urlfilter: fix profile deletion

swmodd: support EnvVariables in InstallDU
urlfilter: Fix URLBundleRef parameter
2025-12-24 11:05:02 +08:00 · 2024-11-25 17:41:22 +05:30 · 2024-11-25 17:40:44 +05:30 · 2024-11-25 17:38:20 +05:30 · 2024-11-25 17:38:20 +05:30 · 2024-11-25 17:38:20 +05:30
186 changed files with 3245 additions and 6065 deletions
--- a/bbfdm/Config_bbfdm.in
+++ b/bbfdm/Config_bbfdm.in
@@ -1,3 +1,7 @@
+config BBF_VENDOR_EXTENSION
+	bool "Enable Vendor Extension"
+	default y
+
 config BBF_VENDOR_LIST
 	string "Vendor List"
 	default "iopsys"
@@ -6,18 +10,168 @@ config BBF_VENDOR_PREFIX
 	string "Vendor Prefix"
 	default "X_IOPSYS_EU_"

-config BBF_OBFUSCATION_KEY
-	string "Obfuscation key"
-	default "371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04"
-
-config BBF_TR143
-	bool "Enable TR-143 Data Model Support"
-	default y
-
-config BBF_TR471
-	bool "Enable TR-471 Data Model Support"
-	default y
-
 config BBF_MAX_OBJECT_INSTANCES
 	int "Maximum number of instances per object"
 	default 255
+
+menu "TR181 Datamodels"
+	depends on PACKAGE_libbbfdm
+
+	config BBF_TR143
+		bool "Enable TR-143 Data Model Support"
+		default y
+
+	config BBF_TR471
+		bool "Enable TR-471 Data Model Support"
+		default y
+
+	config BBFDM_TR181_ATM
+		bool "Include Device.ATM."
+		default y
+
+	config BBFDM_TR181_BRIDGING
+		bool "Include Device.Bridging."
+		default y
+
+	config BBFDM_TR181_DDNS
+		bool "Include Device.DynamicDNS."
+		default y
+
+	config BBFDM_TR181_DEVICEINFO
+		bool "Include Device.DeviceInfo."
+		default y
+
+	config BBFDM_TR181_DEVICEINFO_PROCESSSTATUS
+		bool "Include Device.DeviceInfo.ProcessStatus."
+		default y
+
+	config BBFDM_TR181_DHCPv4
+		bool "Include Device.DHCPv4."
+		default y
+
+	config BBFDM_TR181_DHCPv6
+		bool "Include Device.DHCPv6."
+		default y
+
+	config BBFDM_TR181_DNS
+		bool "Include Device.DNS."
+		default y
+
+	config BBFDM_TR181_DSL
+		bool "Include Device.DSL."
+		default y
+
+	config BBFDM_TR181_ETHERNET
+		bool "Include Device.Ethenet."
+		default y
+
+	config BBFDM_TR181_FAST
+		bool "Include Device.FAST."
+		default y
+
+	config BBFDM_TR181_FIREWALL
+		bool "Include Device.Firewall."
+		default y
+
+	config BBFDM_TR181_GATEWAYINFO
+		bool "Include Device.GatewayInfo."
+		default y
+
+	config BBFDM_TR181_GRE
+		bool "Include Device.GRE."
+		default y
+
+	config BBFDM_TR181_IEEE1905
+		bool "Include Device.IEEE1905."
+		default y
+
+	config BBFDM_TR181_INTERFACESTACK
+		bool "Include Device.InterfaceStack."
+		default y
+
+	config BBFDM_TR181_IP
+		bool "Include Device.IP."
+		default y
+
+	config BBFDM_TR181_LANCONFSEC
+		bool "Include Device.LANonfigSecurity."
+		default y
+
+	config BBFDM_TR181_MQTT
+		bool "Include Device.MQTT."
+		default y
+
+	config BBFDM_TR181_NAT
+		bool "Include Device.NAT."
+		default y
+
+	config BBFDM_TR181_PACKETCAPTURE
+		bool "Include Device.PacketCaptureDiagnostics."
+		default y
+
+	config BBFDM_TR181_PPP
+		bool "Include Device.PPP."
+		default y
+
+	config BBFDM_TR181_PTM
+		bool "Include Device.PTM."
+		default y
+
+	config BBFDM_TR181_QOS
+		bool "Include Device.QoS."
+		default y
+
+	config BBFDM_TR181_ROUTERADVERTISEMENT
+		bool "Include Device.RouterAdvertisement."
+		default y
+
+	config BBFDM_TR181_ROUTING
+		bool "Include Device.Routing."
+		default y
+
+	config BBFDM_TR181_SECURITY
+		bool "Include Device.Security."
+		default y
+
+	config BBFDM_TR181_SELFTEST
+		bool "Include Device.SelfTestDiagnostics."
+		default y
+
+	config BBFDM_TR181_SSH
+		bool "Include Device.SSH."
+		default y
+
+	config BBFDM_TR181_TIME
+		bool "Include Device.Time."
+		default y
+
+	config BBFDM_TR181_UPNP
+		bool "Include Device.UPnP."
+		default y
+
+	config BBFDM_TR181_USB
+		bool "Include Device.USB."
+		default y
+
+	config BBFDM_TR181_USERINTERFACE
+		bool "Include Device.UserInterface."
+		default y
+
+	config BBFDM_TR181_WIFI
+		bool "Include Device.WiFi."
+		default y
+
+	config BBFDM_TR181_WIFI_DATAELEMENTS
+		bool "Include Device.WiFi.DataElements."
+		default y
+
+	config BBFDM_TR181_WIFI_DATAELEMENTS_ASSOCEVENTS
+		bool "Include deprecated AssociationEventData/DisassociationEventData tables"
+		default n
+		help
+		  TR181-2.17 deprecates below dataelements tables
+		  - Device.WiFi.DataElements.AssociationEvent.AssociationEventData.{i}.
+		  - Device.WiFi.DataElements.DisassociationEvent.DisassociationEventData.{i}.
+		  If this option is selected, above mentioned tables shall be added in datamodel.
+
+endmenu
--- a/bbfdm/Makefile
+++ b/bbfdm/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bbfdm
-PKG_VERSION:=1.8.1
+PKG_VERSION:=1.4.23.29

 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=63fad00eeed1a7c181ef51be43174d92be4ad00f
+PKG_SOURCE_VERSION:=2f1dac5686f54219fc7706c677905816b650dd1c
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -21,24 +21,56 @@ PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
-include bbfdm.mk

 define Package/libbbfdm-api
  SECTION:=utils
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=BBF datamodel library, provides API to extend datamodel using DotSO plugins
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libcurl
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c
  ABI_VERSION:=1.0
 endef

-define Package/libbbfdm
+define Package/libbbfdm/default
  SECTION:=utils
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=Library for broadband forum data model support
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api \
-	    +BBF_TR471:obudpst +libopenssl
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libcurl +libbbfdm-api \
+	    +BBF_TR471:obudpst
+  MENU:=1
+endef
+
+define Package/libbbfdm
+  $(Package/libbbfdm/default)
+  TITLE += (default)
+  VARIANT:=default
+  DEPENDS += +PACKAGE_libbbfdm-openssl:libopenssl
+  DEFAULT_VARIANT:=1
+endef
+
+define Package/libbbfdm-mbedtls
+  $(Package/libbbfdm/default)
+  TITLE += (mbedtls)
+  DEPENDS += +PACKAGE_libbbfdm-mbedtls:libmbedtls
+  VARIANT:=mbedtls
+  CONFLICTS := libbbfdm libbbfdm-openssl libbbfdm-wolfssl
+endef
+
+define Package/libbbfdm-openssl
+  $(Package/libbbfdm/default)
+  TITLE += (openssl)
+  DEPENDS += +PACKAGE_libbbfdm-openssl:libopenssl
+  VARIANT:=openssl
+  CONFLICTS := libbbfdm libbbfdm-mbedtls libbbfdm-wolfssl
+endef
+
+define Package/libbbfdm-wolfssl
+  $(Package/libbbfdm/default)
+  TITLE += (wolfssl)
+  DEPENDS += +PACKAGE_libbbfdm-wolfssl:libwolfssl
+  VARIANT:=wolfssl
+  CONFLICTS := libbbfdm libbbfdm-mbedtls libbbfdm-openssl
 endef

 define Package/bbfdmd
@@ -46,7 +78,20 @@ define Package/bbfdmd
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=Datamodel ubus backend
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +libbbfdm
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libbbfdm-api +PACKAGE_libbbfdm-mbedtls:libbbfdm-mbedtls \
+		   +PACKAGE_libbbfdm-openssl:libbbfdm-openssl +PACKAGE_libbbfdm-wolfssl:libbbfdm-wolfssl \
+		   +PACKAGE_libbbfdm:libbbfdm
+endef
+
+define Package/userinterface
+  SECTION:=utils
+  CATEGORY:=Utilities
+  SUBMENU:=TRx69
+  TITLE:=Package to add Device.UserInterface. datamodel support
+endef
+
+define Package/userinterface/description
+  Package to add Device.UserInterface. datamodel support
 endef

 define Package/libbbfdm/config
@@ -68,8 +113,153 @@ endef
 endif

 CMAKE_OPTIONS += \
-	-DBBF_TR181=ON
-	-DBBF_WIFI_DATAELEMENTS=ON
+	-DBBF_TR181=ON \
+	-DCMAKE_VERBOSE_MAKEFILE:BOOL=ON
+
+
+ifeq ($(CONFIG_BBFDM_TR181_ATM),y)
+TARGET_CFLAGS += -DBBFDM_TR181_ATM
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_BRIDGING),y)
+TARGET_CFLAGS += -DBBFDM_TR181_BRIDGING
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DDNS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DDNS
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DEVICEINFO),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DEVICEINFO
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DEVICEINFO_PROCESSSTATUS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DEVICEINFO_PROCESSSTATUS
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DHCPv4),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DHCPv4
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DHCPv6),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DHCPv6
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DNS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DNS
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_DSL),y)
+TARGET_CFLAGS += -DBBFDM_TR181_DSL
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_ETHERNET),y)
+TARGET_CFLAGS += -DBBFDM_TR181_ETHERNET
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_FAST),y)
+TARGET_CFLAGS += -DBBFDM_TR181_FAST
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_FIREWALL),y)
+TARGET_CFLAGS += -DBBFDM_TR181_FIREWALL
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_GATEWAYINFO),y)
+TARGET_CFLAGS += -DBBFDM_TR181_GATEWAYINFO
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_GRE),y)
+TARGET_CFLAGS += -DBBFDM_TR181_GRE
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_IEEE1905),y)
+TARGET_CFLAGS += -DBBFDM_TR181_IEEE1905
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_INTERFACESTACK),y)
+TARGET_CFLAGS += -DBBFDM_TR181_INTERFACESTACK
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_IP),y)
+TARGET_CFLAGS += -DBBFDM_TR181_IP
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_LANCONFSEC),y)
+TARGET_CFLAGS += -DBBFDM_TR181_LANCONFSEC
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_MQTT),y)
+TARGET_CFLAGS += -DBBFDM_TR181_MQTT
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_NAT),y)
+TARGET_CFLAGS += -DBBFDM_TR181_NAT
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_PACKETCAPTURE),y)
+TARGET_CFLAGS += -DBBFDM_TR181_PACKETCAPTURE
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_PPP),y)
+TARGET_CFLAGS += -DBBFDM_TR181_PPP
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_PTM),y)
+TARGET_CFLAGS += -DBBFDM_TR181_PTM
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_QOS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_QOS
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_ROUTERADVERTISEMENT),y)
+TARGET_CFLAGS += -DBBFDM_TR181_ROUTERADVERTISEMENT
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_ROUTING),y)
+TARGET_CFLAGS += -DBBFDM_TR181_ROUTING
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_SECURITY),y)
+TARGET_CFLAGS += -DBBFDM_TR181_SECURITY
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_SELFTEST),y)
+TARGET_CFLAGS += -DBBFDM_TR181_SELFTEST
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_SSH),y)
+TARGET_CFLAGS += -DBBFDM_TR181_SSH
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_TIME),y)
+TARGET_CFLAGS += -DBBFDM_TR181_TIME
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_UPNP),y)
+TARGET_CFLAGS += -DBBFDM_TR181_UPNP
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_USB),y)
+TARGET_CFLAGS += -DBBFDM_TR181_USB
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_USERINTERFACE),y)
+TARGET_CFLAGS += -DBBFDM_TR181_USERINTERFACE
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_WIFI),y)
+TARGET_CFLAGS += -DBBFDM_TR181_WIFI
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_WIFI_DATAELEMENTS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_WIFI_DATAELEMENTS
+endif
+
+ifeq ($(CONFIG_BBFDM_TR181_WIFI_DATAELEMENTS_ASSOCEVENTS),y)
+TARGET_CFLAGS += -DBBFDM_TR181_WIFI_DATAELEMENTS_ASSOCEVENTS
+endif

 ifeq ($(CONFIG_BBF_TR143),y)
 CMAKE_OPTIONS += \
@@ -81,11 +271,33 @@ CMAKE_OPTIONS += \
 	-DBBF_TR471=ON
 endif

+ifeq ($(CONFIG_BBF_VENDOR_EXTENSION),y)
+CMAKE_OPTIONS += \
+	-DBBF_VENDOR_EXTENSION=ON
+
 CMAKE_OPTIONS += \
 	-DBBF_VENDOR_LIST:String="$(CONFIG_BBF_VENDOR_LIST)" \
 	-DBBF_VENDOR_PREFIX:String="$(CONFIG_BBF_VENDOR_PREFIX)" \
 	-DBBF_MAX_OBJECT_INSTANCES:Integer=$(CONFIG_BBF_MAX_OBJECT_INSTANCES)

+endif ##CONFIG_BBF_VENDOR_EXTENSION
+
+ifeq ($(BUILD_VARIANT),default)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),openssl)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),wolfssl)
+CMAKE_OPTIONS += -DWITH_WOLFSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),mbedtls)
+CMAKE_OPTIONS += -DWITH_MBEDTLS=ON
+endif
+
 ifeq ($(CONFIG_PACKAGE_bbfdmd),y)
 CMAKE_OPTIONS += \
 	-DBBFDMD_MAX_MSG_LEN:Integer=10485760
@@ -95,40 +307,31 @@ define Package/libbbfdm-api/install
 	$(INSTALL_DIR) $(1)/lib
 	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/libbbfdm-api.so $(1)/lib/
 	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.secure $(1)/usr/libexec/rpcd/bbf.secure
-	$(INSTALL_DIR) $(1)/etc/bbfdm
-	echo "$(CONFIG_BBF_OBFUSCATION_KEY)" > $(1)/etc/bbfdm/.secure_hash
-	$(INSTALL_DIR) $(1)/etc/bbfdm/certificates
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm-api/scripts/bbf.config $(1)/usr/libexec/rpcd/bbf.config
 endef

-define Package/libbbfdm/install
+define Package/libbbfdm/default/install
 	$(INSTALL_DIR) $(1)/lib
 	$(INSTALL_DIR) $(1)/etc/bbfdm
 	$(INSTALL_DIR) $(1)/etc/bbfdm/dmmap
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/usr/share/bbfdm/libbbfdm.so
+	$(CP) $(PKG_BUILD_DIR)/libbbfdm/libbbfdm.so $(1)/lib/
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/bbf $(1)/lib/upgrade/keep.d/bbf
 	$(INSTALL_BIN) ./files/etc/uci-defaults/95-portmap-firewall $(1)/etc/uci-defaults/95-portmap-firewall
 	$(INSTALL_BIN) ./files/etc/uci-defaults/97-firewall-service $(1)/etc/uci-defaults/97-firewall-service
 	$(INSTALL_BIN) ./files/etc/uci-defaults/99-link-core-plugins $(1)/etc/uci-defaults/99-link-core-plugins
-	$(INSTALL_BIN) ./files/etc/uci-defaults/90-remove-nonexisting-microservices $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/uci-defaults/91-fix-bbfdmd-enabled-option $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/firewall.portmap $(1)/etc/firewall.portmap
 	$(INSTALL_BIN) ./files/etc/firewall.service $(1)/etc/firewall.service
-ifeq ($(findstring iopsys,$(CONFIG_BBF_VENDOR_LIST)),iopsys)
-	$(BBFDM_INSTALL_CORE_PLUGIN) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/iopsys/libbbfdm_iopsys_ext.so $(1)
-endif
 ifeq ($(CONFIG_BBF_TR143),y)
-	$(INSTALL_DIR) $(1)/usr/share/bbfdm/scripts/
+	$(INSTALL_DIR) $(1)/usr/share/bbfdm
 	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(CP) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm/scripts/
-	$(LN) /usr/share/bbfdm/scripts/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/libbbfdm/scripts/* $(1)/usr/share/bbfdm
+	$(LN) /usr/share/bbfdm/bbf.diag $(1)/usr/libexec/rpcd/bbf.diag
 endif
 endef

-define Package/libbbfdm/prerm
+define Package/libbbfdm/default/prerm
 	#!/bin/sh
 	rm -rf /etc/bbfdm/dmmap/*
 	exit 0
@@ -140,22 +343,60 @@ define Package/bbfdmd/install
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_DIR) $(1)/etc/bbfdm
 	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bbfdmd/ubus/bbfdmd $(1)/usr/sbin/
 	$(INSTALL_DATA) ./files/etc/bbfdm/input.json $(1)/etc/bbfdm/
 	$(INSTALL_BIN) ./files/etc/init.d/bbfdmd $(1)/etc/init.d/bbfdmd
-	$(INSTALL_BIN) ./files/etc/init.d/bbfdm.services $(1)/etc/init.d/
 	$(INSTALL_CONF) ./files/etc/config/bbfdm $(1)/etc/config/bbfdm
+	$(INSTALL_CONF) ./files/etc/config/schedules $(1)/etc/config/schedules
+	$(INSTALL_BIN) ./files/etc/bbfdm/bbfdm_services.sh $(1)/etc/bbfdm/
 	$(INSTALL_BIN) ./files/etc/hotplug.d/iface/85-bbfdm-sysctl $(1)/etc/hotplug.d/iface/85-bbfdm-sysctl
+	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_lease_start_time.user $(1)/etc/udhcpc.user.d/udhcpc_lease_start_time.user
 endef

+define Package/userinterface/install
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_DIR) $(1)/etc/uci-defaults
+	$(INSTALL_DIR) $(1)/etc/init.d
+	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+	$(INSTALL_DATA) ./files/etc/config/userinterface $(1)/etc/config/userinterface
+	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/userinterface $(1)/lib/upgrade/keep.d/userinterface
+	$(INSTALL_BIN) ./files/etc/init.d/userinterface $(1)/etc/init.d/userinterface
+	$(INSTALL_BIN) ./files/etc/uci-defaults/93-userinterface-firewall $(1)/etc/uci-defaults/93-userinterface-firewall
+	$(INSTALL_BIN) ./files/etc/uci-defaults/94-userinterface-json $(1)/etc/uci-defaults/94-userinterface-json
+	$(INSTALL_BIN) ./files/etc/firewall.userinterface $(1)/etc/firewall.userinterface
+endef
+
+Package/libbbfdm/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-openssl/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-wolfssl/prerm = $(Package/libbbfdm/default/prerm)
+Package/libbbfdm-mbedtls/prerm = $(Package/libbbfdm/default/prerm)
+
+Package/libbbfdm/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-openssl/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-wolfssl/install = $(Package/libbbfdm/default/install)
+Package/libbbfdm-mbedtls/install = $(Package/libbbfdm/default/install)
+
 define Build/InstallDev
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
+	$(INSTALL_DIR) $(1)/usr/include/libbbfdm
 	$(INSTALL_DIR) $(1)/usr/include/libbbfdm-api
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbfdm-api/
+	$(INSTALL_DIR) $(1)/usr/include/libbbf_api
 	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/*.h $(1)/usr/include/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm/dmtree/tr181/device.h $(1)/usr/include/libbbfdm/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm/dmtree/vendor/vendor.h $(1)/usr/include/libbbfdm/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbfdm-api/
+	# Work around for backward compatibility
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/*.h $(1)/usr/include/libbbf_api/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/libbbfdm-api/include/libbbfdm_api.h $(1)/usr/include/libbbf_api.h
 endef

 $(eval $(call BuildPackage,libbbfdm-api))
 $(eval $(call BuildPackage,libbbfdm))
+$(eval $(call BuildPackage,libbbfdm-openssl))
+$(eval $(call BuildPackage,libbbfdm-wolfssl))
+$(eval $(call BuildPackage,libbbfdm-mbedtls))
 $(eval $(call BuildPackage,bbfdmd))
+
+$(eval $(call BuildPackage,userinterface))
--- a/bbfdm/README.md
+++ b/bbfdm/README.md
@@ -1,40 +0,0 @@
-# BBFDM configuration options and utilities
-
-bbfdm provides few compile time configuration options and compile time help utility called [bbfdm.mk](./bbfdm.mk), this document aimed to explain the available usages and best practices.
-
-## Compilation options
-
-|  Configuration option    | Description   | Default Value |
-| -----------------------  | ------------- | ----------- |
-| CONFIG_BBF_VENDOR_LIST   | List of vendor extension directories | iopsys        |
-| CONFIG_BBF_VENDOR_PREFIX | Prefix for Vendor extension datamodel objects/parameters | X_IOPSYS_EU_  |
-| CONFIG_BBF_TR143         | Enable/Add TR-143 Data Model Support | y             |
-| CONFIG_BBF_TR471         | Enable/Add TR-471 Data Model Support | y             |
-| CONFIG_BBF_MAX_OBJECT_INSTANCES | Maximum number of instances per object | 255    |
-| BBF_OBFUSCATION_KEY      | Hash used to encode/decode in `bbf.secure` object | 371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04 |
-
-
-#### BBF_OBFUSCATION_KEY
-
-`bbfdm` provides an ubus object called `bbf.secure` to allow encoding/decoding the values, `bbf.secure` currently support following methods internally to encode/decode
-
-  - Encode/Decode using a predefined SHA512 Hash key
-  - Encode/Decode using a private/public RSA key pair
-
-The `BBF_OBFUSCATION_KEY` compile time configuration option used to defined the SHA512 HASH, if this option is undefined, then it usages a default value as mention in the above table.
-
-User must override this parameter with their own hash value, to generate a hash user can run below command and copy the hash value to this option.
-
-ex: User wants to use 'Sup3rS3cur3Passw0rd' as passkey, then can get the SHA512 sum with
-
-```bash
-$ echo -n "Sup3rS3cur3Passw0rd" | sha512sum
-371d530c95a17d1ca223a29b7a6cdc97e1135c1e0959b51106cca91a0b148b5e42742d372a359760742803f2a44bd88fca67ccdcfaeed26d02ce3b6049cb1e04  -
-```
-
-> Note: Additionally, user can install RSA private key in '/etc/bbfdm/certificates/private_key.pem' path, if private key is present `bbf.secure` shall use rsa private certificate for encrypt/decrypt function. In case of key not present in the pre-defined path, hash will be used for the same.
-
-## Helper utility (bbfdm.mk)
-
-bbfdm provides a helper utility [bbfdm.mk](./bbfdm.mk) to install datamodel plugins in bbfdm core or in microservice directory.
-
--- a/bbfdm/bbfdm.mk
+++ b/bbfdm/bbfdm.mk
@@ -2,95 +2,8 @@
 # Copyright (C) 2023 IOPSYS
 #

-BBFDM_BASE_DM_PATH=/usr/share/bbfdm
-BBFDM_INPUT_PATH=/etc/bbfdm/micro_services
-BBFDM_DIR:=$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-
-#BBFDM_VERSION:=$(shell grep -oP '(?<=^PKG_VERSION:=).*' ${BBFDM_DIR}/Makefile)
-#BBFDM_TOOLS:=$(BUILD_DIR)/bbfdm-$(BBFDM_VERSION)/tools
-
-# Utility to install the plugin in bbfdm core path with priority.
-# Its now possible to overwrite/remove core datamodel with plugin, so, if some
-# datamodel objects/parameters are present in more than one plugin, order in
-# which they loaded into memory becomes crucial, this Utility help to configure
-# a priority order in which they gets loaded in memory.
-#
-# ARGS:
-#  $1 => Plugin artifact
-#  $2 => package install directory
-#  $3 => Priority of the installed plugin (Optional)
-#
-# Note:
-# - Last loaded plugin gets the highest priority
-#
-# Example:
-#  BBFDM_INSTALL_CORE_PLUGIN ./files/etc/bbfdm/json/CWMPManagementServer.json $(1)
-#
-# Example to install plugin with priority:
-#  BBFDM_INSTALL_CORE_PLUGIN ./files/etc/bbfdm/json/CWMPManagementServer.json $(1) 01
-#
-BBFDM_INSTALL_CORE_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -p
-
-
-# Utility to install the micro-service datamodel
-# Use Case:
-# user wants to run a datamodel micro-service, it required to install the
-# DotSO/JSON plugin into a bbf shared directory, this utility helps in
-# installing the DotSO/JSON plugin in bbfdm shared directory, and auto-generate
-# input file for the micro-service
-#
-# ARGS:
-#  $1 => DotSo or Json plugin with complete path
-#  $2 => package install directory
-#  $3 => service name
-#
-# Note:
-# - There could be only one main plugin file, so its bind to PKG_NAME
-# - Micro-service input.json will be auto generated with this call
-#
-# Example:
-#  BBFDM_INSTALL_MS_DM $(PKG_BUILD_DIR)/libcwmp.so $(1) $(PKG_NAME)
-#
-BBFDM_INSTALL_MS_DM:=$(BBFDM_DIR)/tools/bbfdm.sh -m
-
-
-# Utility to install a plugins in datamodel micro-service
-#
-# ARGS:
-#  $1 => DotSo or Json plugin with complete path
-#  $2 => package install directory
-#  $3 => service name
-#
-# Note:
-# - Use the service_name/PKG_NAME of the service in which this has to run
-#
-# Example:
-#  BBFDM_INSTALL_MS_PLUGIN $(PKG_BUILD_DIR)/libxmpp.so $(1) icwmp
-#
-BBFDM_INSTALL_MS_PLUGIN:=$(BBFDM_DIR)/tools/bbfdm.sh -m -p
-
-
-# Deprecated functions errors
-define BbfdmInstallPluginInMicroservice
-	$(warning # BbfdmInstallPluginInMicroservice function is deprecated, use BBFDM_INSTALL_MS_PLUGIN macro #)
-	$(INSTALL_DIR) $(1)
-	$(INSTALL_DATA) $(2) $(1)/
-endef
-
-define BbfdmInstallMicroServiceInputFile
-	$(warning # function BbfdmInstallMicroServiceInputFile deprecated, input file auto generated with BBFDM_INSTALL_MS_DM #)
-	$(INSTALL_DIR) $(1)/etc/bbfdm/micro_services
-	$(INSTALL_DATA) $(2) $(1)/etc/bbfdm/micro_services/$(PKG_NAME).json
-endef

 define BbfdmInstallPlugin
-	$(warning # function BbfdmInstallPlugin deprecated, use BBFDM_INSTALL_CORE_PLUGIN macro #)
 	$(INSTALL_DIR) $(1)/etc/bbfdm/plugins
 	$(INSTALL_DATA) $(2) $(1)/etc/bbfdm/plugins/
 endef
-
-define BbfdmInstallPluginWithPriority
-	$(warning # fucntion BbfdmInstallPluginWithPriority deprecated, use BBFDM_INSTALL_CORE_PLUGIN #)
-	$(INSTALL_DIR) $(1)/etc/bbfdm/plugins
-	$(INSTALL_DATA) $(3) $(1)/etc/bbfdm/plugins/$(2)_$(shell basename ${3})
-endef
--- a/bbfdm/files/etc/bbfdm/bbfdm_services.sh
+++ b/bbfdm/files/etc/bbfdm/bbfdm_services.sh
@@ -0,0 +1,47 @@
+#!/bin/sh
+
+BBFDMD="/usr/sbin/bbfdmd"
+
+bbfdm_add_service()
+{
+	local name path
+
+	name="${1}"
+	path="${2}"
+
+	if [ -z "${name}" -o -z "$path" ]; then
+		return 0;
+	fi
+
+	ubus call service add "{'name':'bbfdm.services','instances':{'$name':{'command':['$BBFDMD','-m','$path']}}}"
+}
+
+bbfdm_stop_service()
+{
+	local name
+
+	name="${1}"
+	if [ -z "${name}" ]; then
+		return 0;
+	fi
+
+	if ubus call service list '{"name":"bbfdm.services"}' |grep -q "bbfdm.$name"; then
+		ubus call service delete "{'name':'bbfdm.services','instance':'bbfdm.$name'}"
+	fi
+}
+
+usages()
+{
+	echo "Usages $0: <OPTIONS>..."
+	echo
+	echo "    -h    show help"
+	echo "    -k    micro-service name to stop"
+	echo
+}
+
+while getopts "s:k:h" opts; do
+	case "$opts" in
+		h) usages; exit 0;;
+		k) bbfdm_stop_service "${OPTARG}";;
+	esac
+done
--- a/bbfdm/files/etc/bbfdm/input.json
+++ b/bbfdm/files/etc/bbfdm/input.json
@@ -4,8 +4,8 @@
                },
                "input": {
                        "type": "DotSo",
-                        "name": "/usr/share/bbfdm/libbbfdm.so",
-                        "plugin_dir": "/usr/share/bbfdm/plugins"
+                        "name": "/lib/libbbfdm.so",
+                        "plugin_dir": "/etc/bbfdm/plugins"
                },
                "output": {
                        "type": "UBUS",
--- a/bbfdm/files/etc/config/bbfdm
+++ b/bbfdm/files/etc/config/bbfdm
@@ -1,11 +1,8 @@
+
 config bbfdmd 'bbfdmd'
-	option enable '1'
+	option enabled '1'
 	option loglevel '1'
 	option refresh_time '120'
 	option transaction_timeout '30'
 	option subprocess_level '2'

-config micro_services 'micro_services'
-	option enable '1'
-	option enable_core '0'
-	option enable_respawn '1'
--- a/bbfdm/files/etc/config/schedules
+++ b/bbfdm/files/etc/config/schedules
@@ -0,0 +1,2 @@
+config global 'global'
+	option enable '1'
--- a/userinterface/files/etc/config/userinterface
+++ b/userinterface/files/etc/config/userinterface
--- a/bbfdm/files/etc/firewall.portmap
+++ b/bbfdm/files/etc/firewall.portmap
@@ -2,71 +2,40 @@

