ssdpd: Download source tar

bbf/Makefile

@@ -5,11 +5,11 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=libbbfdm
-PKG_VERSION:=6.8.16
+PKG_VERSION:=6.8.12
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/bbf.git
-PKG_SOURCE_VERSION:=0ef6169d86333b8727ed34c63f379b08254340e3
+PKG_SOURCE_VERSION:=78157b22411816642f2bab81119c6d997c180c37
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 
@@ -160,7 +160,7 @@ define Package/libbbfdm/default/install
 	$(LN) /usr/share/bbfdm/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
 ifeq ($(CONFIG_PACKAGE_mosquitto-ssl),y)
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_BIN) ./files/etc/uci-defaults/01-mosquitto-config $(1)/etc/uci-defaults/
+	$(INSTALL_BIN) ./files/etc/uci-defaults/94-mosquitto-config $(1)/etc/uci-defaults/94-mosquitto-config
 endif
 endef
 

bbf/files/etc/uci-defaults/94-mosquitto-config

@@ -8,7 +8,7 @@ config_mosquitto_owrt() {
 	fi
 
 	uci -q set mosquitto.owrt.use_uci="1"
-	uci -q set mosquitto.owrt.write_pid="1"
+	uci -q set mosquitto.owrt.write_pid="0"
 	uci -q commit mosquitto
 }
 
@@ -20,6 +20,7 @@ config_mosquitto_general() {
 	fi
 
 	uci -q set mosquitto.mosquitto.log_dest="syslog"
+	uci -q set mosquitto.mosquitto.include_dir="/etc/mosquitto/conf.d"
 	uci -q set mosquitto.mosquitto.log_facility="5"
 	uci -q set mosquitto.mosquitto.log_timestamp="1"
 	uci -q set mosquitto.mosquitto.log_types="error warning notice"

icwmp/Makefile

@@ -8,11 +8,11 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=icwmp
-PKG_VERSION:=9.1.4
+PKG_VERSION:=9.1.3
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/icwmp.git
-PKG_SOURCE_VERSION:=fb8b5b9da6cadd53a3d12e27af0ed800b149a9f2
+PKG_SOURCE_VERSION:=71488fdc4e1a97416fa7f8ad356314c80e4c0b87
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 

icwmp/files/etc/init.d/icwmpd

@@ -290,9 +290,8 @@ copy_cwmp_etc_files_to_varstate() {
 
 	if [ -f /etc/icwmpd/cwmp ]; then
 		uci -q -c /etc/icwmpd delete cwmp.acs
-		uci -q -c /etc/icwmpd delete cwmp.gatewayinfo
 		uci -q -c /etc/icwmpd commit cwmp
-		cat /etc/icwmpd/cwmp >> /var/state/cwmp
+		cp -f /etc/icwmpd/cwmp /var/state/cwmp
 	fi
 
 	if [ -f /etc/icwmpd/icwmpd_backup_session.xml ]; then
@@ -422,9 +421,6 @@ boot() {
 		regenerate_ssl_link "${ssl_capath}"
 	fi
 
-	# Copy backup data so that if it restart latter on it gets the info
-	copy_cwmp_etc_files_to_varstate
-
 	start
 }
 
@@ -447,6 +443,9 @@ start_service() {
 		return 1;
 	}
 
+	# Copy backup data so that if it restart latter on it gets the info
+	copy_cwmp_etc_files_to_varstate
+
 	procd_open_instance icwmp
 	procd_set_param command "$PROG"
 	procd_append_param command -b

icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp.user

@@ -1,7 +1,5 @@
 #!/bin/sh
 
-. /lib/functions.sh
-
 CLASS=""
 OUI=""
 SERIAL=""
@@ -104,22 +102,13 @@ get_vivsoi() {
 	done
 }
 
-config_load cwmp
-config_get_bool enable_cwmp cpe enable 1
-config_get wan_intf cpe default_wan_interface "wan"
-
-if [ "$enable_cwmp" = "0" ]; then
-	return 0
-fi
-
-if [ "${wan_intf}" == "${INTERFACE}" ]; then
+wan_intf=$(uci -q get cwmp.cpe.default_wan_interface)
+if [ -n "${wan_intf}" ] && [ "${wan_intf}" == "${INTERFACE}" ]; then
 	if [ -n "$opt125" ]; then
 		len=$(printf "$opt125"|wc -c)
 		get_vivsoi "$opt125" "$len"
 	fi
 
-	mkdir -p /var/state
-	touch /var/state/cwmp
 	sec=$(uci -q -c /var/state get cwmp.gatewayinfo)
 	if [ -z "${sec}" ]; then
 		sec=$(uci -q -c /var/state add cwmp gatewayinfo)

ieee1905/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ieee1905
-PKG_VERSION:=6.0.21
+PKG_VERSION:=6.0.20
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=29f58120eea9bf3c48fae98a74f0f4c9d3d902a8
+PKG_SOURCE_VERSION:=166fc0543f578336089f0940d9f5d2c27fac73a6
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip

ieee1905/files/etc/init.d/ieee1905

@@ -44,8 +44,7 @@ validate_ap_section() {
 	uci_validate_section ieee1905 $section "${1}" \
 			'band:or("2", "5", "60", "6")' \
 			'ssid:string' \
-			'encryption:or("psk2", "sae-mixed", "sae",
-				"psk", "psk-mixed", "none", string)' \
+			'encryption:or("psk2", "sae-mixed", "sae", string)' \
 			'key:string' \
 			'uuid:string' \
 			'manufacturer:string' \

ieee1905/files/etc/uci-defaults/31-ifname-option-to-list

@@ -1,18 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-config_load ieee1905
-
-ifname_to_list() {
-	local section=$1
-
-	config_get ifname $section ifname	# get list or option as space separated values
-	ifname=${ifname//,/\ }			# convert csv with space separation
-	uci del ieee1905.${section}.ifname	# delete entry
-	for i in ${ifname}; do
-		uci add_list ieee1905.${section}.ifname="$i"	# writeback entry as list
-	done
-}
-
-config_foreach ifname_to_list al-iface

iop/config

@@ -153,7 +153,6 @@ CONFIG_PACKAGE_ip-bridge=y
 CONFIG_PACKAGE_ip-full=y
 CONFIG_PACKAGE_iperf3=y
 CONFIG_PACKAGE_ipset=y
-CONFIG_PACKAGE_ip6tables-zz-legacy=y
 CONFIG_PACKAGE_iptables-zz-legacy=y
 CONFIG_PACKAGE_iptables-mod-conntrack-extra=y
 CONFIG_PACKAGE_iptables-mod-filter=y

libvoice-broadcom/Makefile

@@ -16,7 +16,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=d066c9d5c14757ab38e9ecb265ba24f5b33cdbce
+PKG_SOURCE_VERSION:=b53e93ca1a2fdda56ca9caffb6020e158e684f3d
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

map-agent/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-agent
-PKG_VERSION:=2.10.4.17
+PKG_VERSION:=2.10.4.13
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=098fef903c1e746776f88df3706337b8fc3899ac
+PKG_SOURCE_VERSION:=fdce58318b082b8683f80688c5d284e21efa7908
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 
 PKG_LICENSE:=BSD-3-Clause

map-agent/files/etc/init.d/mapagent

@@ -104,11 +104,7 @@ validate_radio_section() {
 			'include_sta_metric:bool:false' \
 			'rcpi_hysteresis_margin:range(0,255)' \
 			'report_util_threshold:range(0,255)' \
-			'encryption:or("sae", "sae+aes", "psk2",
-				"psk2+aes", "sae-mixed", "sae-mixed+aes",
-				"none", "psk-mixed", "psk-mixed+aes",
-				"wpa", "wpa+aes", "wpa2", "wpa2+aes",
-				"psk", "psk+aes")' \
+			'encryption:or("sae", "psk2", "sae-mixed")'
 
 	[ "$?" -ne 0 ] && {
 		logger -s -t "mapagent" "Validation of radio section failed"

map-controller/Makefile

@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=map-controller
-PKG_VERSION:=2.11.0.24
+PKG_VERSION:=2.11.0.21
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=8944352f648643fa5c72cd216a76695a021b7851
+PKG_SOURCE_VERSION:=24fb4d95c3a1d0b736239de28a8e14ab7a185630
 
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)

map-controller/files/etc/init.d/mapcontroller

@@ -62,10 +62,7 @@ validate_ap_section() {
 			'band:or("2", "5", "6")' \
 			'ssid:string' \
 			'encryption:or("sae", "sae+aes", "psk2",
-				"psk2+aes", "sae-mixed", "sae-mixed+aes",
-				"none", "psk-mixed", "psk-mixed+aes",
-				"wpa", "wpa+aes", "wpa2", "wpa2+aes",
-				"psk", "psk+aes")' \
+				"psk2+aes", "sae-mixed", "sae-mixed+aes")' \
 			'key:string' \
 			'vid:range(1,65535):1' \
 			'type:or("backhaul", "fronthaul", "combined")' \

map-topology/Makefile

@@ -6,11 +6,11 @@ include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk
 
 PKG_NAME:=map-topology
-PKG_VERSION:=2.5.1.14
+PKG_VERSION:=2.5.1.13
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_VERSION:=bacbffccabdc1a388a135daad58db4ca60676b05
+PKG_SOURCE_VERSION:=aaa55a72e719184af32d57a9b40bec1c440774a9
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/map-topology.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz

