Errors**:
-```
-ERROR: Invalid MAC address format: 'ZZ:BB:CC:DD:EE:FF' (expected XX:XX:XX:XX:XX:XX)
-ERROR: Invalid MAC macro format: 'BaseMACAddressP' (expected BaseMACAddressPNN)
-```
-
-### 3. Interface Name Validation
-
-**Function**: `validate_interface_name()`
-
-**Validates**:
- Interface name is not empty
- Only alphanumeric characters and underscore allowed
- Reserved names not used (loopback, lo, globals)
-
-**Example Errors**:
-```
-ERROR: Interface name 'wan-interface' invalid (only alphanumeric and underscore allowed)
-ERROR: Interface name 'loopback' is reserved
-```
-
-### 4. Port Specification Validation
-
-**Function**: `validate_port_spec()`
-
-**Validates**:
- Port specification is not empty
- Valid port identifiers (LAN1-8, WAN, or interface names)
- Format is correct (dash-separated)
-
-**Example Error**:
-```
-ERROR: Invalid port identifier in 'LAN1-LAN9-WAN': 'LAN9'
-```
-
-### 5. Interface Type Validation
-
-**Function**: `validate_interface_type()`
-
-**Validates**:
- Interface type syntax is correct
- VLAN IDs in types are valid
- MAC addresses in types are valid
- Type is recognized
-
-**Example Errors**:
-```
-ERROR: Unknown interface type: 'bridge:unknown:100'
-Valid types: bridge:transparent, bridge:tagged:VID, brvlan:wan-tagged:VID, route:vlan:VID, route:macvlan:MAC, direct:VID
-
-ERROR: VLAN ID in type 'route:vlan:9999' out of range (must be 1-4094): 9999
-```
-
-## Configuration Validation
-
-### Parameter Count Matching
-
-The system validates that all configuration parameters have matching element counts:
-
-```bash
-# This is VALID (3 interfaces, 3 types, 3 port lists)
-interface_names='wan,iptv,voip'
-interface_types='route:vlan:100,route:vlan:200,route:vlan:300'
-ports='WAN,WAN,WAN'
-
-# This is INVALID (3 interfaces but only 2 types)
-interface_names='wan,iptv,voip'
-interface_types='route:vlan:100,route:vlan:200'  # ERROR!
-ports='WAN,WAN,WAN'
-```
-
-**Error Message**:
-```
-ERROR: Number of interface names (3) does not match number of interface types (2)
-interface_names: wan,iptv,voip
-interface_types: route:vlan:100,route:vlan:200
-```
-
-### MAC Address Count Warning
-
-If MAC addresses are provided but don't match interface count, a warning is issued:
-
-```
-WARNING: Number of MAC addresses (2) does not match number of interfaces (3)
-Some interfaces will use default MAC addresses
-```
-
-## Error Handling
-
-### MAC Address Operations
-
-#### Base MAC Not Found
-```
-WARNING: Base MAC address not found or invalid, using default
-```
-
-#### MAC Increment Overflow
-```
-WARNING: MAC address overflow after increment, wrapping around
-```
-
-#### Invalid Increment Value
-```
-ERROR: MAC increment must be a number: 'ABC'
-```
-
-### Port Resolution
-
-#### WAN Port Not Found
-```
-ERROR: WAN port not found in board.json or UCI
-```
-
-### Validation Failure Behavior
-
-When validation fails:
-1. **Error is logged** to syslog with severity `user.err`
-2. **Configuration is aborted** - no changes are applied
-3. **Exit code 1** is returned
-4. **Helpful error message** indicates what went wrong
-
-## Debugging Validation Issues
-
-### View Validation Logs
-
-```bash
-# Check recent netmode logs
-logread | grep netmode-advanced
-
-# Filter for errors only
-logread | grep -E "netmode-advanced.*ERROR"
-
-# Watch logs in real-time
-logread -f | grep netmode-advanced
-```
-
-### Common Validation Errors
-
-#### 1. Mismatched Parameter Counts
-
-**Problem**:
-```bash
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv'
-uci set netmode.mode_4_supprted_args_2.value='bridge:transparent'  # Only 1!
-uci set netmode.mode_4_supprted_args_3.value='ALL,LAN1-LAN2-WAN'
-```
-
-**Solution**: Ensure all parameters have same number of comma-separated values:
-```bash
-uci set netmode.mode_4_supprted_args_2.value='bridge:transparent,brvlan:wan-tagged:100'
-```
-
-#### 2. Invalid VLAN ID
-
-**Problem**:
-```bash
-uci set netmode.mode_4_supprted_args_2.value='bridge:tagged:5000'  # > 4094
-```
-
-**Solution**: Use valid VLAN ID (1-4094):
-```bash
-uci set netmode.mode_4_supprted_args_2.value='bridge:tagged:100'
-```
-
-#### 3. Invalid MAC Address Format
-
-**Problem**:
-```bash
-uci set netmode.mode_4_supprted_args_4.value='AA-BB-CC-DD-EE-FF'  # Wrong separator
-```
-
-**Solution**: Use colon separator:
-```bash
-uci set netmode.mode_4_supprted_args_4.value='AA:BB:CC:DD:EE:FF'
-```
-
-#### 4. Invalid Interface Name
-
-**Problem**:
-```bash
-uci set netmode.mode_4_supprted_args_1.value='wan-interface'  # Dash not allowed
-```
-
-**Solution**: Use underscore instead:
-```bash
-uci set netmode.mode_4_supprted_args_1.value='wan_interface'
-```
-
-#### 5. Invalid Port Specification
-
-**Problem**:
-```bash
-uci set netmode.mode_4_supprted_args_3.value='LAN1,LAN2'  # Wrong separator
-```
-
-**Solution**: Use dash separator:
-```bash
-uci set netmode.mode_4_supprted_args_3.value='LAN1-LAN2'
-```
-
-## Testing Validation
-
-### Test Invalid VLAN ID
-```bash
-uci set netmode.mode_4_supprted_args_1.value='test'
-uci set netmode.mode_4_supprted_args_2.value='bridge:tagged:9999'
-uci set netmode.mode_4_supprted_args_3.value='ALL'
-uci commit netmode && service netmode restart
-
-# Check logs
-logread | tail -20 | grep netmode-advanced
-# Should show: ERROR: VLAN ID in type 'bridge:tagged:9999' out of range (must be 1-4094): 9999
-```
-
-### Test Mismatched Counts
-```bash
-uci set netmode.mode_4_supprted_args_1.value='wan,iptv,voip'
-uci set netmode.mode_4_supprted_args_2.value='route:vlan:100,route:vlan:200'  # Only 2!
-uci set netmode.mode_4_supprted_args_3.value='WAN,WAN,WAN'
-uci commit netmode && service netmode restart
-
-# Check logs
-logread | tail -20 | grep netmode-advanced
-# Should show: ERROR: Number of interface names (3) does not match number of interface types (2)
-```
-
-### Test Invalid MAC Address
-```bash
-uci set netmode.mode_4_supprted_args_4.value='INVALID-MAC'
-uci commit netmode && service netmode restart
-
-# Check logs
-logread | tail -20 | grep netmode-advanced
-# Should show: ERROR: Invalid MAC address format: 'INVALID-MAC' (expected XX:XX:XX:XX:XX:XX)
-```
-
-## Best Practices
-
-1. **Always check logs** after configuration changes
-2. **Test configurations** in a development environment first
-3. **Use validation** to catch errors early
-4. **Read error messages** - they indicate exactly what's wrong
-5. **Keep backup** of working configuration
-
-## Exit Codes
-
-| Exit Code | Meaning |
-|-----------|---------|
-| 0 | Success - configuration applied |
-| 1 | Failure - validation error or configuration error |
-
-## Integration with Management Systems
-
-When using TR-181 or other management systems:
-
-1. **Check exit code** of netmode service
-2. **Parse error logs** to provide user feedback
-3. **Validate before applying** using the same validation rules
-4. **Provide helpful error messages** to end users
-
---
-
-**Document Version**: 1.0
-**Last Updated**: 2025-12-13
--- a/netmode/files/etc/init.d/netmode
+++ b/netmode/files/etc/init.d/netmode
@@ -87,84 +87,55 @@ configure_env_vars() {
 	config_foreach _set_env_args supported_args
 }