 . /lib/functions.sh

-log() {
-	echo "${@}"|logger -t firewall.dnat -p info
-}
-
-exec_cmd() {
-	if ! eval "$*"; then
-		log "Failed to run [$*]"
-	fi
-}
-
 reorder_dnat_rules() {
 	nat_chains=$(iptables -t nat -S | grep -E "^-N zone[a-zA-Z0-9_]+prerouting$" | cut -d' ' -f 2)

 	for chain in ${nat_chains}; do
 		# Collect empty remote host & empty dport rules
 		EMPTY_HOST_PORT=$(iptables -t nat -S ${chain} | grep -E "REDIRECT|DNAT" | grep -v "\-\-dport" | grep -v "\-s ")
-		if [ -n "${EMPTY_HOST_PORT}" ]; then
-			echo "${EMPTY_HOST_PORT}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd | sed 's/-A /-D /g')"
-				exec_cmd $cmd1
-			done
-		fi

 		# Collect empty remote host but non empty dport rules
 		EMPTY_HOST=$(iptables -t nat -S ${chain} | grep -E "REDIRECT|DNAT" | grep "\-\-dport" | grep -v "\-s ")
-		if [ -n "${EMPTY_HOST}" ]; then
-			echo "${EMPTY_HOST}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd | sed 's/-A /-D /g')"
-				exec_cmd $cmd1
-			done
-		fi

 		# Collect non empty remote host but empty dport rules
 		EMPTY_PORT=$(iptables -t nat -S ${chain} | grep -E "REDIRECT|DNAT" | grep -v "\-\-dport" | grep "\-s ")
-		if [ -n "${EMPTY_PORT}" ]; then
-			echo "${EMPTY_PORT}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd | sed 's/-A /-D /g')"
-				exec_cmd $cmd1
-			done
-		fi

-		# Now add rules as per datamodel precedence shown below
-		## Non empty remote host, empty dport
-		## empty remote host, non empty dport
-		## empty remote host, empty dport
-		if [ -n "${EMPTY_PORT}" ]; then
-			echo "${EMPTY_PORT}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd)"
-				exec_cmd $cmd1
-			done
-		fi
+		# Skip this chain if no matching rules were found
+		[ -n "${EMPTY_HOST_PORT}" -o -n "${EMPTY_HOST}" -o -n "${EMPTY_PORT}" ] || continue

-		if [ -n "${EMPTY_HOST}" ]; then
-			echo "${EMPTY_HOST}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd)"
-				exec_cmd $cmd1
-			done
-		fi
+		(
+			echo '*nat'

-		if [ -n "${EMPTY_HOST_PORT}" ]; then
-			echo "${EMPTY_HOST_PORT}" | while read cmd; do
-				cmd1="iptables -t nat $(echo $cmd)"
-				exec_cmd $cmd1
-			done
-		fi
+			# Delete collected rules
+			[ -n "${EMPTY_HOST_PORT}" ] && echo "${EMPTY_HOST_PORT}" | sed 's/^-A /-D /'
+			[ -n "${EMPTY_HOST}" ] && echo "${EMPTY_HOST}" | sed 's/^-A /-D /'
+			[ -n "${EMPTY_PORT}" ] && echo "${EMPTY_PORT}" | sed 's/^-A /-D /'
+
+			# Now add rules as per datamodel precedence shown below
+			## Non empty remote host, empty dport
+			## empty remote host, non empty dport
+			## empty remote host, empty dport
+			[ -n "${EMPTY_PORT}" ] && echo "${EMPTY_PORT}"
+			[ -n "${EMPTY_HOST}" ] && echo "${EMPTY_HOST}"
+			[ -n "${EMPTY_HOST_PORT}" ] && echo "${EMPTY_HOST_PORT}"
+
+			echo 'COMMIT'
+		) | iptables-restore -w -n
 	done
 }

--- a/bbfdm/files/etc/firewall.service
+++ b/bbfdm/files/etc/firewall.service
@@ -7,7 +7,7 @@ log() {
 }

 exec_cmd() {
-	if ! eval "$*"; then
+	if ! "$@"; then
 		log "Failed to run [$*]"
 		echo "-1"
 		return 0
@@ -73,7 +73,7 @@ add_iptable_rule() {
 		fi

 		if [ -z "${src_prefix}" ]; then
-			res=$(exec_cmd "iptables ${cmd} -m comment --comment IPtables_service_rule -j ${action}")
+			res=$(exec_cmd iptables -w ${cmd} -m comment --comment IPtables_service_rule -j "${action}")
 		else
 			#Add ipv4 sources if any
 			src_list=""
@@ -86,7 +86,7 @@ add_iptable_rule() {

 			if [ -n "$src_list" ]; then
 				src_list=$(echo "${src_list}" | sed "s/,$//")
-				res=$(exec_cmd "iptables -s $src_list ${cmd} -m comment --comment IPtables_service_rule -j ${action}")
+				res=$(exec_cmd iptables -w -s "$src_list" ${cmd} -m comment --comment IPtables_service_rule -j "${action}")
 			fi
 		fi
 	fi
@@ -97,7 +97,7 @@ add_iptable_rule() {
 		fi

 		if [ -z "${src_prefix}" ]; then
-			res=$(exec_cmd "ip6tables ${cmd} -m comment --comment IP6tables_service_rule -j ${action}")
+			res=$(exec_cmd ip6tables -w ${cmd} -m comment --comment IP6tables_service_rule -j "${action}")
 		else
 			#Add ipv6 sources if any
 			src_list=""
@@ -110,7 +110,7 @@ add_iptable_rule() {

 			if [ -n "$src_list" ]; then
 				src_list=$(echo "${src_list}" | sed "s/,$//")
-				res=$(exec_cmd "ip6tables -s $src_list ${cmd} -m comment --comment IP6tables_service_rule -j ${action}")
+				res=$(exec_cmd ip6tables -w -s "$src_list" ${cmd} -m comment --comment IP6tables_service_rule -j "${action}")
 			fi
 		fi
 	fi
--- a/userinterface/files/etc/firewall.userinterface
+++ b/userinterface/files/etc/firewall.userinterface
--- a/bbfdm/files/etc/init.d/bbfdm.services
+++ b/bbfdm/files/etc/init.d/bbfdm.services
@@ -1,106 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=40
-STOP=8
-
-USE_PROCD=1
-PROG=/usr/sbin/bbfdmd
-
-BBFDM_MICROSERVICE_DIR="/etc/bbfdm/micro_services"
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "${@}"|logger -t bbfdmd.services -p info
-}
-
-validate_bbfdm_micro_service_section()
-{
-	uci_validate_section bbfdm micro_services "micro_services" \
-		'enable:bool:true' \
-		'enable_core:bool:false' \
-		'enable_respawn:bool:true'
-}
-
-_add_microservice()
-{
-	local name path
-	local enable enable_core enable_respawn
-
-	# Check enable from micro-service
-	path="${1}"
-	enable_respawn="${2}"
-	enable_core="${3}"
-
-	name="$(basename ${path})"
-	name="${name//.json}"
-
-	enable="$(jq '.daemon.enable//1' ${path})"
-	if [ "${enable}" -eq "0" ]; then
-		log "datamodel micro-service ${name} not enabled"
-		return 0
-	fi
-
-	procd_open_instance "${name}"
-
-	procd_set_param command ${PROG}
-	procd_append_param command -m "${name}"
-
-	if [ "${enable_core}" -eq "1" ]; then
-		procd_set_param limits core="unlimited"
-		procd_set_param stdout 1
-		procd_set_param stderr 1
-	fi
-
-	if [ "${enable_respawn}" -eq "1" ]; then
-		procd_set_param respawn "3600" "5" "5"
-	fi
-	procd_close_instance "${name}"
-}
-
-configure_bbfdm_micro_services()
-{
-	local enable enable_core enable_respawn
-
-	config_load bbfdm
-	validate_bbfdm_micro_service_section || {
-		log "Validation of micro_service section failed"
-		return 1;
-	}
-
-	[ "${enable}" -eq "0" ] && return 0
-
-	if [ -d "${BBFDM_MICROSERVICE_DIR}" ]; then
-		FILES="$(ls -1 ${BBFDM_MICROSERVICE_DIR}/*.json)"
-
-		for file in $FILES;
-		do
-			[ -e "$file" ] || continue
-
-			_add_microservice $file "${enable_respawn}" "${enable_core}"
-		done
-	fi
-}
-
-_start_single_service()
-{
-	local service file
-
-	service="${1}"
-
-	if [ -d "${BBFDM_MICROSERVICE_DIR}" ]; then
-		file="$(ls -1 ${BBFDM_MICROSERVICE_DIR}/${service}.json)"
-		[ -e "$file" ] || return
-
-		_add_microservice $file "0" "0"
-	fi
-}
-
-start_service()
-{
-	if [ -n "${1}" ]; then
-		_start_single_service "${1}"
-	else
-		configure_bbfdm_micro_services
-	fi
-}
--- a/bbfdm/files/etc/init.d/bbfdmd
+++ b/bbfdm/files/etc/init.d/bbfdmd
@@ -7,9 +7,7 @@ USE_PROCD=1
 PROG=/usr/sbin/bbfdmd

 BBFDM_JSON_INPUT="/etc/bbfdm/input.json"
-BBFDM_TEMP_DIR="/tmp/bbfdm"
-
-. /usr/share/libubox/jshn.sh
+BBFDM_TEMP_JSON="/tmp/bbfdm/input.json"

 log() {
 	echo "${@}"|logger -t bbfdmd.init -p info
@@ -18,7 +16,7 @@ log() {
 validate_bbfdm_bbfdmd_section()
 {
 	uci_validate_section bbfdm bbfdmd "bbfdmd" \
-		'enable:bool:true' \
+		'enabled:bool:true' \
 		'sock:string' \
 		'debug:bool:false' \
 		'loglevel:uinteger:1' \
@@ -29,19 +27,25 @@ validate_bbfdm_bbfdmd_section()

 configure_bbfdmd()
 {
-	local enable debug sock
+	local enabled debug sock update
 	local jlog jrefresh jtimeout jlevel

+	update=0
 	config_load bbfdm
 	validate_bbfdm_bbfdmd_section || {
 		log "Validation of bbfdmd section failed"
 		return 1;
 	}

-	[ "${enable}" -eq 0 ] && return 0
+	[ "${enabled}" -eq 0 ] && return 0

 	if [ -f "${BBFDM_JSON_INPUT}" ]; then
-		echo "$(jq --arg log ${loglevel} --arg tran ${transaction_timeout} --arg refresh ${refresh_time} --arg level ${subprocess_level} '.daemon.config += {"loglevel": $log, "refresh_time": $refresh, "transaction_timeout": $tran, "subprocess_level": $level}' ${BBFDM_JSON_INPUT})" > "${BBFDM_TEMP_DIR}/input.json"
+		cat ${BBFDM_JSON_INPUT} |jq --arg log ${loglevel} --arg tran ${transaction_timeout} --arg refresh ${refresh_time} --arg level ${subprocess_level} '.daemon.config += {"loglevel": $log, "refresh_time": $refresh, "transaction_timeout": $tran, "subprocess_level": $level}' > ${BBFDM_TEMP_JSON}
+		val="$(jq -r '.daemon.input // empty' ${BBFDM_TEMP_JSON})"
+		if [ -z "${val}" ]; then
+			log "Failed to generate temp input json, uci changes not applied"
+			cp ${BBFDM_JSON_INPUT} ${BBFDM_TEMP_JSON}
+		fi
 	fi

 	procd_set_param command ${PROG}
@@ -57,12 +61,18 @@ configure_bbfdmd()

 start_service()
 {
-	mkdir -p ${BBFDM_TEMP_DIR}
-
+	mkdir -p /tmp/bbfdm
 	procd_open_instance "bbfdm"
 	configure_bbfdmd
 	procd_set_param respawn
 	procd_close_instance "bbfdm"
+
+	ubus call service state '{"name":"bbfdm.services", "spawn":true}'
+}
+
+stop_service()
+{
+	ubus call service state '{"name":"bbfdm.services", "spawn":false}'
 }

 service_triggers()
--- a/bbfdm/files/etc/init.d/userinterface
+++ b/bbfdm/files/etc/init.d/userinterface
@@ -0,0 +1,33 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+STOP=01
+
+USE_PROCD=1
+
+start_service() {
+	local enable
+
+	config_load userinterface
+	config_get_bool enable global enable 1
+
+	if [ ! -f "/etc/config/nginx" ]; then
+		return 0
+	fi
+
+	if [ "${enable}" -eq "1" ]; then
+		ubus call service state '{"name":"nginx", "spawn":true}'
+	else
+		ubus call service state '{"name":"nginx", "spawn":false}'
+	fi
+
+	# Inject firewall rules
+	procd_open_instance userinterface
+	/etc/firewall.userinterface
+	procd_close_instance
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "userinterface" "nginx"
+}
--- a/bbfdm/files/etc/uci-defaults/90-remove-nonexisting-microservices
+++ b/bbfdm/files/etc/uci-defaults/90-remove-nonexisting-microservices
@@ -1,18 +0,0 @@
-#!/bin/sh
-. /lib/functions.sh
-
-remove_nonexisting_microservice() {
-	local input_json
-
-	config_get input_json "$1" input_json ""
-
-	if [ -z "${input_json}" ]; then
-		uci_remove bbfdm "${1}"
-	fi
-}
-
-config_load bbfdm
-config_foreach remove_nonexisting_microservice "micro_service"
-
-exit 0
-
--- a/bbfdm/files/etc/uci-defaults/91-fix-bbfdmd-enabled-option
+++ b/bbfdm/files/etc/uci-defaults/91-fix-bbfdmd-enabled-option
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-# rename bbfdmd enabled option to enable
-val="$(uci -q get bbfdm.bbfdmd.enabled)"
-if [ -n "${val}" ]; then
-	uci -q set bbfdm.bbfdmd.enabled=""
-	uci -q set bbfdm.bbfdmd.enable="${val}"
-fi
-
-exit 0
-
--- a/userinterface/files/etc/uci-defaults/93-userinterface-firewall
+++ b/userinterface/files/etc/uci-defaults/93-userinterface-firewall
@@ -3,7 +3,7 @@
 uci -q batch <<-EOT
        delete firewall.userinterface
        set firewall.userinterface=include
-        set firewall.userinterface.path=/etc/userinterface/firewall.userinterface
+        set firewall.userinterface.path=/etc/firewall.userinterface
        set firewall.userinterface.reload=1
        commit firewall
 EOT
--- a/userinterface/files/etc/uci-defaults/94-userinterface-json
+++ b/userinterface/files/etc/uci-defaults/94-userinterface-json
--- a/bbfdm/files/etc/uci-defaults/99-link-core-plugins
+++ b/bbfdm/files/etc/uci-defaults/99-link-core-plugins
@@ -1,32 +1,16 @@
 #!/bin/sh

-UNIFIED_PATH="/usr/share/bbfdm/plugins/"
-
-log() {
-	echo "$@" | logger -t bbfdm.uci-default -p info
-}
+UNIFIED_PATH="/etc/bbfdm/plugins/"

 # Link JSON plugins
 for f in `ls -1 /etc/bbfdm/json/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
+	echo "# BBFDM JSON plugin ${f} not aligned #"
 	ln -s ${f} "${UNIFIED_PATH}"
 done

 # Link DotSo plugins
 for f in `ls -1 /usr/lib/bbfdm/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link JSON plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.json`; do
-	log "# BBFDM JSON plugin ${f} not aligned #"
-	ln -s ${f} "${UNIFIED_PATH}"
-done
-
-# Link DotSo plugins
-for f in `ls -1 /etc/bbfdm/plugins/*.so`; do
-	log "# BBFDM DotSO plugin ${f} not aligned #"
+	echo "# BBFDM DotSO plugin ${f} not aligned #"
 	ln -s ${f} "${UNIFIED_PATH}"
 done

--- a/bbfdm/files/etc/udhcpc.user.d/udhcpc_lease_start_time.user
+++ b/bbfdm/files/etc/udhcpc.user.d/udhcpc_lease_start_time.user
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+leasestarttime="$(awk -F'.' '{print $1}' /proc/uptime 2> /dev/null)"
+target_file=/tmp/dhcp_client_info
+target_str="$INTERFACE $lease $leasestarttime"
+
+# if this interface is present in file, then replace it
+if grep -q "$INTERFACE" "$target_file" 2> /dev/null; then
+	# replace the whole line if pattern matches
+	sed -i "/${INTERFACE}/c\\${target_str}" "$target_file"
+else
+	# interface info was not present, append it to the file
+	echo "$target_str" >> "$target_file"
+fi
--- a/bbfdm/files/lib/upgrade/keep.d/userinterface
+++ b/bbfdm/files/lib/upgrade/keep.d/userinterface
@@ -0,0 +1 @@
+/etc/nginx/allow_host_*
--- a/bbfdm/tools/bbfdm.sh
+++ b/bbfdm/tools/bbfdm.sh
@@ -1,141 +0,0 @@
-#!/bin/bash
-
-BBFDM_BASE_DM_PATH="usr/share/bbfdm"
-BBFDM_INPUT_PATH="etc/bbfdm/micro_services"
-INPUT_TEMPLATE='{"daemon":{"service_name":"template","config":{"loglevel":"1"}}}'
-
-MICRO_SERVICE=0
-PLUGIN=0
-DEST=""
-TOOLS="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
-SRC=""
-
-while getopts ":mp" opt; do
-	case ${opt} in
-	  m)
-	  	MICRO_SERVICE=1
-		;;
-	  p)
-	  	PLUGIN=1
-		;;
-	  ?)
-	  	echo "Invalid option: ${OPTARG}"
-		exit 1
-		;;
-	esac
-done
-shift $((OPTIND-1))
-
-SRC="${1}"
-shift
-DEST="${1}"
-shift
-DATA="${1}"
-
-install_bin() {
-	if ! install -m0755 ${1} ${2}; then
-		echo "Failed to install bin ${1} => ${2}"
-		exit 1
-	fi
-}
-
-install_dir() {
-	if ! install -d -m0755 ${1}; then
-		echo "Failed to create directory ${1}"
-		exit 1
-	fi
-}
-
-install_data() {
-	if ! install -m0644 ${1} ${2}; then
-		echo "Failed to install ${1} => ${2}"
-		exit 1
-	fi
-}
-
-# Installing datamodel
-bbfdm_install_dm()
-{
-	local src dest minfile
-
-	src="$1"
-	dest="$2"
-	minfile=""
-
-	if [ -z ${src} ] || [ -z "${dest}" ] || [ -z "${TOOLS}" ]; then
-		echo "Invalid input option for install dm $@"
-		exit 1
-	fi
-
-	if [ "${src##*.}" = "json" ]; then
-		echo "Compacting BBFDM JSON file"
-		minfile=$(mktemp)
-		jq -c 'del(..|.description?)' ${src} > ${minfile}
-
-		src=${minfile}
-		if dpkg -s python3-jsonschema >/dev/null 2>&1; then
-			echo "Verifying bbfdm Datamodel JSON file"
-			if ! ${TOOLS}/validate_plugins.py ${src}; then
-				echo "Validation of the plugin failed ${src}"
-				exit 1
-			fi
-		else
-			echo "## Install python3-jsonschema to verify datamodel plugins"
-		fi
-	fi
-
-	install_bin ${src} ${dest}
-
-	if [ -f "${minfile}" ]; then
-		rm ${minfile}
-	fi
-}
-
-bbfdm_generate_input()
-{
-	local dest ser
-
-	dest_dir=${1}
-	ser=${2}
-	dest=${dest_dir}/${ser}.json
-
-	echo ${INPUT_TEMPLATE} | jq --arg service "$ser" '.daemon.service_name = $service' > ${dest}
-	chmod 466 ${dest}
-}
-
-if [ -z "$SRC" ] || [ -z "${DEST}" ] ; then
-	echo "# BBFDM Null value in src[${SRC}], dest[${DEST}]"
-	exit 1
-fi
-
-if [ "${MICRO_SERVICE}" -eq "1" ]; then
-	if [ -z "${DATA}" ]; then
-		echo "# service_name[${DATA}] not provided"
-		exit 1
-	fi
-
-	if [ "${PLUGIN}" -ne "1" ]; then
-		extn="$(basename ${SRC})"
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services
-		bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}.${extn##*.}
-
-		# main micro-service datamodel plugin, create an input file as well
-		install_dir ${DEST}/${BBFDM_INPUT_PATH}
-		bbfdm_generate_input ${DEST}/${BBFDM_INPUT_PATH}/ ${DATA}
-	else
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}
-		bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/micro_services/${DATA}/$(basename ${SRC})
-	fi
-else
-	if [ "${PLUGIN}" -eq "1" ]; then
-		priority="${DATA:-0}"
-		install_dir ${DEST}/${BBFDM_BASE_DM_PATH}/plugins
-		if [ "${priority}" -gt "0" ]; then
-			# install with priority if defined
-			bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/plugins/${priority}_$(basename ${SRC})
-		else
-			bbfdm_install_dm ${SRC} ${DEST}/${BBFDM_BASE_DM_PATH}/plugins/$(basename ${SRC})
-		fi
-	fi
-fi
-
--- a/bbfdm/tools/validate_plugins.py
+++ b/bbfdm/tools/validate_plugins.py
@@ -1,330 +0,0 @@
-#!/usr/bin/python3
-
-# Copyright (C) 2024 iopsys Software Solutions AB
-# Author: Amin Ben Romdhane <amin.benromdhane@iopsys.eu>
-
-import sys
-import json
-from jsonschema import validate
-
-JSON_PLUGIN_VERSION = 0
-
-obj_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"object"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"uniqueKeys" : {"type" : "array"},
-		"access" : {"type" : "boolean"},
-		"array" : {"type" : "boolean"},
-		"mapping" : {"type" : "object", "properties" : {
-				"type" : {"$ref": "#/definitions/map_type_t"},
-				"uci" : {"type" : "object", "properties" : {
-						"file" : {"type": "string"},
-						"section" : {"type": "object", "properties" : {
-								"type" : {"type": "string"}
-							}
-						},
-						"dmmapfile" : {"type": "string"}
-					}
-				},
-				"ubus" : {"type" : "object", "properties" : {
-						"object" : {"type": "string"},
-						"method" : {"type": "string"},
-						"args" : {"type": "object"},
-						"key" : {"type": "string"}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"array",
-		"access"
-	]
-}
-
-obj_schema_v1 = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"object"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp",
-				"none"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"uniqueKeys" : {"type" : "array"},
-		"access" : {"type" : "boolean"},
-		"array" : {"type" : "boolean"},
-		"mapping" : {"type" : "array", "items" : {
-			"type" : "object", "properties" : {
-				"type" : {"$ref": "#/definitions/map_type_t"},
-					"uci" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"},
-							"section" : {"type": "object", "properties" : {
-									"type" : {"type": "string"}
-								}
-							},
-							"dmmapfile" : {"type": "string"}
-						}
-					},
-					"ubus" : {"type" : "object", "properties" : {
-							"object" : {"type": "string"},
-							"method" : {"type": "string"},
-							"args" : {"type": "object"},
-							"key" : {"type": "string"}
-						}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"array",
-		"access"
-	]
-}
-
-param_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"string",
-				"unsignedInt",
-				"unsignedLong",
-				"int",
-				"long",
-				"boolean",
-				"dateTime",
-				"hexBinary",
-				"base64",
-				"decimal"
-			]
-		},
-		"map_type_t": {
-			"type": "string",
-			"enum": [
-				"uci",
-				"ubus",
-				"procfs",
-				"sysfs",
-				"json",
-				"uci_sec"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"cwmp",
-				"usp",
-				"none"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"read" : {"type" : "boolean"},
-		"write" : {"type" : "boolean"},
-		"mapping" : {"type" : "array", "items" : {"type": "object", "properties" : {
-					"type" : {"$ref": "#/definitions/map_type_t"},
-					"uci" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"},
-							"section" : {"type": "object", "properties" : {
-									"type" : {"type": "string"},
-									"index" : {"type": "string"}
-								}
-							},
-							"option" : {"type": "object", "properties" : {
-									"name" : {"type": "string"}								}
-							}
-						}
-					},
-					"ubus" : {"type" : "object", "properties" : {
-							"object" : {"type": "string"},
-							"method" : {"type": "string"},
-							"args" : {"type": "object"},
-							"key" : {"type": "string"}
-						}
-					},
-					"procfs" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"}
-						}
-					},
-					"sysfs" : {"type" : "object", "properties" : {
-							"file" : {"type": "string"}
-						}
-					}
-				}
-			}
-		}
-	},
-	"required": [
-		"type",
-		"protocols",
-		"read",
-		"write"
-	]
-}
-
-event_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"event"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"version" : {"type": "string"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}}
-	},
-	"required": [
-		"type",
-		"protocols"
-	]
-}
-
-command_schema = {
-	"definitions": {
-		"type_t": {
-			"type": "string",
-			"enum": [
-				"command"
-			]
-		},
-		"protocols_t": {
-			"type": "string",
-			"enum": [
-				"usp"
-			]
-		}
-	},
-	"type" : "object",
-	"properties" : {
-		"type" : {"$ref": "#/definitions/type_t"},
-		"async" : {"type" : "boolean"},
-		"protocols" : {"type" : "array", "items" : {"$ref": "#/definitions/protocols_t"}},
-		"input" : {"type" : "object"},
-		"output" : {"type" : "object"}
-	},
-	"required": [
-		"type",
-		"async",
-		"protocols"
-	]
-}
-
-def print_validate_json_usage():
-    print("Usage: " + sys.argv[0] + " <dm json file>")
-    print("Examples:")
-    print("  - " + sys.argv[0] + " datamodel.json")
-    print("    ==> Validate the json file")
-    print("")
-    exit(1)
-
-def parse_value( key , value ):
-
-    if key.endswith('.') and not key.startswith('Device.'):
-        print(key + " is not a valid path")
-        exit(1)
-
-    if key.endswith('.') and (JSON_PLUGIN_VERSION == 1 or JSON_PLUGIN_VERSION == 2):
-        __schema = obj_schema_v1
-    elif key.endswith('.'):
-        __schema = obj_schema
-    elif key.endswith('!'):
-        __schema = event_schema
-    elif key.endswith('()'):
-        __schema = command_schema
-    else:
-        __schema = param_schema
-    
-    validate(instance = value, schema = __schema)
-    
-    for k, v in value.items():
-        if k != "list" and k != "mapping" and k != "input" and k != "output" and isinstance(v, dict):
-            parse_value(k, v)
-
-### main ###
-if len(sys.argv) < 2:
-    print_validate_json_usage()
-    
-json_file = open(sys.argv[1], "r", encoding='utf-8')
-try:
-    json_data = json.loads(json_file.read())
-except ValueError:
-    print(sys.argv[1] + " file has a wrong JSON format!!!!!")
-    exit(1)
-
-for __key, __value in json_data.items():
-
-    if __key == "json_plugin_version":
-
-        if not isinstance(__value, int) or __value not in [0, 1, 2]:
-            raise ValueError("Invalid value for json_plugin_version")
-
-        JSON_PLUGIN_VERSION = __value
-        continue
-
-    parse_value(__key , __value)
-
-print("JSON File is Valid")
--- a/bulkdata/Makefile
+++ b/bulkdata/Makefile
@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.10
+PKG_VERSION:=2.1.3

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=e472e90feec31d9f318ea8c732ab564002e25db1
+PKG_SOURCE_VERSION:=f556410b51a2248f11358793f11ae54d3e53e85e
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -22,7 +22,6 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk

 define Package/$(PKG_NAME)
  SECTION:=utils
@@ -44,14 +43,10 @@ endif

 define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/usr/sbin
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bulkdatad $(1)/usr/sbin/
-	$(INSTALL_DATA) ./files/etc/config/bulkdata $(1)/etc/config/
-	$(INSTALL_BIN) ./files/etc/init.d/bulkdatad $(1)/etc/init.d/
-	$(INSTALL_DATA) ./files/etc/uci-defaults/95-bulkdata-translation-options $(1)/etc/uci-defaults/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/bbf_plugin/bulkdata.json $(1) $(PKG_NAME)
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bulkdatad $(1)/usr/sbin/	
+	$(INSTALL_DIR) $(1)/etc/bulkdata
+	$(INSTALL_BIN) $(PKG_BUILD_DIR)/bbf_plugin/*.json $(1)/etc/bulkdata
+	$(CP) ./files/* $(1)/
 endef