map-topology/files/etc/firewall.hosts

@@ -1,126 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-day=""
-IP_RULE=""
-
-process_ac_schedule() {
-	local acs_id="$1"
-	local is_enabled
-	local access_control
-	local start_time=""
-	local stop_time=""
-	local mac=""
-
-	handle_day_list() {
-		local value=$1
-
-		val=$(echo $value | cut -c 1-3)
-		if [ -z $day ]; then
-			day="$val"
-		else
-			day="$day,$val"
-		fi
-	}
-
-	config_list_foreach "$acs_id" "day" handle_day_list
-	config_get is_enabled "$acs_id" "enable" 1
-	config_get access_control "$acs_id" "dm_parent"
-
-	if [ "$is_enabled" == "0" ] || [ -z "$access_control" ]; then
-		return
-	fi
-
-	IP_RULE=""
-
-	mac=$(uci -q get hosts.$access_control.macaddr)
-	access_policy=$(uci -q get hosts.$access_control.access_policy)
-
-	config_get start_time "$acs_id" "start_time"
-	config_get duration "$acs_id" "duration"
-
-	if [ -z "$mac" ] && [ -z "$start_time" ] && [ -z "$duration" ] && [ -z "$day" ] && [ -z "$access_policy" ]; then
-		return
-	fi
-	if [ -n "$mac" ]; then
-		IP_RULE="$IP_RULE -m mac --mac-source $mac"
-	fi
-
-	# as per iptables manual default starttime is 00:00
-	# default stoptime is 23:59
-	if [ -z "$start_time" ]; then
-		start_time="0:0"
-	fi
-
-        if [ -n "$duration" ]; then
-		hh=$(echo $start_time | awk -F: '{ print $1 }')
-                mm=$(echo $start_time | awk -F: '{ print $2 }')
-                hh_s=`expr $hh \* 3600`
-                mm_s=`expr $mm \* 60`
-                ss=$(( hh_s + mm_s ))
-
-                stop_ss=$(( ss + duration ))
-                hh=$(( stop_ss / 3600 ))
-                if [ $hh -lt 24 ]; then
-                	rem_ss=$(( stop_ss % 3600 ))
-                	mm=$(( rem_ss / 60 ))
-                	ss=$(( rem_ss % 60 ))
-                	stop_time="$hh:$mm:$ss"
-                else
-                	stop_time="23:59"
-                fi
-        else
-        	stop_time="23:59"
-        fi
-
-	# conversion to utc
-	zone=$(date +%z | cut -c 1)
-	utc_h=$(date -u -d @$(date "+%s" -d "$start_time") +%H)
-	local_h=$(echo $start_time | awk -F: '{ print $1 }')
-	if [ "$zone" == "+" ] && [ $utc_h -gt $local_h ]; then
-		start_utc="0:0"
-	else
-		start_utc=$(date -u -d @$(date "+%s" -d "$start_time") +%H:%M)
-	fi
-
-	utc_h=$(date -u -d @$(date "+%s" -d "$stop_time") +%H)
-	local_h=$(echo $stop_time | awk -F: '{ print $1 }')
-	if [ "$zone" == "-" ] && [ $utc_h -lt $local_h ]; then
-		stop_utc="23:59"
-	else
-		stop_utc=$(date -u -d @$(date "+%s" -d "$stop_time") +%H:%M)
-	fi
-
-
-	IP_RULE="$IP_RULE -m time --timestart $start_utc --timestop $stop_utc"
-	if [ -n "$day" ]; then
-		IP_RULE="$IP_RULE --weekdays $day"
-	fi
-
-	if [ "$access_policy" == "Deny" ]; then
-		IP_RULE="$IP_RULE -j DROP"
-	else
-		IP_RULE="$IP_RULE -j ACCEPT"
-	fi
-
-	iptables -w -A hosts_forward ${IP_RULE}
-	ip6tables -w -A hosts_forward ${IP_RULE}
-
-	day=""
-}
-
-iptables -w -F hosts_forward
-ip6tables -w -F hosts_forward
-
-iptables -w -t filter -N hosts_forward
-ret=$?                        
-[ $ret -eq 0 ] && iptables -w -t filter -I FORWARD -j hosts_forward
-ip6tables -w -t filter -N hosts_forward
-ret=$?                        
-[ $ret -eq 0 ] && ip6tables -w -t filter -I FORWARD -j hosts_forward
-
-# Load /etc/config/hosts UCI file
-config_load hosts
-config_foreach process_ac_schedule ac_schedule
-

map-topology/files/etc/uci-defaults/992-firewall_host.ucidefaults

@@ -1,12 +0,0 @@
-#!/bin/sh
-
-if [ -f /etc/firewall.hosts ]; then
-	uci -q get firewall.hosts || {
-		uci -q set firewall.hosts=include
-		uci -q set firewall.hosts.path="/etc/firewall.hosts"
-		uci -q set firewall.hosts.reload=1
-	}
-fi
-
-
-exit 0

obuspa/Makefile

@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=obuspa
-PKG_VERSION:=6.0.0.14
+PKG_VERSION:=6.0.0.12
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/fork/obuspa.git
-PKG_SOURCE_VERSION:=3df3346238a9eef2168fddadcef01ebe311053e4
+PKG_SOURCE_VERSION:=668748cd4801aa5af12d61d9b0837064b9f933cc
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -110,7 +110,6 @@ define Package/obuspa/install
 	$(INSTALL_DATA) ./files/etc/bbfdm/json/USPAgent.json $(1)/etc/bbfdm/json/USPAgent.json
 	$(INSTALL_DATA) ./files/etc/bbfdm/json/TransferComplete.json $(1)/etc/bbfdm/json/TransferComplete.json
 	$(INSTALL_BIN) ./files/etc/uci-defaults/01-fix-upgrade-uci $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/50-add-mqtt-usp-test $(1)/etc/uci-defaults/
 endef
 
 $(eval $(call BuildPackage,obuspa))

obuspa/files/etc/uci-defaults/50-add-mqtt-usp-test

@@ -1,14 +0,0 @@
-add_usp_test()
-{
-        if ! uci_get mosquitto usptest >/dev/null 2>&1; then
-                uci_add mosquitto listener usptest
-                uci_set mosquitto usptest enabled 1
-                uci_set mosquitto usptest port '9001'
-                uci_set mosquitto usptest protocol 'websockets'
-                uci_set mosquitto usptest require_certificates '0'
-                uci_set mosquitto usptest auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-        fi
-}
-
-uci_load mosquitto
-add_usp_test

qosmngr/Makefile

@@ -27,7 +27,7 @@ define Package/qosmngr
   SECTION:=utils
   CATEGORY:=Utilities
   TITLE:=QoS Manager
-  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha||TARGET_iopsys_mediatek) +libuci +libubox +libubus +libblobmsg-json +libjson-c +libqos
+  DEPENDS:=@(TARGET_brcmbca||TARGET_airoha) +libuci +libubox +libubus +libblobmsg-json +libjson-c +libqos
 endef
 
 define Package/qosmngr/description
@@ -60,12 +60,4 @@ define Package/qosmngr/install
 	$(call Package/qosmngr/install/common,$(1))
 endef
 endif
-
-ifeq ($(CONFIG_TARGET_iopsys_mediatek),y)
-define Package/qosmngr/install
-	$(CP) ./files/linux/* $(1)/
-	echo "Honoring the flag mediatek"
-	$(call Package/qosmngr/install/common,$(1))
-endef
-endif
 $(eval $(call BuildPackage,qosmngr))

qosmngr/files/airoha/etc/uci-defaults/60-qos_queue_generate

@@ -4,18 +4,6 @@
 
 ethwan="$(db -q get hw.board.ethernetWanPort)"
 
-populate_no_of_queue(){
-    queue_num=4
-
-    # writing no. of queue per port into file and read on classify generate
-    if [ ! -d "/tmp/qos" ]; then
-	    mkdir -p "/tmp/qos"
-    fi
-    no_queue_file="/tmp/qos/no_queue_per_port"
-    touch "$no_queue_file"
-    echo $queue_num >"$no_queue_file"
-}
-
 generate_queue(){
     section="$1"
 
@@ -46,19 +34,15 @@ generate_queue(){
     uci commit qos
 }
 
-populate_no_of_queue
-
 if [ -s "/etc/config/qos" ]; then
     if uci -q get qos.@queue[0] >/dev/null; then
-	# return if there is any valid content
-	exit
+        # return if there is any valid content
+        exit
     else
-	rm -f /etc/config/qos
+        rm -f /etc/config/qos
     fi
 fi
 touch /etc/config/qos
 
-# generate qos queue config
 config_load ports
 config_foreach generate_queue ethport
-

qosmngr/files/airoha/lib/qos/airoha.sh

@@ -182,9 +182,9 @@ hw_commit_all() {
 
     if [ "${glob_alg}" != "" ] ; then
         /userfs/bin/qosrule discpline $(hw_sc_alg2str ${glob_alg}) ${weight_list} \
-                            uplink-bandwidth ${shape_rate:-0} \
+                            ${shape_rate:+uplink-bandwidth} $shape_rate \
                             queuemask $queue_mask
     else
-        /userfs/bin/qosrule discpline Enable 0
+        /userfs/bin/qosrule discpline off
     fi
 }

qosmngr/files/airoha/lib/qos/common/classify.sh

@@ -5,9 +5,9 @@
 handle_classify() {
     cid="$1" #classify section ID
 
-    config_get is_enable "$cid" "enable" 1
+    config_get is_enable "$cid" "enable"
     # no need to configure disabled classify rules
-    if [ "$is_enable" == "0" ]; then
+    if [ -z "$is_enable" ] || [ "$is_enable" == "0" ]; then
         return
     fi
 

qosmngr/files/airoha/lib/qos/common/policer.sh

@@ -80,10 +80,10 @@ handle_policer() {
     local p_sec="$1" # policer section ID
     local dir=1 # default direction, upstream
 
-    config_get is_enable "$p_sec" "enable" 1
+    config_get is_enable "$p_sec" "enable"
 
     # No need to configure disabled policer
-    if [ "$is_enable" == "0" ] ; then
+    if [ -z "$is_enable" ] || [ "$is_enable" == "0" ] ; then
         return
     fi
 

qosmngr/files/airoha/lib/qos/common/queue.sh

@@ -18,10 +18,10 @@ handle_queue() {
     local qid="$1" #queue section ID
     local intf_name="$2"
 
-    config_get is_enable "$qid" "enable" 1
+    config_get is_enable "$qid" "enable"
 