+cleanup_arg_values() {
+	local dm_parent
+
+	config_get dm_parent ${1} dm_parent ""
+	if [ "${dm_parent}" = "${SUPP_MODES_SEC}" ]; then
+		uci -q set netmode.${1}.value=""
+	fi
+}
+
 cleanup_env_vars() {
 	for e in $(env); do
 		if echo ${e} |grep -q "^NETMODE_"; then
 			unset ${e}
 		fi
 	done
+
+	if [ -n "${SUPP_MODES_SEC}" ]; then
+		config_load "netmode"
+		config_foreach cleanup_arg_values supported_args
+		uci commit netmode
+	fi
 }

 start_service() {
-	if [ ! -f /etc/config/netmode ]; then
-		_log "/etc/config/netmode not found, returning"
-		return
-	fi
+	[ -f /etc/config/netmode ] || return

 	config_load netmode
 	config_get_bool enabled global enabled '0'
-
-	if [ "$enabled" -eq 0 ]; then
-		_log "netmode service disabled, returning"
-		return
-	fi
+	[ $enabled -eq 0 ] && return

 	[ -d $MODEDIR ] || mkdir -p $MODEDIR
-
 	# Get the desired netmode from config
 	config_get mode global mode ""
-
 	# Check if netmode is set as boot environment parameter
-	if [ -z "$mode" ]; then
-		_log "mode not set in UCI, checking bootenv"
-		mode="$(fw_printenv -n netmode 2>/dev/null)"
-	fi
-
+	[ -n "$mode" ] || mode="$(fw_printenv -n netmode 2>/dev/null)"
 	# Return if mode is not set
-	if [ -z "$mode" ]; then
-		_log "mode still empty, returning"
+	[ -n "$mode" ] || return
+
+	# Get the last saved mode
+	lastmode="$(cat $MODEDIR/.last_mode 2>/dev/null)"
+	# Return if desired mode is same as last saved mode
+	if [ "$mode" = "$lastmode" ]; then
+		_log "Not switching mode[${mode}], lastmode[${lastmode}]"
 		return
 	fi

+	_log "Switching to [${mode}] Mode"

-	# Build configuration signature from UCI values directly
-	# This ensures parameter changes trigger reconfiguration
-	SUPP_MODES_SEC=""
-	config_foreach _get_modes_sec_name supported_modes "${mode}"
-
-	local config_signature="${mode}"
-	if [ -n "${SUPP_MODES_SEC}" ]; then
-		# Get all arguments for this mode, sorted by section name for consistency
-		for arg_sec in $(uci show netmode | grep "=supported_args" | cut -d'.' -f2 | cut -d'=' -f1 | sort); do
-			local dm_parent=$(uci -q get "netmode.${arg_sec}.dm_parent")
-			if [ "${dm_parent}" = "${SUPP_MODES_SEC}" ]; then
-				local arg_name=$(uci -q get "netmode.${arg_sec}.name")
-				local arg_value=$(uci -q get "netmode.${arg_sec}.value")
-				if [ -n "${arg_name}" -a -n "${arg_value}" ]; then
-					config_signature="${config_signature}:${arg_name}=${arg_value}"
-				fi
-			fi
-		done
-	else
-		_log "Could not find supported mode section"
-	fi
-
-	# Get the last saved configuration signature
-	local last_config_signature="$(cat $MODEDIR/.last_mode 2>/dev/null)"
-
-	# Return if configuration hasn't changed
-	if [ "${config_signature}" = "${last_config_signature}" ]; then
-		_log "Not reconfiguring, configuration unchanged"
-		return
-	fi
-
-	_log "Configuration changed, applying [${mode}] mode"
-	if [ -n "${last_config_signature}" ]; then
-		_log "Previous config: ${last_config_signature}"
-	fi
-	_log "Current config: ${config_signature}"
-
-	# Configure env variables (needed by mode scripts)
+	# Configure env variables
 	configure_env_vars ${mode}
 	# Execute netmode generic pre-mode-switch scripts
 	libnetmode_exec "pre"
@@ -179,32 +150,19 @@ start_service() {
 	libnetmode_exec

 	# Execute mode specific scripts
-	local script_exit_code=0
 	if [ -d $MODEDIR/$mode/scripts ]; then
 		for script in $(ls $MODEDIR/$mode/scripts/); do
 			_log "Executing [${mode}], script [${script}]"
 			sh $MODEDIR/$mode/scripts/$script
-			script_exit_code=$?
-			if [ $script_exit_code -ne 0 ]; then
-				_log "ERROR: Mode script [${script}] failed with exit code ${script_exit_code}"
-				break
-			fi
 		done
 	fi

-	# Only save configuration if scripts succeeded
-	if [ $script_exit_code -eq 0 ]; then
-		# Save configuration signature as last mode
-		echo "$config_signature" > $MODEDIR/.last_mode
-		_log "Switching to Mode [${mode}] done, configuration saved"
-
-		# Execute netmode generic post-mode-switch scripts
-		libnetmode_exec "post"
-	else
-		_log "ERROR: Mode switch to [${mode}] FAILED - configuration NOT saved"
-		_log "The system will retry on next netmode restart"
-	fi
+	# Save mode as last mode
+	echo "$mode" > $MODEDIR/.last_mode
+	_log "Switching to Mode [${mode}] done, last mode updated"

+	# Execute netmode generic post-mode-switch scripts
+	libnetmode_exec "post"
 	cleanup_env_vars "${mode}"
 }