 $(eval $(call BuildPackage,$(PKG_NAME)))
--- a/bulkdata/bulkdata/usr/share/bbfdm/micro_services/bulkdata.json
+++ b/bulkdata/bulkdata/usr/share/bbfdm/micro_services/bulkdata.json
@@ -1,960 +0,0 @@
-{
-	"json_plugin_version": 2,
-	"Device.BulkData.": {
-		"type": "object",
-		"protocols": [
-			"cwmp",
-			"usp"
-		],
-		"access": false,
-		"array": false,
-		"Enable": {
-			"type": "boolean",
-			"read": true,
-			"write": true,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "boolean",
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"name": "bulkdata"
-						},
-						"option": {
-							"name": "enable"
-						}
-					}
-				}
-			]
-		},
-		"Status": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "string",
-			"enumerations": [
-				"Enabled",
-				"Disabled",
-				"Error"
-			],
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"name": "bulkdata"
-						},
-						"option": {
-							"name": "enable"
-						}
-					}
-				}
-			]
-		},
-		"MinReportingInterval": {
-			"type": "unsignedInt",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "0",
-			"datatype": "unsignedInt",
-			"unit": "seconds"
-		},
-		"Protocols": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "HTTP",
-			"list": {
-				"datatype": "string",
-				"enumerations": [
-					"Streaming",
-					"File",
-					"HTTP",
-					"MQTT"
-				]
-			}
-		},
-		"EncodingTypes": {
-			"type": "string",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "JSON,CSV",
-			"list": {
-				"datatype": "string",
-				"enumerations": [
-					"XML",
-					"XDR",
-					"CSV",
-					"JSON"
-				]
-			}
-		},
-		"ParameterWildCardSupported": {
-			"type": "boolean",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "1",
-			"datatype": "boolean"
-		},
-		"MaxNumberOfProfiles": {
-			"type": "int",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "-1",
-			"datatype": "int",
-			"range": [
-				{
-					"min": -1
-				}
-			]
-		},
-		"MaxNumberOfParameterReferences": {
-			"type": "int",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"default": "-1",
-			"datatype": "int",
-			"range": [
-				{
-					"min": -1
-				}
-			]
-		},
-		"ProfileNumberOfEntries": {
-			"type": "unsignedInt",
-			"read": true,
-			"write": false,
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"datatype": "unsignedInt",
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"type": "profile"
-						},
-						"option": {
-							"name": "@Count"
-						}
-					}
-				}
-			]
-		},
-		"Device.BulkData.Profile.{i}.": {
-			"type": "object",
-			"protocols": [
-				"cwmp",
-				"usp"
-			],
-			"access": true,
-			"array": true,
-			"mapping": [
-				{
-					"type": "uci",
-					"uci": {
-						"file": "bulkdata",
-						"section": {
-							"type": "profile"
-						},
-						"dmmapfile": "dmmap_bulkdata"
-					}
-				}
-			],
-			"Enable": {
-				"type": "boolean",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "boolean",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "enable"
-					}
-				]
-			},
-			"Alias": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "Alias",
-				"range": [
-					{
-						"max": 64
-					}
-				],
-				"flags": [
-					"Unique"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "alias"
-					}
-				]
-			},
-			"Name": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"range": [
-					{
-						"max": 255
-					}
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "name"
-					}
-				]
-			},
-			"NumberOfRetainedFailedReports": {
-				"type": "int",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "int",
-				"range": [
-					{
-						"min": -1
-					}
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "nbre_of_retained_failed_reports"
-					}
-				]
-			},
-			"Protocol": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"enumerations": [
-					"Streaming",
-					"File",
-					"HTTP"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "protocol"
-					}
-				]
-			},
-			"EncodingType": {
-				"type": "string",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "string",
-				"enumerations": [
-					"XML",
-					"XDR",
-					"CSV",
-					"JSON"
-				],
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "encoding_type"
-					}
-				]
-			},
-			"ReportingInterval": {
-				"type": "unsignedInt",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "unsignedInt",
-				"range": [
-					{
-						"min": 1
-					}
-				],
-				"unit": "seconds",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "reporting_interval"
-					}
-				]
-			},
-			"TimeReference": {
-				"type": "dateTime",
-				"read": true,
-				"write": true,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "dateTime",
-				"mapping": [
-					{
-						"data": "@Parent",
-						"type": "uci_sec",
-						"key": "time_reference"
-					}
-				]
-			},
-			"ParameterNumberOfEntries": {
-				"type": "unsignedInt",
-				"read": true,
-				"write": false,
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"datatype": "unsignedInt",
-				"mapping": [
-					{
-						"type": "uci",
-						"uci": {
-							"file": "bulkdata",
-							"section": {
-								"type": "profile_parameter"
-							},
-							"option": {
-								"name": "@Count"
-							}
-						}
-					}
-				]
-			},
-			"Device.BulkData.Profile.{i}.Parameter.{i}.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": true,
-				"array": true,
-				"mapping": [
-					{
-						"type": "uci",
-						"uci": {
-							"file": "bulkdata",
-							"section": {
-								"type": "profile_parameter"
-							},
-							"dmmapfile": "dmmap_bulkdata"
-						}
-					}
-				],
-				"Name": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 64
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "name"
-						}
-					]
-				},
-				"Reference": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "reference"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.CSVEncoding.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"FieldSeparator": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_field_separator"
-						}
-					]
-				},
-				"RowSeparator": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_row_separator"
-						}
-					]
-				},
-				"EscapeCharacter": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_escape_character"
-						}
-					]
-				},
-				"ReportFormat": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"ParameterPerRow",
-						"ParameterPerColumn"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_report_format"
-						}
-					]
-				},
-				"RowTimestamp": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"Unix-Epoch",
-						"ISO-8601",
-						"None"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "csv_encoding_row_time_stamp"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.JSONEncoding.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"ReportFormat": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"ObjectHierarchy",
-						"NameValuePair"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "json_encoding_report_format"
-						}
-					]
-				},
-				"ReportTimestamp": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"Unix-Epoch",
-						"ISO-8601",
-						"None"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "json_encoding_report_time_stamp"
-						}
-					]
-				}
-			},
-			"Device.BulkData.Profile.{i}.HTTP.": {
-				"type": "object",
-				"protocols": [
-					"cwmp",
-					"usp"
-				],
-				"access": false,
-				"array": false,
-				"URL": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "URL",
-					"range": [
-						{
-							"max": 2048
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_url"
-						}
-					]
-				},
-				"Username": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_username"
-						}
-					]
-				},
-				"Password": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"range": [
-						{
-							"max": 256
-						}
-					],
-					"flags": [
-						"Secure"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_password"
-						}
-					]
-				},
-				"CompressionsSupported": {
-					"type": "string",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"default": "GZIP",
-					"list": {
-						"datatype": "string",
-						"enumerations": [
-							"GZIP",
-							"Compress",
-							"Deflate"
-						]
-					}
-				},
-				"Compression": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"GZIP",
-						"Compress",
-						"Deflate"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_compression"
-						}
-					]
-				},
-				"MethodsSupported": {
-					"type": "string",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"default": "POST,PUT",
-					"list": {
-						"datatype": "string",
-						"enumerations": [
-							"POST",
-							"PUT"
-						]
-					}
-				},
-				"Method": {
-					"type": "string",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "string",
-					"enumerations": [
-						"POST",
-						"PUT"
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_method"
-						}
-					]
-				},
-				"UseDateHeader": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_use_date_header"
-						}
-					]
-				},
-				"RetryEnable": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_enable"
-						}
-					]
-				},
-				"RetryMinimumWaitInterval": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"range": [
-						{
-							"min": 1,
-							"max": 65535
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_minimum_wait_interval"
-						}
-					]
-				},
-				"RetryIntervalMultiplier": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"range": [
-						{
-							"min": 1000,
-							"max": 65535
-						}
-					],
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_retry_interval_multiplier"
-						}
-					]
-				},
-				"RequestURIParameterNumberOfEntries": {
-					"type": "unsignedInt",
-					"read": true,
-					"write": false,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "unsignedInt",
-					"mapping": [
-						{
-							"type": "uci",
-							"uci": {
-								"file": "bulkdata",
-								"section": {
-									"type": "profile_http_request_uri_parameter"
-								},
-								"option": {
-									"name": "@Count"
-								}
-							}
-						}
-					]
-				},
-				"PersistAcrossReboot": {
-					"type": "boolean",
-					"read": true,
-					"write": true,
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"datatype": "boolean",
-					"mapping": [
-						{
-							"data": "@Parent",
-							"type": "uci_sec",
-							"key": "http_persist_across_reboot"
-						}
-					]					
-				},
-				"Device.BulkData.Profile.{i}.HTTP.RequestURIParameter.{i}.": {
-					"type": "object",
-					"protocols": [
-						"cwmp",
-						"usp"
-					],
-					"access": true,
-					"array": true,
-					"mapping": [
-						{
-							"type": "uci",
-							"uci": {
-								"file": "bulkdata",
-								"section": {
-									"type": "profile_http_request_uri_parameter"
-								},
-								"dmmapfile": "dmmap_bulkdata"
-							}
-						}
-					],
-					"Name": {
-						"type": "string",
-						"read": true,
-						"write": true,
-						"protocols": [
-							"cwmp",
-							"usp"
-						],
-						"datatype": "string",
-						"range": [
-							{
-								"max": 64
-							}
-						],
-						"mapping": [
-							{
-								"data": "@Parent",
-								"type": "uci_sec",
-								"key": "name"
-							}
-						]
-					},
-					"Reference": {
-						"type": "string",
-						"read": true,
-						"write": true,
-						"protocols": [
-							"cwmp",
-							"usp"
-						],
-						"datatype": "string",
-						"range": [
-							{
-								"max": 256
-							}
-						],
-						"mapping": [
-							{
-								"data": "@Parent",
-								"type": "uci_sec",
-								"key": "reference"
-							}
-						]
-					}
-				}
-			}
-		}
-	}
-}
--- a/bulkdata/files/etc/bulkdata/input.json
+++ b/bulkdata/files/etc/bulkdata/input.json
@@ -0,0 +1,15 @@
+{
+	"daemon": {
+		"input": {
+			"type": "JSON",
+			"name": "/etc/bulkdata/bulkdata.json"
+		},
+		"output": {
+			"type": "UBUS",
+			"name": "bbfdm.bulkdata",
+			"parent_dm": "Device.",
+			"object": "BulkData",
+			"root_obj": "bbfdm"
+		}
+	}
+}
--- a/bulkdata/files/etc/init.d/bulkdatad
+++ b/bulkdata/files/etc/init.d/bulkdatad
@@ -3,8 +3,11 @@
 START=60
 STOP=10

+. /etc/bbfdm/bbfdm_services.sh
+
 USE_PROCD=1
 PROG="/usr/sbin/bulkdatad"
+BULKDATA_JSON_INPUT="/etc/bulkdata/input.json"

 start_service() {
 	local enable
@@ -18,6 +21,8 @@ start_service() {
 		procd_set_param respawn
 		procd_close_instance "bulkdata"
 	}
+
+	bbfdm_add_service "bbfdm.bulkdata" "${BULKDATA_JSON_INPUT}"
 }

 reload_service() {
--- a/capiagent/Makefile
+++ b/capiagent/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=capiagent
-PKG_VERSION:=2.1.1
+PKG_VERSION:=2.1.0

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=136cab3a9f1eec0132db9fa3f7bb1c8748ce1449
+PKG_SOURCE_VERSION:=3e671db8f567b19c109fc13b25bc571c4c73a962
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/capiagent.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -31,7 +31,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/capiagent
  TITLE+= capiagent (daemon implementing Wi-Fi Alliance's CAPI commands)
  DEPENDS= +libubox +libuci +libubus +libnl-genl +libeasy +libwifi \
-	   +libjson-c +libblobmsg-json +ubus +libieee1905 +libwifiutils
+	   +libjson-c +libblobmsg-json +ubus +libieee1905
 endef

 define Package/capiagent/description
--- a/csmngr/Makefile
+++ b/csmngr/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=csmngr
-PKG_VERSION:=0.0.8
+PKG_VERSION:=1.0.1

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=ca899eb18b5bec38f4b8b4d08b42d89fef965c13
+PKG_SOURCE_VERSION:=92c62f8df86066bd1718a6a6036195b113e74032
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/csmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/ddnsmngr/Config.in
+++ b/ddnsmngr/Config.in
@@ -1,16 +0,0 @@
-if PACKAGE_ddnsmngr
-choice
-	prompt "Select backend for dynamic DNS management"
-	default DDNSMNGR_BACKEND_DDNSSCRIPT
-	depends on PACKAGE_ddnsmngr
-	help
-		Select which package to use for dynamic DNS support
-
-config DDNSMNGR_BACKEND_DDNSSCRIPT
-	bool "Use ddns_script"
-
-config DDNSMNGR_BACKEND_INADYN
-	bool "Use inadyn"
-
-endchoice
-endif
--- a/ddnsmngr/Makefile
+++ b/ddnsmngr/Makefile
@@ -1,77 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=ddnsmngr
-PKG_VERSION:=1.0.4
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/ddnsmngr.git
-PKG_SOURCE_VERSION:=d0d37df44644ef2c1a0b11d3a4f92dc694ae1010
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-PKG_CONFIG_DEPENDS:=CONFIG_DDNSMNGR_BACKEND_DDNSSCRIPT CONFIG_DDNSMNGR_BACKEND_INADYN
-
-include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
-
-define Package/$(PKG_NAME)
-  SECTION:=utils
-  CATEGORY:=Utilities
-  SUBMENU:=TRx69
-  TITLE:=Dynamic DNS manager
-  DEPENDS:=+libbbfdm-api +DDNSMNGR_BACKEND_DDNSSCRIPT:ddns-scripts +DDNSMNGR_BACKEND_INADYN:inadyn
-  MENU:=1
-endef
-
-define Package/$(PKG_NAME)/config
-	source "$(SOURCE)/Config.in"
-endef
-
-MAKE_PATH:=src
-
-define Package/$(PKG_NAME)/description
-	Manage dynamic DNS updation and provides Device.DynamicDNS. datamodel object based on TR181-2.16
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/ddnsmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/$(PKG_NAME)/install
-	$(INSTALL_DIR) $(1)/etc/ddnsmngr/ddns
-	$(INSTALL_DIR) $(1)/etc/ddnsmngr/servers
-	$(INSTALL_DIR) $(1)/usr/lib/ddnsmngr
-	$(INSTALL_DIR) $(1)/etc/init.d
-	$(INSTALL_DIR) $(1)/etc/config
-	$(INSTALL_DIR) $(1)/etc/uci-defaults
-	$(INSTALL_DIR) $(1)/usr/libexec/rpcd
-	$(INSTALL_DATA) ./files/etc/config/ddnsmngr $(1)/etc/config/ddnsmngr
-	$(INSTALL_BIN) ./files/etc/uci-defaults/01-ddns-config-migrate $(1)/etc/uci-defaults/
-	$(INSTALL_BIN) ./files/etc/init.d/ddnsmngr $(1)/etc/init.d/ddnsmngr
-ifeq ($(CONFIG_DDNSMNGR_BACKEND_DDNSSCRIPT),y)
-	$(INSTALL_BIN) ./files/usr/lib/ddns_script/ddnsmngr_service.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/ddns-script/usr/lib/ddnsmngr/ddnsmngr_updater.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/ddns-script/server/* $(1)/etc/ddnsmngr/servers
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/ddns-script/usr/libexec/rpcd/ddnsmngr $(1)/usr/libexec/rpcd/ddnsmngr
-endif
-ifeq ($(CONFIG_DDNSMNGR_BACKEND_INADYN),y)
-	$(INSTALL_BIN) ./files/usr/lib/inadyn/ddnsmngr_service.sh $(1)/usr/lib/ddnsmngr/
-	$(INSTALL_DATA) $(PKG_BUILD_DIR)/files/inadyn/server/* $(1)/etc/ddnsmngr/servers
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/files/inadyn/usr/libexec/rpcd/ddnsmngr $(1)/usr/libexec/rpcd/ddnsmngr
-endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libddnsmngr.so $(1) $(PKG_NAME)
-endef
-
-
-$(eval $(call BuildPackage,$(PKG_NAME)))
--- a/ddnsmngr/files/etc/config/ddnsmngr
+++ b/ddnsmngr/files/etc/config/ddnsmngr
@@ -1,23 +0,0 @@
-config ddnsmngr 'global'
-	option configfile '/var/run/ddnsmngr/ddnsmngr.json'
-	option ddns_dateformat '%F %R'
-	option ddns_rundir '/var/run/ddnsmngr'
-	option ddns_logdir '/var/log/ddnsmngr'
-	option ddns_loglines '250'
-	option upd_privateip '0'
-	option use_curl '1'
-
-config server 'ddns_server_1'
-	option enabled '1'
-	option service 'dynu.com'
-	option name 'dynu.com'
-
-config server 'ddns_server_2'
-	option enabled '1'
-	option service 'dyndns.org'
-	option name 'dyndns.org'
-
-config server 'ddns_server_3'
-	option enabled '1'
-	option service 'zoneedit.com'
-	option name 'zoneedit.com'
--- a/ddnsmngr/files/etc/init.d/ddnsmngr
+++ b/ddnsmngr/files/etc/init.d/ddnsmngr
@@ -1,26 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=80
-STOP=10
-USE_PROCD=1
-
-. /usr/lib/ddnsmngr/ddnsmngr_service.sh
-
-start_service() {
-	start_ddnsmngr_service
-}
-
-stop_service() {
-	stop_ddnsmngr_service
-}
-
-reload_service() {
-	stop
-	sleep 1
-	start
-}
-
-service_triggers() {
-	procd_add_reload_trigger ddnsmngr
-	add_ddnsmngr_triggers
-}
--- a/ddnsmngr/files/etc/uci-defaults/01-ddns-config-migrate
+++ b/ddnsmngr/files/etc/uci-defaults/01-ddns-config-migrate
@@ -1,170 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-cl_id=1
-srv_id=1
-
-function get_ddns_config_option() {
-	local val
-
-	val="$(uci -q get ddns.${1}.${2})"
-
-	if [ -z "${val}" ] && [ -n "${3}" ]; then
-		val="${3}"
-	fi
-
-	echo "${val}"
-}
-
-function config_supported_service() {
-	if ! uci -q get ddnsmngr.global >/dev/null 2>&1; then
-		uci -q set ddnsmngr.global="ddnsmngr"
-	fi
-
-	servers=""
-
-	for i in $(find /etc/ddnsmngr/servers/ -name '*.json' | cut -d'/' -f 5 | sed "s/.json//")
-	do
-		if [ -z "${servers}" ]; then
-			servers="${i}"
-		else
-			servers="${servers},${i}"
-		fi
-	done
-
-	uci -q set ddnsmngr.global.supported_services="${servers}"
-}
-
-function migrate_service_section() {
-	client_sec=""
-	enabled="$(get_ddns_config_option ${1} enabled "0")"
-	service_name="$(get_ddns_config_option ${1} service_name)"
-	interface="$(get_ddns_config_option ${1} interface)"
-	ip_network="$(get_ddns_config_option ${1} ip_network)"
-	username="$(get_ddns_config_option ${1} username)"
-	password="$(get_ddns_config_option ${1} password)"
-	lookup_host="$(get_ddns_config_option ${1} lookup_host)"
-	use_ipv6="$(get_ddns_config_option ${1} use_ipv6 "0")"
-	force_ipversion="$(get_ddns_config_option ${1} force_ipversion "0")"
-	use_https="$(get_ddns_config_option ${1} use_https "0")"
-	force_dnstcp="$(get_ddns_config_option ${1} force_dnstcp "0")"
-
-	if [ -z "${service_name}" ]; then
-		uci -q delete ddns."${1}"
-		return 0
-	fi
-
-	# check server file is present in device
-	if [ ! -f "/etc/ddnsmngr/servers/${service_name}.json" ]; then
-		uci -q delete ddns."${1}"
-		return 0
-	fi
-
-	# Check if client section is already added for this service
-	clients=$(uci -q show ddnsmngr | grep "=client")
-	client_count=$(echo "${clients}" | wc -l)
-
-	tmp=0
-	while [ $tmp -lt $client_count ]
-	do
-		mngr_serv="$(uci -q get ddnsmngr.@client[$tmp].service_name)"
-		mngr_intf="$(uci -q get ddnsmngr.@client[$tmp].interface)"
-		mngr_netw="$(uci -q get ddnsmngr.@client[$tmp].ip_network)"
-		mngr_user="$(uci -q get ddnsmngr.@client[$tmp].username)"
-		mngr_ipv6="$(uci -q get ddnsmngr.@client[$tmp].use_ipv6)"
-		mngr_forceip="$(uci -q get ddnsmngr.@client[$tmp].force_ipversion)"
-		mngr_https="$(uci -q get ddnsmngr.@client[$tmp].use_https)"
-		mngr_dnstcp="$(uci -q get ddnsmngr.@client[$tmp].force_dnstcp)"
-
-		[ -z "${mngr_ipv6}" ] && mngr_ipv6="0"
-		[ -z "${mngr_forceip}" ] && mngr_forceip="0"
-		[ -z "${mngr_https}" ] && mngr_https="0"
-		[ -z "${mngr_dnstcp}" ] && mngr_dnstcp="0"
-
-		if [ "${mngr_serv}" == "${service_name}" ] && [ "${mngr_intf}" == "${interface}" ] && \
-		   [ "${mngr_netw}" == "${ip_network}" ] && [ "${mngr_user}" == "${username}" ] && \
-		   [ "${mngr_ipv6}" == "${use_ipv6}" ] && [ "${mngr_forceip}" == "${force_ipversion}" ] && \
-		   [ "${mngr_https}" == "${use_https}" ] && [ "${mngr_dnstcp}" == "${force_dnstcp}" ]; then
-			break
-		fi
-
-		tmp=$(( tmp + 1 ))
-	done
-
-	if [ $tmp -ne $client_count ]; then
-		i=0
-		for client in $clients; do
-			if [ $i -eq $tmp ]; then
-				client_sec="$(echo $client | cut -d'=' -f 1 | cut -d'.' -f 2)"
-				break
-			fi
-			i=$(( i + 1 ))
-		done
-
-		if [ $enabled -eq 1 ]; then
-			uci -q set ddnsmngr."${client_sec}".enabled="1"
-		fi
-	else
-		client_sec=ddns_mig_client_"${cl_id}"
-
-		uci -q set ddnsmngr."${client_sec}"="client"
-		uci -q set ddnsmngr."${client_sec}".enabled="${enabled}"
-		uci -q set ddnsmngr."${client_sec}".service_name="${service_name}"
-		uci -q set ddnsmngr."${client_sec}".interface="${interface}"
-		uci -q set ddnsmngr."${client_sec}".ip_network="${ip_network}"
-		uci -q set ddnsmngr."${client_sec}".username="${username}"
-		uci -q set ddnsmngr."${client_sec}".password="${password}"
-		uci -q set ddnsmngr."${client_sec}".use_ipv6="${use_ipv6}"
-		uci -q set ddnsmngr."${client_sec}".force_ipversion="${force_ipversion}"
-		uci -q set ddnsmngr."${client_sec}".use_https="${use_https}"
-		uci -q set ddnsmngr."${client_sec}".force_dnstcp="${force_dnstcp}"
-
-		cl_id=$(( cl_id + 1 ))
-
-		# add server section if not added
-		servers=$(uci -q show ddnsmngr | grep "service=\'${service_name}\'")
-		if [ -z "${servers}" ]; then
-			server_sec=ddns_mig_server_"${srv_id}"
-			uci -q set ddnsmngr."${server_sec}"="server"
-			uci -q set ddnsmngr."${server_sec}".enabled="1"
-			uci -q set ddnsmngr."${server_sec}".service="${service_name}"
-			uci -q set ddnsmngr."${server_sec}".name="${service_name}"
-
-			srv_id=$(( srv_id + 1 ))
-		fi
-	fi
-
-
-	# if lookup_host is set then add host section
-	if [ -n "${lookup_host}" ] && [ -n "${client_sec}" ]; then
-		# check number of hosts present for this client
-		host_count=$(uci -q show ddnsmngr | grep "dm_parent=\'${client_sec}\'" | wc -l)
-		host_ix=$(( host_count + 1 ))
-		host_sec="${client_sec}"_host_"${host_ix}"
-
-		uci -q set ddnsmngr."${host_sec}"="host"
-		uci -q set ddnsmngr."${host_sec}".enabled="${enabled}"
-		uci -q set ddnsmngr."${host_sec}".lookup_host="${lookup_host}"
-		uci -q set ddnsmngr."${host_sec}".dm_parent="${client_sec}"
-	fi
-
-	uci -q delete ddns."${1}"
-}
-
-function migrate_ddns_config() {
-	if [ ! -f "/etc/config/ddnsmngr" ]; then
-		# Create ddnsmngr config file
-		touch /etc/config/ddnsmngr
-	fi
-
-	config_supported_service
-
-	config_load ddns
-	config_foreach migrate_service_section service
-
-	uci -q commit ddns
-	uci -q commit ddnsmngr
-}
-
-migrate_ddns_config
--- a/ddnsmngr/files/usr/lib/ddns_script/ddnsmngr_service.sh
+++ b/ddnsmngr/files/usr/lib/ddns_script/ddnsmngr_service.sh
@@ -1,169 +0,0 @@
-#! /bin/sh
-
-RUNDIR="/var/run/ddnsmngr"
-LOGDIR="/var/log/ddnsmngr"
-PROG="/usr/lib/ddnsmngr/ddnsmngr_updater.sh"
-CONFIGFILE="/var/run/ddnsmngr/ddnsmngr.json"
-CLIENT_INTFS=""
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "$*"|logger -t ddnsmngr.init -p debug
-}
-
-validate_host_section() {
-	uci_validate_section ddnsmngr host "${1}" \
-		'enabled:bool:0' \
-		'lookup_host:string' \
-		'dm_parent:string'
-}
-
-validate_client_section() {
-	uci_validate_section ddnsmngr client "${1}" \
-		'enabled:bool:0' \
-		'service_name:string' \
-		'interface:string' \
-		'ip_network:string' \
-		'username:string' \
-		'password:string' \
-		'use_https:bool:0' \
-		'force_dnstcp:bool:0' \
-		'use_ipv6:bool:0' \
-		'force_ipversion:bool:0'
-}
-
-add_object() {
-	local enabled lookup_host dm_parent use_ipv6 force_ipversion proc_info_file
-	local service_name interface ip_network username password use_https force_dnstcp
-
-	validate_host_section "${1}" || {
-		log "Validation of host section failed"
-		return 0
-	}
-
-	if [ "${enabled}" -ne 1 ] || [ -z "${dm_parent}" ]; then
-		return 0
-	fi
-
-	validate_client_section "${dm_parent}" || {
-		log "Validation of client section failed"
-		return 0 
-	}
-
-	if [ "${enabled}" -ne 1 ]; then
-		return 0
-	fi
-
-	service_name=$(uci -q get ddnsmngr.${dm_parent}.service_name)
-	if [ -z "${service_name}" ]; then
-		return 0
-	fi
-
-	service_section=$(uci -q show ddnsmngr | grep "service=\'${service_name}\'" | cut -d'.' -f 2 | head -1)
-	if [ -z "${service_section}" ]; then
-		return 0
-	fi
-
-	service_enabled=$(uci -q get ddnsmngr.${service_section}.enabled)
-	if [ "${service_enabled}" -ne 1 ]; then
-		return 0
-	fi
-
-	json_add_object
-	json_add_string "interface" "${interface}"
-	json_add_string "service_name" "${service_name}"
-	json_add_string "username" "${username}"
-	json_add_string "password" "${password}"
-	json_add_string "lookup_host" "${lookup_host}"
-	json_add_string "ip_network" "${ip_network}"
-	json_add_string "proc_info_file" "${1}"
-	json_add_string "use_ipv6" "${use_ipv6}"
-	json_add_string "force_ipversion" "${force_ipversion}"
-	json_add_string "use_https" "${use_https}"
-	json_add_string "force_dnstcp" "${force_dnstcp}"
-	json_close_object
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	for intf in $CLIENT_INTFS; do
-		if [ "${intf}" == "${interface}" ]; then
-			return 0
-		fi
-	done
-
-	CLIENT_INTFS="${CLIENT_INTFS} ${interface}"
-}
-
-start_ddnsmngr_service() {
-	run_dir=$(uci -q get ddnsmngr.global.ddns_rundir)
-	log_dir=$(uci -q get ddnsmngr.global.ddns_logdir)
-
-	if [ -n "${run_dir}" ]; then
-		RUNDIR="${run_dir}"
-	fi
-
-	if [ -n "${log_dir}" ]; then
-		LOGDIR="${log_dir}"
-	fi
-
-	mkdir -p "${RUNDIR}"
-	mkdir -p "${LOGDIR}"
-
-	conf_file=$(uci -q get ddnsmngr.global.configfile)
-	if [ -n "${conf_file}" ]; then
-		CONFIGFILE="${conf_file}"
-	fi
-
-	touch "${CONFIGFILE}"
-
-	if [ ! -f "${CONFIGFILE}" ]; then
-		log "Can not create ${CONFIGFILE}, exit"
-		exit 0
-	fi
-
-	json_init
-	json_add_array "services"
-
-	config_load ddnsmngr
-	config_foreach add_object host
-
-	json_close_array
-	json_dump > "${CONFIGFILE}"
-
-	procd_open_instance ddnsmngr
-	procd_set_param command "$PROG"
-	procd_append_param command -c "${CONFIGFILE}"
-	procd_append_param command -- start
-	procd_close_instance
-}
-
-stop_ddnsmngr_service() {
-	conf_file=$(uci -q get ddnsmngr.global.configfile)
-	if [ -n "${conf_file}" ]; then
-		CONFIGFILE="${conf_file}"
-	fi
-
-	if [ ! -f "${CONFIGFILE}" ]; then
-		log "${CONFIGFILE} not found, can't stop services if running any"
-	fi
-
-	"$PROG" -c "${CONFIGFILE}" -- stop
-	return 0
-}
-
-add_ddnsmngr_triggers() {
-	procd_open_trigger
-	for intf in $CLIENT_INTFS; do
-		# No need to handle other ifevents like ifupdate etc
-		procd_add_interface_trigger "interface.*.up" $intf /etc/init.d/ddnsmngr restart
-		procd_add_interface_trigger "interface.*.down" $intf /etc/init.d/ddnsmngr restart
-	done
-	procd_close_trigger
-}
--- a/ddnsmngr/files/usr/lib/inadyn/ddnsmngr_service.sh
+++ b/ddnsmngr/files/usr/lib/inadyn/ddnsmngr_service.sh
@@ -1,311 +0,0 @@
-#!/bin/sh
-
-PROG="/usr/sbin/inadyn"
-CONFIGPATH="/tmp/inadyn_config"
-PIDPATH="/etc/inadyn_pid"
-CLIENT_INTFS=""
-CONFIG_FILES=""
-SERVER_PATH="/etc/ddnsmngr/servers"
-
-FORMAT="custom [SECTION] {\n\tusername\t= [USER]\n\tpassword\t= [PWD]\n\tddns-server\t= [SERV]\n\tddns-path\t= [URI]\n\tssl\t\t= [SSL]\n\thostname\t= [NAME]\n\tcheckip-command\t= [CMD]\n\tddns-response\t= [RESPONSES]\n}"
-
-
-. /usr/share/libubox/jshn.sh
-
-log() {
-	echo "$*"|logger -t ddnsmngr.init -p debug
-}
-
-get_service_data() {
-	local provider="$1"
-	shift
-	local dir="$1"
-	shift
-	local ipv6="$1"
-	shift
-
-	local name data url answer script
-
-	[ $# -ne 2 ] && {
-		return 1
-	}
-
-	[ -f "${dir}/${provider}.json" ] || {
-		eval "$1=\"\""
-		eval "$2=\"\""
-		return 1
-	}
-
-	json_load_file "${dir}/${provider}.json"
-	json_get_var name "name"
-	if [ "$ipv6" -eq "1" ]; then
-		json_select "ipv6"
-	else
-		json_select "ipv4"
-	fi
-	json_get_var data "url"
-	json_get_var answer "answer"
-	json_select ".."
-	json_cleanup
-
-	response=""
-	if [ -n "${answer}" ]; then
-		answer=$(echo "${answer}" | sed 's/|/ /g')
-		for ans in $answer; do
-			if [ -z "${response}" ]; then
-				response="${ans}"
-			else
-				response="${response}, ${ans}"
-			fi
-		done
-		response="{ ${response} }"
-	fi
-
-	eval "$1=\"$data\""
-	eval "$2=\"$response\""
-
-	return 0
-}
-
-generate_inadyn_config() {
-	json_load "${1}"
-	json_get_var service_name service_name
-	json_get_var use_ipv6 use_ipv6
-	json_get_var interface interface
-	json_get_var username username
-	json_get_var password password
-	json_get_var host lookup_host
-	json_get_var conf_file config_file
-	json_get_var conf_dir config_dir
-	json_get_var server_address server_address
-	json_cleanup
-
-	if [ -z "${service_name}" ] || [ -z "${host}" ]; then
-		return 1
-	fi
-
-	if [ -z "${conf_file}" ]; then
-		return 1
-	fi
-
-	if [ -z "${conf_dir}" ]; then
-		return 1
-	fi
-
-	# First look into custom path to load the url otherwise default path
-	get_service_data "${service_name}" "${SERVER_PATH}" "${use_ipv6}" server_url server_answer
-
-	if [ -z "${server_url}" ]; then
-		return 1
-	fi
-
-	# Need to pick proto, server address and request uri separately from the url
-	# format http://[server_address]/[update_Request_uri]
-	proto=$(echo $server_url | cut -d':' -f 1)
-	serv=$(echo $server_url | cut -d'/' -f 3 | cut -d'@' -f 2)
-	uri=${server_url#*$serv}
-
-	if [ -z $proto ] || [ -z $serv ] || [ -z $uri ]; then
-		return 1
-	fi
-
-	path=$(echo "$uri" | sed 's/&/\\&/g')
-	update_uri=$(echo $path | sed -e "s#\[DOMAIN\]#%h#g"	-e "s#\[PASSWORD\]#%p#g" \
-				      -e "s#\[USERNAME\]#%u#g"	-e "s#\[IP\]#%i#g")
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	# now get the physical interface name
-	intf=$(ifstatus "${interface}" | jsonfilter -e '@.device')
-	if [ -z "${intf}" ]; then
-		return 1
-	fi
-
-	# command to get ip of the interface
-	if [ "${use_ipv6}" -eq 0 ]; then
-		get_ip="\"ifstatus ${interface} | jsonfilter -e '@[\\\\\"ipv4-address\\\\\"][0].address'\""
-	else
-		get_ip="\"ifstatus ${interface} | jsonfilter -e '@[\\\\\"ipv6-address\\\\\"][0].address'\""
-	fi
-
-	if [ "${proto}" = "http" ]; then
-		ssl="false"
-	else
-		ssl="true"
-	fi
-
-	inadyn_ver=$(inadyn -v)
-	user_agent="inadyn/${inadyn_ver}"
-
-	config_file="${conf_dir}/${conf_file}"
-	touch "${config_file}"
-
-	echo "iface = ${intf}" > "${config_file}"
-	echo "period = 600" >> "${config_file}"
-	echo "user-agent = ${user_agent}" >> "${config_file}"
-
-	if [ "${use_ipv6}" -eq 1 ]; then
-		echo "allow-ipv6 = true" >> "${config_file}"
-	fi
-
-	if [ -z "${password}" ]; then
-		FORMAT=$(echo "${FORMAT}" | sed 's/\\tpassword\\t= \[PWD\]\\n//g')
-	fi
-
-	if [ -z "${server_answer}" ]; then
-		FORMAT=$(echo "${FORMAT}" | sed 's/\\tddns-response\\t= \[RESPONSES\]\\n//g')
-	fi
-
-	config=$(echo $FORMAT | sed -e "s#\[SECTION\]#$conf_file#g"	-e "s#\[PWD\]#$password#g" \
-				    -e "s#\[USER\]#$username#g"	-e "s#\[SERV\]#$serv#g" \
-				    -e "s#\[URI\]#\"$update_uri\"#g"	-e "s#\[SSL\]#$ssl#g" \
-				    -e "s#\[NAME\]#$host#g"	-e "s#\[CMD\]#$get_ip#g" \
-				    -e "s#\[RESPONSES\]#$server_answer#g")
-
-	echo -e "\n\n${config}" >> "${config_file}"
-
-	return 0
-}
-
-validate_host_section() {
-	uci_validate_section ddnsmngr host "${1}" \
-		'enabled:bool:0' \
-		'lookup_host:string' \
-		'dm_parent:string'
-}
-
-validate_client_section() {
-	uci_validate_section ddnsmngr client "${1}" \
-		'enabled:bool:0' \
-		'service_name:string' \
-		'interface:string' \
-		'ip_network:string' \
-		'username:string' \
-		'password:string' \
-		'use_https:bool:0' \
-		'force_dnstcp:bool:0' \
-		'use_ipv6:bool:0' \
-		'force_ipversion:bool:0'
-}
-
-add_object() {
-	local enabled lookup_host dm_parent use_ipv6 force_ipversion
-	local service_name interface ip_network username password use_https force_dnstcp
-
-	validate_host_section "${1}" || {
-		log "Validation of host section failed"
-		return
-	}
-
-	if [ "${enabled}" -ne 1 ] || [ -z "${dm_parent}" ]; then
-		return
-	fi
-
-	validate_client_section "${dm_parent}" || {
-		log "Validation of client section failed"
-		return
-	}
-
-	if [ "${enabled}" -ne 1 ]; then
-		return
-	fi
-
-	service_name=$(uci -q get ddnsmngr.${dm_parent}.service_name)
-	if [ -z "${service_name}" ]; then
-		return
-	fi
-
-	service_section=$(uci show ddnsmngr | grep "service=\'${service_name}\'" | cut -d'.' -f 2 | head -1)
-	if [ -z "${service_section}" ]; then
-		return
-	fi
-
-	service_enabled=$(uci -q get ddnsmngr.${service_section}.enabled)
-	if [ "${service_enabled}" -ne 1 ]; then
-		return
-	fi
-
-	json_init
-	json_add_string "interface" "${interface}"
-	json_add_string "service_name" "${service_name}"
-	json_add_string "username" "${username}"
-	json_add_string "password" "${password}"
-	json_add_string "lookup_host" "${lookup_host}"
-	json_add_string "ip_network" "${ip_network}"
-	json_add_string "use_ipv6" "${use_ipv6}"
-	json_add_string "force_ipversion" "${force_ipversion}"
-	json_add_string "use_https" "${use_https}"
-	json_add_string "force_dnstcp" "${force_dnstcp}"
-	json_add_string "config_file" "${1}"
-	json_add_string "config_dir" "${CONFIGPATH}"
-
-	json_str=$(json_dump)
-	json_cleanup
-
-	generate_inadyn_config "${json_str}"
-
-	if [ "$?" -ne 0 ]; then
-		return
-	fi
-
-	CONFIG_FILES="${CONFIG_FILES} ${1}"
-
-	if [ -z "${interface}" ]; then
-		if [ "${use_ipv6}" -eq 0 ]; then
-			interface="wan"
-		else
-			interface="wan6"
-		fi
-	fi
-
-	for intf in $CLIENT_INTFS; do
-		if [ "${intf}" == "${interface}" ]; then
-			return
-		fi
-	done
-
-	CLIENT_INTFS="${CLIENT_INTFS} ${interface}"
-}
-
-start_ddnsmngr_service() {
-	rm -rf $CONFIGPATH
-	mkdir $CONFIGPATH
-	mkdir -p $PIDPATH
-
-	config_load ddnsmngr
-	config_foreach add_object host
-
-	i=1
-	for conf in $CONFIG_FILES; do
-		instance="ddnsmngr_${i}"
-		i=$(( i + 1 ))
-
-		procd_open_instance $instance
-		procd_set_param command "$PROG"
-		procd_append_param command -f "${CONFIGPATH}/${conf}"
-		procd_append_param command -l debug
-		procd_append_param command -P "${PIDPATH}/${conf}"
-		procd_append_param command -n -C
-		procd_close_instance
-	done
-}
-
-stop_ddnsmngr_service() {
-	rm -rf $CONFIGPATH
-	return 0
-}
-
-add_ddnsmngr_triggers() {
-	procd_open_trigger
-	for intf in $CLIENT_INTFS; do
-		# No need to handle other ifevents like ifupdate etc
-		procd_add_interface_trigger "interface.*.up" $intf /etc/init.d/ddnsmngr restart
-	done
-	procd_close_trigger
-}
--- a/decollector/Makefile
+++ b/decollector/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=decollector
-PKG_VERSION:=4.4.0.5
+PKG_VERSION:=4.2.1.1.6