     # no need to configure disabled queues
-    if [ "${is_enable}" == "0" ]; then
+    if [ -z "${is_enable}" ] || [ "${is_enable}" == "0" ]; then
         return
     fi
 

qosmngr/files/airoha/lib/qos/common/shaper.sh

@@ -7,9 +7,9 @@
 handle_shaper() {
     sid="$1" #queue section ID
 
-    config_get is_enable "$sid" "enable" 1
+    config_get is_enable "$sid" "enable"
     # no need to configure disabled queues
-    if [ "${is_enable}" == "0" ] ; then
+    if [ -z "${is_enable}" ] || [ "${is_enable}" == "0" ] ; then
         return
     fi
 

qosmngr/files/broadcom/etc/uci-defaults/60-qos_config_generate

@@ -1,75 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-ethwan="$(db -q get hw.board.ethernetWanPort)"
-cpu_model="$(cat /proc/socinfo  | grep 'SoC Name' | cut -d':' -f2)"
-
-queue_num=8
-
-populate_no_of_queue(){
-	case $cpu_model in
-		BCM68*) queue_num=4;;
-	esac
-        if grep -qE '[0-9]+ archer$' /proc/devices; then
-                queue_num=4
-        fi
-
-	# writing no. of queue per port into file and read on classify generate
-	if [ ! -d "/tmp/qos" ]; then
-		mkdir -p "/tmp/qos"
-	fi
-	no_queue_file="/tmp/qos/no_queue_per_port"
-	touch "$no_queue_file"
-	echo $queue_num >"$no_queue_file"
-}
-
-generate_queue(){
-	section="$1"
-
-	config_get ifname "$section" "ifname"
-
-	local is_lan=0
-	if [ "$ifname" != "$ethwan" ]; then
-		is_lan=1
-	fi
-
-	local no_of_q="0 1 2 3 4 5 6 7"
-
-	if [ $is_lan -eq 1 ] -a [ $queue_num -eq 4 ]; then
-		no_of_q="0 1 2 3"
-	fi
-
-	i=0
-	local total_q=$((${no_of_q##* } + 1))
-        for i in $no_of_q; do
-		order=$((total_q - i))
-		uci add qos queue
-		uci rename qos.@queue[-1]="q_${i}_${ifname}"
-		uci set qos.@queue[-1].enable="1"
-		uci set qos.@queue[-1].ifname="$ifname"
-		uci set qos.@queue[-1].precedence="$order"
-		uci set qos.@queue[-1].scheduling="SP"
-		uci set qos.@queue[-1].rate="0"
-		uci set qos.@queue[-1].burst_size="0"
-		uci set qos.@queue[-1].weight="1"
-	done
-
-	uci commit qos
-}
-
-populate_no_of_queue
-
-if [ -s "/etc/config/qos" ]; then
-	if uci -q get qos.@queue[0] >/dev/null; then
-		exit
-	else
-		rm -f /etc/config/qos
-	fi
-fi
-touch /etc/config/qos
-
-# generate qos queue config
-config_load ports
-config_foreach generate_queue ethport
-

qosmngr/files/broadcom/etc/uci-defaults/60-qos_queue_generate

@@ -3,14 +3,30 @@
 . /lib/functions.sh
 
 ethwan="$(db -q get hw.board.ethernetWanPort)"
+cpu_model="$(cat /proc/socinfo  | grep 'SoC Name' | cut -d':' -f2)"
 
 generate_queue(){
 	section="$1"
 
 	config_get ifname "$section" "ifname"
 
+	local is_lan=0
+	if [ "$ifname" != "$ethwan" ]; then
+		is_lan=1
+	fi
+
 	local no_of_q="0 1 2 3 4 5 6 7"
 
+        if [ $is_lan -eq 1 ]; then
+		case $cpu_model in
+			BCM68*) no_of_q="0 1 2 3" ;;
+		esac
+
+                if grep -qE '[0-9]+ archer$' /proc/devices; then 
+                        no_of_q="0 1 2 3" 
+                fi 
+	fi
+
 	i=0
 	local total_q=$((${no_of_q##* } + 1))
         for i in $no_of_q; do
@@ -21,8 +37,8 @@ generate_queue(){
 		uci set qos.@queue[-1].ifname="$ifname"
 		uci set qos.@queue[-1].precedence="$order"
 		uci set qos.@queue[-1].scheduling="SP"
-		uci set qos.@queue[-1].rate="1000000"
-		uci set qos.@queue[-1].burst_size="1500"
+		uci set qos.@queue[-1].rate="0"
+		uci set qos.@queue[-1].burst_size="0"
 		uci set qos.@queue[-1].weight="1"
 	done
 

qosmngr/files/broadcom/lib/qos/qos.sh

@@ -1070,7 +1070,7 @@ handle_classify() {
 	local corder_file="/tmp/qos/classify.order"
 
 	while read -r line; do
-		line_cid=$(echo $line | cut -d '_' -f 2)
+		line_cid=${line: 2}
 
 	        handle_ebtables_rules $line_cid
 	        handle_iptables_rules $line_cid

qosmngr/files/common/etc/uci-defaults/61-qos_classify_generate

@@ -1,114 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-classify_no=0
-generate_dns_rule(){
-	classify_no=$((classify_no + 1))
-	uci add qos classify
-	uci rename qos.@classify[-1]="c${classify_no}"
-	uci set qos.@classify[-1].ifname="lo"
-	uci set qos.@classify[-1].proto="udp"
-	uci set qos.@classify[-1].ethertype="IPv4"
-	uci set qos.@classify[-1].dest_port="53"
-	uci set qos.@classify[-1].traffic_class="$1"
-}
-
-generate_dhcp_rule(){
-	classify_no=$((classify_no + 1))
-	uci add qos classify
-	uci rename qos.@classify[-1]="c${classify_no}"
-	uci set qos.@classify[-1].ifname="lo"
-	uci set qos.@classify[-1].proto="udp"
-	uci set qos.@classify[-1].ethertype="IPv4"
-	uci set qos.@classify[-1].dest_port="67"
-	uci set qos.@classify[-1].dest_port_range="68"
-	uci set qos.@classify[-1].traffic_class="$1"
-}
-
-generate_igmp_rule(){
-	classify_no=$((classify_no + 1))
-	uci add qos classify
-	uci rename qos.@classify[-1]="c${classify_no}"
-	uci set qos.@classify[-1].ifname="lo"
-	uci set qos.@classify[-1].proto="IGMP"
-	uci set qos.@classify[-1].ethertype="IPv4"
-	uci set qos.@classify[-1].traffic_class="$1"
-}
-
-generate_icmp_rule(){
-	classify_no=$((classify_no + 1))
-	uci add qos classify
-	uci rename qos.@classify[-1]="c${classify_no}"
-	uci set qos.@classify[-1].ifname="lo"
-	uci set qos.@classify[-1].proto="icmp"
-	uci set qos.@classify[-1].ethertype="IPv4"
-	uci set qos.@classify[-1].traffic_class="$1"
-
-	classify_no=$((classify_no + 1))
-	uci add qos classify
-	uci rename qos.@classify[-1]="c${classify_no}"
-	uci set qos.@classify[-1].proto="icmp"
-	uci set qos.@classify[-1].ethertype="IPv4"
-	uci set qos.@classify[-1].traffic_class="$2"
-}
-
-generate_classify(){
-
-
-	no_queue_file="/tmp/qos/no_queue_per_port"
-	queue_num=$(cat "$no_queue_file")
-	rm -f "$no_queue_file"
-
-	# assign queue type
-	if [ $queue_num -eq 8 ]; then
-		q_def_queue="0"
-		q_low="1"
-		q_besteffort="2"
-		q_normal="3"
-		q_video="4"
-		q_medium="5"
-		q_high="6"
-		q_highest="7"
-	elif [ $queue_num -eq 4 ]; then
-		q_def_queue="0"
-		q_normal="1"
-		q_medium="2"
-		q_highest="3"
-	fi
-
-	# Local generated DNS traffic goes to q_highest
-	generate_dns_rule $q_highest
-	# Local generated IGMP traffic goes to q_highest
-	generate_igmp_rule $q_highest
-	# Local generated DHCP traffic goes to q_highest
-	generate_dhcp_rule $q_highest
-	# Local generated ICMP traffic goes to q_highest rotue as q_normal
-	generate_icmp_rule $q_highest $q_normal
-
-	# VLAN priority tag -> Queue priority
-	for i in `seq 1 7`; do
-		classify_no=$((classify_no + 1))
-		uci add qos classify
-		uci rename qos.@classify[-1]="c${classify_no}"
-		uci set qos.@classify[-1].pcp_check="$i"
-		uci set qos.@classify[-1].traffic_class="$i"
-	done
-
-	uci commit qos
-}
-
-if [ -s "/etc/config/qos" ]; then
-	# cleaning up for upgrade same version that contain firewall.qos
-	if [ -s "/etc/firewall.qos" ]; then
-		rm -f "/etc/firewall.qos"
-		if [ -s "/etc/config/firewall" ]; then
-			uci delete firewall.qos
-		fi
-                generate_classify
-	elif uci -q get qos.@classify[0] >/dev/null; then
-		exit
-	else
-                generate_classify
-	fi
-fi

