mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2026-01-11 23:23:35 +08:00
Compare commits
1 Commits
usp_journa
...
mapcext
| Author | SHA1 | Date | |
|---|---|---|---|
|
116ba9fba7 |
@@ -8,11 +8,5 @@ config FIREWALLMNGR_PORT_TRIGGER
|
||||
help
|
||||
Set this option to include support for PortTrigger object.
|
||||
|
||||
config FIREWALLMNGR_NAT_INTERFACE_SETTING
|
||||
bool "Include Device.NAT.InterfaceSetting"
|
||||
default n
|
||||
help
|
||||
Set this option to include support for NAT InterfaceSetting object.
|
||||
|
||||
endmenu
|
||||
endif
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=firewallmngr
|
||||
PKG_VERSION:=1.0.9.1
|
||||
PKG_VERSION:=1.0.9
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/network/firewallmngr.git
|
||||
PKG_SOURCE_VERSION:=3ce0550dbbc49617c36202fc8d63e453467a246e
|
||||
PKG_SOURCE_VERSION:=77ad8425b73a3ac63f6160dc217635394ac87907
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
@@ -52,10 +52,6 @@ ifeq ($(CONFIG_FIREWALLMNGR_PORT_TRIGGER),y)
|
||||
TARGET_CFLAGS += -DINCLUDE_PORT_TRIGGER
|
||||
endif
|
||||
|
||||
ifeq ($(CONFIG_FIREWALLMNGR_NAT_INTERFACE_SETTING),y)
|
||||
TARGET_CFLAGS += -DINCLUDE_NAT_IF_SETTING
|
||||
endif
|
||||
|
||||
define Package/firewallmngr/install
|
||||
$(INSTALL_DIR) $(1)/etc/config
|
||||
$(INSTALL_DIR) $(1)/etc/uci-defaults
|
||||
|
||||
@@ -8,13 +8,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=icwmp
|
||||
PKG_VERSION:=9.9.9.4
|
||||
PKG_VERSION:=9.9.9.3
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
|
||||
PKG_SOURCE_VERSION:=868f749f3fd61a094cc4792ea842a261443a99ad
|
||||
PKG_SOURCE_VERSION:=55a64d756afd6249b8bb4cccf2cdaa7e1aa05f91
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -5,9 +5,9 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-agent
|
||||
PKG_VERSION:=6.3.6.18
|
||||
PKG_VERSION:=6.3.6.15
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_SOURCE_VERSION:=c060d1f6b0cd1902f6259811dbeb972e0412051f
|
||||
PKG_SOURCE_VERSION:=7b05d265776fca2ff84a63188fcec55c08057e33
|
||||
PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>
|
||||
|
||||
PKG_LICENSE:=BSD-3-Clause
|
||||
|
||||
@@ -6,9 +6,9 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-controller
|
||||
PKG_VERSION:=6.4.3.5
|
||||
PKG_VERSION:=6.4.2.9
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
PKG_SOURCE_VERSION:=089ab7bc44a35d5b8bb6758139ab7fb6d3707b6b
|
||||
PKG_SOURCE_VERSION:=c427bbaa53ce470a45a59326281f214f1111c3f7
|
||||
PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@genexis.eu>
|
||||
|
||||
LOCAL_DEV=0
|
||||
|
||||
@@ -11,7 +11,7 @@ config controller 'controller'
|
||||
option stale_sta_timeout '30d'
|
||||
option de_collect_interval '60'
|
||||
|
||||
config sta_steering 'sta_steering'
|
||||
config sta_steering
|
||||
option enable_sta_steer '1'
|
||||
option enable_bsta_steer '0'
|
||||
option rcpi_threshold_2g '70'
|
||||
@@ -24,7 +24,7 @@ config sta_steering 'sta_steering'
|
||||
option plugins_policy 'any'
|
||||
list plugins 'rcpi'
|
||||
|
||||
config channel_plan 'channel_plan'
|
||||
config channel_plan
|
||||
option preclear_dfs '0'
|
||||
option acs '0'
|
||||
|
||||
|
||||
@@ -1,18 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
cfg=mapcontroller
|
||||
|
||||
# singleton sections
|
||||
sections="channel_plan sta_steering"