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b3e76eb2f03b13cc8d73b103277b7ad240460ec2
+PKG_SOURCE_VERSION:=9fae736fa6c4ee39e7775964c7f84b105196c034
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -29,7 +29,7 @@ define Package/decollector
  CATEGORY:=Utilities
  TITLE:=WiFi DataElements Collector Proxy
  DEPENDS:=+libuci +libubox +ubus +libpthread +libnl-genl \
-	   +libeasy +libwifiutils +libieee1905 +ieee1905-map-plugin
+	   +libeasy +libwifiutils +libieee1905 +map-plugin
 endef

 define Package/decollector/description
--- a/dnsmngr/Makefile
+++ b/dnsmngr/Makefile
@@ -1,48 +0,0 @@
-#
-# Copyright (C) 2022-2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=dnsmngr
-PKG_VERSION:=1.0.4
-
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/dnsmngr.git
-PKG_SOURCE_VERSION:=347070e096b98946ba660791e3c78d1646adc54a
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif
-
-PKG_LICENSE:=BSD-3-Clause
-PKG_LICENSE_FILES:=LICENSE
-
-include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-MAKE_PATH:=src
-
-define Package/dnsmngr
-  SECTION:=net
-  CATEGORY:=Network
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +dnsmasq +umdns
-  TITLE:=Package to add Device.DNS. datamodel support
-endef
-
-define Package/dnsmngr/description
-  Package to add Device.DNS. datamodel support.
-endef
-
-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/dnsmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
-
-define Package/dnsmngr/install
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libdnsmngr.so $(1) $(PKG_NAME)
-endef
-
-$(eval $(call BuildPackage,dnsmngr))
--- a/dslmngr/Makefile
+++ b/dslmngr/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=dslmngr
-PKG_VERSION:=1.2.4
+PKG_VERSION:=1.2.1

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=cb8b8fd2549751bcd38808391b76a1a9a908c4de
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/dslmngr.git
-PKG_SOURCE_VERSION:=d71bef278b8222dee1c278723f8264aa8faf5e40
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_MIRROR_HASH:=skip
@@ -26,7 +26,6 @@ PKG_LICENSE_FILES:=LICENSE


 include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk

 ifeq ($(CONFIG_TARGET_brcmbca),y)
  TARGET_PLATFORM=BROADCOM
@@ -40,7 +39,7 @@ define Package/dslmngr
  SECTION:=utils
  CATEGORY:=Utilities
  TITLE:=XDSL status and configration utility
-  DEPENDS:=+libdsl +libuci +libubox +ubus +libpthread +libnl-genl +libeasy +libbbfdm-api
+  DEPENDS:=+libdsl +libuci +libubox +ubus +libpthread +libnl-genl +libeasy
 endef

 define Package/dslmngr/description
@@ -70,14 +69,12 @@ define Build/Compile
 endef

 define Package/dslmngr/install
-	$(INSTALL_DIR) $(1)/etc/dsl
 	$(CP) ./files/common/* $(1)/
 ifeq ($(CONFIG_TARGET_brcmbca),y)
 	$(CP) ./files/broadcom/* $(1)/
 endif
 	$(INSTALL_DIR) $(1)/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/dslmngr $(1)/sbin/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libbbfdsl.so $(1) $(PKG_NAME)
 endef

 $(eval $(call BuildPackage,dslmngr))
--- a/ethmngr/Config.in
+++ b/ethmngr/Config.in
@@ -1,9 +0,0 @@
-if (PACKAGE_ethmngr)
-
-menu "Configurations"
-
-config TR181_VENDOR_EXTENSIONS_MACVLAN
-	bool "Use TR181 vendor extension MACVLAN"
-	default y
-endmenu
-endif
--- a/ethmngr/Makefile
+++ b/ethmngr/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ethmngr
-PKG_VERSION:=2.1.7
+PKG_VERSION:=2.1.3.1

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
+PKG_SOURCE_VERSION:=847a94cee530d60bfd10ceaee4185d64fb6397d0
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/ethmngr.git
-PKG_SOURCE_VERSION:=d029ce86fe99b7896f096f68eda3f6caa000ee5f
 PKG_MAINTAINER:=Rahul Thakur <rahul.thakur@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -21,13 +21,12 @@ PKG_LICENSE:=GPL-2.0-only
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk

 define Package/ethmngr
  SECTION:=utils
  CATEGORY:=Utilities
  TITLE:=Ethernet status and configration utility
-  DEPENDS:=+(TARGET_brcmbca||TARGET_airoha||TARGET_ipq95xx||TARGET_ipq53xx||TARGET_mediatek):libethernet +libuci +libubox +ubus +libpthread +libnl-genl +libeasy +libbbfdm-api
+  DEPENDS:=+(TARGET_brcmbca||TARGET_airoha||TARGET_ipq95xx||TARGET_ipq53xx||TARGET_mediatek):libethernet +libuci +libubox +ubus +libpthread +libnl-genl
 endef

 define Package/ethmngr/description
@@ -36,10 +35,6 @@ define Package/ethmngr/description
 It uses APIs from the libethernet.so library.
 endef

-define Package/$(PKG_NAME)/config
-       source "$(SOURCE)/Config.in"
-endef
-
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
        $(CP) -rf ./ethmngr/* $(PKG_BUILD_DIR)/
@@ -49,12 +44,7 @@ endif
 TARGET_CFLAGS += \
 	-I$(STAGING_DIR)/usr/include \
 	-I$(STAGING_DIR)/usr/include/libnl3 \
-	-D_GNU_SOURCE \
-	-DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
-
-ifeq ($(CONFIG_TR181_VENDOR_EXTENSIONS_MACVLAN),y)
-TARGET_CFLAGS += -DTR181_VENDOR_EXTENSIONS_MACVLAN
-endif
+	-D_GNU_SOURCE

 ifeq ($(CONFIG_TARGET_brcmbca)$(CONFIG_TARGET_airoha)$(CONFIG_TARGET_ipq95xx)$(CONFIG_TARGET_ipq53xx)$(CONFIG_TARGET_mediatek),)
 define Build/Compile
@@ -63,15 +53,9 @@ endif

 define Package/ethmngr/install
 	$(CP) ./files/* $(1)/
-	$(INSTALL_DIR) $(1)/etc/ethmngr
-	$(INSTALL_DIR) $(1)/etc/ethmngr/plugins
 ifneq ($(CONFIG_TARGET_brcmbca)$(CONFIG_TARGET_airoha)$(CONFIG_TARGET_ipq95xx)$(CONFIG_TARGET_ipq53xx)$(CONFIG_TARGET_mediatek),)
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/ethmngr $(1)/usr/sbin/
-endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libbbfethernet.so $(1) $(PKG_NAME)
-ifeq ($(CONFIG_TR181_VENDOR_EXTENSIONS_MACVLAN),y)
-	$(BBFDM_INSTALL_MS_PLUGIN) $(PKG_BUILD_DIR)/libbbfethernetmacvlan.so $(1) $(PKG_NAME)
 endif
 endef

--- a/ethmngr/files/etc/hotplug.d/ethernet/ethport-deprecated-ubus-event
+++ b/ethmngr/files/etc/hotplug.d/ethernet/ethport-deprecated-ubus-event
@@ -1,23 +0,0 @@
-#!/bin/sh
-
-[ -n "$PORT" -a -n "$LINK" ] || exit 0
-
-case "$PORT" in
-	# do not generate ethport ubus event
-	# for wifi, dsl and brige devices
-	wl*|wds*|atm*|ptm*|br-*)
-		exit 0
-	;;
-esac
-
-speed=0
-duplex=full
-
-if [ "$LINK" = "up" ]; then
-	devspeed="$(ubus -t 2 call network.device status "{\"name\":\"$PORT\"}" | jsonfilter -e @.speed)"
-	speed=${devspeed:0:-1}
-	duplex=${devspeed:0-1}
-	[ "$duplex" == "H" ] && duplex="half" || duplex="full"
-fi
-
-ubus send ethport "{\"ifname\":\"$PORT\",\"link\":\"$LINK\",\"speed\":\"$speed\",\"duplex\":\"$duplex\"}"
--- a/ethmngr/files/etc/ruleng/ethport.json
+++ b/ethmngr/files/etc/ruleng/ethport.json
@@ -1,20 +0,0 @@
-{
-	"ethport_update": {
-		"if" : [
-			{
-				"event": "network.device"
-			}
-		],
-		"then" : [
-			{
-				"cli": "/sbin/hotplug-call ethernet",
-				"envs": {
-					"PORT": "&network.device->ifname",
-					"LINK": "&network.device->link"
-				},
-				"timeout": 1
-			}
-		]
-	}
-}
-
--- a/ethmngr/files/etc/uci-defaults/ruleng.ethport
+++ b/ethmngr/files/etc/uci-defaults/ruleng.ethport
@@ -1,2 +0,0 @@
-uci -q set ruleng.ethport=rule
-uci -q set ruleng.ethport.recipe='/etc/ruleng/ethport.json'
--- a/hostmngr/Makefile
+++ b/hostmngr/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=hostmngr
-PKG_VERSION:=1.2.4
+PKG_VERSION:=1.1.8

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=b4990b384461f2d1ff75a122a7fa5d9276f211bb
+PKG_SOURCE_VERSION:=993336a09137451758f38d7ebc643dc590ba0227
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -22,7 +22,7 @@ PKG_LICENSE:=BSD-3-Clause
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include $(TOPDIR)/feeds/iopsys/bbfdm/bbfdm.mk
+

 define Package/hostmngr
  SECTION:=utils
@@ -31,8 +31,7 @@ define Package/hostmngr
  DEPENDS= +libubox +libuci +libubus +ubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +libnfnetlink +libmnl \
 	   +libnetfilter-conntrack \
-	   +HOSTMNGR_PLATFORM_HAS_WIFI:libwifi +libbbfdm-api \
-	   +libwifiutils
+	   +HOSTMNGR_PLATFORM_HAS_WIFI:libwifi +libbbfdm-api

 endef

@@ -60,10 +59,12 @@ MAKE_PATH:=src
 define Package/hostmngr/install
 	$(CP) ./files/etc $(1)/
 	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_DIR) $(1)/etc/hostmngr/
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/src/hostmngr $(1)/usr/sbin/
+	$(INSTALL_DATA) $(PKG_BUILD_DIR)/src/bbf_plugin/libhostmngr.so $(1)/etc/hostmngr/
+	$(INSTALL_DATA) ./files/etc/hostmngr/input.json $(1)/etc/hostmngr/	
 	$(INSTALL_DIR) $(1)/usr/share/hostmngr
 	$(INSTALL_DATA) ./files/scripts/hosts_acl.sh $(1)/usr/share/hostmngr/
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/bbf_plugin/libhostmngr.so $(1) $(PKG_NAME)
 endef

 ifeq ($(LOCAL_DEV),1)
--- a/hostmngr/files/etc/hostmngr/input.json
+++ b/hostmngr/files/etc/hostmngr/input.json
@@ -0,0 +1,17 @@
+{
+	"daemon": {
+		"input": {
+			"type": "DotSo",
+			"name": "/etc/hostmngr/libhostmngr.so",
+			"plugin_dir": "/etc/hostmngr/plugins/"
+		},
+		"output": {
+			"type": "UBUS",
+			"name": "bbfdm.hosts",
+			"parent_dm": "Device.",
+			"object": "Hosts",
+			"root_obj": "bbfdm"
+		}
+	}
+}
+
--- a/hostmngr/files/etc/init.d/hostmngr
+++ b/hostmngr/files/etc/init.d/hostmngr
@@ -3,8 +3,12 @@
 START=65
 STOP=20

+. /etc/bbfdm/bbfdm_services.sh
+
 USE_PROCD=1

+HOSTS_JSON_INPUT="/etc/hostmngr/input.json"
+
 start_service() {
 	procd_open_instance
 	procd_set_param command "/usr/sbin/hostmngr" "--config hosts" "-o"  "/tmp/hostmngr.log" "-f"
@@ -14,6 +18,7 @@ start_service() {
 #	procd_set_param stderr 1
 	procd_close_instance
 	
+	bbfdm_add_service "bbfdm.hosts" "${HOSTS_JSON_INPUT}"
 	sh /usr/share/hostmngr/hosts_acl.sh
 }

--- a/hostmngr/files/scripts/hosts_acl.sh
+++ b/hostmngr/files/scripts/hosts_acl.sh
@@ -5,9 +5,6 @@
 day=""
 next_days=""
 prev_days=""
-schedule_added=""
-
-ACCESS_RULE=""
 IP_RULE=""
 IP_RULE1=""

@@ -111,77 +108,70 @@ ip_rule_east_zone() {
 	fi
 }

-
-add_access_rule() {
-	local rule="$1"
-	echo "iptables -w -A hosts_forward ${rule}" >> $ACL_FILE
-	echo "ip6tables -w -A hosts_forward ${rule}" >> $ACL_FILE
-}
-
-handle_day_list() {
-	local value=$1
-
-	val=$(echo $value | cut -c 1-3)
-	next_day_val=$(get_next_day $val)
-	prev_day_val=$(get_previous_day $val)
-	if [ -z $day ]; then
-		day="$val"
-		next_days="$next_day_val"
-		prev_days="$prev_day_val"
-	else
-		day="$day,$val"
-		next_days="$next_days,$next_day_val"
-		prev_days="$prev_days,$prev_day_val"
-	fi
-}
-
-handle_schedule() {
-	local schd_section="$1"
-	local ac_section="$2"
-	local acs_id
-	local start_time
-	local duration
-
-	IP_RULE="$ACCESS_RULE"
-	IP_RULE1=""
-	day=""
-	next_days=""
-	prev_days=""
-
-	config_get acs_id "$schd_section" "dm_parent"
-
-	if [ "$acs_id" != "$ac_section" ]; then
-		return # schedule not for this access control section
-	fi
-
+process_ac_schedule() {
+	local acs_id="$1"
 	local is_enabled
-	config_get is_enabled "$schd_section" "enable" 0
+	local access_control
+	local start_time=""
+	local mac=""
+
+
+	handle_day_list() {
+		local value=$1
+
+		val=$(echo $value | cut -c 1-3)
+		next_day_val=$(get_next_day $val)
+		prev_day_val=$(get_previous_day $val)
+		if [ -z $day ]; then
+			day="$val"
+			next_days="$next_day_val"
+			prev_days="$prev_day_val"
+		else
+			day="$day,$val"
+			next_days="$next_days,$next_day_val"
+			prev_days="$prev_days,$prev_day_val"
+		fi
+	}
+
+	config_list_foreach "$acs_id" "day" handle_day_list
+	config_get is_enabled "$acs_id" "enable" 1
+	config_get access_control "$acs_id" "dm_parent"
+
+	if [ "$is_enabled" == "0" ] || [ -z "$access_control" ]; then
+		return
+	fi
+
+	IP_RULE=""
+	IP_RULE1=""
+
+	config_get is_enabled "$access_control" "enable" 1
 	if [ "$is_enabled" == "0" ]; then
 		return
 	fi

-	local all_days="Monday Tuesday Wednesday Thursday Friday Saturday Sunday"
-	local day_config
-	config_get day_config "$schd_section" "day" "$all_days"
+	mac=$(uci -q get hosts.$access_control.macaddr)
+	access_policy=$(uci -q get hosts.$access_control.access_policy)

-	IFS=" "
-	for d in $day_config; do
-		handle_day_list $d
-	done
+	config_get start_time "$acs_id" "start_time"
+	config_get duration "$acs_id" "duration"

-	config_get start_time "$schd_section" "start_time" "00:00"
-	config_get duration "$schd_section" "duration"
+	if [ -z "$mac" ] && [ -z "$start_time" ] && [ -z "$duration" ] && [ -z "$day" ] && [ -z "$access_policy" ]; then
+		return
+	fi
+	if [ -n "$mac" ]; then
+		IP_RULE="$IP_RULE -m mac --mac-source $mac"
+	fi

 	zone=$(date +%z | cut -c 1)
 	local_start_time=$start_time
-	hh=$(echo $local_start_time | awk -F: '{ print $1 }')
-	mm=$(echo $local_start_time | awk -F: '{ print $2 }')
-	hh_s=`expr $hh \* 3600`
-	mm_s=`expr $mm \* 60`
-	ss=$(( hh_s + mm_s ))
-	local_start_hh=$hh
-
        if [ -n "$duration" ]; then
+		hh=$(echo $local_start_time | awk -F: '{ print $1 }')
+                mm=$(echo $local_start_time | awk -F: '{ print $2 }')
+                hh_s=`expr $hh \* 3600`
+                mm_s=`expr $mm \* 60`
+                ss=$(( hh_s + mm_s ))
+		local_start_hh=$hh
+
                stop_ss=$(( ss + duration ))
                hh=$(( stop_ss / 3600 ))
               	rem_ss=$(( stop_ss % 3600 ))
@@ -189,10 +179,6 @@ handle_schedule() {
               	ss=$(( rem_ss % 60 ))
 		local_stop_time="$hh:$mm:$ss"
 		local_stop_hh=$hh
-	else
-		# if duartion is not specified, then apply rule to end of the day
-		local_stop_time="23:59:59"
-		local_stop_hh="23"
 	fi

 	utc_start_time=$(date -u -d @$(date "+%s" -d "$local_start_time") +%H:%M)
@@ -205,91 +191,47 @@ handle_schedule() {
 		ip_rule_east_zone $utc_start_hh $utc_stop_hh $local_start_hh $local_stop_hh $utc_start_time $utc_stop_time
 	fi

-	IP_RULE="$IP_RULE -j ACCEPT"
-	if [ -n "$IP_RULE1" ]; then
-		IP_RULE1="$IP_RULE1 -j ACCEPT"
-	fi
-
-	add_access_rule "$IP_RULE"
-	if [ -n "$IP_RULE1" ]; then
-		add_access_rule "$IP_RULE1"
-	fi
-
-	# for access rules to be effective for a schedule, need to add DROP rule
-	# to block the access outside the defined schedule
-	if [ "$schedule_added" == "0" ]; then
-		schedule_added="1"
-	fi
-}
-
-handle_access_control() {
-	local ac_section="$1"
-	local is_enabled
-
-	# default value of Hosts.AccessControl.{i}.Enable is false,
-	# so, if not defined in uci as 1, assume 0
-	config_get is_enabled "$ac_section" "enable" 0
-	if [ "$is_enabled" == "0" ]; then
-		return
-	fi
-
-	local mac_addr
-	config_get mac_addr "$ac_section" "macaddr"
-	if [ -z "$mac_addr" ]; then
-		return
-	else
-		ACCESS_RULE="-m mac --mac-source $mac_addr"
-	fi
-
-	local access_policy
-	config_get access_policy "$ac_section" "access_policy"
-	if [ -z "$access_policy" ]; then
-		return # since system default is allow so no need to do anything
-	fi
-
-	# As per Data Model, if access policy is deny, then schedule is to be ignored
-	# and no access is to be provided for the device
 	if [ "$access_policy" == "Deny" ]; then
-		ACCESS_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$ACCESS_RULE"
-		return # no need to parse schedule
+		IP_RULE="$IP_RULE -j DROP"
+		if [ -n "$IP_RULE1" ]; then
+			IP_RULE1="$IP_RULE1 -j DROP"
+		fi
+	else
+		IP_RULE="$IP_RULE -j ACCEPT"
+		if [ -n "$IP_RULE1" ]; then
+			IP_RULE1="$IP_RULE1 -j ACCEPT"
+		fi
 	fi

-	schedule_added="0"
-	# check if schedule is defined for this access_control instance
-	# and if yes, create rule accordingly
-	config_foreach handle_schedule  ac_schedule "$ac_section"
-
-	# for access rule to work, need to have default drop rule as last rule
-	if [ "$schedule_added" == "1" ]; then
-		IP_RULE="$ACCESS_RULE -j DROP"
-		add_access_rule "$IP_RULE"
+	iptables -w -A hosts_forward ${IP_RULE}
+	ip6tables -w -A hosts_forward ${IP_RULE}
+	if [ -n "$IP_RULE1" ]; then
+		iptables -w -A hosts_forward ${IP_RULE1}
+		ip6tables -w -A hosts_forward ${IP_RULE1}
 	fi
+
+	day=""
+	next_days=""
+	prev_days=""
 }

-ACL_FILE="/tmp/hosts_access_control/access_control.rules"
+iptables -w -F hosts_forward
+ip6tables -w -F hosts_forward

-rm -f $ACL_FILE
-
-mkdir -p /tmp/hosts_access_control/
-touch $ACL_FILE
-
-echo "iptables -w -F hosts_forward" >> $ACL_FILE
-echo "ip6tables -w -F hosts_forward" >> $ACL_FILE
-
-hosts_forward=$(iptables -t filter --list | grep hosts_forward)
-if [ -z "$hosts_forward" ]; then
-	echo "iptables -w -t filter -N hosts_forward" >> $ACL_FILE
+hosts_ipv4_forward=$(iptables -t filter --list -n | grep hosts_forward)
+if [ -z "$hosts_ipv4_forward" ]; then
+	iptables -w -t filter -N hosts_forward
 	ret=$?
-	[ $ret -eq 0 ] && echo "iptables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
-	echo "ip6tables -w -t filter -N hosts_forward" >> $ACL_FILE
+	[ $ret -eq 0 ] && iptables -w -t filter -I FORWARD -j hosts_forward
+fi
+
+hosts_ipv6_forward=$(ip6tables -t filter --list -n | grep hosts_forward)
+if [ -z "$hosts_ipv6_forward" ]; then
+	ip6tables -w -t filter -N hosts_forward
 	ret=$?
-	[ $ret -eq 0 ] && echo "ip6tables -w -t filter -I FORWARD -j hosts_forward" >> $ACL_FILE
+	[ $ret -eq 0 ] && ip6tables -w -t filter -I FORWARD -j hosts_forward
 fi