qosmngr/files/linux/lib/qos/qos.sh

@@ -1,696 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-#set -x
-
-IP_RULE=""
-MAJOR=""
-
-POLICER_COUNT=0
-Q_COUNT=0
-SP_Q_PRIO=7
-
-#counter variable to assign classify order value if not added in config
-temp_order=1
-
-# Function to handle a queue order and
-# update total number of queues
-handle_q_order() {
-	local qid="$1" #queue section ID
-
-	config_get is_enable "$qid" "enable" 1
-
-	# No need to configure disabled queues
-	if [ $is_enable == '0' ]; then
-		return
-	fi
-
-	config_get ifname "$qid" "ifname"
-	# If ifname is empty that is good enough to break
-	if [ -z "$ifname" ];then
-		return
-	fi
-
-	# Create precedence file containing queue order per
-	# interface.
-	local precedence_file="/tmp/qos/$ifname/q_order"
-	local q_no=$(cat /tmp/qos/$ifname/q_idx)
-
-	config_get precedence "$qid" "precedence"
-	value=${precedence}_q${q_no}
-	echo $value >> $precedence_file
-
-	# Update the number of queues per interface.
-	q_no=$((q_no + 1))
-	echo $q_no > /tmp/qos/$ifname/q_idx
-}
-
-# Sort queue, lower value in uci means higher precedence, so this
-# function sorts the precedence in decending order
-sort_q_by_precedence() {
-	ifname="$1"
-
-	local order_file="/tmp/qos/$ifname/q_order"
-	local tmp_order_file="/tmp/qos/$ifname/q_order.tmp"
-
-	sort -n -k1 $order_file > $tmp_order_file
-	cp $tmp_order_file $order_file
-	rm -f $tmp_order_file
-}
-
-sort_by_precedence() {
-	for interf in $(db -q get hw.board.ethernetPortOrder); do
-		sort_q_by_precedence $interf
-	done
-}
-
-# function to handle a queue section
-handle_queue() {
-	local qid="$1" #queue section ID
-	local port="$2"
-	local port_bw="$3"
-	local root="$4"
-	local port_bs="$5"
-
-	config_get is_enable "$qid" "enable"
-
-	# no need to configure disabled queues
-	if [ "$is_enable" == "0" ]; then
-		return
-	fi
-
-	config_get ifname "$qid" "ifname"
-	# if ifname is empty that is good enough to break
-	if [ -z "$ifname" ];then
-		return
-	fi
-
-	# This is to get the qid per interface.
-	if [ "$port" != "$ifname" ]; then
-		return
-	fi
-
-	local precedence_file="/tmp/qos/$ifname/q_order"
-
-	local temp_order=0
-	while read -r line; do
-		line_qid=${line: -1}
-		if [ "$line_qid" == "$Q_COUNT" ]; then
-			break
-		fi
-		temp_order=$((temp_order + 1))
-	done < "$precedence_file"
-
-	# precedence_file so the order is calculated accordingly.
-	local order=`expr $SP_Q_PRIO - $temp_order`
-
-	config_get sc_alg "$qid" "scheduling"
-	config_get wgt "$qid" "weight" 1
-	config_get rate "$qid" "rate"
-	config_get bs "$qid" "burst_size"
-	config_get qsize "$qid" "queue_size" 1024
-
-	[ "$rate" == "0" ] && rate="$port_bw"
-	[ "$bs" == "0" ] && bs="$port_bs"
-
-	local salg=1
-
-	case "$sc_alg" in
-		"SP") salg=1
-		;;
-		"WRR") salg=2
-		;;
-		"WDRR") salg=3
-		;;
-		"WFQ") salg=4
-		;;
-	esac
-
-	# ignore precedence value in case of WRR, broadcom recommends that WRR queue should
-	# always have precedence value set to 0
-	if [ $salg -eq 2 ]; then
-	       order=0
-	fi
-
-	if [ $salg -eq 2 ]; then
-		tc class add dev $port parent ${root}: classid ${root}:$((order + 1)) cbq allot $bs bandwidth ${port_bw}kbit rate ${rate}kbit prio $order weight $wgt  avpkt 1500 bounded isolated
-	else
-		tc class add dev $port parent ${root}: classid ${root}:$((order + 1)) cbq allot $bs bandwidth ${port_bw}kbit rate ${rate}kbit prio $order  avpkt 1500 bounded isolated
-	fi
-	
-	if [ $order -eq 0 ]; then
-		# By default flowid is targeted to queue 1.
-		tc filter add dev $port parent ${root}:0 protocol ip prio 1 u32 match u32 0 0  flowid ${root}:0
-	fi
-
-	Q_COUNT=$((Q_COUNT + 1))
-}
-
-#function to handle a policer section
-handle_policer() {
-	local p_sec="$1" # policer section ID
-	local dir=1 # default direction, upstream
-
-	config_get is_enable "$p_sec" "enable"
-
-	#no need to configure disabled policer
-	if [ $is_enable == '0' ]; then
-		return
-	fi
-
-	POLICER_COUNT=$((POLICER_COUNT + 1))
-}
-
-setup_qos() {
-	if [ ! -d "/tmp/qos" ]; then
-		mkdir -p /tmp/qos
-	fi
-
-	ebtables -t broute -N qos
-	ret=$?
-	if [ $ret -eq 0 ]; then
-		ebtables -t broute -I BROUTING -j qos
-	else
-		ebtables -t broute -D BROUTING -j qos
-		ebtables -t broute -I BROUTING -j qos
-	fi
-
-	iptables -w -t mangle -N qos_forward
-	ret=$?
-	[ $ret -eq 0 ] && iptables -w -t mangle -I FORWARD -j qos_forward
-
-	iptables -w -t mangle -N qos_output
-	ret=$?
-	[ $ret -eq 0 ] && iptables -w -t mangle -I OUTPUT -j qos_output
-
-	iptables -w -t mangle -N qos_postrouting
-	ret=$?
-	[ $ret -eq 0 ] && iptables -w -t mangle -I POSTROUTING -j qos_postrouting
-
-	ip6tables -t mangle -N qos_forward
-	ret=$?
-	[ $ret -eq 0 ] && ip6tables -t mangle -I FORWARD -j qos_forward
-
-	ip6tables -t mangle -N qos_output
-	ret=$?
-	[ $ret -eq 0 ] && ip6tables -t mangle -I OUTPUT -j qos_output
-
-	ip6tables -w -t mangle -N qos_postrouting
-	ret=$?
-	[ $ret -eq 0 ] && ip6tables -w -t mangle -I POSTROUTING -j qos_postrouting
-}
-
-flush_chains() {
-        echo "iptables -w -t mangle -F qos_forward" > /tmp/qos/classify.iptables
-        echo "iptables -w -t mangle -F qos_output" >> /tmp/qos/classify.iptables
-        echo "iptables -w -t mangle -F qos_postrouting" >> /tmp/qos/classify.iptables
-
-        echo "ip6tables -w -t mangle -F qos_forward" > /tmp/qos/classify.ip6tables
-        echo "ip6tables -w -t mangle -F qos_output" >> /tmp/qos/classify.ip6tables
-        echo "ip6tables -w -t mangle -F qos_postrouting" >> /tmp/qos/classify.ip6tables
-}
-
-init_iptables_rule() {
-        IP_RULE=""
-}
-
-iptables_filter_intf() {
-        IP_RULE="$IP_RULE -o $1"
-}
-
-iptables_filter_proto() {
-        IP_RULE="$IP_RULE -p $1"
-}
-
-iptables_filter_ip_src() {
-        IP_RULE="$IP_RULE -s $1"
-}
-
-iptables_filter_ip_dest() {
-        IP_RULE="$IP_RULE -d $1"
-}
-
-iptables_filter_port_dest() {
-        IP_RULE="$IP_RULE --dport $1"
-}
-
-iptables_filter_port_src() {
-        IP_RULE="$IP_RULE --sport $1"
-}
-
-iptables_filter_port_dest_range() {
-        IP_RULE="$IP_RULE --dport $1:$2"
-}
-
-iptables_filter_port_src_range() {
-        IP_RULE="$IP_RULE --sport $1:$2"
-}
-
-iptables_filter_dscp_filter() {
-        IP_RULE="$IP_RULE -m dscp --dscp $1"
-}
-
-iptables_filter_ip_len_min() {
-        IP_RULE="$IP_RULE -m length --length $1"
-}
-
-iptables_filter_ip_len_max() {
-        IP_RULE="$IP_RULE:$1"
-}
-
-iptables_set_dscp_mark() {
-        IP_RULE="$IP_RULE -j DSCP --set-dscp $1"
-}
-
-iptables_set_traffic_class() {
-        IP_RULE="$IP_RULE  -j CLASSIFY --set-class ${MAJOR}:$1"
-}
-
-append_rule_to_mangle_table() {
-        if [ $2 == 4 ]; then
-                echo "iptables -w -t mangle -A $1 $IP_RULE"  >> /tmp/qos/classify.iptables
-        elif [ $2 == 6 ]; then
-                echo "ip6tables -w -t mangle -A $1 $IP_RULE" >> /tmp/qos/classify.ip6tables
-        elif [ $2 == 1 ]; then
-                echo "iptables -w -t mangle -A $1 $IP_RULE"  >> /tmp/qos/classify.iptables
-                echo "ip6tables -w -t mangle -A $1 $IP_RULE" >> /tmp/qos/classify.ip6tables
-        fi
-}
-
-handle_iptables_rules() {
-        cid=$1
-        local ip_version=0
-        local is_l3_rule=0
-
-        init_iptables_rule
-        config_get proto "$cid" "proto"
-        config_get traffic_class "$cid" "traffic_class"
-        config_get dscp_mark "$cid" "dscp_mark"
-        config_get dscp_filter "$cid" "dscp_filter"
-        config_get dest_port "$cid" "dest_port"
-        config_get dest_port_range "$cid" "dest_port_range"
-        config_get src_port "$cid" "src_port"
-        config_get src_port_range "$cid" "src_port_range"
-        config_get dest_ip "$cid" "dest_ip"
-        config_get src_ip "$cid" "src_ip"
-        config_get ip_len_min "$cid" "ip_len_min"
-        config_get ip_len_max "$cid" "ip_len_max"
-        config_get ifname "$cid" "ifname"
-
-        #check version of ip
-        case $src_ip$dest_ip in
-                *.*)
-                        ip_version=4
-                        ;;
-                *:*)
-                        ip_version=6
-                        ;;
-                *)
-                        ip_version=1 #ip address not used
-        esac
-
-        #filter interface
-        if [ -n "$ifname" ]; then
-                if [ "$ifname" != "lo" ]; then
-                        iptables_filter_intf $ifname
-                fi
-        fi
-
-        # filter proto
-        if [ -n "$proto" ]; then
-                iptables_filter_proto $proto
-                is_l3_rule=1
-        fi
-
-        #filter src. ip
-        if [ -n "$src_ip" ]; then
-                iptables_filter_ip_src $src_ip
-                is_l3_rule=1
-        fi
-
-        #filter dest. ip
-        if [ -n "$dest_ip" ]; then
-                iptables_filter_ip_dest $dest_ip
-                is_l3_rule=1
-        fi
-
-        #filter dest. port
-        if [ -n "$dest_port" -a -z "$dest_port_range" ]; then
-                iptables_filter_port_dest $dest_port
-                is_l3_rule=1
-        fi
-        #filter src. port
-        if [ -n "$src_port" -a -z "$src_port_range" ]; then
-                iptables_filter_port_src $src_port
-                is_l3_rule=1
-        fi
-
-        #filter dest. port range
-        if [ -n "$dest_port" -a -n "$dest_port_range" ]; then
-                iptables_filter_port_dest_range $dest_port $dest_port_range
-                is_l3_rule=1
-        fi
-
-        #filter src. port range
-        if [ -n "$src_port" -a -n "$src_port_range" ]; then