--- a/netmode/files/etc/netmodes/advanced/scripts/10-advanced
+++ b/netmode/files/etc/netmodes/advanced/scripts/10-advanced
@@ -1,577 +0,0 @@
-#!/bin/sh
-#
-# Advanced Mode Script
-# Unified configuration for bridges, routed interfaces, and standalone interfaces
-# Replaces: bridged mode and routed-multi-service mode
-#
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-. /lib/netmode/advanced_helper.sh
-
-[ -f /etc/device_info ] && source "/etc/device_info"
-
-_log() {
-	logger -s -p user.info -t "netmode-advanced" "$*"
-}
-
-IPTV_IFACES=""
-MGMT_IFACES=""
-INET_IFACES=""
-IPTV_DEVS=""
-WAN_PORT=""
-MACVLAN_PRESENT=0
-BRIDGE_VLAN_PRESENT=0
-
-#
-# Main Interface Configuration
-#
-configure_interfaces() {
-	_log "Starting advanced interface configuration"
-
-	# Get configuration from environment variables
-	local interface_names="${NETMODE_interface_names:-wan}"
-	local interface_types="${NETMODE_interface_types:-bridge:transparent}"
-	local ports="${NETMODE_ports:-ALL}"
-	local mac_addrs="${NETMODE_macaddrs:-}"
-
-	_log "Interface names: $interface_names"
-	_log "Interface types: $interface_types"
-	_log "Ports: $ports"
-	_log "MAC addresses: $mac_addrs"
-
-	# Validate configuration before proceeding
-	_log "Validating configuration..."
-
-	# Count elements in each parameter
-	local name_count=$(echo "$interface_names" | tr ',' '\n' | wc -l)
-	local type_count=$(echo "$interface_types" | tr ',' '\n' | wc -l)
-	local port_count=$(echo "$ports" | tr ',' '\n' | wc -l)
-	local mac_count=0
-	[ -n "$mac_addrs" ] && mac_count=$(echo "$mac_addrs" | tr ',' '\n' | wc -l)
-
-	_log "Element counts: names=$name_count, types=$type_count, ports=$port_count, macs=$mac_count"
-
-	# Validate counts match
-	if [ "$name_count" != "$type_count" ]; then
-		_log "ERROR: Number of interface names ($name_count) does not match number of interface types ($type_count)"
-		_log "interface_names: $interface_names"
-		_log "interface_types: $interface_types"
-		return 1
-	fi
-
-	if [ "$name_count" != "$port_count" ]; then
-		_log "ERROR: Number of interface names ($name_count) does not match number of ports ($port_count)"
-		_log "interface_names: $interface_names"
-		_log "ports: $ports"
-		return 1
-	fi
-
-	if [ "$mac_count" -gt 0 -a "$mac_count" != "$name_count" ]; then
-		_log "WARNING: Number of MAC addresses ($mac_count) does not match number of interfaces ($name_count)"
-		_log "Some interfaces will use default MAC addresses"
-	fi
-
-	# Validate each parameter
-	local idx=1
-	local OLD_IFS="$IFS"
-	IFS=','
-
-	for name in $interface_names; do
-		validate_interface_name "$name" || {
-			IFS="$OLD_IFS"
-			return 1
-		}
-	done
-
-	for type in $interface_types; do
-		validate_interface_type "$type" || {
-			IFS="$OLD_IFS"
-			return 1
-		}
-	done
-
-	for port_spec in $ports; do
-		validate_port_spec "$port_spec" || {
-			IFS="$OLD_IFS"
-			return 1
-		}
-	done
-
-	if [ -n "$mac_addrs" ]; then
-		for mac in $mac_addrs; do
-			validate_mac_address "$mac" "1" || {
-				IFS="$OLD_IFS"
-				return 1
-			}
-		done
-	fi
-
-	IFS="$OLD_IFS"
-
-	_log "Configuration validation passed"
-
-	# Clean up existing configuration
-	cleanup_interfaces
-
-	# Split comma-separated values into arrays
-	local names_arr=""
-	local types_arr=""
-	local ports_arr=""
-	local macs_arr=""
-
-	# Save and set IFS for comma splitting
-	local OLD_IFS="$IFS"
-	IFS=','
-
-	for name in $interface_names; do
-		names_arr="$names_arr $name"
-	done
-
-	for type in $interface_types; do
-		types_arr="$types_arr $type"
-	done
-
-	for port_spec in $ports; do
-		ports_arr="$ports_arr $port_spec"
-	done
-
-	for mac in $mac_addrs; do
-		macs_arr="$macs_arr $mac"
-	done
-
-	# Restore IFS
-	IFS="$OLD_IFS"
-
-	# Convert to arrays for indexing
-	set -- $names_arr
-	local total_interfaces=$#
-
-	_log "Total interfaces to create: $total_interfaces"
-
-	# Get WAN port for routed interfaces
-	local wan_port=$(get_wan_port)
-	WAN_PORT="$wan_port"
-	_log "WAN port: $WAN_PORT"
-
-	# Create each interface
-	local idx=1
-	for if_name in $names_arr; do
-		# Get corresponding type, ports, and MAC address
-		local type_idx=$idx
-		local ports_idx=$idx
-		local mac_idx=$idx
-
-		set -- $types_arr
-		shift $((type_idx - 1))
-		local if_type="${1:-bridge:transparent}"
-
-		set -- $ports_arr
-		shift $((ports_idx - 1))
-		local port_list="${1:-ALL}"
-
-		set -- $macs_arr
-		shift $((mac_idx - 1))
-		local if_mac="${1:-}"
-
-		_log "Creating interface $idx/$total_interfaces: name=$if_name, type=$if_type, ports=$port_list, mac=$if_mac"
-
-		# Parse interface type
-		parse_interface_type "$if_type"
-
-		local mode="$PARSE_MODE"
-		local vlan_type="$PARSE_VLAN_TYPE"
-		local cvid="$PARSE_CVID"
-		local svid="$PARSE_SVID"
-		local mac_addr="$PARSE_MAC_ADDR"
-		local proto="$PARSE_PROTO"
-		local disabled="$PARSE_DISABLED"
-		local purpose="$PARSE_PURPOSE"
-
-		if [ "$purpose" = "iptv" ]; then
-			IPTV_IFACES="$IPTV_IFACES $if_name"
-		elif [ "$purpose" = "inet" ]; then
-			INET_IFACES="$INET_IFACES $if_name"
-		elif [ "$purpose" = "mgmt" ]; then
-			MGMT_IFACES="$MGMT_IFACES $if_name"
-		fi
-
-		if [ "$vlan_type" = "macvlan" ] && [ "$mac_count" -gt 0 ]; then
-			MACVLAN_PRESENT=1
-		fi
-
-		_log "Parsed: mode=$mode, vlan_type=$vlan_type, cvid=$cvid, svid=$svid, mac=$mac_addr, proto=$proto, purpose=$purpose"
-
-		case "$mode" in
-			bridge)
-				# Create bridge using helper function
-				create_bridge "$if_name" "$if_type" "$port_list" "$if_mac"
-				;;
-
-			brvlan)
-				# Create bridge with VLAN filtering
-				BRIDGE_VLAN_PRESENT=1
-				create_bridge_vlan_filtering "$if_name" "$if_type" "$port_list" "$if_mac"
-				;;
-
-			device-ref)
-				# Create interface that references device from another interface
-				# cvid contains the reference interface name
-				local ref_if_name="$cvid"
-				local ref_device=$(uci -q get "network.${ref_if_name}.device")
-
-				if [ -z "$ref_device" ]; then
-					_log "ERROR: Reference interface '$ref_if_name' not found or has no device"
-					exit 1
-				fi
-
-				_log "Creating interface $if_name referencing device $ref_device from interface $ref_if_name"
-
-				# Create interface using the same device as reference interface
-				uci -q delete "network.${if_name}"
-				uci -q set "network.${if_name}=interface"
-				uci -q set "network.${if_name}.proto=${proto}"
-				uci -q set "network.${if_name}.device=${ref_device}"
-
-				# Set MAC address if provided
-				if [ -n "$if_mac" ]; then
-					local resolved_mac=$(resolve_mac_address "$if_mac")
-					uci -q set "network.${if_name}.macaddr=${resolved_mac}"
-					_log "Setting MAC address: $if_mac -> $resolved_mac"
-				fi
-
-				[ "$disabled" = "1" ] && uci -q set "network.${if_name}.disabled=1"
-				;;
-
-			route)
-				# Create routed interface