 # Load /etc/config/hosts UCI file
 config_load hosts
-config_foreach handle_access_control access_control
-
-# apply the rules
-sh $ACL_FILE
+config_foreach process_ac_schedule ac_schedule
--- a/icwmp/Makefile
+++ b/icwmp/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=icwmp
-PKG_VERSION:=9.7.8
+PKG_VERSION:=9.5.29.18

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=5139c70c5f4da5107b7996456763b6beecb3b7d4
+PKG_SOURCE_VERSION:=816033a14672e8e9c3566ce06fa19fb422eeb546
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -26,21 +26,68 @@ include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/cmake.mk
 include ../bbfdm/bbfdm.mk

-define Package/icwmp
+define Package/icwmp/default
  SECTION:=utils
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=TR069 CWMP client
-  DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api +libopenssl
+  DEPENDS:=+libuci +libubox +libblobmsg-json +libubus +libjson-c +libcurl +mxml +libuuid +libbbfdm-api
 endef

+define Package/icwmp
+  $(Package/icwmp/default)
+  VARIANT:=default
+  DEFAULT_VARIANT:=1
+  DEPENDS += +PACKAGE_icwmp-openssl:libopenssl
+endef
+
+define Package/icwmp-openssl
+  $(Package/icwmp/default)
+  TITLE += (openssl)
+  VARIANT:=openssl
+  DEPENDS += +PACKAGE_icwmp-openssl:libopenssl
+  CONFLICTS := icwmp icwmp-mbedtls icwmp-wolfssl
+endef
+
+define Package/icwmp-wolfssl
+  $(Package/icwmp/default)
+  TITLE += (wolfssl)
+  VARIANT:=wolfssl
+  DEPENDS += +PACKAGE_icwmp-wolfssl:libwolfssl
+  CONFLICTS := icwmp icwmp-mbedtls icwmp-openssl
+endef
+
+define Package/icwmp-mbedtls
+  $(Package/icwmp/default)
+  TITLE += (mbedtls)
+  DEPENDS += +PACKAGE_icwmp-mbedtls:libmbedtls
+  VARIANT:=mbedtls
+  CONFLICTS := icwmp icwmp-wolfssl icwmp-openssl
+endef
+
+ifeq ($(BUILD_VARIANT),default)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),openssl)
+CMAKE_OPTIONS += -DWITH_OPENSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),wolfssl)
+CMAKE_OPTIONS += -DWITH_WOLFSSL=ON
+endif
+
+ifeq ($(BUILD_VARIANT),mbedtls)
+CMAKE_OPTIONS += -DWITH_MBEDTLS=ON
+endif
+
 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
 	$(CP) -rf ~/git/icwmp/* $(PKG_BUILD_DIR)/
 endef
 endif

-define Package/icwmp/install
+define Package/icwmp/default/install
 	$(INSTALL_DIR) $(1)/etc/icwmpd
 	$(INSTALL_DIR) $(1)/usr/sbin
 	$(INSTALL_DIR) $(1)/etc/config
@@ -48,7 +95,6 @@ define Package/icwmp/install
 	$(INSTALL_DIR) $(1)/etc/uci-defaults
 	$(INSTALL_DIR) $(1)/lib/upgrade/keep.d
 	$(INSTALL_DIR) $(1)/etc/udhcpc.user.d
-	$(INSTALL_DIR) $(1)/etc/icwmpd/plugins
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/icwmpd $(1)/usr/sbin/icwmpd
 	$(INSTALL_DATA) ./files/etc/config/cwmp $(1)/etc/config/cwmp
 	$(INSTALL_BIN) ./files/etc/firewall.cwmp $(1)/etc/firewall.cwmp
@@ -59,8 +105,16 @@ define Package/icwmp/install
 	$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt125.user
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user $(1)/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/libcwmpdm.so $(1) $(PKG_NAME)
-	$(BBFDM_INSTALL_MS_PLUGIN) ./files/etc/bbfdm/json/CWMPManagementServer.json $(1) $(PKG_NAME)
+	$(call BbfdmInstallPlugin,$(1),./files/etc/bbfdm/json/CWMPManagementServer.json)
+	$(call BbfdmInstallPlugin,$(1),$(PKG_BUILD_DIR)/libcwmpdm.so)
 endef

+Package/icwmp/install = $(Package/icwmp/default/install)
+Package/icwmp-openssl/install = $(Package/icwmp/default/install)
+Package/icwmp-wolfssl/install = $(Package/icwmp/default/install)
+Package/icwmp-mbedtls/install = $(Package/icwmp/default/install)
+
 $(eval $(call BuildPackage,icwmp))
+$(eval $(call BuildPackage,icwmp-openssl))
+$(eval $(call BuildPackage,icwmp-wolfssl))
+$(eval $(call BuildPackage,icwmp-mbedtls))
--- a/icwmp/files/etc/bbfdm/json/CWMPManagementServer.json
+++ b/icwmp/files/etc/bbfdm/json/CWMPManagementServer.json
@@ -1,7 +1,8 @@
 {
-	"json_plugin_version": 2,
+	"json_plugin_version": 1,
 	"Device.CWMPManagementServer.": {
 		"type": "object",
+		"version": "2.15",
 		"protocols": [
 			"usp"
 		],
@@ -10,6 +11,7 @@
 		"dependency": "file:/etc/config/cwmp",
 		"EnableCWMP": {
 			"type": "boolean",
+			"version": "2.15",
 			"read": true,
 			"write": true,
 			"protocols": [
--- a/icwmp/files/etc/config/cwmp
+++ b/icwmp/files/etc/config/cwmp
@@ -5,7 +5,6 @@ config acs 'acs'
 	option periodic_inform_interval '1800'
 	option periodic_inform_time '0001-01-01T00:00:00Z'
 	option dhcp_discovery 'enable'
-	option ssl_capath "/etc/ssl/certs"
 	# compression possible configs: GZIP, Deflate, Disabled
 	option compression 'Disabled'
 	# possible configs interval :[1:65535]
--- a/icwmp/files/etc/init.d/icwmpd
+++ b/icwmp/files/etc/init.d/icwmpd
@@ -9,31 +9,38 @@ PROG="/usr/sbin/icwmpd"

 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
-
 include /lib/network

 log() {
 	echo "${@}"|logger -t cwmp.init -p info
 }

-regenerate_ssl_link() {
-	local cert_dir="${1%/}"
-	[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
+regenerate_ssl_link()
+{
+	local cert_dir all_file rehash

-	generate_links() {
-		local file_type="$1"
-		local files="${cert_dir}"/*."${file_type}"
-		for cfile in ${files}; do
-			if [ -f "${cfile}" ]; then
-				rehash="$(openssl x509 -hash -noout -in "${cfile}")"
-				[ -f "${cert_dir}/${rehash}.0" ] || \
-					ln -s "${cfile}" "${cert_dir}/${rehash}.0"
-			fi
+	cert_dir="${1}"
+	[ ! -d "${cert_dir}" ] && return 0;
+
+	### Generate all ssl link for pem certicates ###
+	all_file=$(ls "${cert_dir}"/*.pem 2>/dev/null)
+	if [ -n "${all_file}" ]; then
+		for cfile in $all_file; do
+			rehash="$(openssl x509 -hash -noout -in "${cfile}")"
+			[ -f "${cert_dir}"/"${rehash}".0 ] || \
+				ln -s "${cfile}" "${cert_dir}"/"${rehash}".0
 		done
-	}
+	fi

-	generate_links "pem"
-	generate_links "crt"
+	### Generate all ssl link for crt certicates ###
+	all_file=$(ls "${cert_dir}"/*.crt 2>/dev/null)
+	if [ -n "${all_file}" ]; then
+		for cfile in $all_file; do
+			rehash="$(openssl x509 -hash -noout -in "${cfile}")"
+			[ -f "${cert_dir}"/"${rehash}".0 ] || \
+				ln -s "${cfile}" "${cert_dir}"/"${rehash}".0
+		done
+	fi
 }

 enable_dhcp_option43() {
@@ -429,14 +436,13 @@ validate_cpe_section()
 		'notification:bool' \
 		'exec_download:bool' \
 		'periodic_notify_enable:bool' \
-		'enable:bool:1' \
+		'enable:bool' \
 		'periodic_notify_interval:uinteger' \
 		'fw_upgrade_keep_settings:bool'
 }

 validate_defaults() {
-	local ssl_capath enable url dhcp_url
-
+	local ssl_capath
 	config_load cwmp

 	validate_acs_section || {
@@ -444,17 +450,13 @@ validate_defaults() {
 		return 1;
 	}

-	if [ -z "${url}" ] && [ -z "${dhcp_url}" ]; then
-		log "No ACS URL is configured"
-		return 1
-	fi
-
 	ssl_capath="${ssl_capath%/}"
 	# Put the cert pem file in keep list
-	if [ -d "${ssl_capath}" ] && [ "${ssl_capath}" != "/etc/ssl/certs" ]; then
+	if [ -d "${ssl_capath}" ]; then
 		if ! grep "*.pem\|*.crt" /lib/upgrade/keep.d/icwmp; then
 			echo "${ssl_capath}"'/*.pem' >> /lib/upgrade/keep.d/icwmp
 			echo "${ssl_capath}"'/*.crt' >> /lib/upgrade/keep.d/icwmp
+			echo "${ssl_capath}"'/*.0' >> /lib/upgrade/keep.d/icwmp
 		fi
 	fi

@@ -463,11 +465,6 @@ validate_defaults() {
 		return 1;
 	}

-	if [ "$enable" = "0" ]; then
-		log "CWMP service disabled"
-		return 1
-	fi
-
 	return 0;
 }

@@ -515,17 +512,30 @@ boot() {
 }

 start_service() {
+	local enable_cwmp url dhcp_url
+
+	config_load cwmp
+	config_get_bool enable_cwmp cpe enable 1
+	config_get url acs url ""
+	config_get dhcp_url acs dhcp_url ""

 	procd_open_instance icwmp

+	if [ "$enable_cwmp" = "0" ]; then
+		procd_close_instance
+		return 0
+	fi
+
 	validate_defaults || {
 		log "Validation of defaults failed"
 		procd_close_instance
 		return 1;
 	}

-	procd_set_param command "$PROG"
-	procd_append_param command -b
+	if [ -n "${url}" ] || [ -n "${dhcp_url}" ]; then
+		procd_set_param command "$PROG"
+		procd_append_param command -b
+	fi

 	procd_set_param respawn \
 		"${respawn_threshold:-5}" \
@@ -542,14 +552,16 @@ stop_service()
 reload_service() {
 	local ret

+	config_load cwmp
+	config_get_bool enable_cwmp cpe enable 1
+
 	log "Reload service $ret"
 	ret="0"
-
-	validate_defaults || {
+	if [ "$enable_cwmp" = "0" ]; then
 		stop
 		start
-		return 0;
-	}
+		return 0
+	fi

 	ret=$(ubus call service list '{"name":"icwmpd"}' | jsonfilter -qe '@.icwmpd.instances.icwmp.running')
 	if [ "$ret" != "true" ]; then
--- a/ieee1905/Makefile
+++ b/ieee1905/Makefile
@@ -1,16 +1,16 @@
 #
-# Copyright (C) 2020-2024 IOPSYS Software Solutions AB
+# Copyright (C) 2020-2023 IOPSYS Software Solutions AB
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=ieee1905
-PKG_VERSION:=8.3.19
+PKG_VERSION:=8.3.4.14

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=fa847e6360e24265ae4e9e2e12ca4ed62ebf7fc5
+PKG_SOURCE_VERSION:=f625abe854742f7f07d4121c9f6302a7db9b48e2
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -60,12 +60,12 @@ define Package/libieee1905/description
 endef

 plugins := \
-	$(if $(CONFIG_PACKAGE_ieee1905-map-plugin),map) \
-	$(if $(CONFIG_PACKAGE_ieee1905-snoop-plugin),snoop) \
-	$(if $(CONFIG_PACKAGE_ieee1905-topology-plugin),topology)
+	$(if $(CONFIG_PACKAGE_map-plugin),map) \
+	$(if $(CONFIG_PACKAGE_snoop-plugin),snoop) \
+	$(if $(CONFIG_PACKAGE_topology-plugin),topology)


-ppkg:=$(patsubst plugins/%.mk,ieee1905-%-plugin,$(wildcard plugins/*.mk))
+ppkg:=$(patsubst plugins/%.mk,%-plugin,$(wildcard plugins/*.mk))


 TARGET_CFLAGS += \
--- a/ieee1905/plugins/map.mk
+++ b/ieee1905/plugins/map.mk
@@ -1,12 +1,12 @@
-define Package/ieee1905-map-plugin
+define Package/map-plugin
  $(call Package/ieee1905/Default)
  TITLE:=Multi-AP plugin supporting WiFi-Alliance Easymesh standard
  DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef

-define Package/ieee1905-map-plugin/config
-	if (PACKAGE_ieee1905-map-plugin)
+define Package/map-plugin/config
+	if (PACKAGE_map-plugin)

 		menu "Configuration"

@@ -32,7 +32,7 @@ ifeq ($(CONFIG_MULTIAP_DYNAMIC_CNTLR_SYNC_CONFIG),y)
 TARGET_CFLAGS += -DDYNAMIC_CNTLR_SYNC_CONFIG
 endif

-define Build/InstallDev/ieee1905-map-plugin
+define Build/InstallDev/map-plugin
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
@@ -43,7 +43,7 @@ define Build/InstallDev/ieee1905-map-plugin
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/map/libmaputil.so $(1)/usr/lib/libmaputil.so
 endef

-define Package/ieee1905-map-plugin/install
+define Package/map-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/map/libmaputil.so $(1)/usr/lib/libmaputil.so
--- a/ieee1905/plugins/snoop.mk
+++ b/ieee1905/plugins/snoop.mk
@@ -1,11 +1,11 @@
-define Package/ieee1905-snoop-plugin
+define Package/snoop-plugin
  $(call Package/ieee1905/Default)
  TITLE:=Show all received 1905 CMDUs over UBUS
  DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef

-define Package/ieee1905-snoop-plugin/install
+define Package/snoop-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/snoop/snoop.so $(1)/usr/lib/ieee1905/snoop.so
--- a/ieee1905/plugins/topology.mk
+++ b/ieee1905/plugins/topology.mk
@@ -1,11 +1,11 @@
-define Package/ieee1905-topology-plugin
+define Package/topology-plugin
  $(call Package/ieee1905/Default)
  TITLE:=Build full network topology of the 1905 nodes only
  DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
 	   +libjson-c +libblobmsg-json +ieee1905 +libieee1905
 endef

-define Package/ieee1905-topology-plugin/install
+define Package/topology-plugin/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_DIR) $(1)/usr/lib/ieee1905
 	$(CP) $(PKG_BUILD_DIR)/src/extensions/topology/topology.so $(1)/usr/lib/ieee1905/topology.so
--- a/iop/config
+++ b/iop/config
@@ -71,7 +71,7 @@ CONFIG_PACKAGE_wifimngr=y
 # Multi-AP #
 CONFIG_PACKAGE_ieee1905=y
 CONFIG_IEEE1905_CMDU_SA_IS_ALMAC=y
-CONFIG_PACKAGE_ieee1905-topology-plugin=y
+CONFIG_PACKAGE_topology-plugin=y
 CONFIG_PACKAGE_decollector=y
 CONFIG_PACKAGE_map-agent=y
 CONFIG_PACKAGE_map-controller=y
@@ -79,6 +79,7 @@ CONFIG_PACKAGE_map-controller=y
 # Network #
 CONFIG_PACKAGE_hostmngr=y
 CONFIG_PACKAGE_netmode=y
+CONFIG_PACKAGE_testnet=y
 CONFIG_PACKAGE_urlfilter=y

 # System #
--- a/iop/iop.completion
+++ b/iop/iop.completion
@@ -33,8 +33,7 @@ _iop()
    prev="${COMP_WORDS[COMP_CWORD-1]}"

    iopcmds="bootstrap cfe_upgrade cfe_upgrade_latest extract_core \
-             feeds_update feeds_update-legacy genconfig genconfig-legacy \
-             generate_tarballs install_key \
+             feeds_update genconfig generate_tarballs install_key \
             scp_changes setup_host ssh_install_key status \
             update_package update_feed_branches ssh_upgrade smoketest"

--- a/iop/scripts/feeds_update-legacy.sh
+++ b/iop/scripts/feeds_update-legacy.sh
@@ -1,88 +0,0 @@
-#!/bin/bash
-
-function feeds_update-legacy {
-	heads=1
-	developer=0
-	override=1
-	force=1
-
-	function update_failure {
-		if [ $force == 1 ]; then
-			echo "WARNING: Failed to update feed(s). Forced update, proceeding anyway." >&2
-		else
-			echo "ERROR: Failed to update feed(s). Omit -F to proceed anyway." >&2
-			exit 1
-		fi
-	}
-
-	while getopts "inFh" opt; do
-		case $opt in
-		i)
-			heads=0
-			;;
-		n)
-			override=0
-			;;
-		F)
-			force=0
-			;;
-		h|\?)
-			echo "Usage: ./iop feeds_update-legacy  [-i] [-n] [-F] [-h]"
-			echo
-			echo "OPTIONS:"
-			echo "  -i - Only update index. Do not change HEAD in feeds."
-			echo "  -n - Do not replace core packages with iopsys versions."
-			echo "  -F - Do not force update if there are inaccessible feeds."
-			echo "  -h - Display this help message and exit."
-			exit 1
-			;;
-		esac
-	done
-
-	git remote -v | grep -qE '(git@|ssh://)' && developer=1
-
-	cp .config .genconfig_config_bak
-
-	if [ $heads == 1 ]; then
-		if [ $developer == 1 ]; then
-			./scripts/feeds update -g || update_failure
-		else
-			./scripts/feeds update || update_failure
-		fi
-	fi
-	./scripts/feeds update -ai || exit 1
-
-	# replace core packages with iopsys versions
-	if [ $override == 1 ]; then
-		./scripts/feeds install -f -p openwrt_core -a || exit 1
-		./scripts/feeds install -f -p qualcomm -a || exit 1
-	fi
-
-	(
-		echo '# DO NOT EDIT. Autogenerated file by ./iop feeds_update'
-		echo 'FEED_DEVICES_DIRS:='
-		find feeds -type f -name .is-feed-devices-dir -printf 'FEED_DEVICES_DIRS+=$(TOPDIR)/%h\n'
-	) > target/linux/feed-devices/feed-devices-list.mk || exit 1
-
-	# targets need to be installed explicitly
-	for target in $(ls ./feeds/targets); do
-		./scripts/feeds install -f -p targets $target || exit 1
-	done
-
-	# install all packages
-	./scripts/feeds install -a || exit 1
-
-	# remove broken symlinks ( for packages that are no longer in the feed )
-	find -L package/feeds -maxdepth 2 -type l -delete || exit 1
-
-	cp .genconfig_config_bak .config
-	make defconfig || exit 1
-
-	# record when we last run this script
-	touch tmp/.iop_bootstrap || exit 1
-
-	# always return true
-	exit 0
-}
-
-register_command "feeds_update-legacy" "Update feeds to point to commit hashes from feeds.conf - legacy mode"
--- a/iop/scripts/feeds_update.sh
+++ b/iop/scripts/feeds_update.sh
@@ -1,9 +1,88 @@
 #!/bin/bash

 function feeds_update {
+	heads=1
+	developer=0
+	override=1
+	force=1
+
+	function update_failure {
+		if [ $force == 1 ]; then
+			echo "WARNING: Failed to update feed(s). Forced update, proceeding anyway." >&2
+		else
+			echo "ERROR: Failed to update feed(s). Omit -F to proceed anyway." >&2
+			exit 1
+		fi
+	}
+
+	while getopts "inFh" opt; do
+		case $opt in
+		i)
+			heads=0
+			;;
+		n)
+			override=0
+			;;
+		F)
+			force=0
+			;;
+		h|\?)
+			echo "Usage: ./iop feeds_update [-i] [-n] [-F] [-h]"
+			echo
+			echo "OPTIONS:"
+			echo "  -i - Only update index. Do not change HEAD in feeds."
+			echo "  -n - Do not replace core packages with iopsys versions."
+			echo "  -F - Do not force update if there are inaccessible feeds."
+			echo "  -h - Display this help message and exit."
+			exit 1
+			;;
+		esac
+	done
+
+	git remote -v | grep -qE '(git@|ssh://)' && developer=1
+
+	cp .config .genconfig_config_bak
+
+	if [ $heads == 1 ]; then
+		if [ $developer == 1 ]; then
+			./scripts/feeds update -g || update_failure
+		else
+			./scripts/feeds update || update_failure
+		fi
+	fi
+	./scripts/feeds update -ai || exit 1
+
+	# replace core packages with iopsys versions
+	if [ $override == 1 ]; then
+		./scripts/feeds install -f -p openwrt_core -a || exit 1
+		./scripts/feeds install -f -p qualcomm -a || exit 1
+	fi
+
+	(
+		echo '# DO NOT EDIT. Autogenerated file by ./iop feeds_update'
+		echo 'FEED_DEVICES_DIRS:='
+		find feeds -type f -name .is-feed-devices-dir -printf 'FEED_DEVICES_DIRS+=$(TOPDIR)/%h\n'
+	) > target/linux/feed-devices/feed-devices-list.mk || exit 1
+
+	# targets need to be installed explicitly
+	for target in $(ls ./feeds/targets); do
+		./scripts/feeds install -f -p targets $target || exit 1
+	done
+
+	# install all packages
+	./scripts/feeds install -a || exit 1
+
+	# remove broken symlinks ( for packages that are no longer in the feed )
+	find -L package/feeds -maxdepth 2 -type l -delete || exit 1
+
+	cp .genconfig_config_bak .config
+	make defconfig || exit 1
+
+	# record when we last run this script
+	touch tmp/.iop_bootstrap || exit 1

 	# always return true
 	exit 0
 }

-register_command "feeds_update" "Compatibility function only"
+register_command "feeds_update" "Update feeds to point to commit hashes from feeds.conf"
--- a/iop/scripts/genconfig-legacy.sh
+++ b/iop/scripts/genconfig-legacy.sh
@@ -1,6 +1,6 @@
 #!/bin/bash

-function genconfig-legacy {
+function genconfig {
 	export CLEAN=0
 	export DIRTY="--dirty"
 	export IMPORT=1
@@ -196,7 +196,7 @@ function genconfig-legacy {

 	usage() {
 		echo
-		echo 1>&2 "Usage: $0 genconfig-legacy [ OPTIONS ] < Board_Type > [ Customer [customer2 ]...]"
+		echo 1>&2 "Usage: $0 [ OPTIONS ] < Board_Type > [ Customer [customer2 ]...]"
 		echo
 		echo -e "  -c|--clean\t\tRemove all files under ./files and import from config "
 		echo -e "  -D|--no-dirty\t\tIgnore dirty tree"
@@ -210,7 +210,7 @@ function genconfig-legacy {
 		echo -e "  -a|--list-all\t\tList all Customers and their board types"
 		echo -e "  -b|--boards\t\tList all board types"
 		echo
-		echo "Example ./iop genconfig-legacy eg400 OPERATORX"
+		echo "Example ./iop genconfig eg400 OPERATORX"
 		echo "(if no customerconfig is chosen, iopsys config will be used)"
 		echo
 		exit 0
@@ -399,8 +399,6 @@ function genconfig-legacy {
 			echo "CONFIG_TARGET_${target}=y" >> .config
 			echo "CONFIG_TARGET_${target}_${subtarget}=y" >> .config
 			echo "CONFIG_TARGET_DEVICE_${target}_${subtarget}_DEVICE_${BOARDTYPE}=y" >> .config
-			echo "CONFIG_TARGET_MULTI_PROFILE=y" >> .config
-			echo "CONFIG_TARGET_PER_DEVICE_ROOTFS=y" >> .config
 			;;
 		*)
 			echo "CONFIG_TARGET_${target}=y" >> .config
@@ -433,6 +431,15 @@ function genconfig-legacy {
 				fi
 			done
 		fi
+		# Ensure strict file permissions, for when provided through the above
+		if [ -f "$FILEDIR/etc/shadow" ]; then
+			v "chmod 0600 $FILEDIR/etc/shadow"
+			chmod 0600 "$FILEDIR/etc/shadow"
+		fi
+		if [ -d "$FILEDIR/etc/ssl/private" ]; then
+			v "find $FILEDIR/etc/ssl/private -type d -exec chmod 0700 '{}' ';' -o -type f -exec chmod 0600 '{}' ';'"
+			find "$FILEDIR/etc/ssl/private" -type d -exec chmod 0700 '{}' ';' -o -type f -exec chmod 0600 '{}' ';'
+		fi

 		# Set target version
 		local git_version
@@ -496,7 +503,7 @@ function genconfig-legacy {
 	if [ $# -eq 0 ]; then
 		echo Current profile:
 		cat $CURRENT_CONFIG_FILE
-		echo "Try ./iop genconfig-legacy -h' to get instructions if you want to change current config"
+		echo "Try ./iop genconfig -h' to get instructions if you want to change current config"
 		exit 0
 	else
 		while [ -n "$1" ]; do
@@ -532,4 +539,4 @@ function genconfig-legacy {
 	fi
 }

-register_command "genconfig-legacy" "Generate configuration for board and customer - legacy mode"
+register_command "genconfig" "Generate configuration for board and customer"
--- a/iop/scripts/genconfig_min-legacy.sh
+++ b/iop/scripts/genconfig_min-legacy.sh
@@ -1,6 +1,6 @@
 #!/bin/bash

-function genconfig_min-legacy {
+function genconfig_min {
 	export CLEAN=0
 	export DIRTY="--dirty"
 	export SRCTREEOVERR=0
@@ -195,7 +195,7 @@ function genconfig_min-legacy {

 	usage() {
 		echo
-		echo 1>&2 "Usage: $0 genconfig_min-legacy [ OPTIONS ] < Board_Type > [ Customer [customer2 ]...]"
+		echo 1>&2 "Usage: $0 [ OPTIONS ] < Board_Type > [ Customer [customer2 ]...]"
 		echo
 		echo -e "  -c|--clean\t\tRemove all files under ./files and import from config "
 		echo -e "  -D|--no-dirty\t\tIgnore dirty tree"
@@ -209,7 +209,7 @@ function genconfig_min-legacy {
 		echo -e "  -a|--list-all\t\tList all Customers and their board types"
 		echo -e "  -b|--boards\t\tList all board types"
 		echo
-		echo "Example ./iop genconfig_min-legacy eg400 OPERATORX"
+		echo "Example ./iop genconfig eg400 OPERATORX"
 		echo "(if no customerconfig is chosen, iopsys config will be used)"
 		echo
 		exit 0
@@ -373,8 +373,6 @@ function genconfig_min-legacy {
 			echo "CONFIG_TARGET_${target}=y" >> .config
 			echo "CONFIG_TARGET_${target}_${subtarget}=y" >> .config
 			echo "CONFIG_TARGET_DEVICE_${target}_${subtarget}_DEVICE_${BOARDTYPE}=y" >> .config
-			echo "CONFIG_TARGET_MULTI_PROFILE=y" >> .config
-			echo "CONFIG_TARGET_PER_DEVICE_ROOTFS=y" >> .config
 			;;
 		*)
 			echo "CONFIG_TARGET_${target}=y" >> .config
@@ -407,6 +405,15 @@ function genconfig_min-legacy {
 				fi
 			done
 		fi
+		# Ensure strict file permissions, for when provided through the above
+		if [ -f "$FILEDIR/etc/shadow" ]; then
+			v "chmod 0600 $FILEDIR/etc/shadow"
+			chmod 0600 "$FILEDIR/etc/shadow"
+		fi
+		if [ -d "$FILEDIR/etc/ssl/private" ]; then
+			v "find $FILEDIR/etc/ssl/private -type d -exec chmod 0700 '{}' ';' -o -type f -exec chmod 0600 '{}' ';'"
+			find "$FILEDIR/etc/ssl/private" -type d -exec chmod 0700 '{}' ';' -o -type f -exec chmod 0600 '{}' ';'
+		fi

 		# Set target version
 		local git_version
@@ -464,7 +471,7 @@ function genconfig_min-legacy {
 	if [ $# -eq 0 ]; then
 		echo Current profile:
 		cat $CURRENT_CONFIG_FILE
-		echo "Try ./iop genconfig_min-legacy -h' to get instructions if you want to change current config"
+		echo "Try ./iop genconfig -h' to get instructions if you want to change current config"
 		exit 0
 	else
 		while [ -n "$1" ]; do
@@ -500,4 +507,4 @@ function genconfig_min-legacy {
 	fi
 }