-                iptables_filter_port_src_range $src_port $src_port_range
-                is_l3_rule=1
-        fi
-
-        #filter dscp
-        if [ -n "$dscp_filter" ]; then
-                iptables_filter_dscp_filter $dscp_filter
-                is_l3_rule=1
-        fi
-
-        #filter min. IP packet len.
-        if [ -n "$ip_len_min" ]; then
-                iptables_filter_ip_len_min $ip_len_min
-                is_l3_rule=1
-        fi
-        #filter max. IP packet len.
-        if [ -n "$ip_len_max" ]; then
-                iptables_filter_ip_len_max $ip_len_max
-                is_l3_rule=1
-        fi
-
-        if [ $is_l3_rule -eq 0 ]; then
-                return
-        fi
-
-        #set dscp mark
-        [ -n "$dscp_mark" ] && iptables_set_dscp_mark $dscp_mark
-
-        #set packet queue mark
-        [ -n "$traffic_class" ] && iptables_set_traffic_class  $traffic_class
-
-        #write iptables rule for dscp marking
-        [ -n "$IP_RULE" -a -n "$dscp_mark" ] && append_rule_to_mangle_table "qos_forward" $ip_version
-
-        if [ -n "$IP_RULE" -a -n "$traffic_class" ]; then
-                if [ "$ifname" == "lo" ]; then
-                        #write iptables rule for putting WAN directed internal packets in different queue
-                        append_rule_to_mangle_table "qos_output" $ip_version
-                else
-                        #write iptables rule for putting WAN directed LAN packets in different queue
-                        append_rule_to_mangle_table "qos_postrouting" $ip_version
-                fi
-        fi
-}
-
-handle_policer_rules() {
-	local c_sec=$1
-	local policer_name
-	local ifname
-	local pname
-	local pindex=-1
-	local ingress_rate=0
-	local in_burst_size=0
-
-	config_get policer_name "$c_sec" "policer"
-	if [ -z "$policer_name" ];then
-		# no need to apply policer if policer not present in this
-		# classification rule
-		return
-	fi
-
-	config_get ifname "$c_sec" "ifname"
-	if [ -z "$ifname" ]; then
-		# cannot associate policer as interface is not mentioned
-		return
-	fi
-
-	local i=0
-	local max_policer_inst=$(cat /tmp/qos/max_policer_inst)
-	while :
-	do
-		if [ $i -eq $max_policer_inst ]; then
-			break
-		fi
-
-		pname="$(uci -q get qos.@policer[$i].name)"
-		if [ "$policer_name" == "$pname" ]; then
-			pindex=$i
-			ingress_rate=$(uci -q get qos.@policer[$i].committed_rate)
-			in_burst_rate=$(uci -q get qos.@policer[$i].committed_burst_size)
-			break
-		fi
-		i=$((i + 1))
-	done
-
-	if [ $pindex -lt 0 ]; then
-		# policer not found, no need to proceed further
-		return
-	fi
-
-	config_ingress_rate_limit $ifname $ingress_rate $in_burst_size $pindex
-
-}
-
-config_ingress_rate_limit() {
-	local ifname="$1"
-	local ingress_rate=$2
-	local in_burst_size=$3
-	local pindex="$4"
-	local wanport="$(db -q get hw.board.ethernetWanPort)"
-
-	# Unit in uci file is in bps while that accepted by ethswctl is kbits
-	if [ $ingress_rate -lt 1000 ]; then
-		return
-	fi
-
-	ingress_rate=$((ingress_rate / 1000))
-
-	if [ $in_burst_size -eq 0 ]; then
-		in_burst_size=$ingress_rate
-	else
-		in_burst_size=$((in_burst_size / 1000))
-	fi
-
-	tc qdisc add dev $ifname ingress
-
-	tc filter add dev $ifname parent ffff: protocol ip prio $pindex u32 match ip src 0.0.0.0/0 police rate ${ingress_rate}kbit burst $in_burst_size drop flowid :$pindex
-
-}
-
-# Function to handle a classify order
-handle_classify_order() {
-        local cid="$1" #classify section ID
-
-        config_get is_enable "$cid" "enable" 1
-
-        # No need to configure disabled classify
-        if [ $is_enable == '0' ]; then
-                return
-        fi
-
-        # Create classify file containing classify order
-        local corder_file="/tmp/qos/classify.order"
-
-        config_get c_order "$cid" "order"
-
-        if [ -z "$c_order" ]; then
-           c_order=$temp_order;
-           temp_order=$((temp_order + 1))
-        fi
-
-        value=${c_order}_${cid}
-        echo $value >> $corder_file
-
-}
-
-# Sort classify, lower value in uci means higher precedence, so this
-# function sorts the classify order in assending order
-sort_classify_by_order() {
-        local corder_file="/tmp/qos/classify.order"
-        local tmp_corder_file="/tmp/qos/tmp_classify.order"
-
-        sort -n -k1 $corder_file > $tmp_corder_file
-        cp $tmp_corder_file $corder_file
-        rm -f $tmp_corder_file
-}
-
-#function to handle a classify section
-handle_classify() {
-	local corder_file="/tmp/qos/classify.order"
-	while read -r line; do
-		line_cid=$(echo $line | cut -d '_' -f 2)
-		config_get is_enable "$line_cid" "enable"
-		# no need to configure disabled classify rules
-		if [ "$is_enable" == '0' ]; then
-			continue
-		fi
-                handle_iptables_rules $line_cid
-                handle_policer_rules $line_cid
-        done < "$corder_file"
-}
-
-configure_classify() {
-        #processing classify section
-	rm -f /tmp/qos/classify.order
-	rm -f /tmp/qos/tmp_classify.order
-	rm -f /tmp/qos/classify.iptables
-	rm -f /tmp/qos/classify.ip6tables
-
-        # create files that will contain the rules if not present already
-        mkdir -p /tmp/qos/
-        touch /tmp/qos/classify.iptables
-        touch /tmp/qos/classify.ip6tables
-        touch /tmp/qos/classify.order
-        touch /tmp/qos/tmp_classify.order
-	flush_chains
-
-        # Load UCI file
-        config_load qos
-	config_foreach handle_classify_order classify
-	sort_classify_by_order
-        handle_classify
-
-        sh /tmp/qos/classify.iptables
-        sh /tmp/qos/classify.ip6tables
-
-}
-
-pre_configure_queue() {
-	# Delete queues
-	for intf in $(db get hw.board.ethernetPortOrder); do
-		rm -rf /tmp/qos/$intf
-
-		mkdir -p /tmp/qos/$intf
-		touch /tmp/qos/$intf/q_order
-		touch /tmp/qos/$intf/q_idx
-		echo 0 > /tmp/qos/$intf/q_idx
-
-		tc qdisc del dev $intf root
-		tc qdisc del dev $intf ingress
-	done
-}
-
-get_link_rate() {                     
-        intf="$1"              
-        speed=0   
-        config_load ports               
-        get_speed() {
-                psid="$1"                     
-                iname="$2"
-                config_load ports             
-                config_get ifname "$psid" "ifname"
-                if [ "$ifname" == "$iname" ]; then
-                        config_get speed "$psid" "speed"
-                fi
-        }                                
-        config_foreach get_speed ethport $intf           
-        echo "$speed"           
-}                   
-
-configure_queue() {
-	qdisc_idx=0
-	local bs=1500
-	local rate=0
-	# Load UCI file
-	config_load qos
-	config_foreach handle_q_order queue
-	sort_by_precedence
-
-	get_intf_shaper_config() {
-		local b_size
-		sid="$1" #shaper section ID
-
-		config_get is_enable "$sid" "enable"
-		# no need to configure disabled queues
-		if [ "$is_enable" == "0" ]; then
-			return
-		fi
-
-
-		config_get ifname "$sid" "ifname"
-		# if ifname is empty that is good enough to break
-		if [ -z "$ifname" ] || ! [ "$ifname" == "$2" ];then
-			return
-		fi
-
-		config_get rate "$sid" "rate"
-		# Convert the rate from bps to kbps.
-		if [ $rate -lt 1000 ];then
-			return
-		fi
-
-		rate=$(( rate / 1000 ))
-		config_get b_size "$sid" "burst_size"
-		if [ "$b_size" == "0" ]; then
-			bs="$b_size"
-		fi
-	}
-	local wanport="$(db -q get hw.board.ethernetWanPort)"
-	for interf in $(db -q get hw.board.ethernetPortOrder); do
-		Q_COUNT=0
-		rate=0
-		# sp queue have max priority value = no. of queue configured on the port
-		# hence read and update SP_Q_PRIO here
-		local q_no=$(cat /tmp/qos/$interf/q_idx)
-		SP_Q_PRIO=`expr $q_no - 1`
-		qdisc_idx=`expr $qdisc_idx + 1`
-		# link_rate is in mbps and rate is in kbp
-		link_rate=$(get_link_rate "$interf")
-		# Read the shaper configuration for interface
-		config_foreach get_intf_shaper_config shaper $interf
-		if [ "$rate" == "0" ]; then
-			rate=$(( link_rate * 1000 ))
-		fi
-
-		# TODO using 1500 as allot and avpkt, if shaper config exist for interf get burst_size of shaper for actual value
-		tc qdisc add dev $interf root handle ${qdisc_idx}: cbq allot $bs  avpkt 1500 bandwidth ${rate}kbit
-		# if qdisc_idx is the index corresponds to WAN port, then
-		# it would be the MAJOR portion of the destination class ID.
-		# under the same qdisc. We are programming for WAN port only.
-		if [ "$interf" == "$wanport" ]; then
-			MAJOR="$qdisc_idx"
-		fi
-
-		config_foreach handle_queue queue $interf $rate $qdisc_idx $bs
-	done
-}
-
-configure_policer() {
-
-        # Delete policer
-        local i=0
-        local max_p_inst=0
-        if [ -f "/tmp/qos/max_policer_inst" ]; then
-                max_p_inst=$(cat /tmp/qos/max_policer_inst)
-        fi
-
-        # reset the policer counter
-        echo 0 > /tmp/qos/max_policer_inst
-        # Load UCI file
-        config_load qos
-        config_foreach handle_policer policer
-        echo $POLICER_COUNT > /tmp/qos/max_policer_inst
-}
-
-
-configure_qos() {
-	pre_configure_queue
-	configure_queue
-	configure_classify
-	configure_policer
-}
-
-reload_qos() {
-	local service_name="$1"
-
-	if [ -z "$service_name" ]; then
-		configure_qos
-	elif [ "$service_name" == "queue" ]; then
-		pre_configure_queue
-		configure_queue
-        elif [ "$service_name" == "classify" ]; then
-                configure_classify
-	elif [ "$service_name" == "policer" ]; then
-		configure_policer
-	fi
-}
-
-reload_qos_service() {
-	reload_qos
-}
-