|
||||
|
||||
for sec in $sections; do
|
||||
# find unnamed section of given type, only index 0
|
||||
s=$(uci show $cfg | grep -oE "@${sec}\[0\]" | sort -u)
|
||||
[ "$s" = "" ] && continue
|
||||
|
||||
uci rename $cfg.$s=$sec
|
||||
done
|
||||
|
||||
uci commit $cfg
|
||||
@@ -5,12 +5,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=map-plugins
|
||||
PKG_VERSION:=1.1.1
|
||||
PKG_VERSION:=1.0.32
|
||||
|
||||
LOCAL_DEV=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_VERSION:=84d296732ae0d5d026d144f317c7711f7c7b65a4
|
||||
PKG_SOURCE_VERSION:=d8b310edad1b9777aed805682394e3f9bb300d81
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/map-plugins.git
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
|
||||
@@ -6,7 +6,7 @@ USE_PROCD=1
|
||||
|
||||
PROG=/usr/sbin/obuspa
|
||||
CONFIGURATION=obuspa
|
||||
FIRST_BOOT="/etc/obuspa/boot_marker"
|
||||
|
||||
ENV_PROFILE="/root/.profile"
|
||||
KEEP_FILE="/lib/upgrade/keep.d/obuspa"
|
||||
|
||||
@@ -871,12 +871,6 @@ sync_uci_with_db()
|
||||
return 0;
|
||||
fi
|
||||
|
||||
# Skip overriding uci in case of Firstboot
|
||||
if [ ! -f "${FIRST_BOOT}" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
log "Syncing obuspa uci with usp.db ...."
|
||||
config_load obuspa
|
||||
sync_db_controller
|
||||
sync_db_localagent_mtp
|
||||
@@ -971,13 +965,6 @@ db_init()
|
||||
if [ -f "${SQL_DB_FILE}.old" ] && [ ! -f "${SQL_DB_FILE}" ]; then
|
||||
log "Copying old db, since new db not present ..."
|
||||
mv ${SQL_DB_FILE}.old ${SQL_DB_FILE}
|
||||
sync
|
||||
fi
|
||||
|
||||
if [ -f "${SQL_DB_FILE}-journal" ]; then
|
||||
log "SQL Journal detected, removing to prevent rollback"
|
||||
mv ${SQL_DB_FILE}-journal ${SQL_DB_FILE}_delta
|
||||
sync
|
||||
fi
|
||||
|
||||
# Dump datamodel parameters from DB
|
||||
@@ -991,6 +978,7 @@ db_init()
|
||||
# Only do this if db have reasonable data
|
||||
val="$(awk 'END{print NR}' ${DB_DUMP})"
|
||||
if [ "$val" -gt 15 ]; then
|
||||
log "Syncing obuspa uci with usp.db ...."
|
||||
sync_uci_with_db
|
||||
fi
|
||||
fi
|
||||
@@ -1038,7 +1026,6 @@ db_init()
|
||||
cat ${CTRUST_RESET_FILE} >> ${RESET_FILE}
|
||||
rm ${CTRUST_RESET_FILE}
|
||||
fi
|
||||
[ -f "${FIRST_BOOT}" ] || touch "${FIRST_BOOT}"
|
||||
}
|
||||
|
||||
start_service() {
|
||||
@@ -1056,6 +1043,7 @@ start_service() {
|
||||
procd_set_param respawn \
|
||||
"${respawn_threshold:-10}" \
|
||||
"${respawn_timeout:-10}" "${respawn_retry:-5}"
|
||||
#procd_set_param limits core="unlimited"
|
||||
fi
|
||||
procd_close_instance ${CONFIGURATION}
|
||||
}
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=parental-control
|
||||
PKG_VERSION:=1.4.1
|
||||
PKG_VERSION:=1.3.1
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/network/parental-control.git
|
||||
PKG_SOURCE_VERSION:=bd852e8b0a6528893917fb89e2ea27a8920f6280
|
||||
PKG_SOURCE_VERSION:=b1e5b3f81f08271bdaf9cb4bda8a7696a27be3c6
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -12,9 +12,7 @@ validate_global_section() {
|
||||
uci_validate_section parentalcontrol globals globals \
|
||||
'enable:bool:1' \
|
||||
'loglevel:uinteger:3' \
|
||||
'queue_num:uinteger:53' \
|
||||
'bundle_path:string' \
|
||||
'default_wan_interface:string:wan' \
|
||||
'urlfilter:bool'
|
||||
}
|
||||
|
||||
@@ -26,12 +24,11 @@ remove_fw_rules() {