-register_command "genconfig_min-legacy" "Generate configuration for customer with manual board configuration - legacy mode"
+register_command "genconfig_min" "Generate configuration for customer with manual board configuration"
--- a/iop/scripts/genconfig_wrap.sh
+++ b/iop/scripts/genconfig_wrap.sh
@@ -1,29 +0,0 @@
-#!/bin/bash
-
-# Function to convert parameters to lowercase
-function to_lowercase {
-    local params=()
-    for param in "$@"; do
-        params+=("$(tr '[:upper:]' '[:lower:]' <<< "$param")")
-    done
-    echo "${params[@]}"
-}
-
-function genconfig {
-    target_script="./scripts/gen_config.py"
-
-    # First convert all to lowercase
-    args=$(to_lowercase "$@")
-
-    # Check if an option is provided
-    if [[ ${args[0]} == -* ]]; then
-      # Convert options for target script
-      if [[ ${args[0]}  == "-b" || ${args[0]}  == "--boards" ]]; then
-        args=("--list")
-      fi
-    fi
-
-    ${target_script} ${args[@]}
-}
-
-register_command "genconfig" "Generate configuration for board and customer"
--- a/iop/scripts/update_package.sh
+++ b/iop/scripts/update_package.sh
@@ -1,7 +1,646 @@
-update_package() {
-	echo "update_package is no longer supported." >&2
-	echo "Its replacement is ./iop set-feed-rev." >&2
-	return 1
+#!/bin/bash
+
+print_git_update()
+{
+    echo "pkg -> ${PKG_NAME}"
+    echo "	PKG_BUILD_DIR	=	${PKG_BUILD_DIR}"
+    echo "	PKG_DIR		=	${PKG_DIR}"
+    echo "	PKG_SOURCE	=	${PKG_SOURCE}"
+    echo "	PKG_NAME	=	${PKG_NAME}"
+    echo "	PKG_SOURCE_URL	=	${PKG_SOURCE_URL}"
+    echo "	PKG_SOURCE_PROTO=	${PKG_SOURCE_PROTO}"
+    echo "	PKG_SOURCE_VERSION=	${PKG_SOURCE_VERSION}"
+    echo "	PKG_SOURCE	=	${PKG_SOURCE}"
+    echo "	PKG_SOURCE_VERSION_FILE=${PKG_SOURCE_VERSION_FILE}"
 }

-register_command "update_package" "No longer used command"
+is_git_same()
+{
+    git_last=$(cd ${PKG_BUILD_DIR}; git rev-parse HEAD)
+    #echo "$PKG_NAME $git_last = ${PKG_SOURCE_VERSION}"
+    if [ "$git_last" == "${PKG_SOURCE_VERSION}" ]
+    then
+	return 0
+    fi
+    return 1
+}
+
+update_this_pkg()
+{
+    mk_hash=$(get_makefile_hash)
+
+    if [ "$mk_hash" != "${PKG_SOURCE_VERSION}" ]
+    then
+	echo "${PKG_NAME}:"
+	echo "	build dir     = ${PKG_BUILD_DIR}"
+	echo "	feed makefile = ${mk_hash}"
+	echo "	stale hash    = ${PKG_SOURCE_VERSION}"
+	echo "	build git     = $(cd ${PKG_BUILD_DIR}; git rev-parse HEAD)"
+	echo "	Git hash in package makefile and the git hash recorded from last compile of"
+	echo "	package is different. You probably want to recompile the package"
+	echo "	to get an up to date version in ${PKG_BUILD_DIR}/.git_update"
+	echo ""
+
+	echo -n "	Should we continue with the update anyway? [y/N]:"
+	read answer
+	echo ""
+
+	case $answer in
+	    y|Y)
+		;;
+	    n|N|*)
+		return 1;;
+	esac
+    fi
+
+    echo "${PKG_NAME}:"
+    echo "	build dir     = ${PKG_BUILD_DIR}"
+    echo "	pkg dir       = ${PKG_DIR}"
+    echo "	feed makefile = ${PKG_SOURCE_VERSION}"
+    echo "	build git     = $(cd ${PKG_BUILD_DIR}; git rev-parse HEAD)"
+    echo "	package is at a different git commit in build compared to feed"
+    echo -n "	Should we update the feed and top project to reflect the new version ? [y/N]:"
+    read answer
+    echo ""
+
+    case $answer in
+	y|Y)
+	    return 0;;
+	*)
+	    echo ""
+	    return 1;;
+    esac
+}
+
+get_makefile_hash()
+{
+    if [ -n "$PKG_SOURCE_VERSION_FILE" ]
+    then
+	name="$PKG_SOURCE_VERSION_FILE"
+    else
+	name=Makefile
+    fi
+    grep "PKG_SOURCE_VERSION:=" ${PKG_DIR}/${name} | sed -e "s/\(^PKG_SOURCE_VERSION:=\)\(.*\)/\2/"
+}
+
+insert_hash_in_feed_makefile()
+{
+    if [ -n "$PKG_SOURCE_VERSION_FILE" ]
+    then
+	name="$PKG_SOURCE_VERSION_FILE"
+    else
+	name=Makefile
+    fi
+
+    git_last=$(cd ${PKG_BUILD_DIR}; git rev-parse HEAD)
+
+    sed -i -e "s/\(^PKG_SOURCE_VERSION:=\).*/\1${git_last}/" ${PKG_DIR}/${name}
+    (cd ${PKG_DIR}; git add ${name})
+}
+
+insert_version_in_feed_makefile()
+{
+    if [ -n "$PKG_SOURCE_VERSION_FILE" ]
+    then
+	name="$PKG_SOURCE_VERSION_FILE"
+    else
+	name=Makefile
+    fi
+
+    last_version=$(awk -F '=' '/PKG_VERSION:=/ {print $2}' ${PKG_DIR}/${name})
+
+	echo -n "please enter version: "
+	read -ei "$last_version" answer
+
+	if [ -z ${answer} ]; then
+		return
+	fi
+
+    sed -i -e "s/\(^PKG_VERSION:=\).*/\1${answer}/" ${PKG_DIR}/${name}
+    (cd ${PKG_DIR}; git add ${name})
+}
+
+
+# BUG: fix if only local branche name!
+branch_uptodate()
+{
+    # $1 git repo
+    # $2 if it exist dont abort do the pull
+    (cd $1
+     git remote update 2>&1 >/dev/null
+
+     LOCAL=$(git rev-parse @)
+     REMOTE=$(git rev-parse @{u})
+     BASE=$(git merge-base @ @{u})
+
+     if [ -z "$REMOTE" ]; then
+	 BRANCH=$(basename $(git symbolic-ref -q HEAD))
+	 echo "You need to setup a tracking branch for $BRANCH"
+	 exit 99
+     fi
+
+     if [ $LOCAL = $REMOTE ]; then
+	 return
+     elif [ $LOCAL = $BASE ]; then
+	 if [ -n "$2" ]
+	 then
+	     echo "Doing automatic pull on [ $1 ]"
+	     if git pull
+	     then
+		 return
+	     else
+		 echo "Something wrong with pull. aborting, repo at"
+		 echo "    [ $1 ]"
+		 exit 99
+	     fi
+	 else
+	     echo "Local repo behind remote:"
+	     echo "do git pull at repo"
+	     echo "    [ $1 ]"
+	     exit 99
+	 fi
+     elif [ $REMOTE = $BASE ]; then
+	 echo "Local repo ahead of remote. A push is needed"
+	 echo "Repo is at: $1"
+	 echo ""
+	 echo -n "Should we try a push ? [Y/n]:"
+	 read answer
+	 echo ""
+
+	 case $answer in
+	     n|N|q|Q)
+		 exit 99;;
+	     *)
+		 echo -e "${Yellow}"
+		 if ! git push origin HEAD
+		 then
+		     echo -e "${Color_Off}"
+		     exit 99
+		 fi
+		 echo -e "${Color_Off}Push done."
+		 ;;
+	 esac
+
+     else
+	 echo "Diverged. not sure what you did but there is no tracking branch. "
+	 echo "repo at [ $1 ]. fix it so that there is a tracking branch remote."
+	 echo "Often this is related to somebody having commited to the same branch"
+	 echo "on the server so a simple push wont work, try a 'git rebase'."
+	 exit 99
+     fi
+    )
+}
+
+on_a_branch()
+{
+    local repo=$1
+    local type=$2
+    (
+	cd $repo
+	name=$(git symbolic-ref -q HEAD)
+	if [ -z "$name" ]
+	then
+	    echo "git $type repo [ $repo ] is detached."
+
+	    branches=($(git branch -r --contains $(git rev-parse HEAD)))
+	    if [ 0 == ${#branches[@]} ]
+	    then
+		echo "It needs to be on a branch but git could not find any associated branch"
+		echo ""
+		echo "you need to make sure that the commit is not on a detached branch"
+		echo "and that the branch exist in the remote repo also. it can not be a local name"
+		echo "as it is about to get pushed so it can be part of system release"
+		exit 99
+	    fi
+
+	    echo "It needs to be on a branch. Please select one or quit if it is not in list."
+	    echo ""
+
+	    i=0
+	    for branch in ${branches[*]}
+	    do
+		echo "$i: $branch"
+		i=$((i + 1))
+	    done
+
+	    echo ""
+	    echo -n "Select what branch to checkout. Q/q or N/n to quit? "
+	    read answer
+
+	    case $answer in
+		q|Q|n|N)
+		    echo "Aborting!"
+		    exit 99;;
+	    esac
+
+	    echo -e "${Yellow}"
+	    pwd
+	    echo "git checkout ${branches[$answer]}"
+	    if ! git checkout -t ${branches[$answer]}
+	    then
+		local_branch=$(basename ${branches[$answer]})
+		if ! git checkout ${local_branch}
+		then
+		    echo -e "${Color_Off}"
+		    echo "update_git aborting! something was wrong changing to branch ${branches[$answer]}"
+		    echo "go to [ $repo ] and fix it."
+		    exit 99
+		fi
+	    fi
+	    echo -e "${Color_Off}"
+	fi
+    )
+}
+
+git_repos_uptodate()
+{
+    on_a_branch ${PKG_BUILD_DIR} package
+    on_a_branch ${PKG_DIR} feed
+    on_a_branch ${PWD} top
+    branch_uptodate ${PKG_BUILD_DIR}
+    branch_uptodate ${PKG_DIR} do_pull
+    branch_uptodate ${PWD} do_pull
+}
+
+get_feed_name()
+{
+
+    echo $1 |sed  -e "s|.*feeds/\([^/]*\).*|\1|"
+
+    # rest=$(dirname $1)
+    # base=$(basename $1)
+    # prev=$base
+
+    # while [ -n "$rest" ]
+    # do
+    # 	if [ "$base" == "feeds" ]
+    # 	then
+    # 	    echo "$prev"
+    # 	fi
+    # done
+}
+
+create_message()
+{
+    FORMAT="commit %H%n\
+Author: %aN <%aE>%n\
+Date: %ai%n\
+%n\
+%w(80,4,4)%s%n
+%b%n\
+%w()Base directory -> ${repo_PATH}/"
+    local FROM=${PKG_SOURCE_VERSION}
+    local TO=$(cd ${PKG_BUILD_DIR}; git rev-parse HEAD)
+
+    local commits=$(cd ${PKG_BUILD_DIR};git rev-list ${FROM}..${TO})
+
+    local feed=$(get_feed_name ${PKG_DIR})
+
+    echo "Update feed [ $feed ] package [ $PKG_NAME ]"
+    echo ""
+    echo "-------------------------------------------------------------------------------"
+    (cd ${PKG_BUILD_DIR}; git log --graph --oneline ${FROM}..${TO})
+    echo "-------------------------------------------------------------------------------"
+
+    for commit in $commits
+    do
+	(cd ${PKG_BUILD_DIR}; git show --stat --pretty=format:"$FORMAT"  $commit)
+	echo "-------------------------------------------------------------------------------"
+    done
+}
+
+edit_file()
+{
+    echo -en "${Red}"
+    echo "Here is the commit message we are going to use!"
+    echo "-------------------------------------------------------------------------------"
+    echo -en "${Color_Off}"
+    cat $1
+    echo -en "${Red}"
+    echo "-------------------------------------------------------------------------------"
+    echo -en "${Color_Off}"
+
+    echo -n "Do you want to edit the message [y/N]? "
+    read answer
+
+    case $answer in
+	y|Y)
+	       $EDITOR $1;;
+    esac
+}
+
+
+commit_feed()
+{
+    template=$(readlink -f $1)
+    edit_file $template
+
+    echo -e "${Yellow}"
+    (
+	cd ${PKG_DIR}
+	if git commit -F $template
+	then
+	    if git push origin HEAD
+	    then
+		echo -e "${Color_Off} Feed Updated!"
+		return
+	    else
+		echo -e "${Color_Off}"
+		echo "something wrong push feed git ${PKG_DIR}"
+		exit 99
+	    fi
+	else
+	    echo -e "${Color_Off}"
+	    echo "something wrong committing to feed git ${PKG_DIR}"
+	    exit 99
+	fi
+    )
+}
+
+commit_feeds_config()
+{
+    template=$(readlink -f $1)
+    edit_file $template
+
+    echo -e "${Yellow}"
+    if git commit -F $template
+    then
+	if git push origin HEAD
+	then
+	    echo -e "${Color_Off}Feeds.conf updated!"
+	    return
+	else
+	    echo -e "${Color_Off}"
+	    echo "something wrong push change to feeds.conf"
+	    echo "try \"git remote update ; git stash ;git rebase; git push;git stash pop\""
+	    exit 99
+	fi
+    else
+	echo -e "${Color_Off}"
+	echo "something wrong committing to feed git"
+	exit 99
+    fi
+}
+
+insert_hash_in_feeds_config()
+{
+    local feed=$(get_feed_name ${PKG_DIR})
+    local TO=$(cd ${PKG_DIR}; git rev-parse HEAD)
+
+    sed -i feeds.conf -e "/ ${feed} / s/\(.*\)[;^].*/\1^${TO}/"
+    git add feeds.conf
+}
+
+check_packages()
+{
+    echo -e "${Green}_______________________________________________________________________________${Color_Off}"
+    echo "Now checking if any changes have been done to the packages."
+    echo -e "${Green}_______________________________________________________________________________${Color_Off}"
+
+    # only scan in the build directory that is currently in use.
+    CPU=$(grep  "CONFIG_CPU_TYPE=" .config| cut -f2 -d\")
+    LIBC=$(grep "CONFIG_LIBC=" .config| cut -f2 -d\")
+    
+    # First scan all files in build dir for packages that have .git directories.
+    all_pkgs=$(find build_dir/*${CPU}*${LIBC}* -name ".git")
+    
+    for pkg in `echo "$all_pkgs"`
+    do
+	pkg=$(dirname $pkg)
+
+	# check if the git in build is at same commit id as the feed makefile points out
+	if [ -e ${pkg}/.git_update ]
+	then
+	    source ${pkg}/.git_update
+	fi
+
+#	print_git_update
+
+	if [ -n "${PKG_NAME}" ]
+	then
+	    if ! is_git_same
+	    then
+		if update_this_pkg
+		then
+		    #  print_git_update
+		    git_repos_uptodate
+		    insert_hash_in_feed_makefile
+		    [ ${UPDATE} -eq 1 ] && insert_version_in_feed_makefile
+		    create_message >tmp/msg
+		    commit_feed tmp/msg
+		    insert_hash_in_feeds_config
+		    commit_feeds_config tmp/msg
+		fi
+	    fi
+	fi
+    done
+}
+
+# now handle the target git. we have only one
+
+
+feeds_hash()
+{
+    grep -v "^#" feeds.conf | grep " $1 " | grep "\^" | sed -e "s/.*[;^]\(.*\)/\1/"
+}
+
+insert_feed_hash_in_feeds_config()
+{
+    local feed=$1
+    local TO=$(cd feeds/${feed}; git rev-parse HEAD)
+
+    sed -i feeds.conf -e "/ ${feed} / s/\(.*\)[;^].*/\1^${TO}/"
+    git add feeds.conf
+}
+
+create_feed_message()
+{
+    local feed=$1
+    local FROM=$2
+    local TO=$3
+
+    local FORMAT="commit %H%n\
+Author: %aN <%aE>%n\
+Date: %ai%n\
+%n\
+%w(80,4,4)%s%n
+%b%n\
+%w()Base directory -> feeds/$feed/"
+
+
+    local commits=$(cd feeds/$feed;git rev-list ${FROM}..${TO})
+
+    echo "Update feed [ $feed ]"
+    echo ""
+    echo "-------------------------------------------------------------------------------"
+    (cd feeds/$feed; git log --graph --oneline ${FROM}..${TO})
+    echo "-------------------------------------------------------------------------------"
+
+    for commit in $commits
+    do
+	(cd feeds/$feed; git show --stat --pretty=format:"$FORMAT"  $commit)
+	echo "-------------------------------------------------------------------------------"
+    done
+}
+
+
+
+
+check_feeds()
+{
+    echo -e "${Green}_______________________________________________________________________________${Color_Off}"
+    echo "Now checking if any changes have been done to the feeds."
+    echo -e "${Green}_______________________________________________________________________________${Color_Off}"
+
+    feeds="$1"
+    [ -n "$feeds" ] || feeds=$(grep -v "^#" feeds.conf| awk '{print $2}')
+    for feed in `echo $feeds`
+    do
+		feed_hash=$(feeds_hash $feed)
+		[ -n "$feed_hash" ] || continue
+		if [ -d feeds/$feed ]; then
+			in_git=$(cd feeds/$feed; git rev-parse HEAD)
+
+			if [ "$feed_hash" != "$in_git" ]
+			then
+
+				name=$(cd feeds/$feed;git symbolic-ref -q HEAD)
+				if [ -z "$name" ]
+				then
+					echo "Feed feeds/${feed} is at a git commit which is different from feeds.conf"
+					#echo "git id from feeds.conf [$feed_hash] git id from feeds/${feed} [$in_git]"
+					on_a_branch feeds/${feed} feed
+
+					#redo the test here and see if the feeds.conf and git is still different.
+					in_git=$(cd feeds/$feed; git rev-parse HEAD)
+					if [ "$feed_hash" = "$in_git" ]
+					then
+						continue
+					fi
+				fi
+
+				LOCAL=$(cd feeds/$feed;git rev-parse @)
+				REMOTE=$(cd feeds/$feed;git rev-parse @{u})
+				BASE=$(cd feeds/$feed;git merge-base @ @{u})
+
+				# if we are behind the remote automatically do a pull
+				if [ $LOCAL = $BASE ]; then
+					(cd feeds/$feed ; git pull 1>/dev/null)
+
+					#redo the test here and see if the feeds.conf and git is still different.
+					in_git=$(cd feeds/$feed; git rev-parse HEAD)
+					if [ "$feed_hash" = "$in_git" ]
+					then
+						continue
+					fi
+				fi
+
+				echo "Feed feeds/${feed} is at different commit than what is in feeds.conf"
+				#echo "git id from feeds.conf [$feed_hash] git id from feeds/${feed} [$in_git]"
+				echo -n "Should we update feeds.conf to reflect the new version ? [y/N]:"
+				read answer
+
+				case $answer in
+					n|N|'')
+						continue;;
+				esac
+				branch_uptodate feeds/${feed}
+				create_feed_message ${feed} $feed_hash $in_git  >tmp/msg
+				insert_feed_hash_in_feeds_config ${feed}
+				commit_feeds_config tmp/msg
+			fi
+		fi
+    done
+}
+
+is_local_and_remote_same()
+{
+    git remote update 2>/dev/null 1>/dev/null
+    LOCAL=$(git rev-parse @)
+    REMOTE=$(git rev-parse @{u})
+
+    if [ $LOCAL = $REMOTE ]
+    then
+	return
+    fi
+
+    local_name=$(git rev-parse --abbrev-ref @ )
+    remote_name=$(git rev-parse --abbrev-ref @{u} )
+    
+    echo "Top repo local branch \"$local_name\" is not at same point as remote \"$remote_name\""
+    echo "This update script will update the feeds.conf file and for that to work it needs to"
+    echo "be up to date with the remote."
+    echo ""
+    echo "please run:"
+    echo "  git pull"
+    echo "  ./iop feeds_update"
+    echo ""
+    echo "do not forget the bootstrap. but do not run make it can delete your package in build"
+    exit 0
+}
+
+usage(){
+	echo -e "$0 [flags]"
+	echo -e "flags:"
+	echo -e "  -f\tFeed to update"
+	echo -e "  -h\tShow this help"
+	echo -e "  -u\tUpdate package version\n"
+}
+
+# Exported interface
+function update_package {
+
+    UPDATE=0
+
+    Color_Off='\033[0m'       # Text Reset
+
+    # Regular Colors
+    Black='\033[0;30m'        # Black
+    Red='\033[0;31m'          # Red
+    Green='\033[0;32m'        # Green
+    Yellow='\033[0;33m'       # Yellow
+    Blue='\033[0;34m'         # Blue
+    Purple='\033[0;35m'       # Purple
+    Cyan='\033[0;36m'         # Cyan
+    White='\033[0;37m'        # White
+
+    while getopts "f:hu" opt; do
+	case $opt in
+	    f)
+		feed=$OPTARG
+		;;
+	    h)
+		usage
+		exit 1
+		;;
+	    u)
+		UPDATE=1
+		;;
+	    \?)
+		echo "Invalid option: -$OPTARG" >&2
+		exit 1
+		;;
+	esac
+    done
+
+    if [ -z "$EDITOR" ]
+    then
+	if [ -f /usr/bin/vi ]; then
+	    EDITOR=vi
+	else
+	    echo "env variable EDITOR needs to be set"
+	    exit 1
+	fi
+    fi
+
+
+    # allow subshells to abort the whole program by exiting with "exit 99"
+    set -E
+    trap '[ "$?" -ne 99 ] || exit 99' ERR
+
+    is_local_and_remote_same
+    [ -n "$feed" ] || check_packages
+    check_feeds $feed
+}
+
+register_command "update_package" "Publish changes to packages and feeds"
--- a/iopsys-analytics/Makefile
+++ b/iopsys-analytics/Makefile
@@ -1,50 +0,0 @@
-include $(TOPDIR)/rules.mk
-
-PKG_NAME:=iopsys-analytics
-PKG_RELEASE:=$(COMMITCOUNT)
-PKG_LICENSE:=PROPRIETARY
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=1a749bdebd142a83ba0733f1644a6241403c9097
-PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/iopsys-analytics.git
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
-PKG_MIRROR_HASH:=skip
-
-include $(INCLUDE_DIR)/package.mk
-
-define Package/$(PKG_NAME)
-  CATEGORY:=Utilities
-  TITLE:=Analytics tweaks for IOPSYS CI/CD purposes
-
-  # setting core dump limit
-  DEPENDS+=                                             \
-    +prlimit                                            \
-  # monitoring
-  DEPENDS+=                                             \
-    +collectd                                           \
-    +collectd-mod-cpu                                   \
-    +collectd-mod-exec                                  \
-    +collectd-mod-load                                  \
-    +collectd-mod-memory                                \
-    +collectd-mod-network                               \
-    +collectd-mod-processes                             \
-    +collectd-mod-write-http                            \
-    +@PACKAGE_COLLECTD_ENCRYPTED_NETWORK                \
-  # remote syslog
-  DEPENDS+=                                             \
-    +syslog-ng                                          \
-    +@SYSLOGNG_LOGROTATE                                \
-
-endef
-
-define Package/$(PKG_NAME)/description
-        Analytics tweaks for IOPSYS internal CI/CD purposes
-        e.g. syslog, system health, coredumps...
-endef
-
-Build/Compile=
-
-define Package/$(PKG_NAME)/install
-	$(CP) -r $(PKG_BUILD_DIR)/files/*  $(1)/
-endef
-
-$(eval $(call BuildPackage,$(PKG_NAME)))
--- a/ipt-trigger/Makefile
+++ b/ipt-trigger/Makefile
@@ -1,62 +0,0 @@
-#
-# Copyright (C) 2024 IOPSYS Software Solutions AB
-#
-
-include $(TOPDIR)/rules.mk
-include $(INCLUDE_DIR)/kernel.mk
-
-PKG_NAME:=ipt-trigger
-PKG_VERSION:=1.0.0
-PKG_LICENSE:=GPL-2.0
-
-include $(INCLUDE_DIR)/package.mk
-
-define KernelPackage/ipt-trigger
-  SUBMENU:=Other modules
-  TITLE:=Kernel module for iptables port trigger
-  FILES:=$(PKG_BUILD_DIR)/ipv4/ipt_TRIGGER.ko
-  DEPENDS+=+kmod-nf-nat +xtables-legacy
-  AUTOLOAD:=$(call AutoLoad,30,ipt_TRIGGER,1)
-  KCONFIG:=
-endef
-
-define KernelPackage/ip6t-trigger
-  SUBMENU:=Other modules
-  TITLE:=Kernel module for ip6tables port trigger
-  DEPENDS+=+kmod-nf-nat +xtables-legacy
-  FILES:=$(PKG_BUILD_DIR)/ipv6/ip6t_TRIGGER.ko
-  AUTOLOAD:=$(call AutoLoad,30,ip6t_TRIGGER,1)
-  KCONFIG:=
-endef
-
-define KernelPackage/ipt-trigger/description
-	Kernel module to enable port trigger for iptables
-endef
-
-define KernelPackage/ip6t-trigger/description
-	Kernel module to enable port trigger for ip6tables
-endef
-
-ifeq ($(CONFIG_TARGET_brcmbca),y)
-	include ../../broadcom/bcmkernel/bcm-kernel-toolchain.mk
-endif
-
-define Build/Prepare
-	$(CP) -rf ./src/* $(PKG_BUILD_DIR)/
-	$(CP) $(PKG_BUILD_DIR)/ipt_TRIGGER.h $(LINUX_DIR)/include/linux/netfilter_ipv4/
-endef
-
-define Build/InstallDev
-	$(INSTALL_DIR) $(1)/include/linux/netfilter_ipv4
-	$(CP) $(PKG_BUILD_DIR)/ipt_TRIGGER.h $(1)/include/linux/netfilter_ipv4/
-endef
-
-KERNEL_MAKE_FLAGS += -I$(LINUX_DIR)/include
-
-define Build/Compile
-	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/ipv4/" modules
-	$(KERNEL_MAKE) M="$(PKG_BUILD_DIR)/ipv6/" modules
-endef
-
-$(eval $(call KernelPackage,ipt-trigger))
-$(eval $(call KernelPackage,ip6t-trigger))
--- a/ipt-trigger/src/ipt_TRIGGER.h
+++ b/ipt-trigger/src/ipt_TRIGGER.h
@@ -1,26 +0,0 @@
-#ifndef _IPT_TRIGGER_H_target
-#define _IPT_TRIGGER_H_target
-
-#define TRIGGER_TIMEOUT 600	/* 600 secs */
-
-enum ipt_trigger_type
-{
-	IPT_TRIGGER_DNAT = 1,
-	IPT_TRIGGER_IN = 2,
-	IPT_TRIGGER_OUT = 3,
-	IPT_TRIGGER_REFRESH = 4
-};
-
-struct ipt_trigger_ports {
-	u_int16_t mport[2];	/* Related destination port range */
-	u_int16_t rport[2];	/* Port range to map related destination port range to */
-};
-
-struct ipt_trigger_info {
-	enum ipt_trigger_type type;
-	u_int16_t proto;		/* Related protocol */
-	u_int16_t trigger_timeout;	/* Auto disable duration */
-	struct ipt_trigger_ports ports;
-};
-
-#endif /*_IPT_TRIGGER_H_target*/
--- a/ipt-trigger/src/ipv4/Makefile
+++ b/ipt-trigger/src/ipv4/Makefile
@@ -1 +0,0 @@
-obj-m +=ipt_TRIGGER.o
--- a/ipt-trigger/src/ipv4/ipt_TRIGGER.c
+++ b/ipt-trigger/src/ipv4/ipt_TRIGGER.c
@@ -1,407 +0,0 @@
-/* Kernel module to match the port-ranges, trigger related port-ranges,
- * and alters the destination to a local IP address.
- *
- * Copyright (C) 2003, CyberTAN Corporation
- * All Rights Reserved.
- *
- * Description:
- *   This is kernel module for port-triggering.
- *
- *   The module follows the Netfilter framework, called extended packet
- *   matching modules.
- */
-
-#include <linux/types.h>
-#include <linux/ip.h>
-#include <linux/tcp.h>
-#include <linux/timer.h>
-#include <linux/module.h>
-#include <linux/netfilter.h>
-#include <linux/netdevice.h>
-#include <linux/if.h>
-#include <linux/inetdevice.h>
-#include <linux/list.h>
-#include <net/protocol.h>
-#include <net/checksum.h>
-#include <linux/spinlock.h>
-
-#include <linux/netfilter_ipv4.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <net/netfilter/nf_conntrack.h>
-#include <net/netfilter/nf_conntrack_core.h>
-#include <net/netfilter/nf_conntrack_tuple.h>
-#include <net/netfilter/nf_nat.h>
-#include <linux/netfilter_ipv4/ipt_TRIGGER.h>
-
-/* This rwlock protects the main hash table, protocol/helper/expected
- *    registrations, conntrack timers*/
-
-
-static DEFINE_SPINLOCK(nf_trigger_lock);
-
-
-
-#define NF_IP_PRE_ROUTING	0
-#define NF_IP_FORWARD		2
-#define IPT_CONTINUE XT_CONTINUE
-
-
-
-/***********************lock help**********************/
-#define MUST_BE_READ_LOCKED(l)
-#define MUST_BE_WRITE_LOCKED(l)
-
-
-#define LOCK_BH(l) spin_lock_bh(l)
-#define UNLOCK_BH(l) spin_unlock_bh(l)
-
-#define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&nf_trigger_lock)
-#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&nf_trigger_lock)
-
-
-
-
-/***********************list help**********************/
-#define LIST_FIND(head, cmpfn, type, args...)           \
-({                                                      \
-        const struct list_head *__i, *__j = NULL;       \
-                                                        \
-        ASSERT_READ_LOCK(head);                         \
-        list_for_each(__i, (head))                      \
-                if (cmpfn((const type)__i , ## args)) { \
-                        __j = __i;                      \
-                        break;                          \
-                }                                       \
-        (type)__j;                                      \
-})
-
-static inline int
-__list_cmp_same(const void *p1, const void *p2) { return p1 == p2; }
-
-static inline void
-list_prepend(struct list_head *head, void *new)
-{
-	ASSERT_WRITE_LOCK(head);
-	list_add(new, head);
-}
-
-#define list_named_find(head, name)                     \
-LIST_FIND(head, __list_cmp_name, void *, name)
-
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("Netfilter Core Team <coreteam@netfilter.org>");
-MODULE_DESCRIPTION("iptables trigger target module");
-
-#if 0
-#define DEBUGP printk
-#else
-#define DEBUGP(format, args...)
-#endif
-
-struct ipt_trigger {
-        struct list_head list;          /* Trigger list */
-        struct timer_list timeout;      /* Timer for list destroying */
-        u_int32_t srcip;                /* Outgoing source address */
-        u_int32_t dstip;                /* Outgoing destination address */
-        u_int16_t mproto;               /* Trigger protocol */
-        u_int16_t rproto;               /* Related protocol */
-        u_int16_t trigger_timeout;      /* Auto disable duration */
-        struct ipt_trigger_ports ports; /* Trigger and related ports */
-        u_int8_t reply;                 /* Confirm a reply connection */
-};
-
-LIST_HEAD(ipt_trigger_list);
-
-static void trigger_refresh(struct ipt_trigger *trig, unsigned long extra_jiffies)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	LOCK_BH(&nf_trigger_lock);
-	/* Need del_timer for race avoidance (may already be dying). */
-	if (del_timer(&trig->timeout)) {
-		trig->timeout.expires = jiffies + extra_jiffies;
-		add_timer(&trig->timeout);
-	}
-
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static void __del_trigger(struct ipt_trigger *trig)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	MUST_BE_WRITE_LOCKED(&nf_trigger_lock);
-
-	/* delete from 'ipt_trigger_list' */
-	list_del(&trig->list);
-	kfree(trig);
-}
-
-static void trigger_timeout(struct timer_list *t)
-{
-	struct ipt_trigger *trig = from_timer(trig, t, timeout);
-
-	DEBUGP("trigger list %p timed out\n", trig);
-	LOCK_BH(&nf_trigger_lock);
-	__del_trigger(trig);
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static unsigned int
-add_new_trigger(struct ipt_trigger *trig)
-{
-	struct ipt_trigger *new = NULL;
-
-	DEBUGP("!!!!!!!!!!!! %s !!!!!!!!!!!\n", __FUNCTION__);
-
-	LOCK_BH(&nf_trigger_lock);
-	new = (struct ipt_trigger *)
-		kmalloc(sizeof(struct ipt_trigger), GFP_ATOMIC);
-
-	if (!new) {
-		UNLOCK_BH(&nf_trigger_lock);
-		DEBUGP("%s: OOM allocating trigger list\n", __FUNCTION__);
-		return -ENOMEM;
-	}
-
-	memset(new, 0, sizeof(*trig));
-	INIT_LIST_HEAD(&new->list);
-	memcpy(new, trig, sizeof(*trig));
-
-	/* add to global table of trigger */
-	list_prepend(&ipt_trigger_list, &new->list);
-
-	/* add and start timer if required */
-	timer_setup(&new->timeout, trigger_timeout, 0);
-	mod_timer(&new->timeout, jiffies + (trig->trigger_timeout * HZ));
-
-	UNLOCK_BH(&nf_trigger_lock);
-
-	return 0;
-}
-
-/*
- *      Service-Name    OutBound        InBound
- * 1.   TMD             UDP:1000        TCP/UDP:2000..2010
- * 2.   WOKAO           UDP:1000        TCP/UDP:3000..3010
- * 3.   net2phone-1     UDP:6801        TCP:30000..30000
- * 4.   net2phone-2     UDP:6801        UDP:30000..30000
- *
- * For supporting to use the same outgoing port to trigger different port rules,
- * it should check the inbound protocol and port range value. If all conditions
- * are matched, it is a same trigger item, else it needs to create a new one.
- */
-static inline int trigger_out_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport, const struct ipt_trigger_info *info)
-{
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, mproto= %d, mport[0..1]=%d, %d, ", __FUNCTION__,
-			i->mproto, i->ports.mport[0], i->ports.mport[1]);
-	DEBUGP("rproto= %d, rport[0..1]=%d, %d.\n",
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	return ((i->mproto == proto) &&
-			(i->ports.mport[0] <= dport)  &&
-			(i->ports.mport[1] >= dport) &&
-			(i->rproto == info->proto) &&
-			(i->ports.rport[0] == info->ports.rport[0]) &&
-			(i->ports.rport[1] == info->ports.rport[1]));
-}
-
-static unsigned int
-trigger_out(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger trig, *found;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	/* Check if the trigger range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_out_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest), info);
-
-
-	if (found) {
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		/* In order to allow multiple hosts use the same port range, we update
-		   the 'saddr' after previous trigger has a reply connection. */
-		if (found->reply)
-			found->srcip = iph->saddr;
-	}
-	else {
-		/* Create new trigger */
-		memset(&trig, 0, sizeof(trig));
-		trig.srcip = iph->saddr;
-		trig.mproto = iph->protocol;
-		trig.rproto = info->proto;
-		trig.trigger_timeout = info->trigger_timeout;
-		memcpy(&trig.ports, &info->ports, sizeof(struct ipt_trigger_ports));
-		add_new_trigger(&trig); /* Add the new 'trig' to list 'ipt_trigger_list'. */
-	}
-
-	return IPT_CONTINUE;        /* We don't block any packet. */
-}
-
-static inline int trigger_in_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport)
-{
-	u_int16_t rproto = i->rproto;
-
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, rproto= %d, rport[0..1]=%d, %d.\n", __FUNCTION__,
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	if (!rproto)
-		rproto = proto;
-
-	return ((rproto == proto) && (i->ports.rport[0] <= dport)
-			&& (i->ports.rport[1] >= dport));
-}
-
-static unsigned int
-trigger_in(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger *found;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############\n", __FUNCTION__);
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		return NF_ACCEPT;       /* Accept it, or the imcoming packet could be
-					   dropped in the FORWARD chain */
-	}
-
-	return IPT_CONTINUE;        /* Our job is the interception. */
-}
-
-static unsigned int
-trigger_dnat(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	struct ipt_trigger *found = NULL;
-	const struct iphdr *iph = ip_hdr(skb);
-	struct tcphdr *tcph = (void *)iph + iph->ihl*4;     /* Might be TCP, UDP */
-	struct nf_conn *ct = NULL;
-	enum ip_conntrack_info ctinfo;
-	struct nf_nat_range2 newrange;
-
-	DEBUGP("############# %s ############%d\n", __FUNCTION__, __LINE__);
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, iph->protocol, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############%d srcip:%d\n", __FUNCTION__, __LINE__, found->srcip);
-	}
-
-	if (!found || !found->srcip)
-		return IPT_CONTINUE;    /* We don't block any packet. */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	found->reply = 1;   /* Confirm there has been a reply connection. */
-	ct = nf_ct_get(skb, &ctinfo);
-
-	DEBUGP("%s: got ", __FUNCTION__);
-
-
-	/* Alter the destination of imcoming packet. */
-	/* Transfer from original range. */
-	memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
-	memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
-	memset(&newrange.min_proto, 0, sizeof(newrange.min_proto));
-	memset(&newrange.max_proto, 0, sizeof(newrange.max_proto));
-	newrange.flags	     = NF_NAT_RANGE_MAP_IPS;
-	newrange.min_addr.ip = found->srcip;
-	newrange.max_addr.ip = found->srcip;
-	DEBUGP("%s: found->srcip = %x\n", __FUNCTION__,  found->srcip);
-
-	/* Hand modified range to generic setup. */
-	return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
-}
-
-static unsigned int
-trigger_target(struct sk_buff *skb,
-			       const struct xt_action_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-	const struct iphdr *iph = ip_hdr(skb);
-	unsigned int hooknum = xt_hooknum(par);
-
-	DEBUGP("%s: type = %s\n", __FUNCTION__,
-			(info->type == IPT_TRIGGER_DNAT) ? "dnat" :
-			(info->type == IPT_TRIGGER_IN) ? "in" : "out");
-
-	/* The Port-trigger only supports TCP and UDP. */
-	if ((iph->protocol != IPPROTO_TCP) && (iph->protocol != IPPROTO_UDP))
-		return IPT_CONTINUE;
-
-	if (info->type == IPT_TRIGGER_OUT)
-		return trigger_out(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_IN)
-		return trigger_in(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_DNAT)
-		return trigger_dnat(skb, hooknum, info);
-
-	return IPT_CONTINUE;
-}
-static int
-trigger_check(const struct xt_tgchk_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-
-	if ((strcmp(par->table, "mangle") == 0)) {
-		DEBUGP("trigger_check: bad table `%s'.\n", par->table);
-		return -EINVAL;
-	}
-	if (par->hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_FORWARD))) {
-		DEBUGP("trigger_check: bad hooks %x.\n", par->hook_mask);
-		return -EINVAL;
-	}
-
-	if (info->proto) {
-		if (info->proto != IPPROTO_TCP && info->proto != IPPROTO_UDP) {
-			DEBUGP("trigger_check: bad proto %d.\n", info->proto);
-			return -EINVAL;
-		}
-	}
-	if (info->type == IPT_TRIGGER_OUT) {
-		if (!info->ports.mport[0] || !info->ports.rport[0]) {
-			DEBUGP("trigger_check: Try 'iptbles -j TRIGGER -h' for help.\n");
-			return -EINVAL;
-		}
-	}
-
-	return 0;
-}
-
-
-static struct xt_target redirect_reg = {
-        .name           = "TRIGGER",
-        .family         = NFPROTO_IPV4,
-        .target         = trigger_target,
-        .targetsize     = sizeof(struct ipt_trigger_info),
-        .checkentry     = trigger_check,
-        .me             = THIS_MODULE,
-};
-
-static int __init init(void)
-{
-	return xt_register_target(&redirect_reg);
-}
-
-static void __exit fini(void)
-{
-	xt_unregister_target(&redirect_reg);
-}
-
-module_init(init);
-module_exit(fini);
--- a/ipt-trigger/src/ipv6/Makefile
+++ b/ipt-trigger/src/ipv6/Makefile
@@ -1 +0,0 @@
-obj-m +=ip6t_TRIGGER.o
--- a/ipt-trigger/src/ipv6/ip6t_TRIGGER.c
+++ b/ipt-trigger/src/ipv6/ip6t_TRIGGER.c
@@ -1,429 +0,0 @@
-/* Kernel module to match the port-ranges, trigger related port-ranges,
- * and alters the destination to a local IPv6 address.
- *
- * Copyright (C) 2024, IOPSYS
- * All Rights Reserved.
- *
- * Description:
- *   This is kernel module for port-triggering.
- *
- *   The module follows the Netfilter framework, called extended packet
- *   matching modules.
- */
-
-#include <linux/types.h>
-#include <linux/tcp.h>
-#include <linux/timer.h>
-#include <linux/module.h>
-#include <linux/netfilter.h>
-#include <linux/netdevice.h>
-#include <linux/if.h>
-#include <linux/inetdevice.h>
-#include <linux/list.h>
-#include <net/protocol.h>
-#include <net/checksum.h>
-#include <linux/spinlock.h>
-
-#include <linux/netfilter_ipv6.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <net/netfilter/nf_conntrack.h>
-#include <net/netfilter/nf_conntrack_core.h>
-#include <net/netfilter/nf_conntrack_tuple.h>
-#include <net/netfilter/nf_nat.h>
-#include <linux/netfilter_ipv4/ipt_TRIGGER.h>
-
-/* This rwlock protects the main hash table, protocol/helper/expected
- *    registrations, conntrack timers*/
-
-
-static DEFINE_SPINLOCK(nf_trigger_lock);
-
-
-
-#define NF_IP_PRE_ROUTING	0
-#define NF_IP_FORWARD		2
-#define IPT_CONTINUE XT_CONTINUE
-
-
-
-/***********************lock help**********************/
-#define MUST_BE_READ_LOCKED(l)
-#define MUST_BE_WRITE_LOCKED(l)
-
-
-#define LOCK_BH(l) spin_lock_bh(l)
-#define UNLOCK_BH(l) spin_unlock_bh(l)
-
-#define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&nf_trigger_lock)
-#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&nf_trigger_lock)
-
-
-
-
-/***********************list help**********************/
-#define LIST_FIND(head, cmpfn, type, args...)           \
-({                                                      \
-        const struct list_head *__i, *__j = NULL;       \
-                                                        \
-        ASSERT_READ_LOCK(head);                         \
-        list_for_each(__i, (head))                      \
-                if (cmpfn((const type)__i , ## args)) { \
-                        __j = __i;                      \
-                        break;                          \
-                }                                       \
-        (type)__j;                                      \
-})
-
-static inline int
-__list_cmp_same(const void *p1, const void *p2) { return p1 == p2; }
-
-static inline void
-list_prepend(struct list_head *head, void *new)
-{
-	ASSERT_WRITE_LOCK(head);
-	list_add(new, head);
-}
-
-#define list_named_find(head, name)                     \
-LIST_FIND(head, __list_cmp_name, void *, name)
-
-MODULE_LICENSE("GPL");
-MODULE_AUTHOR("IOPSYS Network Team");
-MODULE_DESCRIPTION("iptables trigger target module");
-
-#if 0
-#define DEBUGP printk
-#else
-#define DEBUGP(format, args...)
-#endif
-
-struct ipt_trigger {
-        struct list_head list;          /* Trigger list */
-        struct timer_list timeout;      /* Timer for list destroying */
-        struct in6_addr srcip;                /* Outgoing source address */
-        struct in6_addr dstip;                /* Outgoing destination address */
-        u_int16_t mproto;               /* Trigger protocol */
-        u_int16_t rproto;               /* Related protocol */
-	u_int16_t trigger_timeout;      /* Auto disable duration */
-        struct ipt_trigger_ports ports; /* Trigger and related ports */
-        u_int8_t reply;                 /* Confirm a reply connection */
-};
-
-LIST_HEAD(ipt_trigger_list);
-
-static unsigned char *ipv6_header_get_L4_header_offset(const struct ipv6hdr *ip6h_p)
-{
-        unsigned int ext_head_count = 8;
-        const struct ipv6_opt_hdr *ip_ext_p;
-        unsigned int payload_offset = 0;
-	char *tcpudp_hdr = NULL;
-	uint8_t nextHdr_p;
-
-        nextHdr_p = ip6h_p->nexthdr;
-        ip_ext_p = (const struct ipv6_opt_hdr *)(ip6h_p + 1);
-        payload_offset = sizeof(struct ipv6hdr);
-
-        do {
-                if ((nextHdr_p == IPPROTO_TCP) || (nextHdr_p == IPPROTO_UDP)) {
-			tcpudp_hdr = (unsigned char *)ip6h_p + payload_offset;
-                        break;
-		}
-
-                payload_offset += (ip_ext_p->hdrlen + 1U) << 3U;
-                nextHdr_p = ip_ext_p->nexthdr;
-                ip_ext_p = (struct ipv6_opt_hdr *)((uint8_t *)ip6h_p + payload_offset);
-                ext_head_count--; /* at most 8 extension headers */
-        } while (ext_head_count);
-
-        return tcpudp_hdr;
-}
-
-static void trigger_refresh(struct ipt_trigger *trig, unsigned long extra_jiffies)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	LOCK_BH(&nf_trigger_lock);
-	/* Need del_timer for race avoidance (may already be dying). */
-	if (del_timer(&trig->timeout)) {
-		trig->timeout.expires = jiffies + extra_jiffies;
-		add_timer(&trig->timeout);
-	}
-
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static void __del_trigger(struct ipt_trigger *trig)
-{
-	DEBUGP("%s: \n", __FUNCTION__);
-	MUST_BE_WRITE_LOCKED(&nf_trigger_lock);
-
-	/* delete from 'ipt_trigger_list' */
-	list_del(&trig->list);
-	kfree(trig);
-}
-
-static void trigger_timeout(struct timer_list *t)
-{
-	struct ipt_trigger *trig = from_timer(trig, t, timeout);
-
-	DEBUGP("trigger list %p timed out\n", trig);
-	LOCK_BH(&nf_trigger_lock);
-	__del_trigger(trig);
-	UNLOCK_BH(&nf_trigger_lock);
-}
-
-static unsigned int
-add_new_trigger(struct ipt_trigger *trig)
-{
-	struct ipt_trigger *new = NULL;
-
-	DEBUGP("!!!!!!!!!!!! %s !!!!!!!!!!!\n", __FUNCTION__);
-
-	LOCK_BH(&nf_trigger_lock);
-	new = (struct ipt_trigger *)
-		kmalloc(sizeof(struct ipt_trigger), GFP_ATOMIC);
-
-	if (!new) {
-		UNLOCK_BH(&nf_trigger_lock);
-		DEBUGP("%s: OOM allocating trigger list\n", __FUNCTION__);
-		return -ENOMEM;
-	}
-
-	memset(new, 0, sizeof(*trig));
-	INIT_LIST_HEAD(&new->list);
-	memcpy(new, trig, sizeof(*trig));
-
-	/* add to global table of trigger */
-	list_prepend(&ipt_trigger_list, &new->list);
-
-	/* add and start timer if required */
-	timer_setup(&new->timeout, trigger_timeout, 0);
-	mod_timer(&new->timeout, jiffies + (trig->trigger_timeout * HZ));
-
-	UNLOCK_BH(&nf_trigger_lock);
-
-	return 0;
-}
-
-/*
- *      Service-Name    OutBound        InBound
- * 1.   TMD             UDP:1000        TCP/UDP:2000..2010
- * 2.   WOKAO           UDP:1000        TCP/UDP:3000..3010
- * 3.   net2phone-1     UDP:6801        TCP:30000..30000
- * 4.   net2phone-2     UDP:6801        UDP:30000..30000
- *
- * For supporting to use the same outgoing port to trigger different port rules,
- * it should check the inbound protocol and port range value. If all conditions
- * are matched, it is a same trigger item, else it needs to create a new one.
- */
-static inline int trigger_out_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport, const struct ipt_trigger_info *info)
-{
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, mproto= %d, mport[0..1]=%d, %d, ", __FUNCTION__,
-			i->mproto, i->ports.mport[0], i->ports.mport[1]);
-	DEBUGP("rproto= %d, rport[0..1]=%d, %d.\n",
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	return ((i->mproto == proto) &&
-			(i->ports.mport[0] <= dport)  &&
-			(i->ports.mport[1] >= dport) &&
-			(i->rproto == info->proto) &&
-			(i->ports.rport[0] == info->ports.rport[0]) &&
-			(i->ports.rport[1] == info->ports.rport[1]));
-}
-
-static unsigned int
-trigger_out(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger trig, *found;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph = (struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	/* Check if the trigger range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_out_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest), info);
-
-
-	if (found) {
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		/* In order to allow multiple hosts use the same port range, we update
-		   the 'saddr' after previous trigger has a reply connection. */
-		if (found->reply)
-			found->srcip = ip6h->saddr;
-	}
-	else {
-		/* Create new trigger */
-		memset(&trig, 0, sizeof(trig));
-		memcpy(&trig.srcip, &ip6h->saddr, sizeof(trig.srcip));
-		trig.mproto = ip6h->nexthdr;
-		trig.rproto = info->proto;
-		trig.trigger_timeout = info->trigger_timeout;
-		memcpy(&trig.ports, &info->ports, sizeof(struct ipt_trigger_ports));
-		add_new_trigger(&trig); /* Add the new 'trig' to list 'ipt_trigger_list'. */
-	}
-
-	return IPT_CONTINUE;        /* We don't block any packet. */
-}
-
-static inline int trigger_in_matched(const struct ipt_trigger *i,
-        const u_int16_t proto, const u_int16_t dport)
-{
-	u_int16_t rproto = i->rproto;
-
-	DEBUGP("%s: i=%p, proto= %d, dport=%d.\n", __FUNCTION__, i, proto, dport);
-	DEBUGP("%s: Got one, rproto= %d, rport[0..1]=%d, %d.\n", __FUNCTION__,
-			i->rproto, i->ports.rport[0], i->ports.rport[1]);
-
-	if (!rproto)
-		rproto = proto;
-
-	return ((rproto == proto) && (i->ports.rport[0] <= dport)
-			&& (i->ports.rport[1] >= dport));
-}
-
-static unsigned int
-trigger_in(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	const struct ipt_trigger_info *info = targinfo;
-	struct ipt_trigger *found;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph =(struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest));
-	if (found) {
-		DEBUGP("############# %s ############\n", __FUNCTION__);
-		/* Yeah, it exists. We need to update(delay) the destroying timer. */
-		trigger_refresh(found, info->trigger_timeout * HZ);
-		return NF_ACCEPT;       /* Accept it, or the imcoming packet could be
-					   dropped in the FORWARD chain */
-	}
-
-	return IPT_CONTINUE;        /* Our job is the interception. */
-}
-
-static unsigned int
-trigger_dnat(struct sk_buff *skb,
-                unsigned int hooknum,
-                const void *targinfo)
-{
-	struct ipt_trigger *found = NULL;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	struct tcphdr *tcph =(struct tcphdr*)ipv6_header_get_L4_header_offset(ip6h);     /* Might be TCP, UDP */
-	struct nf_conn *ct = NULL;
-	enum ip_conntrack_info ctinfo;
-	struct nf_nat_range2 newrange;
-
-	/* Check if the trigger-ed range has already existed in 'ipt_trigger_list'. */
-	found = LIST_FIND(&ipt_trigger_list, trigger_in_matched,
-			struct ipt_trigger *, ip6h->nexthdr, ntohs(tcph->dest));
-
-	if (!found)
-		return IPT_CONTINUE;    /* We don't block any packet. */
-
-	DEBUGP("############# %s ############\n", __FUNCTION__);
-	found->reply = 1;   /* Confirm there has been a reply connection. */
-	ct = nf_ct_get(skb, &ctinfo);
-
-	DEBUGP("%s: got ", __FUNCTION__);
-
-
-	/* Alter the destination of imcoming packet. */
-	/* Transfer from original range. */
-	memset(&newrange.min_addr, 0, sizeof(newrange.min_addr));
-	memset(&newrange.max_addr, 0, sizeof(newrange.max_addr));
-	memset(&newrange.min_proto, 0, sizeof(newrange.min_proto));
-	memset(&newrange.max_proto, 0, sizeof(newrange.max_proto));
-	newrange.flags	     = NF_NAT_RANGE_MAP_IPS;
-	memcpy(&newrange.min_addr.ip, &found->srcip, sizeof(newrange.min_addr.ip));
-	memcpy(&newrange.max_addr.ip, &found->srcip, sizeof(newrange.max_addr.ip));
-	DEBUGP("%s: found->srcip = %x\n", __FUNCTION__,  found->srcip);
-
-	/* Hand modified range to generic setup. */
-	return nf_nat_setup_info(ct, &newrange, NF_NAT_MANIP_DST);
-}
-
-static unsigned int
-trigger_target(struct sk_buff *skb,
-			       const struct xt_action_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-	const struct ipv6hdr *ip6h = ipv6_hdr(skb);
-	unsigned int hooknum = xt_hooknum(par);
-
-	DEBUGP("%s: type = %s\n", __FUNCTION__,
-			(info->type == IPT_TRIGGER_DNAT) ? "dnat" :
-			(info->type == IPT_TRIGGER_IN) ? "in" : "out");
-
-	/* The Port-trigger only supports TCP and UDP. */
-	if ((ip6h->nexthdr != IPPROTO_TCP) && (ip6h->nexthdr != IPPROTO_UDP))
-		return IPT_CONTINUE;
-
-	if (info->type == IPT_TRIGGER_OUT)
-		return trigger_out(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_IN)
-		return trigger_in(skb, hooknum, info);
-	else if (info->type == IPT_TRIGGER_DNAT)
-		return trigger_dnat(skb, hooknum, info);
-
-	return IPT_CONTINUE;
-}
-static int
-trigger_check(const struct xt_tgchk_param *par)
-{
-	const struct ipt_trigger_info *info = par->targinfo;
-
-	if ((strcmp(par->table, "mangle") == 0)) {
-		DEBUGP("trigger_check: bad table `%s'.\n", par->table);
-		return -EINVAL;
-	}
-	if (par->hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_FORWARD))) {
-		DEBUGP("trigger_check: bad hooks %x.\n", par->hook_mask);
-		return -EINVAL;
-	}
-
-	if (info->proto) {
-		if (info->proto != IPPROTO_TCP && info->proto != IPPROTO_UDP) {
-			DEBUGP("trigger_check: bad proto %d.\n", info->proto);
-			return -EINVAL;
-		}
-	}
-	if (info->type == IPT_TRIGGER_OUT) {
-		if (!info->ports.mport[0] || !info->ports.rport[0]) {
-			DEBUGP("trigger_check: Try 'iptbles -j TRIGGER -h' for help.\n");
-			return -EINVAL;
-		}
-	}
-
-	return 0;
-}
-
-
-static struct xt_target redirect_reg = {
-        .name           = "TRIGGER",
-        .family         = NFPROTO_IPV6,
-        .target         = trigger_target,
-        .targetsize     = sizeof(struct ipt_trigger_info),
-        .checkentry     = trigger_check,
-        .me             = THIS_MODULE,
-};
-
-static int __init init(void)
-{
-	return xt_register_target(&redirect_reg);
-}
-
-static void __exit fini(void)
-{
-	xt_unregister_target(&redirect_reg);
-}
-
-module_init(init);
-module_exit(fini);
--- a/libdpp/Makefile
+++ b/libdpp/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libdpp
-PKG_VERSION:=2.1.0
+PKG_VERSION:=2.0.0