ssdpd/Makefile

@@ -5,16 +5,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ssdpd
-PKG_VERSION:=1.0.3
+PKG_RELEASE:=1.0.0
 
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp.git
-PKG_SOURCE_VERSION:=207cf440a22c075cb55fb067a850be4f9c204e6e
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
+PKG_VERSION:=1.6.0
+PKG_SOURCE_URL:=http://miniupnp.free.fr/files/
+PKG_SOURCE:=mini$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=f4c2dea6a472e0a5cc9dca2dc4c1fc36ba5538eacf8d793825293251725546bd
+PKG_BUILD_DIR:=$(BUILD_DIR)/mini$(PKG_NAME)-$(PKG_VERSION)
 
 PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE
@@ -29,8 +26,6 @@ define Package/ssdpd
   URL:=https://miniupnp.tuxfamily.org/minissdpd.html
 endef
 
-MAKE_PATH:=minissdpd
-
 TARGET_CFLAGS += \
 	-D_GNU_SOURCE \
 	-Wall -Wextra -Werror
@@ -38,12 +33,6 @@ TARGET_CFLAGS += \
 TARGET_LDFLAGS += \
 	-lpthread -lubox -lubus -lblobmsg_json -lcurl -lmxml
 
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/sspd/* $(PKG_BUILD_DIR)/
-endef
-endif
-
 define Package/ssdpd/install
 	$(INSTALL_DIR) $(1)/etc/upnp
 	$(INSTALL_DIR) $(1)/etc/upnp/description
@@ -52,7 +41,7 @@ define Package/ssdpd/install
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_CONF) ./files/etc/config/ssdpd $(1)/etc/config/ssdpd
 	$(INSTALL_BIN) ./files/etc/init.d/ssdpd $(1)/etc/init.d/ssdpd
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/minissdpd/minissdpd $(1)/usr/sbin/ssdpd
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/minissdpd $(1)/usr/sbin/ssdpd
 endef
 
 $(eval $(call BuildPackage,ssdpd))

ssdpd/files/etc/config/ssdpd

@@ -4,6 +4,4 @@ config ssdpd 'ssdp'
 	option ipv6_enabled '0'
 	option socket_path '/var/run/minissdpd.sock'
 	option ttl '2'
-	option interface 'br-lan'
-	option debug '0'
-
+	option interface ''

ssdpd/files/etc/init.d/ssdpd

@@ -1,20 +1,19 @@
 #!/bin/sh /etc/rc.common
 
-START=99
+START=80
 STOP=02
 
 USE_PROCD=1
 PROG=/usr/sbin/ssdpd
 
 log() {
-	echo "${@}"|logger -t ssdpd.init -p info
+	echo "${@}"|logger -t ssdp.init -p info
 }
 
 validate_ssdpd_ssdp_section()
 {
 	uci_validate_section ssdpd ssdpd "ssdp" \
 		'enabled:bool:true' \
-		'debug:bool:false' \
 		'ipv6_enabled:bool:false' \
 		'socket_path:string' \
 		'ttl:uinteger' \
@@ -34,16 +33,10 @@ configure_ssdp()
 
 	[ ${enabled} -eq 0 ] && return 0
 
-	procd_set_param command ${PROG}
-
 	if [ ${ipv6_enabled} -eq 1 ]; then
 		procd_append_param command -6
 	fi
 
-	if [ ${debug} -eq 1 ]; then
-		procd_append_param command -d
-	fi
-
 	if [ -n "${socket_path}" ]; then
 		procd_append_param command -s ${socket_path}
 	fi
@@ -52,12 +45,18 @@ configure_ssdp()
 		procd_append_param command -t ${ttl}
 	fi
 
-	# If no interface is given defaults for br-lan
-	procd_append_param command -i ${interface:-br-lan}
+	if [ -z "${interface}" ]; then
+		iface=$(uci -q get cwmp.cpe.default_lan_interface)
+		interface=$(ifstatus ${iface} | jsonfilter -e @.device)
+	fi
+
+	procd_append_param command -i ${interface}
+	procd_append_param command -d
 }
 
 start_service() {
 	procd_open_instance ssdp
+	procd_set_param command ${PROG}
 	configure_ssdp
 	procd_set_param respawn
 	procd_close_instance

ssdpd/patches/001-fix-gcc-warnings

@@ -1,5 +1,5 @@
---- a/minissdpd/openssdpsocket.c
-+++ b/minissdpd/openssdpsocket.c
+--- a/openssdpsocket.c
++++ b/openssdpsocket.c
 @@ -11,6 +11,7 @@
  #include <unistd.h>
  #include <sys/ioctl.h>
@@ -8,8 +8,8 @@
  #include <netinet/in.h>
  #include <arpa/inet.h>
  #include <net/if.h>
---- a/minissdpd/ifacewatch.c
-+++ b/minissdpd/ifacewatch.c
+--- a/ifacewatch.c
++++ b/ifacewatch.c
 @@ -130,6 +130,7 @@ ProcessInterfaceWatch(int s, int s_ssdp,
  		/* case RTM_DELLINK: */
  		case RTM_DELADDR:

ssdpd/patches/010-add-test-object

@@ -1,5 +1,5 @@
---- a/minissdpd/Makefile
-+++ b/minissdpd/Makefile
+--- a/Makefile
++++ b/Makefile
 @@ -41,7 +41,7 @@ endif
  EXECUTABLES = minissdpd testminissdpd testcodelength \
                showminissdpdnotif

ssdpd/patches/011-add-ubus-object

@@ -1,5 +1,5 @@
 --- /dev/null
-+++ b/minissdpd/ssdpd.c
++++ b/ssdpd.c
 @@ -0,0 +1,626 @@
 +/*
 + * Copyright (C) 2022 iopsys Software Solutions AB

ssdpd/patches/012-ubus-runner-thread-hook

@@ -1,5 +1,5 @@
---- a/minissdpd/minissdpd.c
-+++ b/minissdpd/minissdpd.c
+--- a/minissdpd.c
++++ b/minissdpd.c
 @@ -32,6 +32,8 @@
  #include <pwd.h>
  #include <grp.h>
@@ -9,18 +9,17 @@
  
  /* LOG_PERROR does not exist on Solaris */
  #ifndef LOG_PERROR
-@@ -52,6 +54,10 @@
+@@ -52,6 +54,9 @@
  #define MIN(x,y) (((x)<(y))?(x):(y))
  #endif
  
 +extern char *ssdp_sockpath;
 +void upnp_thread_discover_devices(void);
-+void ssdpd_ubus_stop(void);
 +
  /* current request management structure */
  struct reqelem {
  	int socket;
-@@ -1220,6 +1226,12 @@ static void ssdpDiscover(int s, int ipv6
+@@ -1220,6 +1225,12 @@ static void ssdpDiscover(int s, int ipv6
  	}
  }
  
@@ -33,7 +32,7 @@
  /* main(): program entry point */
  int main(int argc, char * * argv)
  {
-@@ -1264,6 +1276,7 @@ int main(int argc, char * * argv)
+@@ -1264,6 +1275,7 @@ int main(int argc, char * * argv)
  	unsigned char ttl = 2;	/* UDA says it should default to 2 */
  	const char * searched_device = NULL;	/* if not NULL, search/filter a specific device type */
  	int opt;
@@ -41,7 +40,7 @@
  
  	LIST_INIT(&reqlisthead);
  	LIST_INIT(&servicelisthead);
-@@ -1309,6 +1322,7 @@ int main(int argc, char * * argv)
+@@ -1309,6 +1321,7 @@ int main(int argc, char * * argv)
  			break;
  		case 's':
  			sockpath = optarg;
@@ -49,7 +48,7 @@
  			break;
  #ifndef NO_BACKGROUND_NO_PIDFILE
  		case 'p':
-@@ -1496,6 +1510,11 @@ int main(int argc, char * * argv)
+@@ -1496,6 +1509,11 @@ int main(int argc, char * * argv)
  	if(s_ssdp6 >= 0)
  		ssdpDiscover(s_ssdp6, 1, searched_device);
  
@@ -61,35 +60,11 @@
  	/* Main loop */
  	while(!quitting) {
  		/* fill readfds fd_set */
-@@ -1704,6 +1723,8 @@ quit:
+@@ -1704,6 +1722,7 @@ quit:
  	if(unlink(pidfilename) < 0)
  		syslog(LOG_ERR, "unlink(%s): %m", pidfilename);
  #endif
-+	ssdpd_ubus_stop();
 +	pthread_join(upnp_thread, NULL);
  	closelog();
  	return ret;
  }
---- a/minissdpd/ssdpd.c
-+++ b/minissdpd/ssdpd.c
-@@ -624,3 +624,8 @@ end:
- 	uloop_done();
- 	ubus_free(ctx);
- }
-+
-+void ssdpd_ubus_stop(void)
-+{
-+	uloop_end();
-+}
-+
---- a/minissdpd/config.h
-+++ b/minissdpd/config.h
-@@ -32,7 +32,7 @@
- 
- /* When NO_BACKGROUND_NO_PIDFILE is defined, minissdpd does not go to
-  * background and does not create any pidfile */
--/*#define NO_BACKGROUND_NO_PIDFILE*/
-+#define NO_BACKGROUND_NO_PIDFILE
- 
- /* define HAVE_IP_MREQN to use struct ip_mreqn instead of struct ip_mreq
-  * for setsockopt(IP_MULTICAST_IF). Available with Linux 2.4+,

sulu-builder/Makefile

@@ -5,7 +5,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sulu-builder
-PKG_VERSION:=1.3.25
+PKG_VERSION:=1.3.24
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
@@ -162,6 +162,11 @@ endif
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/etc/init.d/sulu $(1)/etc/init.d/sulu
 