-				port_list="${port_list//:u/}"
-				local base_device=""
-				if [ "$port_list" = "WAN" -o "$port_list" = "wan" ]; then
-					base_device="$wan_port"
-				else
-					# Use first port from list
-					local actual_ports=$(parse_port_list "$port_list")
-					base_device=$(echo "$actual_ports" | awk '{print $1}')
-				fi
-
-				create_routed_interface "$if_name" "$vlan_type" "$cvid" "$mac_addr" "$proto" "$base_device" "$disabled" "$purpose"
-				;;
-
-			direct)
-				# Create standalone VLAN interface
-				port_list="${port_list//:u/}"
-				local base_device=""
-				if [ "$port_list" = "WAN" -o "$port_list" = "wan" ]; then
-					base_device="$wan_port"
-				else
-					local actual_ports=$(parse_port_list "$port_list")
-					base_device=$(echo "$actual_ports" | awk '{print $1}')
-				fi
-
-				create_standalone_interface "$if_name" "$cvid" "$proto" "$base_device" "$disabled" "$if_mac"
-				;;
-		esac
-
-		idx=$((idx + 1))
-	done
-
-	if [ "$BRIDGE_VLAN_PRESENT" -eq 1 ]; then
-		# create the shared bridge once with all collected ports from bridge-vlan interfaces
-		create_shared_bridge
-	fi
-
-	# Commit network changes
-	uci -q commit network
-
-	IPTV_IFACES="$(echo "$IPTV_IFACES" | xargs)"
-	INET_IFACES="$(echo "$INET_IFACES" | xargs)"
-	MGMT_IFACES="$(echo "$MGMT_IFACES" | xargs)"
-
-	_log "Interface configuration completed"
-}
-
-#
-# Configure L3 Multicast (Proxy)
-#
-configure_l3_mcast() {
-	_log "Configuring L3 multicast (Proxy) for $IPTV_DEVS"
-
-	# Remove proxy sections
-	uci -q delete mcast.igmp_proxy_1
-	uci -q delete mcast.mc_proxy_MLD
-	uci -q delete mcast.igmp_snooping_1
-	uci -q delete mcast.mld_snooping_1
-
-	IPTV_DEVS="$(echo "$IPTV_DEVS" | xargs | tr ' ' '\n' | sort -u)"
-
-	uci add mcast proxy
-	uci rename mcast.@proxy[-1]="mc_proxy_MLD"
-	uci set mcast.@proxy[-1].enable="1"
-	uci set mcast.@proxy[-1].proto="mld"
-	uci set mcast.@proxy[-1].version="2"
-	uci set mcast.@proxy[-1].robustness="2"
-	uci set mcast.@proxy[-1].query_interval="125"
-	uci set mcast.@proxy[-1].query_response_interval="100"
-	uci set mcast.@proxy[-1].last_member_query_interval="10"
-	uci set mcast.@proxy[-1].fast_leave="1"
-	uci set mcast.@proxy[-1].snooping_mode="2"
-	uci add_list mcast.@proxy[-1].downstream_interface="br-lan"
-
-	IFS=" "
-	for itf in $IPTV_DEVS; do
-		uci add_list mcast.@proxy[-1].upstream_interface="$itf"
-	done
-
-
-	uci add mcast proxy
-	uci rename mcast.@proxy[-1]="igmp_proxy_1"
-	uci set mcast.@proxy[-1].enable="1"
-	uci set mcast.@proxy[-1].proto="igmp"
-	uci set mcast.@proxy[-1].version="2"
-	uci set mcast.@proxy[-1].robustness="2"
-	uci set mcast.@proxy[-1].query_interval="125"
-	uci set mcast.@proxy[-1].query_response_interval="100"
-	uci set mcast.@proxy[-1].last_member_query_interval="10"
-	uci set mcast.@proxy[-1].fast_leave="1"
-	uci set mcast.@proxy[-1].snooping_mode="2"
-	uci add_list mcast.@proxy[-1].downstream_interface="br-lan"
-
-	IFS=" "
-	for itf in $IPTV_DEVS; do
-		uci add_list mcast.@proxy[-1].upstream_interface="$itf"
-	done
-
-	uci add_list mcast.@proxy[-1].filter="239.0.0.0/8"
-
-	uci -q commit mcast
-
-	_log "L3 multicast configuration complete"
-}
-
-#
-# Configure L2 Multicast (Snooping)
-#
-configure_l2_mcast() {
-	_log "Configuring L2 multicast (snooping)"
-	# Remove proxy sections
-	uci -q delete mcast.igmp_proxy_1
-	uci -q delete mcast.mc_proxy_MLD
-
-	# Get all bridge names from network UCI
-	local bridge_list=""
-	local bridge_names=""
-	local br_device=""
-
-	# Query all network sections and filter for bridge type
-	bridge_list=$(uci -q show network | grep "\.type='bridge'" | cut -d'.' -f2)
-
-	# Convert to space-separated list
-	for bridge in $bridge_list; do
-		br_device="$(uci -q get network.${bridge}.name)"
-		if [ -z "$bridge_names" ]; then
-			[ -n "$br_device" ] && bridge_names="$br_device"
-		else
-			[ -n "$br_device" ] && bridge_names="$bridge_names $br_device"
-		fi
-	done
-
-	if [ -z "$bridge_names" ]; then
-		_log "No bridges found for multicast configuration"
-		return
-	fi
-
-	_log "Found bridges: $bridge_names"
-
-	# Add IGMP snooping
-	uci -q set mcast.igmp_snooping_1=snooping
-	uci -q set mcast.igmp_snooping_1.enable='1'
-	uci -q set mcast.igmp_snooping_1.proto='igmp'
-	uci -q set mcast.igmp_snooping_1.version='2'
-	uci -q set mcast.igmp_snooping_1.robustness='2'
-	uci -q set mcast.igmp_snooping_1.query_interval='125'
-	uci -q set mcast.igmp_snooping_1.query_response_interval='100'
-	uci -q set mcast.igmp_snooping_1.last_member_query_interval='10'
-	uci -q set mcast.igmp_snooping_1.fast_leave='1'
-	uci -q set mcast.igmp_snooping_1.snooping_mode='2'
-	uci -q set mcast.igmp_snooping_1.interface="$bridge_names"
-	# to avoid multiple additions over the course of netmode reloads
-	uci -q del_list mcast.igmp_snooping_1.filter='239.0.0.0/8'
-	uci -q add_list mcast.igmp_snooping_1.filter='239.0.0.0/8'
-
-	# Add MLD snooping
-	uci -q set mcast.mld_snooping_1=snooping
-	uci -q set mcast.mld_snooping_1.enable='1'
-	uci -q set mcast.mld_snooping_1.proto='mld'
-	uci -q set mcast.mld_snooping_1.version='2'
-	uci -q set mcast.mld_snooping_1.robustness='2'
-	uci -q set mcast.mld_snooping_1.query_interval='125'
-	uci -q set mcast.mld_snooping_1.query_response_interval='100'
-	uci -q set mcast.mld_snooping_1.last_member_query_interval='10'
-	uci -q set mcast.mld_snooping_1.fast_leave='1'
-	uci -q set mcast.mld_snooping_1.snooping_mode='2'
-	uci -q set mcast.mld_snooping_1.interface="$bridge_names"
-
-	uci -q commit mcast
-	_log "L2 multicast configuration complete"
-}
-
-#
-# Configure DHCP
-#
-configure_dhcp() {
-	_log "Configuring DHCP"
-
-	# Check if we have any static interfaces (will be configured by post-hook)
-	local interface_names="${NETMODE_interface_names:-wan}"
-	local interface_types="${NETMODE_interface_types:-bridge:transparent}"
-	local has_static_lan=0
-
-	local OLD_IFS="$IFS"
-	IFS=','
-	local idx=1
-	for if_name in $interface_names; do
-		# Get corresponding type
-		local type_idx=$idx
-		set -- $interface_types
-		shift $((type_idx - 1))
-		local if_type="${1:-bridge:transparent}"
-
-		# Check if this is lan interface with static proto
-		if [ "$if_name" = "lan" ] && echo "$if_type" | grep -q -- '-static$'; then
-			has_static_lan=1
-			break
-		fi
-
-		idx=$((idx + 1))
-	done
-	IFS="$OLD_IFS"
-
-	uci -q get network.lan && has_static_lan="1"
-
-	if [ "$has_static_lan" = "1" ]; then
-		_log "LAN interface with static IP detected - DHCP server will be configured by post-hook"
-		# Don't disable DHCP for LAN, it will be configured by 15-static_lan.sh
-		# Only disable DHCP on WAN
-		uci -q set dhcp.wan.ignore=1 2>/dev/null
-		/etc/init.d/odhcpd enable
-	else
-		# Disable DHCP server on LAN (advanced mode without static LAN)
-		uci -q set dhcp.lan.ignore=1