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=1f82436531d4bb094b0b74e99613e0dfc84eada3
+PKG_SOURCE_VERSION:=f22959b107a8bf443d04d6261d00074b5514dfe8
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/libdpp.git
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
--- a/libeasy/Makefile
+++ b/libeasy/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libeasy
-PKG_VERSION:=7.4.4
+PKG_VERSION:=7.4.3

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=7a9e69c413c2d0b950a1a2e0f2964439fb797f48
+PKG_SOURCE_VERSION:=0f16f1bd7d995427f0c4601b4e1e595224321df2
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libeasy.git
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
@@ -28,12 +28,6 @@ TARGET_CFLAGS += \
 	-I$(STAGING_DIR)/usr/include/openssl \
 	-I$(STAGING_DIR)/usr/include/libnl3

-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	rsync -r --exclude=.* ~/git/libeasy/ $(PKG_BUILD_DIR)/
-endef
-endif
-
 MAKE_FLAGS += \
 	CFLAGS="$(TARGET_CFLAGS) -Wall"

@@ -62,7 +56,6 @@ define Build/InstallDev/libeasy
 	$(CP) $(PKG_BUILD_DIR)/if_utils.h $(1)/usr/include/easy/
 	$(CP) $(PKG_BUILD_DIR)/debug.h $(1)/usr/include/easy/
 	$(CP) $(PKG_BUILD_DIR)/hlist.h $(1)/usr/include/easy/
-	$(CP) $(PKG_BUILD_DIR)/timestamp.h $(1)/usr/include/easy/
 	$(CP) $(PKG_BUILD_DIR)/libeasy*.so* $(1)/usr/lib/
 endef

--- a/libethernet/Makefile
+++ b/libethernet/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libethernet
-PKG_VERSION:=7.2.109
+PKG_VERSION:=7.2.112

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=cc72f5ab0171cd0fc29bb48dafff6751ab2f0d9c
+PKG_SOURCE_VERSION:=3853c55573fda0a21abdb9572d0315552520262b
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libethernet.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/libqos/Makefile
+++ b/libqos/Makefile
@@ -10,7 +10,7 @@ PKG_VERSION:=7.2.106
 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=0e54d7a992c506d6302d7cc32a39eb64e9b2c42e
+PKG_SOURCE_VERSION:=02dba6571fddd9b4c5b4b671270604b4c0faf9ae
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libqos.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/libvoice-airoha/Makefile
+++ b/libvoice-airoha/Makefile
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=libvoice-airoha
 PKG_RELEASE:=1
-PKG_VERSION:=1.0.12
+PKG_VERSION:=1.0.13
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE

@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=68f0b4f3edecea9b8f05e72b6bbf3952d3946b7c
+PKG_SOURCE_VERSION:=529581176d0e82f928230bc047b842326b340365
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/libvoice-airoha/files/etc/uci-defaults/99-asterisk
+++ b/libvoice-airoha/files/etc/uci-defaults/99-asterisk
@@ -0,0 +1,21 @@
+#!/bin/sh
+
+hasVoice=$(db -q get hw.board.hasVoice)
+
+[ "$hasVoice" = "1" ] || { rm -f "/etc/config/asterisk"; return; }
+
+source /lib/voice/config_asterisk.sh
+
+default_asterisk_config
+
+SLIC=`cat /proc/device-tree/airoha-voice/slic-type`
+[ "${SLIC#pef}" != "${SLIC}" ] || return
+
+echo Configure TxGain and RxGain for MXL SLIC $SLIC
+
+ports=$(db -q get hw.board.VoicePorts)
+for p in $(seq 0 $((ports-1))); do
+    uci set asterisk.extension${p}.txgain='10'
+    uci set asterisk.extension${p}.rxgain='-15'
+done
+uci commit asterisk
--- a/libvoice-broadcom/Makefile
+++ b/libvoice-broadcom/Makefile
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=libvoice-broadcom
 PKG_RELEASE:=1
-PKG_VERSION:=1.0.11
+PKG_VERSION:=1.0.9
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE

@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=b648a9089a79f6dd445cf7de89eab6a90c7cb47e
+PKG_SOURCE_VERSION:=99ed0ea5ef83cebb444d135909573ccb2b37fe45
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/libvoice-broadcom/files/etc/uci-defaults/99-asterisk
+++ b/libvoice-broadcom/files/etc/uci-defaults/99-asterisk
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+hasVoice=$(db -q get hw.board.hasVoice)
+
+[ "$hasVoice" = "1" ] || { rm -f "/etc/config/asterisk"; return; }
+
+source /lib/voice/config_asterisk.sh
+
+default_asterisk_config
+
--- a/libvoice-d2/Makefile
+++ b/libvoice-d2/Makefile
@@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=libvoice-d2
 PKG_RELEASE:=1
-PKG_VERSION:=1.1.8
+PKG_VERSION:=1.1.2
 PKG_LICENSE:=PROPRIETARY
 PKG_LICENSE_FILES:=LICENSE

@@ -17,7 +17,7 @@ LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/$(PKG_NAME).git
-PKG_SOURCE_VERSION:=ad13e49043ddb7b8723f969fa5c355bd77e422b3
+PKG_SOURCE_VERSION:=e6d689334000bc57498d9a3f203a8933160e1ef4
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/libwifi/Makefile
+++ b/libwifi/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=libwifi
-PKG_VERSION:=7.4.59
+PKG_VERSION:=7.4.16.17

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=78491478f60adc9f29cefbf2196f111423823d14
+PKG_SOURCE_VERSION:=05406d9ece1b3288beabf5986305cb9929a59f75
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
 PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
@@ -76,6 +76,10 @@ ifeq ($(CONFIG_LIBWIFI_USE_CTRL_IFACE),y)
  TARGET_CFLAGS +=-DLIBWIFI_USE_CTRL_IFACE
 endif