+	$(INSTALL_DIR) $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/conf.d/obuspa.conf $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/conf.d/sulu.conf $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/sulu.password $(1)/etc/mosquitto/sulu.password
+
 	$(INSTALL_DIR) $(1)/etc/sulu
 	$(INSTALL_DATA) ./files/etc/sulu/roles.json $(1)/etc/sulu/
 	$(INSTALL_BIN) ./files/etc/sulu/sulu.sh $(1)/etc/sulu/
@@ -171,7 +176,6 @@ endif
 	$(INSTALL_BIN) ./files/etc/uci-defaults/99-fix-sulu-config $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/40-add-sulu-nginx-config $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/01-update-nginx-uci-template $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/10-add-mqtt-config $(1)/etc/uci-defaults/
 endef
 
 $(eval $(call BuildPackage,${PKG_NAME}))

sulu-builder/files/etc/config/sulu

@@ -1,4 +1,5 @@
 config global 'global'
+	option enable_system_credentials '1'
 	option role_based_access '1'
 	list user 'admin'
 	list user 'user'

sulu-builder/files/etc/init.d/sulu

@@ -33,9 +33,8 @@ start_service() {
 		return 0
 	fi
 
-	update_nginx_template
 	configure_sulu "${enable_system_credentials}" "${role_based_access}" 1
-	generate_sulu_conn_config "${role_based_access}"
+	update_sulu_connection_port
 	procd_close_instance
 }
 

sulu-builder/files/etc/mosquitto/conf.d/obuspa.conf

@@ -0,0 +1,3 @@
+listener 1883 127.0.0.1
+allow_anonymous true
+

sulu-builder/files/etc/mosquitto/conf.d/sulu.conf

@@ -0,0 +1,4 @@
+listener 9001
+protocol websockets
+require_certificate false
+allow_anonymous false

sulu-builder/files/etc/mosquitto/sulu.password

@@ -0,0 +1 @@
+admin:$6$OmM9kU/lYct3KJ9j$iP0WK4ezEtRm8+EAggNp7WbJFoWO0p7IUdI0v/hr1WcVHyfFAC30Pb8Csn7GqwwqI2dcmnDOAITnimo2VNe6ug==

sulu-builder/files/etc/sulu/sulu.sh

@@ -2,6 +2,7 @@
 
 . /lib/functions.sh
 
+ACL_FILE="/tmp/sulu/mqtt.acl"
 _RESTART_SERVICES="0"
 
 mkdir -p /tmp/sulu/
@@ -53,22 +54,6 @@ function _get_sulu_root()
 	echo "${root:-/sulu}"
 }
 
-function _get_usp_upstream_port()
-{
-	local port
-
-	port="$(uci -q get mosquitto.sulu.port)"
-	echo "${port:-9009}"
-}
-
-function _get_sulu_acl_file()
-{
-	local file
-
-	file="$(uci -q get mosquitto.sulu.acl_file)"
-	echo "${file}"
-}
-
 function _get_sulu_tls_port()
 {
 	local port listen
@@ -79,19 +64,6 @@ function _get_sulu_tls_port()
 	echo "${port:-8443}"
 }
 
-function update_nginx_template()
-{
-	local port
-
-	UCI_TEMPLATE="/etc/nginx/uci.conf.template"
-	port="$(_get_usp_upstream_port)"
-        if ! grep -q "upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}; then
-		sed -i "s/upstream websocket { server 127.0.0.1:[0-9]\+; }/upstream websocket { server 127.0.0.1:${var}; }/" ${UCI_TEMPLATE}
-		log "Restarting nginx"
-		ubus call uci commit '{"config":"nginx"}'
-	fi
-}
-
 function generate_sulu_conn_config()
 {
 	local rbac users SCONFIG
@@ -303,40 +275,72 @@ function _remove_obuspa_config_rbac()
 }
 
 function _create_acl() {
-        local agentid rbac users restart
-	local ACL_FILE
+        local agentid rbac users
 
 	rbac="${1:-0}"
-	restart="0"
 
-	ACL_FILE="$(_get_sulu_acl_file)"
-	if [ -z "${ACL_FILE}" -o "${rbac}" -eq "0" ]; then
-		return 0
+        [ -f "${ACL_FILE}" ] && rm -f "${ACL_FILE}"
+
+	if [ "${rbac}" -eq "0" ]; then
+		return 0;
 	fi
 
-	if [ -f "${ACL_FILE}" ]; then
-		rm -f "${ACL_FILE}"
+        agentid="$(_get_agent_id)"
+	users="$(_get_sulu_users)"
+        for f in ${users}; do
+                echo "user ${f}" >> ${ACL_FILE}
+                echo "topic read  /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
+                echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
+                echo "topic read  /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
+                echo "" >> ${ACL_FILE}
+        done
+}
+
+function update_mosquitto_broker_config()
+{
+	local system_cred rbac restart
+
+	MB_SULU_CONF="/etc/mosquitto/conf.d/sulu.conf"
+	system_cred="${1}"
+	rbac="${2}"
+	restart=0
+
+	if [ "${system_cred}" -eq "1" ]; then
+		if grep -q "password_file " ${MB_SULU_CONF}; then
+			sed -i '/password_file /d' ${MB_SULU_CONF}
+			restart=1
+		fi
+		if ! grep -q "plugin .*mosquitto_auth_shadow.so" ${MB_SULU_CONF}; then
+			echo "plugin /usr/lib/mosquitto_auth_shadow.so" >> ${MB_SULU_CONF}
+			restart=1
+		fi
+	else
+		if grep -q 'plugin .*mosquitto_auth_shadow.so' ${MB_SULU_CONF}; then
+			sed -i '/plugin .*mosquitto_auth_shadow.so/d' ${MB_SULU_CONF}
+			restart=1
+		fi
+		if ! grep -q "password_file /etc/mosquitto/sulu.password" ${MB_SULU_CONF}; then
+			echo "password_file /etc/mosquitto/sulu.password" >> ${MB_SULU_CONF}
+			restart=1
+		fi
 	fi
-	touch "${ACL_FILE}"
 
 	if [ "${rbac}" -eq "1" ]; then
-		users="$(_get_sulu_users)"
-		agentid="$(_get_agent_id)"
-		for f in ${users}; do
-			if ! grep -q "user $f" ${ACL_FILE}; then
-				echo "user ${f}" >> ${ACL_FILE}
-				echo "topic read  /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
-				echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
-				echo "topic read  /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
-				echo "" >> ${ACL_FILE}
-				restart="1"
-			fi
-		done
+		_create_acl "${rbac}"
+		if ! grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
+			echo "acl_file ${ACL_FILE}" >> ${MB_SULU_CONF}
+			restart=1
+		fi
+	else
+		if grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
+			sed -i '/acl_file /d' ${MB_SULU_CONF}
+			restart=1
+		fi
 	fi
 
-	if [ "${restart}" -gt "0" ]; then
-		slog "Restarting mosquitto..."
-		ubus call uci commit '{"config":"mosquitto"}'
+	if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
+		slog "Restarting mqtt broker..."
+		/etc/init.d/mosquitto restart &
 	fi
 }
 
@@ -382,7 +386,7 @@ function configure_sulu()
 
 	_RESTART_SERVICES="${restart}"
 
+	update_mosquitto_broker_config "${sys_cred}" "${rbac}"
 	set_sulu_connection_mode "${rbac}"
 	update_obuspa_config "${rbac}"
-	_create_acl "${rbac}"
 }

sulu-builder/files/etc/uci-defaults/01-update-nginx-uci-template

@@ -3,10 +3,8 @@
 UCI_TEMPLATE="/etc/nginx/uci.conf.template"
 update_nginx_uci_template()
 {
-	if ! grep -q "upstream websocket" ${UCI_TEMPLATE}; then
-		sed -i '/#UCI_HTTP_CONFIG$/i\	map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
-		sed -i '/#UCI_HTTP_CONFIG$/i\	upstream websocket { server 127.0.0.1:9009; }' ${UCI_TEMPLATE}
-	fi
+	sed -i '/#UCI_HTTP_CONFIG$/i\	map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
+	sed -i '/#UCI_HTTP_CONFIG$/i\	upstream websocket { server 127.0.0.1:9001; }' ${UCI_TEMPLATE}
 }
 
 update_nginx_uci_template

sulu-builder/files/etc/uci-defaults/10-add-mqtt-config

@@ -1,37 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-if [ ! -f "/etc/config/mosquitto" ]; then
-	echo "Local mosquitto broker not available"
-	return 0
-fi
-
-add_obuspa_config()
-{
-	if ! uci_get mosquitto obuspa >/dev/null 2>&1; then
-		uci_add mosquitto listener obuspa
-		uci_set mosquitto obuspa enabled 1
-		uci_set mosquitto obuspa port '1883'
-		uci_set mosquitto obuspa no_remote_access '1'
-		uci_set mosquitto obuspa allow_anonymous '1'
-	fi
-}
-
-add_sulu_config()
-{
-	if ! uci_get mosquitto sulu >/dev/null 2>&1; then
-		uci_add mosquitto listener sulu
-		uci_set mosquitto sulu enabled 1
-		uci_set mosquitto sulu port '9009'
-		uci_set mosquitto sulu no_remote_access '1'
-		uci_set mosquitto sulu protocol 'websockets'
-		uci_set mosquitto sulu require_certificates '0'
-		uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-		uci_set mosquitto sulu acl_file '/tmp/sulu/mqtt.acl'
-	fi
-}
-
-uci_load mosquitto
-add_obuspa_config
-add_sulu_config

sulu/Makefile

@@ -5,7 +5,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sulu
-PKG_VERSION:=1.3.25
+PKG_VERSION:=1.3.24
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu.git
@@ -49,6 +49,11 @@ endif
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/etc/init.d/sulu $(1)/etc/init.d/sulu
 
+	$(INSTALL_DIR) $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/conf.d/obuspa.conf $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/conf.d/sulu.conf $(1)/etc/mosquitto/conf.d/
+	$(INSTALL_DATA) ./files/etc/mosquitto/sulu.password $(1)/etc/mosquitto/sulu.password
+
 	$(INSTALL_DIR) $(1)/etc/sulu
 	$(INSTALL_DATA) ./files/etc/sulu/roles.json $(1)/etc/sulu/
 	$(INSTALL_BIN) ./files/etc/sulu/sulu.sh $(1)/etc/sulu/
@@ -58,7 +63,6 @@ endif
 	$(INSTALL_BIN) ./files/etc/uci-defaults/99-fix-sulu-config $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/40-add-sulu-nginx-config $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/01-update-nginx-uci-template $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/10-add-mqtt-config $(1)/etc/uci-defaults/
 endef
 