-		# Disable DHCP on WAN if it exists
-		uci -q set dhcp.wan.ignore=1 2>/dev/null
-		/etc/init.d/odhcpd disable
-		_log "DHCP server disabled"
-	fi
-
-	local dhcp_ifaces="$(collect_interfaces_with_wan_port)"
-
-	_log "Disabling DHCP server on interfaces: $dhcp_ifaces"
-	for iface in $dhcp_ifaces; do
-		uci -q set dhcp.$iface=dhcp
-		uci -q set dhcp.$iface.interface="$iface"
-		uci -q set dhcp.$iface.ignore=1
-	done
-
-	uci -q commit dhcp
-}
-
-#
-# Configure Firewall
-#
-configure_firewall() {
-	_log "Configuring firewall"
-
-	# Check if any interface is routed
-	local interface_types="${NETMODE_interface_types:-bridge:transparent}"
-	local has_routed=0
-
-	local OLD_IFS="$IFS"
-	IFS=','
-	for if_type in $interface_types; do
-		if echo "$if_type" | grep -q "^route:"; then
-			has_routed=1
-			break
-		fi
-	done
-	IFS="$OLD_IFS"
-
-	if [ "$has_routed" = "1" ]; then
-		# Enable firewall for routed interfaces
-		ensure_firewall_layout
-	fi
-
-	uci -q set firewall.globals.enabled="1"
-	uci -q commit firewall
-	_log "Firewall enabled"
-}
-
-#
-# Update Service Dependencies
-#
-configure_services() {
-	_log "Updating service configurations"
-
-	# Get first interface name for services
-	local interface_names="${NETMODE_interface_names:-wan}"
-	local IFS=','
-	local first_interface=""
-
-	for if_name in $interface_names; do
-		first_interface="$if_name"
-		break
-	done
-
-	# Update CWMP Agent WAN Interface
-	uci -q set cwmp.cpe.default_wan_interface="$first_interface"
-	uci -q commit cwmp
-
-	# Update gateway WAN Interface
-	uci -q set gateway.global.wan_interface="$first_interface"
-	uci -q commit gateway
-
-	# Disable SSDPD
-	uci -q set ssdpd.ssdp.enabled="0"
-	uci -q commit ssdpd
-
-	_log "Service configurations updated"
-}
-
-#
-# Main Execution
-#
-_log "========================================="
-_log "Starting Advanced Mode Configuration"
-_log "========================================="
-
-# Main execution with error handling
-if ! configure_interfaces; then
-	_log "========================================="
-	_log "ERROR: Advanced Mode Configuration Failed"
-	_log "Please check the logs above for details"
-	_log "========================================="
-	exit 1
-fi
-
-if [ "$MACVLAN_PRESENT" -eq 1 ] || echo "$NETMODE_interface_types" | grep -q "BaseMACAddress"; then
-	_log "Macvlan interface with mac addr present, not generating default macoffset file"
-else
-	_log "Macvlan interface with mac addr not present, generating default macoffset file"
-	configure_macoffset
-fi
-
-if [ -n "$IPTV_DEVS" ]; then
-	configure_l3_mcast
-else
-	configure_l2_mcast
-fi
-
-configure_dhcp
-configure_firewall
-configure_services
-
-_log "========================================="
-_log "Advanced Mode Configuration Complete"
-_log "========================================="
-
-exit 0
--- a/netmode/files/etc/netmodes/bridged/scripts/10-bridged
+++ b/netmode/files/etc/netmodes/bridged/scripts/10-bridged
@@ -0,0 +1,118 @@
+#!/bin/sh
+
+. /lib/functions.sh
+. /usr/share/libubox/jshn.sh
+
+source "/etc/device_info"
+
+l2_mcast_config() {
+	# configure L2 mcast config for snooping
+	logger -s -p user.info -t "netmode" "Generating L2 mcast configuration"
+
+	# remove proxy sections
+	uci -q delete mcast.igmp_proxy_1
+	uci -q delete mcast.mc_proxy_MLD
+
+	# add igmp_snooping section
+	uci -q set mcast.igmp_snooping_1=snooping
+	uci -q set mcast.igmp_snooping_1.enable='1'
+	uci -q set mcast.igmp_snooping_1.proto='igmp'
+	uci -q set mcast.igmp_snooping_1.version='2'
+	uci -q set mcast.igmp_snooping_1.robustness='2'
+	uci -q set mcast.igmp_snooping_1.query_interval='125'
+	uci -q set mcast.igmp_snooping_1.query_response_interval='100'
+	uci -q set mcast.igmp_snooping_1.last_member_query_interval='10'
+	uci -q set mcast.igmp_snooping_1.fast_leave='1'
+	uci -q set mcast.igmp_snooping_1.snooping_mode='2'
+	uci -q set mcast.igmp_snooping_1.interface='br-lan'
+	uci -q add_list mcast.igmp_snooping_1.filter='239.0.0.0/8'
+
+	# add mld_snooping section
+	uci -q set mcast.mld_snooping_1=snooping
+	uci -q set mcast.mld_snooping_1.enable='1'
+	uci -q set mcast.mld_snooping_1.proto='mld'
+	uci -q set mcast.mld_snooping_1.version='2'
+	uci -q set mcast.mld_snooping_1.robustness='2'
+	uci -q set mcast.mld_snooping_1.query_interval='125'
+	uci -q set mcast.mld_snooping_1.query_response_interval='100'
+	uci -q set mcast.mld_snooping_1.last_member_query_interval='10'
+	uci -q set mcast.mld_snooping_1.fast_leave='1'
+	uci -q set mcast.mld_snooping_1.snooping_mode='2'
+	uci -q set mcast.mld_snooping_1.interface='br-lan'
+
+	uci -q commit mcast
+}
+
+l2_network_config() {
+	logger -s -p user.info -t "netmode" "Generating L2 network configuration"
+
+	# Configure L2 Network Mode
+	uci -q set network.lan=interface
+	uci -q set network.lan.proto='dhcp'
+	uci -q set network.lan.vendorid="$(uci -q get network.wan.vendorid)"
+	uci -q set network.lan.clientid="$(uci -q get network.wan.clientid)"
+	uci -q set network.lan.reqopts="$(uci -q get network.wan.reqopts)"
+	uci -q set network.lan.sendopts="$(uci -q get network.wan.sendopts)"
+	uci -q set network.lan.device='br-lan'
+	uci -q set network.lan.force_link='1'
+
+	uci -q set network.lan6=interface
+	uci -q set network.lan6.proto='dhcpv6'
+	uci -q set network.lan6.device='@lan'
+	uci -q set network.lan6.reqprefix='no'
+
+	uci -q delete network.wan
+	uci -q delete network.wan6
+
+	uci -q delete network.br_lan.ports
+	uci -q set network.br_lan.bridge_empty='1'
+
+	add_port_to_br_lan() {
+		port="$1"
+		[ -n "$port" -a -d /sys/class/net/$port ] || continue
+		uci add_list network.br_lan.ports="$port"
+	}
+
+	if [ -f /etc/board.json ]; then
+		json_load_file /etc/board.json
+		json_select network
+		json_select lan
+		if json_is_a ports array; then
+			json_for_each_item add_port_to_br_lan ports
+		else
+			json_get_var device device
+			[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
+		fi
+		json_select ..
+		json_select wan 2>/dev/null
+		json_get_var device device
+		[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
+		json_cleanup
+	fi
+
+	uci -q commit network
+
+	# Disable DHCP Server
+	uci -q set dhcp.lan.ignore=1
+	uci -q commit dhcp
+	/etc/init.d/odhcpd disable
+
+	# Disable SSDPD
+	uci -q set ssdpd.ssdp.enabled="0"
+	uci -q commit ssdpd
+
+	# Update CWMP Agent WAN Interface
+	uci -q set cwmp.cpe.default_wan_interface="lan"
+	uci -q commit cwmp
+
+	# Update gateway WAN Interface
+	uci -q set gateway.global.wan_interface="lan"
+	uci -q commit gateway
+
+	# disable firewall
+	uci -q set firewall.globals.enabled="0"
+	uci -q commit firewall
+}
+
+l2_network_config
+l2_mcast_config
--- a/netmode/files/etc/netmodes/routed-dhcp/scripts/10-routed-dhcp
+++ b/netmode/files/etc/netmodes/routed-dhcp/scripts/10-routed-dhcp
@@ -2,7 +2,6 @@