+ifeq ($(CONFIG_LIBWIFI_SKIP_PROBES),y)
+  TARGET_CFLAGS +=-DLIBWIFI_BRCM_SKIP_PROBES
+endif
+
 TARGET_CFLAGS += \
 	-I$(STAGING_DIR)/usr/include \
 	-I$(STAGING_DIR)/usr/include/openssl \
@@ -143,7 +147,12 @@ define Package/libwifi/config

 	config LIBWIFI_USE_CTRL_IFACE
 		bool "Create UNIX sockets to interface with hostapd/wpa_supplicant"
+		default n
+
+	config LIBWIFI_SKIP_PROBES
+		bool "Don't create probe-req events"
 		default y
+
  endif
 endef

--- a/map-agent/Config.in
+++ b/map-agent/Config.in
@@ -55,5 +55,8 @@ config AGENT_OPER_CHANNEL_CHANGE_RELAY_MCAST
 config AGENT_USE_LIBDPP
 	bool "Depend on libdpp for DPP EasyConnect"

+config DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER
+	bool "Let dynbhd through AP-Autoconfiguration Search and DHCP Discovery determine the controller or agent role"
+
 endmenu
 endif
--- a/map-agent/Makefile
+++ b/map-agent/Makefile
@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-agent
-PKG_VERSION:=4.6.0.3
+PKG_VERSION:=4.5.0.33
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=4ecb56d8069896c1ca555e2acdbac94126002add
+PKG_SOURCE_VERSION:=4d18c2b1921e9c239a938f23cba516cf867baba4
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>

 PKG_LICENSE:=BSD-3-Clause
@@ -28,7 +28,7 @@ define Package/map-agent
  CATEGORY:=Utilities
  TITLE:=WiFi multi-AP Agent (EasyMesh R2)
  DEPENDS:=+libwifi +libuci +libubox +ubus +libeasy +libieee1905 +ieee1905 \
-	   +ieee1905-map-plugin +ip-bridge +AGENT_USE_LIBDPP:libdpp
+	   +map-plugin +ip-bridge +AGENT_USE_LIBDPP:libdpp
 endef

 ifeq ($(CONFIG_AGENT_USE_LIBDPP),y)
@@ -40,7 +40,7 @@ define Package/dynbhd
  CATEGORY:=Utilities
  TITLE:=Dynamic Backhaul Daemon
  DEPENDS:=+libwifi +libuci +libubox +ubus +libeasy +libieee1905 +ieee1905 \
-	  +ieee1905-map-plugin +map-agent
+	  +map-plugin +map-agent
 endef


@@ -105,6 +105,10 @@ ifeq ($(CONFIG_AGENT_OPER_CHANNEL_CHANGE_RELAY_MCAST),y)
 TARGET_CFLAGS += -DOPER_CHAN_CHANGE_RELAY_MCAST
 endif

+ifeq ($(CONFIG_DYNBHD_DYNAMICALLY_PERSIST_CONTROLLER),y)
+TARGET_CFLAGS += -DPERSIST_CONTROLLER
+endif
+
 MAKE_PATH:=src

 define Package/map-agent/install
--- a/map-agent/files/etc/config/mapagent
+++ b/map-agent/files/etc/config/mapagent
@@ -6,8 +6,9 @@ config agent 'agent'
 	option island_prevention '1'
 	option eth_onboards_wifi_bhs '1'
 	option scan_on_boot_only '0'
-	option chan_ch_relay_mcast '0'
+	option chan_ch_relay_mcast '1'
 	option guest_isolation '1'
+	option dyn_cntlr_sync '0'
 	list map_port 'all'
 #	option controller_macaddr '0a:1b:2c:3d:4e:50'

--- a/map-agent/files/etc/hotplug.d/ethernet/map-dynamic-backhaul
+++ b/map-agent/files/etc/hotplug.d/ethernet/map-dynamic-backhaul
@@ -47,7 +47,7 @@ fi
 ########################################################

 ################ Dedicated ETH WAN Port ################
-wanport="$(jsonfilter -i /etc/board.json -e @.network.wan.device)"
+wanport="$(db -q get hw.board.ethernetWanPort)"
 if [ -n "$wanport" ]; then
 	[ "$wanport" = "$PORT" ] || exit 0
 ########################################################
--- a/map-agent/files/lib/multiap/map_genconfig
+++ b/map-agent/files/lib/multiap/map_genconfig
@@ -159,6 +159,12 @@ map_genconf () {
 		if ! uci show wireless | grep -q "mode=.*sta"; then
 			generate_wireless_sta_config=1

+			if is_broadcom; then
+				for section in $(uci show wireless | grep wifi-device | cut -d'.' -f2 | cut -d'=' -f1); do
+					uci -q set wireless.$section.apsta="1"
+				done
+			fi
+
 			for section in $(uci show wireless | grep "mode=.*ap" | cut -d'.' -f2); do
 				uci delete wireless.$section
 			done
@@ -182,12 +188,12 @@ map_genconf () {
 			uci -q set mapagent.@controller_select[0].local=1
 		fi
 		uci -q commit mapagent
-	fi

-	if [ "$multiap_mode" == "agent" -o "$multiap_mode" == "none" ]; then
-		uci set mapcontroller.controller.enabled="0"
-	else
-		uci set mapcontroller.controller.enabled="1"
+		if [ "$multiap_mode" == "agent" -o "$multiap_mode" == "none" ]; then
+			uci set mapcontroller.controller.enabled="0"
+		else
+			uci set mapcontroller.controller.enabled="1"
+		fi
+		uci -q commit mapcontroller
 	fi
-	uci -q commit mapcontroller
 }
--- a/map-controller/Config.in
+++ b/map-controller/Config.in
@@ -29,6 +29,10 @@ config CONTROLLER_EASYMESH_VENDOR_EXT_OUI
 config CONTROLLER_USE_LIBDPP
 	bool "Depend on libdpp for DPP EasyConnect"

+config CONTROLLER_PROPAGATE_PROBE_REQ
+	depends on CONTROLLER_EASYMESH_VENDOR_EXT
+	bool "Enable publishing probe requests vendor specific messages as UBUS events"
+	default y

 endmenu
 endif
--- a/map-controller/Makefile
+++ b/map-controller/Makefile
@@ -5,9 +5,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-controller
-PKG_VERSION:=4.7.0.4
+PKG_VERSION:=4.5.0.23
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=26c3a4180b0a455b76718eb4027f7f5184d1ce2a
+PKG_SOURCE_VERSION:=ea159dee9536889171fe6f2463c2259ac48c4a97
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>

 LOCAL_DEV=0
@@ -27,7 +27,7 @@ define Package/map-controller
  SECTION:=utils
  CATEGORY:=Utilities
  TITLE:=WiFi Multi-AP Controller (EasyMesh R2)
-  DEPENDS:=+libuci +libubox +ubus +libeasy +libwifiutils +libieee1905 +ieee1905 +ieee1905-map-plugin \
+  DEPENDS:=+libuci +libubox +ubus +libeasy +libwifiutils +libieee1905 +ieee1905 +map-plugin \
 	   +CONTROLLER_USE_LIBDPP:libdpp
 endef

@@ -63,6 +63,10 @@ TARGET_CFLAGS += -DEASYMESH_VENDOR_EXT_OUI=$(CONFIG_CONTROLLER_EASYMESH_VENDOR_E
 TARGET_CFLAGS += -DEASYMESH_VENDOR_EXT
 endif

+ifeq ($(CONFIG_CONTROLLER_PROPAGATE_PROBE_REQ),y)
+TARGET_CFLAGS += -DPROPAGATE_PROBE_REQ
+endif
+
 define Package/map-controller/install
 	$(INSTALL_DIR) $(1)/etc
 	$(CP) ./files/* $(1)/
--- a/map-controller/files/etc/config/mapcontroller
+++ b/map-controller/files/etc/config/mapcontroller
@@ -59,7 +59,7 @@ config ap

 config ap
 	option band '2'
-	option ssid 'MAP-$BASEMAC_ADDR-BH'
+	option ssid 'MAP-$BASEMAC_ADDR-BH-2.4GHz'
 	option encryption 'sae'
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
@@ -67,7 +67,7 @@ config ap

 config ap
 	option band '5'
-	option ssid 'MAP-$BASEMAC_ADDR-BH'
+	option ssid 'MAP-$BASEMAC_ADDR-BH-5GHz'
 	option encryption 'sae'
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
@@ -75,7 +75,7 @@ config ap

 config ap
 	option band '6'
-	option ssid 'MAP-$BASEMAC_ADDR-BH'
+	option ssid 'MAP-$BASEMAC_ADDR-BH-6GHz'
 	option encryption 'sae'
 	option key '$WIFI_BH_KEY'
 	option type 'backhaul'
--- a/mcastmngr/Makefile
+++ b/mcastmngr/Makefile
@@ -1,48 +1,36 @@
 #
-# Copyright (C) 2013-2024 iopsys
+# Copyright (C) 2013-2020 iopsys
 #

 include $(TOPDIR)/rules.mk
 include $(INCLUDE_DIR)/kernel.mk

 PKG_NAME:=mcastmngr
-PKG_VERSION:=1.2.1
+PKG_VERSION:=1.1.0

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-LOCAL_DEV:=0
-ifneq ($(LOCAL_DEV),1)
-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/mcastmngr.git
-PKG_SOURCE_VERSION:=5d5b42f5b46457ed938765f29994471485e7de81
-PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
-PKG_MIRROR_HASH:=skip
-endif

 PKG_LICENSE:=GPL-2.0-only
 PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
-include ../bbfdm/bbfdm.mk
-
-MAKE_PATH:=bbf_plugin

 define Package/mcastmngr
 CATEGORY:=Utilities
 TITLE:=Multicast Proxy/Snooping Manager
- DEPENDS:=+!TARGET_brcmbca:mcproxy +libuci +libubox +libubus +libblobmsg-json +libbbfdm-api
+ DEPENDS:=+!TARGET_brcmbca:mcproxy
 endef

 define Package/mcastmngr/description
 	Configures IGMP and MLD snooping and proxy
 endef

-ifeq ($(LOCAL_DEV),1)
-define Build/Prepare
-	$(CP) -rf ~/git/mcastmngr/* $(PKG_BUILD_DIR)/
-endef
-endif
+#define Build/Prepare
+#        $(CP) -rf ./mcastmngr/* $(PKG_BUILD_DIR)/
+#endef

-TARGET_CFLAGS += -DBBF_VENDOR_PREFIX=\\\"$(CONFIG_BBF_VENDOR_PREFIX)\\\"
+define Build/Compile
+endef

 define Package/mcastmngr/install
 	$(CP) ./files/common/* $(1)/
@@ -51,7 +39,6 @@ ifneq ($(CONFIG_TARGET_brcmbca),)
 else
 	$(CP) ./files/linux/* $(1)/
 endif
-	$(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/bbf_plugin/libmcast_bbf.so $(1) $(PKG_NAME)
 endef

 $(eval $(call BuildPackage,mcastmngr))
--- a/mcastmngr/files/broadcom/lib/mcast/broadcom.sh
+++ b/mcastmngr/files/broadcom/lib/mcast/broadcom.sh
@@ -11,7 +11,7 @@ CONFFILE=/var/mcpd.conf
 PROG_EXE=/usr/sbin/mcpd

 proxdevs=""
-ethwan="$(jsonfilter -i /etc/board.json -e @.network.wan.device)"
+ethwan="$(db -q get hw.board.ethernetWanPort)"


 config_snooping_common_params() {
@@ -39,7 +39,6 @@ config_snooping_upstream_interface() {
 	local snooping_upstream_intf=""

 	json_load "$(devstatus $1)"
-	logger -t "mcastconf" "$(devstatus $1)"
 	itr=1
 	json_select bridge-members

--- a/mcastmngr/files/common/etc/uci-defaults/61-mcast_config_generate
+++ b/mcastmngr/files/common/etc/uci-defaults/61-mcast_config_generate
@@ -91,7 +91,7 @@ interfaces_ok(){
 	for itf in $up_interf; do
 		# check if there exist a interface section for this upstream interface, if yes the
 		# do nothing, if no then generate config as mcast config is outdated
-		local dev_section=$(uci show network | grep -E "\.device=\'$itf\'" | cut -d'.' -f2)
+		local dev_section=$(uci show network | grep -E "\.device=\'$itf\'" | head -n 1 | cut -d'.' -f2)

 		# mcast config is outdated, simply generate as per new logic
 		if [ -z "$dev_section" ]; then
--- a/mcastmngr/files/linux/lib/mcast/linux.sh
+++ b/mcastmngr/files/linux/lib/mcast/linux.sh
@@ -85,9 +85,8 @@ config_mcproxy_interfaces() {

 	echo -e "pinstance main:$str_up ==>$str_down;\n" >> $CONFFILE

+	local filter=""
 	for excp in $exceptions; do
-		local filter=""
-
 		case $excp in
 		*/*)
 			ip_start="$(ipcalc.sh $excp | grep IP | awk '{print substr($0,4)}')"
@@ -98,16 +97,16 @@ config_mcproxy_interfaces() {
 			filter="$filter ($excp | *)"
 			;;
 		esac
+	done

-		for upstream in $str_up; do
-			echo "pinstance main upstream $upstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main upstream $upstream out blacklist table{$filter };" >> $CONFFILE
-		done
+	for upstream in $str_up; do
+		echo "pinstance main upstream $upstream in blacklist table{$filter };" >> $CONFFILE
+		echo "pinstance main upstream $upstream out blacklist table{$filter };" >> $CONFFILE
+	done

-		for downstream in $str_down; do
-			echo "pinstance main downstream $downstream in blacklist table{$filter };" >> $CONFFILE
-			echo "pinstance main downstream $downstream out blacklist table{$filter };" >> $CONFFILE
-		done
+	for downstream in $str_down; do
+		echo "pinstance main downstream $downstream in blacklist table{$filter };" >> $CONFFILE
+		echo "pinstance main downstream $downstream out blacklist table{$filter };" >> $CONFFILE
 	done
 }

@@ -117,6 +116,7 @@ config_sysfs_mcast_snooping() {

 	for downstream in $downstreams; do
 		if device_is_bridge "$downstream"; then
+			echo 0 > /sys/class/net/$downstream/bridge/multicast_snooping
 			echo $snooping > /sys/class/net/$downstream/bridge/multicast_snooping
 		fi
 	done
@@ -261,10 +261,6 @@ config_mcproxy_instance() {
 		downstreams=$igmp_p_down_interfaces
 		mcast_mode=$igmp_p_mode

-		# mcproxy reserves two multicast subscriptions for igmp router service groups
-		local mg=$(cat /proc/sys/net/ipv4/igmp_max_memberships)
-		mg=$((mg+2))
-		echo $mg > /proc/sys/net/ipv4/igmp_max_memberships
 	elif [ "$protocol" == "mld" ]; then
 		case "$version" in
 			[1-2])
--- a/obuspa/Config.in
+++ b/obuspa/Config.in
@@ -22,6 +22,11 @@ config OBUSPA_CONTROLLER_MTP_VERIFY
 config OBUSPA_ENABLE_TEST_CONTROLLER
 	bool "Adds a test controller by default"
 	default n
+	select OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
+
+config OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL
+	bool "Adds a test controller by default (local access only)"
+	default n

 config OBUSPA_MAX_CONTROLLERS_NUM
 	int "The maximum number of controllers to be supported"
--- a/obuspa/Makefile
+++ b/obuspa/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=obuspa
-PKG_VERSION:=7.0.5.22
+PKG_VERSION:=7.0.5.6.12

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=8706169718211848d85af9aa6bcdb7b97db2b9b8
+PKG_SOURCE_VERSION:=131e04ec5c6ddd8c2fb47f95fe7da2b9836ed925
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
@@ -32,7 +32,9 @@ define Package/obuspa
  SUBMENU:=TRx69
  TITLE:=USP agent
  MENU:=1
-  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl +ca-certificates
+  DEPENDS:=+libopenssl +libuci +libblobmsg-json +libcurl +libsqlite3 +libubox +libubus +libmosquitto-ssl +libwebsockets-openssl +ca-certificates \
+		+OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-ssl +OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL:mosquitto-client-ssl \
+		+OBUSPA_ENABLE_TEST_CONTROLLER:mosquitto-auth-shadow
 endef

 define Package/obuspa/description
@@ -107,8 +109,11 @@ define Package/obuspa/install
 	$(INSTALL_BIN) ./files/etc/uci-defaults/01-fix-upgrade-uci $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/02-obuspa-dhcp-option $(1)/etc/uci-defaults/
 	$(INSTALL_BIN) ./files/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user $(1)/etc/udhcpc.user.d/udhcpc_obuspa_opt125.user
-	$(BBFDM_INSTALL_CORE_PLUGIN) ./files/etc/bbfdm/json/USPAgent.json $(1)
+	$(call BbfdmInstallPlugin,$(1),./files/etc/bbfdm/json/USPAgent.json)
 ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER),y)
+	$(INSTALL_BIN) ./files/etc/uci-defaults/54-test-usp-remote $(1)/etc/uci-defaults/
+endif
+ifeq ($(CONFIG_OBUSPA_ENABLE_TEST_CONTROLLER_LOCAL),y)
 	$(INSTALL_BIN) ./files/etc/init.d/usptest $(1)/etc/init.d/
 	$(INSTALL_BIN) ./files/etc/uci-defaults/55-test-usp-controller $(1)/etc/uci-defaults/
 endif
--- a/obuspa/files/etc/config/obuspa
+++ b/obuspa/files/etc/config/obuspa
@@ -2,12 +2,13 @@ config obuspa 'global'
 	option enabled '1'
 	option debug '1'
 	option dhcp_discovery '1'
-	option log_level '1'
-	option prototrace '0'
+	option log_level '2'
+	option prototrace '1'
 	option db_file '/etc/obuspa/usp.db'
 	option role_file '/etc/obuspa/roles.json'
 	option dm_caching_exclude '/etc/obuspa/dmcaching_exclude.json'
-	option trust_cert '/etc/ssl/cert.pem'
+	#option trust_cert '/etc/ssl/cert.pem'
 	#option client_cert '/etc/obuspa/client.pem'
 	#option log_dest '/tmp/obuspa.log'
+	option max_cache_time  '120'

--- a/obuspa/files/etc/init.d/obuspa
+++ b/obuspa/files/etc/init.d/obuspa
@@ -217,12 +217,10 @@ validate_controller_section()
 		'Enable:bool:1' \
 		'EndpointID:string' \
 		'assigned_role_name:string' \
-		'AssignedRole:string' \
 		'Protocol:or("STOMP","CoAP","MQTT", "WebSocket")' \
 		'Destination:string' \
 		'Topic:string' \
 		'ParameterName:list(string)' \
-		'Reference:string' \
 		'mqtt:string' \
 		'stomp:string' \
 		'Host:string' \
@@ -230,7 +228,7 @@ validate_controller_section()
 		'Path:string' \
 		'EnableEncryption:bool' \
 		'PeriodicNotifInterval:uinteger' \
-		'SessionMode:string:Allow' \
+		'SessionMode:string' \
 		'ProvisioningCode:string'
 }

@@ -255,7 +253,6 @@ validate_mtp_section()
 		'Path:string' \
 		'mqtt:string' \
 		'stomp:string' \
-		'Reference:string' \
 		'PublishQoS:uinteger' \
 		'EnableEncryption:bool'
 }
@@ -324,7 +321,7 @@ configure_controller()
 	local EndpointID Enable 
 	local Protocol Destination
 	local Topic mqtt stomp assigned_role_name AssignedRole ParameterName ProvisioningCode
-	local Host Port Path EnableEncryption Reference SessionMode PeriodicNotifInterval
+	local Host Port Path EnableEncryption PeriodicNotifInterval
 	local dm_ref sec

 	sec="${1}"
@@ -346,16 +343,12 @@ configure_controller()
 	fi

 	dm_ref=""
-	if [ -z "${Reference}" ]; then
-		if [ "${Protocol}" = "STOMP" ]; then
-			stomp="${stomp/stomp_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
-		elif [ "${Protocol}" = "MQTT" ]; then
-			mqtt="${mqtt/mqtt_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
-		fi
-	else
-		dm_ref="${Reference}"
+	if [ "${Protocol}" = "STOMP" ]; then
+		stomp="${stomp/stomp_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
+	elif [ "${Protocol}" = "MQTT" ]; then
+		mqtt="${mqtt/mqtt_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
 	fi

 	db_set "${BASEPATH}.Alias" "${sec}"
@@ -370,16 +363,15 @@ configure_controller()
 		db_set "${BASEPATH}.PeriodicNotifInterval" "${PeriodicNotifInterval}"
 	fi

-	if [ -n "${SessionMode}" ]; then
-		db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
-	fi
+	#if [ -n "${SessionMode}" ]; then
+	#	db_set "${BASEPATH}.E2ESession.SessionMode" "${SessionMode}"
+	#fi

 	if [ -n "${assigned_role_name}" ]; then
 		AssignedRole=$(get_role_index "${assigned_role_name}")
-	fi
-
-	if [ -n "${AssignedRole}" ]; then
-		db_set "${BASEPATH}.AssignedRole" "${AssignedRole}"
+		if [ -n "${AssignedRole}" ]; then
+			db_set "${BASEPATH}.AssignedRole" "${AssignedRole}"
+		fi
 	fi

 	db_set "${BASEPATH}.MTP.1.Alias" "${sec}"
@@ -559,16 +551,12 @@ configure_mtp() {
 	fi

 	dm_ref=""
-	if [ -z "${Reference}" ]; then
-		if [ "${Protocol}" = "STOMP" ]; then
-			stomp="${stomp/stomp_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
-		elif [ "${Protocol}" = "MQTT" ]; then
-			mqtt="${mqtt/mqtt_/cpe-}"
-			dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
-		fi
-	else
-		dm_ref="${Reference}"
+	if [ "${Protocol}" = "STOMP" ]; then
+		stomp="${stomp/stomp_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.STOMP.Connection." "${stomp}")
+	elif [ "${Protocol}" = "MQTT" ]; then
+		mqtt="${mqtt/mqtt_/cpe-}"
+		dm_ref=$(get_refrence_path "Device.MQTT.Client." "${mqtt}")
 	fi

 	db_set "${BASEPATH}.Alias" "${sec}"
@@ -776,8 +764,8 @@ sync_db_controller()
 {
 	local cntrs copts sec pvalue protocol

-	copts="Enable EndpointID AssignedRole PeriodicNotifInterval"
-	popts="Destination Topic Reference Host Port Path EnableEncryption"
+	copts="Enable EndpointID PeriodicNotifInterval"
+	popts="Destination Topic Host Port Path EnableEncryption"

 	cntrs="$(get_instances_from_db_dump Device.LocalAgent.Controller.)"
 	for cntr in $cntrs; do
@@ -809,8 +797,7 @@ sync_db_localagent_mtp()
 	local mtps opts popts sec pvalue protocol

 	opts="Enable"
-	popts="ResponseTopicConfigured Destination Port Path Reference EnableEncryption PublishQoS"
-	ropts="mqtt stomp"
+	popts="ResponseTopicConfigured Destination Port Path EnableEncryption PublishQoS"

 	mtps="$(get_instances_from_db_dump Device.LocalAgent.MTP.)"
 	for inst in $mtps; do
@@ -833,9 +820,6 @@ sync_db_localagent_mtp()
 			pvalue="$(get_param_value_from_dump "${inst}"."${protocol}"."${param}")"
 			uci_set obuspa "${sec}" "${param}" "${pvalue}"
 		done
-		for param in ${ropts}; do
-			uci_set obuspa "${sec}" "${param}" ""
-		done
 	done
 }

@@ -1002,6 +986,9 @@ db_init()
 		reverse_update_db_with_uci
 	fi

+	# Remove ControllerTrust.Role., if present in db for backward compatibility
+	delete_sql_db_entry_with_pattern "^Device.LocalAgent.ControllerTrust.Role."
+
 	# Remove reset file if present
 	[ -f "${RESET_FILE}" ] && mv ${RESET_FILE} ${RESET_FILE}.old

@@ -1034,11 +1021,17 @@ db_init()
 }

 start_service() {
-	local enabled
+	local enabled role_file

 	mkdir -p /tmp/obuspa/
 	config_load obuspa
 	config_get_bool enabled global enabled 0
+	config_get role_file global role_file ""
+	# Use the default role file if not defined in uci, but present in path
+	if [ -z "${role_file}" ] && [ -f "/etc/obuspa/roles.json" ] ; then
+		uci -q set obuspa.global.role_file="/etc/obuspa/roles.json"
+		uci_commit obuspa
+	fi

 	procd_open_instance ${CONFIGURATION}
 	if [ "${enabled}" -eq 1 ]; then
--- a/obuspa/files/etc/obuspa/dmcaching_exclude.json
+++ b/obuspa/files/etc/obuspa/dmcaching_exclude.json
@@ -1,7 +1,6 @@
 {
  "dmcaching_exclude": [
    "Device.Hosts.Host.",
-    "Device.IEEE1905.",
-    "Device.WiFi.DataElements."
+    "Device.Services.VoiceService."
  ]
 }
--- a/obuspa/files/etc/obuspa/roles.json
+++ b/obuspa/files/etc/obuspa/roles.json
@@ -261,7 +261,24 @@
          ]
        },
        {
-          "object":"Device.{BBF_VENDOR_PREFIX}OpenVPN.",
+          "object":"Device.Schedules.",
+          "perm": [
+            "PERMIT_GET",
+            "PERMIT_GET_INST",
+            "PERMIT_OBJ_INFO",
+            "PERMIT_CMD_INFO",
+            "PERMIT_SET",
+            "PERMIT_ADD",
+            "PERMIT_DEL",
+            "PERMIT_OPER",
+            "PERMIT_SUBS_VAL_CHANGE",
+            "PERMIT_SUBS_OBJ_ADD",
+            "PERMIT_SUBS_OBJ_DEL",
+            "PERMIT_SUBS_EVT_OPER_COMP"
+          ]
+        },
+        {
+          "object":"Device.{BBF_VENDOR_PREFIX}ParentalControl.",
          "perm": [
            "PERMIT_GET",
            "PERMIT_GET_INST",
@@ -601,6 +618,40 @@
            "PERMIT_NONE"
          ]
        },
+        {
+          "object":"Device.Schedules.",
+          "perm": [
+            "PERMIT_GET",
+            "PERMIT_GET_INST",
+            "PERMIT_OBJ_INFO",
+            "PERMIT_CMD_INFO",
+            "PERMIT_SET",
+            "PERMIT_ADD",
+            "PERMIT_DEL",
+            "PERMIT_OPER",
+            "PERMIT_SUBS_VAL_CHANGE",
+            "PERMIT_SUBS_OBJ_ADD",
+            "PERMIT_SUBS_OBJ_DEL",
+            "PERMIT_SUBS_EVT_OPER_COMP"
+          ]
+        },
+        {
+          "object":"Device.{BBF_VENDOR_PREFIX}ParentalControl.",
+          "perm": [
+            "PERMIT_GET",
+            "PERMIT_GET_INST",
+            "PERMIT_OBJ_INFO",
+            "PERMIT_CMD_INFO",
+            "PERMIT_SET",
+            "PERMIT_ADD",
+            "PERMIT_DEL",
+            "PERMIT_OPER",
+            "PERMIT_SUBS_VAL_CHANGE",
+            "PERMIT_SUBS_OBJ_ADD",
+            "PERMIT_SUBS_OBJ_DEL",
+            "PERMIT_SUBS_EVT_OPER_COMP"
+          ]
+        },
        {
          "object": "Device.DeviceInfo.",
          "perm": [
@@ -615,12 +666,29 @@
          "object":"Device.Hosts.",
          "perm": [
            "PERMIT_GET",
+            "PERMIT_SET",
            "PERMIT_GET_INST",
            "PERMIT_OBJ_INFO",
            "PERMIT_CMD_INFO",
+            "PERMIT_SUBS_VAL_CHANGE",
            "PERMIT_SUBS_EVT_OPER_COMP"
          ]
        },
+        {
+          "object":"Device.Hosts.AccessControl.",
+          "perm": [
+            "PERMIT_GET",
+            "PERMIT_GET_INST",
+            "PERMIT_OBJ_INFO",
+            "PERMIT_CMD_INFO",
+            "PERMIT_SET",
+            "PERMIT_ADD",
+            "PERMIT_DEL",
+            "PERMIT_SUBS_VAL_CHANGE",
+            "PERMIT_SUBS_OBJ_ADD",
+            "PERMIT_SUBS_OBJ_DEL"
+          ]
+        },
        {
          "object":"Device.IEEE1905.",
          "perm": [
@@ -631,6 +699,15 @@
            "PERMIT_SUBS_EVT_OPER_COMP"
          ]
        },
+        {
+          "object": "Device.IP.",
+          "perm": [
+            "PERMIT_GET",
+            "PERMIT_GET_INST",
+            "PERMIT_OBJ_INFO",
+            "PERMIT_CMD_INFO"
+          ]
+        },
        {
          "object":"Device.DynamicDNS.",
          "perm": [
@@ -668,24 +745,13 @@
          "object": "Device.WiFi.",
          "perm": [
            "PERMIT_GET",
+            "PERMIT_SET",
            "PERMIT_GET_INST",
            "PERMIT_OBJ_INFO",
            "PERMIT_CMD_INFO",
            "PERMIT_SUBS_VAL_CHANGE",
            "PERMIT_SUBS_OBJ_ADD",
-            "PERMIT_SUBS_OBJ_DEL"
-          ]
-        },
-        {
-          "object": "Device.WiFi.AccessPoint.{i}.WPS.InitiateWPSPBC()",
-          "perm": [
-            "PERMIT_OPER",
-            "PERMIT_SUBS_EVT_OPER_COMP"
-          ]
-        },
-        {
-          "object": "Device.WiFi.DataElements.Network.SetSSID()",
-          "perm": [
+            "PERMIT_SUBS_OBJ_DEL",
            "PERMIT_OPER",
            "PERMIT_SUBS_EVT_OPER_COMP"
          ]
--- a/Show More
+++ b/Show More