 $(eval $(call BuildPackage,sulu))

sulu/files/etc/config/sulu

@@ -1,4 +1,5 @@
 config global 'global'
+	option enable_system_credentials '1'
 	option role_based_access '1'
 	list user 'admin'
 	list user 'user'

sulu/files/etc/init.d/sulu

@@ -33,9 +33,8 @@ start_service() {
 		return 0
 	fi
 
-	update_nginx_template
 	configure_sulu "${enable_system_credentials}" "${role_based_access}" 1
-	generate_sulu_conn_config "${role_based_access}"
+	update_sulu_connection_port
 	procd_close_instance
 }
 

sulu/files/etc/mosquitto/conf.d/obuspa.conf

@@ -0,0 +1,3 @@
+listener 1883 127.0.0.1
+allow_anonymous true
+

sulu/files/etc/mosquitto/conf.d/sulu.conf

@@ -0,0 +1,4 @@
+listener 9001
+protocol websockets
+require_certificate false
+allow_anonymous false

sulu/files/etc/mosquitto/sulu.password

@@ -0,0 +1 @@
+admin:$6$OmM9kU/lYct3KJ9j$iP0WK4ezEtRm8+EAggNp7WbJFoWO0p7IUdI0v/hr1WcVHyfFAC30Pb8Csn7GqwwqI2dcmnDOAITnimo2VNe6ug==

sulu/files/etc/sulu/sulu.sh

@@ -2,6 +2,7 @@
 
 . /lib/functions.sh
 
+ACL_FILE="/tmp/sulu/mqtt.acl"
 _RESTART_SERVICES="0"
 
 mkdir -p /tmp/sulu/
@@ -53,22 +54,6 @@ function _get_sulu_root()
 	echo "${root:-/sulu}"
 }
 
-function _get_usp_upstream_port()
-{
-	local port
-
-	port="$(uci -q get mosquitto.sulu.port)"
-	echo "${port:-9009}"
-}
-
-function _get_sulu_acl_file()
-{
-	local file
-
-	file="$(uci -q get mosquitto.sulu.acl_file)"
-	echo "${file}"
-}
-
 function _get_sulu_tls_port()
 {
 	local port listen
@@ -79,19 +64,6 @@ function _get_sulu_tls_port()
 	echo "${port:-8443}"
 }
 
-function update_nginx_template()
-{
-	local port
-
-	UCI_TEMPLATE="/etc/nginx/uci.conf.template"
-	port="$(_get_usp_upstream_port)"
-        if ! grep -q "upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}; then
-		sed -i "s/upstream websocket { server 127.0.0.1:[0-9]\+; }/upstream websocket { server 127.0.0.1:${var}; }/" ${UCI_TEMPLATE}
-		log "Restarting nginx"
-		ubus call uci commit '{"config":"nginx"}'
-	fi
-}
-
 function generate_sulu_conn_config()
 {
 	local rbac users SCONFIG
@@ -303,40 +275,72 @@ function _remove_obuspa_config_rbac()
 }
 
 function _create_acl() {
-        local agentid rbac users restart
-	local ACL_FILE
+        local agentid rbac users
 
 	rbac="${1:-0}"
-	restart="0"
 
-	ACL_FILE="$(_get_sulu_acl_file)"
-	if [ -z "${ACL_FILE}" -o "${rbac}" -eq "0" ]; then
-		return 0
+        [ -f "${ACL_FILE}" ] && rm -f "${ACL_FILE}"
+
+	if [ "${rbac}" -eq "0" ]; then
+		return 0;
 	fi
 
-	if [ -f "${ACL_FILE}" ]; then
-		rm -f "${ACL_FILE}"
+        agentid="$(_get_agent_id)"
+	users="$(_get_sulu_users)"
+        for f in ${users}; do
+                echo "user ${f}" >> ${ACL_FILE}
+                echo "topic read  /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
+                echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
+                echo "topic read  /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
+                echo "" >> ${ACL_FILE}
+        done
+}
+
+function update_mosquitto_broker_config()
+{
+	local system_cred rbac restart
+
+	MB_SULU_CONF="/etc/mosquitto/conf.d/sulu.conf"
+	system_cred="${1}"
+	rbac="${2}"
+	restart=0
+
+	if [ "${system_cred}" -eq "1" ]; then
+		if grep -q "password_file " ${MB_SULU_CONF}; then
+			sed -i '/password_file /d' ${MB_SULU_CONF}
+			restart=1
+		fi
+		if ! grep -q "plugin .*mosquitto_auth_shadow.so" ${MB_SULU_CONF}; then
+			echo "plugin /usr/lib/mosquitto_auth_shadow.so" >> ${MB_SULU_CONF}
+			restart=1
+		fi
+	else
+		if grep -q 'plugin .*mosquitto_auth_shadow.so' ${MB_SULU_CONF}; then
+			sed -i '/plugin .*mosquitto_auth_shadow.so/d' ${MB_SULU_CONF}
+			restart=1
+		fi
+		if ! grep -q "password_file /etc/mosquitto/sulu.password" ${MB_SULU_CONF}; then
+			echo "password_file /etc/mosquitto/sulu.password" >> ${MB_SULU_CONF}
+			restart=1
+		fi
 	fi
-	touch "${ACL_FILE}"
 
 	if [ "${rbac}" -eq "1" ]; then
-		users="$(_get_sulu_users)"
-		agentid="$(_get_agent_id)"
-		for f in ${users}; do
-			if ! grep -q "user $f" ${ACL_FILE}; then
-				echo "user ${f}" >> ${ACL_FILE}
-				echo "topic read  /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
-				echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
-				echo "topic read  /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
-				echo "" >> ${ACL_FILE}
-				restart="1"
-			fi
-		done
+		_create_acl "${rbac}"
+		if ! grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
+			echo "acl_file ${ACL_FILE}" >> ${MB_SULU_CONF}
+			restart=1
+		fi
+	else
+		if grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
+			sed -i '/acl_file /d' ${MB_SULU_CONF}
+			restart=1
+		fi
 	fi
 
-	if [ "${restart}" -gt "0" ]; then
-		slog "Restarting mosquitto..."
-		ubus call uci commit '{"config":"mosquitto"}'
+	if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
+		slog "Restarting mqtt broker..."
+		/etc/init.d/mosquitto restart &
 	fi
 }
 
@@ -382,7 +386,7 @@ function configure_sulu()
 
 	_RESTART_SERVICES="${restart}"
 
+	update_mosquitto_broker_config "${sys_cred}" "${rbac}"
 	set_sulu_connection_mode "${rbac}"
 	update_obuspa_config "${rbac}"
-	_create_acl "${rbac}"
 }

sulu/files/etc/uci-defaults/01-update-nginx-uci-template

@@ -3,10 +3,8 @@
 UCI_TEMPLATE="/etc/nginx/uci.conf.template"
 update_nginx_uci_template()
 {
-	if ! grep -q "upstream websocket" ${UCI_TEMPLATE}; then
-		sed -i '/#UCI_HTTP_CONFIG$/i\	map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
-		sed -i '/#UCI_HTTP_CONFIG$/i\	upstream websocket { server 127.0.0.1:9009; }' ${UCI_TEMPLATE}
-	fi
+	sed -i '/#UCI_HTTP_CONFIG$/i\	map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
+	sed -i '/#UCI_HTTP_CONFIG$/i\	upstream websocket { server 127.0.0.1:9001; }' ${UCI_TEMPLATE}
 }
 
 update_nginx_uci_template

sulu/files/etc/uci-defaults/10-add-mqtt-config

@@ -1,37 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-if [ ! -f "/etc/config/mosquitto" ]; then
-	echo "Local mosquitto broker not available"
-	return 0
-fi
-
-add_obuspa_config()
-{
-	if ! uci_get mosquitto obuspa >/dev/null 2>&1; then
-		uci_add mosquitto listener obuspa
-		uci_set mosquitto obuspa enabled 1
-		uci_set mosquitto obuspa port '1883'
-		uci_set mosquitto obuspa no_remote_access '1'
-		uci_set mosquitto obuspa allow_anonymous '1'
-	fi
-}
-
-add_sulu_config()
-{
-	if ! uci_get mosquitto sulu >/dev/null 2>&1; then
-		uci_add mosquitto listener sulu
-		uci_set mosquitto sulu enabled 1
-		uci_set mosquitto sulu port '9009'
-		uci_set mosquitto sulu no_remote_access '1'
-		uci_set mosquitto sulu protocol 'websockets'
-		uci_set mosquitto sulu require_certificates '0'
-		uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-		uci_set mosquitto sulu acl_file '/tmp/sulu/mqtt.acl'
-	fi
-}
-
-uci_load mosquitto
-add_obuspa_config
-add_sulu_config

uspd/Makefile

@@ -5,7 +5,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=uspd
-PKG_VERSION:=2.2.23
+PKG_VERSION:=2.2.22
 
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)

uspd/files/etc/init.d/uspd

@@ -30,7 +30,6 @@ configure_uspd()
 
 	[ ${enabled} -eq 0 ] && return 0
 
-	procd_set_param command ${PROG}
 	if [ ${debug} -eq 1 ]; then
 		procd_set_param stdout 1
 		procd_set_param stderr 1
@@ -47,6 +46,7 @@ configure_uspd()
 
 start_service() {
 	procd_open_instance usp
+	procd_set_param command ${PROG}
 	configure_uspd
 	procd_set_param respawn
 	procd_close_instance

voicemngr/Makefile

@@ -18,7 +18,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=d4e71d2afae6567e48f4b57b5cf026307e5cac57
+PKG_SOURCE_VERSION:=8cdd77393ac6a631649eac71ff33603bfc2b55b3
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif

voicemngr/files/etc/init.d/voicemngr

@@ -10,8 +10,7 @@ start_service() {
 	[ "$(db -q get hw.board.hasVoice)" = "1" ] || return
 
 	procd_open_instance
-	procd_set_param env hw_board_hasDect="$(db get hw.board.hasDect)"
-	procd_set_param env hw_board_VoicePortNames="$(db get hw.board.VoicePortNames)"
+	procd_set_param env hw_board_hasDect=$(db get hw.board.hasDect)
 	procd_set_param command $NAME
 	procd_set_param respawn "5" "0" "3"
 	procd_set_param nice -12