 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
-. /lib/netmode/advanced_helper.sh

 source "/etc/device_info"

@@ -16,12 +15,8 @@ l3_mcast_config() {
 }

 l3_network_config() {
-	cleanup_interfaces
-
 	logger -s -p user.info -t "netmode" "Generating L3 network configuration"

-	configure_macoffset
-
 	wandev="$(uci -q get network.WAN.ifname)"

 	# Configure L3 Network Mode
@@ -81,7 +76,28 @@ l3_network_config() {
 		done
 	fi

-	create_br_lan_bridge_device
+	uci -q delete network.br_lan.ports
+	uci -q set network.br_lan.bridge_empty='1'
+
+	add_port_to_br_lan() {
+		port="$1"
+		[ -n "$port" -a -d /sys/class/net/$port ] || continue
+		uci add_list network.br_lan.ports="$port"
+	}
+
+	if [ -f /etc/board.json ]; then
+		json_load_file /etc/board.json
+		json_select network
+		json_select lan
+		if json_is_a ports array; then
+			json_for_each_item add_port_to_br_lan ports
+		else
+			json_get_var device device
+			[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
+		fi
+		json_select ..
+		json_cleanup
+	fi

 	uci -q commit network

--- a/netmode/files/etc/netmodes/routed-pppoe/scripts/10-routed-pppoe
+++ b/netmode/files/etc/netmodes/routed-pppoe/scripts/10-routed-pppoe
@@ -2,7 +2,6 @@

 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
-. /lib/netmode/advanced_helper.sh

 source "/etc/device_info"

@@ -16,12 +15,8 @@ l3_mcast_config() {
 }

 l3_network_pppoe_config() {
-	cleanup_interfaces
-
 	logger -s -p user.info -t "netmode" "Generating L3 network configuration"

-	configure_macoffset
-
 	wandev="$(uci -q get network.WAN.ifname)"

 	# Configure L3 Network Mode
@@ -78,7 +73,28 @@ l3_network_pppoe_config() {
 		done
 	fi

-	create_br_lan_bridge_device
+	uci -q delete network.br_lan.ports
+	uci -q set network.br_lan.bridge_empty='1'
+
+	add_port_to_br_lan() {
+		port="$1"
+		[ -n "$port" -a -d /sys/class/net/$port ] || continue
+		uci add_list network.br_lan.ports="$port"
+	}
+
+	if [ -f /etc/board.json ]; then
+		json_load_file /etc/board.json
+		json_select network
+		json_select lan
+		if json_is_a ports array; then
+			json_for_each_item add_port_to_br_lan ports
+		else
+			json_get_var device device
+			[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
+		fi
+		json_select ..
+		json_cleanup
+	fi

 	uci -q commit network

--- a/netmode/files/etc/netmodes/routed-static/scripts/10-routed-static
+++ b/netmode/files/etc/netmodes/routed-static/scripts/10-routed-static
@@ -2,7 +2,6 @@

 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
-. /lib/netmode/advanced_helper.sh

 source "/etc/device_info"

@@ -16,12 +15,8 @@ l3_mcast_config() {
 }

 l3_network_config() {
-	cleanup_interfaces
-
 	logger -s -p user.info -t "netmode" "Generating L3 network configuration"

-	configure_macoffset
-
 	wandev="$(uci -q get network.WAN.ifname)"

 	# Configure L3 Network Mode
@@ -79,7 +74,28 @@ l3_network_config() {
 		done
 	fi

-	create_br_lan_bridge_device
+	uci -q delete network.br_lan.ports
+	uci -q set network.br_lan.bridge_empty='1'
+
+	add_port_to_br_lan() {
+		port="$1"
+		[ -n "$port" -a -d /sys/class/net/$port ] || continue
+		uci add_list network.br_lan.ports="$port"
+	}
+
+	if [ -f /etc/board.json ]; then
+		json_load_file /etc/board.json
+		json_select network
+		json_select lan
+		if json_is_a ports array; then
+			json_for_each_item add_port_to_br_lan ports
+		else
+			json_get_var device device
+			[ -n "$device" ] && uci add_list network.br_lan.ports="$device"
+		fi
+		json_select ..
+		json_cleanup
+	fi

 	uci -q commit network

--- a/netmode/files/etc/netmodes/supported_modes.json
+++ b/netmode/files/etc/netmodes/supported_modes.json
@@ -95,40 +95,6 @@
          "type": "string"
        }
      ]
-    },
-    {
-      "name": "advanced",
-      "description": "Advanced Mode - Unified configuration for bridges, routed interfaces, and standalone VLANs",
-      "supported_args": [
-        {
-          "name": "interface_names",
-          "description": "Interface names (comma-separated, e.g., wan,iptv,mgmt,lan100)",
-          "required": false,
-          "type": "string",
-          "#value": "wan"
-        },
-        {
-          "name": "interface_types",
-          "description": "Interface types (comma-separated). Bridge: bridge:transparent, bridge:tagged:VID, bridge:wan-tagged:VID, bridge:qinq:C:S. Routed: route:vlan:VID, route:macvlan:MAC, route:vlan:VID:MAC. Standalone: direct:VID. Modifiers: -n (proto none), -d (disabled)",
-          "required": false,
-          "type": "string",
-          "#value": "bridge:transparent"
-        },
-        {
-          "name": "ports",
-          "description": "Port lists for each interface (comma-separated, use '-' to separate ports, e.g., ALL, ALL_LAN, LAN1-LAN2-WAN, WAN)",
-          "required": false,
-          "type": "string",
-          "#value": "ALL"
-        },
-        {
-          "name": "macaddrs",
-          "description": "MAC addresses for each interface (comma-separated). Use explicit MAC (AA:BB:CC:DD:EE:FF) or macros: BaseMACAddress, BaseMACAddressP1, BaseMACAddressP2, etc.",
-          "required": false,
-          "type": "string",
-          "#value": "BaseMACAddress,BaseMACAddressP1,BaseMACAddressP2"
-        }
-      ]
    }
  ]
 }
--- a/netmode/files/lib/netmode/advanced_helper.sh
+++ b/netmode/files/lib/netmode/advanced_helper.sh
--- a/netmode/files/lib/netmode/post/10-dhcp_options.sh
+++ b/netmode/files/lib/netmode/post/10-dhcp_options.sh
@@ -1,64 +0,0 @@
-#!/bin/sh
-#
-# Auto-configure DHCP options for WAN interfaces
-# This script runs after netmode applies configuration
-#
-
-. /etc/os-release 2>/dev/null
-. /lib/functions/system.sh 2>/dev/null
-
-# Get device information
-model=$(cat /tmp/sysinfo/model 2>/dev/null || echo "OpenWrt")
-basemac=$(get_mac_label 2>/dev/null || echo "000000000000")
-software_ver=${OPENWRT_RELEASE##* }
-software_ver=${software_ver:-unknown}
-
-# DHCP options to request (TR-069/USP standard options)
-reqopts="42 43 100 101 121 125 128 132 224 225 226"
-
-# Helper: Set value if not already set
-set_if_empty() {
-	uci -q get "$1" > /dev/null || uci set "${1}=${2}"
-}
-
-# Helper: Add request options (merge with existing)
-set_reqopts() {
-	local intf="$1"
-	local new_opts="$2"
-	local opts=$(uci -q get "network.${intf}.reqopts")
-	local o
-
-	for o in $new_opts; do
-		echo "$opts" | grep -qwF "$o" || opts="${opts:+$opts }$o"
-	done
-
-	uci set "network.${intf}.reqopts=${opts}"
-}
-
-# Configure DHCP options only for 'wan' interface with proto=dhcp
-for intf in $(uci show network | grep "=interface" | cut -d'.' -f2 | cut -d'=' -f1); do
-	# Only configure interface named 'wan' with proto=dhcp
-	[ "$intf" = "wan" ] || continue
-	[ "$(uci -q get "network.${intf}.proto")" = "dhcp" ] || continue
-
-	logger -s -p user.info -t "netmode-dhcp" "Configuring DHCP options for WAN interface"
-
-	# Set vendorid: model,software_version,dslforum.org
-	uci set "network.${intf}.vendorid=${model},${software_ver},dslforum.org"
-
-	# Set clientid (01 = ARP hardware type Ethernet)
-	set_if_empty "network.${intf}.clientid" "01${basemac//:}"
-
-	# Set DHCP request options
-	set_reqopts "$intf" "$reqopts"
-
-	# Set sendopts for TR-069/USP (option 124: Device.DeviceInfo.VendorClassID)
-	# Format: enterprise number (3561 = Broadband Forum) + data
-	set_if_empty "network.${intf}.sendopts" "124:00:00:0D:E9:04:03:75:73:70"
-done
-
-uci -q commit network
-
-logger -s -p user.info -t "netmode-dhcp" "DHCP options configuration completed"
-
-exit 0
--- a/netmode/files/lib/netmode/post/15-static_lan.sh
+++ b/netmode/files/lib/netmode/post/15-static_lan.sh
@@ -1,53 +0,0 @@
-#!/bin/sh
-#
-# Auto-configure static IP and DHCP server for LAN interfaces
-# This script runs after netmode applies configuration
-#
-
-_log() {
-	logger -s -p user.info -t "netmode-static-lan" "$*"
-}
-
-# Configure static IP and DHCP server for LAN interface
-for intf in $(uci show network | grep "=interface" | cut -d'.' -f2 | cut -d'=' -f1); do
-	# Only configure interfaces with proto=static
-	[ "$(uci -q get "network.${intf}.proto")" = "static" ] || continue
-
-	_log "Configuring static IP for interface: $intf"
-
-	# Special handling for 'lan' interface
-	if [ "$intf" = "lan" ]; then
-		_log "Auto-configuring LAN interface with default static IP settings"
-
-		# Set static IP configuration
-		uci -q set "network.${intf}.ipaddr=192.168.1.1"
-		uci -q set "network.${intf}.netmask=255.255.255.0"
-		uci -q set "network.${intf}.ip6assign=60"
-
-		# Configure DHCP server for LAN
-		uci -q delete "dhcp.${intf}"
-		uci -q set "dhcp.${intf}=dhcp"
-		uci -q set "dhcp.${intf}.interface=${intf}"
-		uci -q set "dhcp.${intf}.start=100"
-		uci -q set "dhcp.${intf}.limit=150"
-		uci -q set "dhcp.${intf}.leasetime=1h"
-		uci -q set "dhcp.${intf}.dhcpv4=server"
-		uci -q set "dhcp.${intf}.dhcpv6=server"
-		uci -q set "dhcp.${intf}.ra=server"
-		uci -q set "dhcp.${intf}.ra_slaac=1"
-		uci -q delete "dhcp.${intf}.ra_flags"
-		uci -q add_list "dhcp.${intf}.ra_flags=managed-config"
-		uci -q add_list "dhcp.${intf}.ra_flags=other-config"
-
-		_log "LAN interface configured with IP 192.168.1.1/24 and DHCP server enabled"
-	else
-		_log "Interface '$intf' has proto=static but is not 'lan' - no auto-configuration applied"
-	fi
-done
-
-uci -q commit network
-uci -q commit dhcp
-
-_log "Static LAN configuration completed"
-
-exit 0
--- a/netmode/files/lib/netmode/post/99-datamodel_init.sh
+++ b/netmode/files/lib/netmode/post/99-datamodel_init.sh
@@ -1,57 +0,0 @@
-#!/bin/sh
-
-if [ ! -f /var/run/boot_complete ]; then
-	exit 0
-fi
-
-if [ -f /etc/bbfdm/dmmap/PPP ]; then
-	rm -f /etc/bbfdm/dmmap/PPP
-fi
-
-if [ -f /etc/bbfdm/dmmap/IP ]; then
-	rm -f /etc/bbfdm/dmmap/IP
-fi
-
-if [ -f /etc/bbfdm/dmmap/Ethernet ]; then
-	rm -f /etc/bbfdm/dmmap/Ethernet
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_firewall ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_firewall
-fi
-
-if [ -f /etc/bbfdm/dmmap/DHCPv4 ]; then
-	rm -f /etc/bbfdm/dmmap/DHCPv4
-fi
-
-if [ -f /etc/bbfdm/dmmap/DHCPv6 ]; then
-	rm -f /etc/bbfdm/dmmap/DHCPv6
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_mcast ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_dns
-fi
-
-if [ -f /etc/bbfdm/dmmap/Ethernet ]; then
-	rm -f /etc/bbfdm/dmmap/Ethernet
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_bridge ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_bridge
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_bridge_vlanport ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_bridge_vlanport
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_bridge_vlan ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_bridge_vlan
-fi
-
-if [ -f /etc/bbfdm/dmmap/dmmap_bridge_port ]; then
-	rm -f /etc/bbfdm/dmmap/dmmap_bridge_port
-fi
-
-sleep 5
-
-reboot -f
--- a/netmode/files/lib/netmode/post/datamodel_init.sh
+++ b/netmode/files/lib/netmode/post/datamodel_init.sh
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+if [ ! -f /var/run/boot_complete ]; then
+	exit 0
+fi
+
+if [ -f /etc/bbfdm/dmmap/PPP ]; then
+	rm -f /etc/bbfdm/dmmap/PPP
+fi
+
+if [ -f /etc/bbfdm/dmmap/IP ]; then
+	rm -f /etc/bbfdm/dmmap/IP
+fi
+
+if [ -f /etc/bbfdm/dmmap/Ethernet ]; then
+	rm -f /etc/bbfdm/dmmap/Ethernet
+fi
+
+sleep 5
+
+reboot -f
--- a/netmode/files/lib/netmode/pre/10-restore_defaults.sh
+++ b/netmode/files/lib/netmode/pre/10-restore_defaults.sh
@@ -1,72 +0,0 @@
-#!/bin/sh
-# /usr/sbin/netmode-restore.sh
-
-. /lib/functions.sh
-
-LOG_TAG="netmode-restore"
-
-log() {
-	logger -t "$LOG_TAG" "$*"
-	echo "[${LOG_TAG}] $*"
-}
-
-log "Starting netmode restore"
-
-delete_extra_dhcp_sections() {
-	log "Cleaning up dhcp UCI"
-
-	# by default only lan and wan dhcp sections are present,
-	# so delete any extra sections
-	delete_dhcp_sec() {
-		sec="$1"
-		intf="$(uci -q get dhcp.$sec.interface)"
-		if [ "$intf" != "wan" ] && [ "$intf" != "lan" ]; then
-			log "deleting dhcp section $sec"
-			uci -q delete dhcp.$sec
-		fi
-	}
-
-	config_load "dhcp"
-        config_foreach delete_dhcp_sec dhcp
-
-	uci commit dhcp
-}
-
-restore_firewall() {
-	log "Cleaning up firewall UCI"
-
-	# in some netmodes, an extra mgmt zone is added
-	# so we remove its zone and rules
-	# ---- 1. reset wan zone networks -------------------------------------
-	uci -q set firewall.wan.network=""
-
-	# ---- 2. add base wan/wan6 -------------------------------------------
-	for net in wan wan6; do
-		uci -q add_list firewall.wan.network="$net"
-	done
-
-	delete_mgmt_rule() {
-		sec="$1"
-		src="$(uci -q get firewall.$sec.src)"
-		dest="$(uci -q get firewall.$sec.dest)"
-		if [ "$src" = "mgmt" ] || [ "$dest" = "mgmt" ]; then
-			log "deleting firewall section $sec"
-			uci -q delete firewall.$sec
-		fi
-	}
-
-	# ---- 3. delete mgmt rules ---------------------------------------------
-	config_load "firewall"
-        config_foreach delete_mgmt_rule rule
-
-	# ---- 4. delete mgmt zone ---------------------------------------------
-	uci -q delete firewall.mgmt
-
-	uci commit firewall
-}
-
-restore_firewall
-delete_extra_dhcp_sections
-
-log "Netmode restore completed"
-exit 0