|
||||
}
|
||||
|
||||
configure_fw_rules() {
|
||||
local enable urlfilter queue_num
|
||||
local enable urlfilter
|
||||
|
||||
config_load parentalcontrol
|
||||
config_get_bool enable globals enable 0
|
||||
config_get_bool urlfilter globals urlfilter 0
|
||||
config_get queue_num globals queue_num 53
|
||||
|
||||
remove_fw_rules
|
||||
|
||||
@@ -40,11 +37,6 @@ configure_fw_rules() {
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ "${queue_num}" -lt 0 ] || [ "${queue_num}" -gt 65535 ]; then
|
||||
log "ERROR: queue_num not in 0-65535"
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [ "${urlfilter}" -eq "1" ]; then
|
||||
if [ ! -f "${OVERRIDE_JSON}" ]; then
|
||||
# throw error
|
||||
@@ -56,11 +48,11 @@ configure_fw_rules() {
|
||||
hw_nat -! > /dev/null 2>&1
|
||||
fi
|
||||
if which conntrack > /dev/null 2>&1; then
|
||||
flush_conntrack_for_hosts
|
||||
conntrack -F > /dev/null 2>&1
|
||||
fi
|
||||
|
||||
# this is for urlfilter daemon
|
||||
add_iptables_nfqueue_rules "$queue_num"
|
||||
add_iptables_nfqueue_rules
|
||||
fi
|
||||
fi
|
||||
|
||||
@@ -115,7 +107,7 @@ start_service() {
|
||||
|
||||
procd_open_instance "parentalcontrol"
|
||||
procd_set_param command nice -n 10 "${PROG}" # Lower priority
|
||||
procd_append_param command -l "${loglevel}"
|
||||
procd_append_param command -l ${loglevel}
|
||||
procd_set_param respawn
|
||||
procd_close_instance
|
||||
}
|
||||
@@ -128,19 +120,11 @@ stop_service() {
|
||||
}
|
||||
|
||||
reload_service() {
|
||||
local arg="$1"
|
||||
|
||||
ret=$(ubus call service list '{"name":"parentalcontrol"}' | jsonfilter -qe '@.parentalcontrol.instances.parentalcontrol.running')
|
||||
if [ "$ret" != "true" ]; then
|
||||
stop
|
||||
start
|
||||
else
|
||||
if [ "$arg" = "network" ]; then
|
||||
pidof_sync="$(pidof sync_bundles.sh)"
|
||||
[ -n "$pidof_sync" ] && kill "$pidof_sync"
|
||||
sleep 5
|
||||
fi
|
||||
|
||||
configure_fw_rules
|
||||
copy_dhcp_leases
|
||||
ubus send parentalcontrol.reload
|
||||
@@ -148,19 +132,6 @@ reload_service() {
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
local enable urlfilter default_wan_interface
|
||||
|
||||
validate_global_section || {
|
||||
return 1
|
||||
}
|
||||
|
||||
if [ "${urlfilter}" = "1" ] && [ "$enable" = "1" ] && [ -n "$default_wan_interface" ]; then
|
||||
log "Adding interface trigger for $default_wan_interface"
|
||||
procd_open_trigger
|
||||
procd_add_interface_trigger "interface.*.up" "$default_wan_interface" /etc/init.d/parentalcontrol reload "network"
|
||||
procd_close_trigger
|
||||
fi
|
||||
|
||||
procd_add_reload_trigger "parentalcontrol"
|
||||
procd_add_reload_trigger "schedules"
|
||||
}
|
||||
|
||||
@@ -438,118 +438,102 @@ add_internet_schedule_rules() {
|
||||
}
|
||||
|
||||
add_iptables_nfqueue_rules() {
|
||||
local queue_num="$1"
|
||||
local filter_used
|
||||
|
||||
# Check if urlfilter used
|
||||
if ! uci show parentalcontrol | grep -q profile_urlfilter; then
|
||||
return
|
||||
fi
|
||||
# Check if urlfilter used
|
||||
if ! uci show parentalcontrol | grep -q profile_urlfilter; then
|
||||
return
|
||||
fi
|
||||
|
||||
# IPv4
|
||||
# FORWARD
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_FORWARD"; then
|
||||
iptables -w -N URLFILTER_FORWARD
|
||||
iptables -w -I FORWARD 1 -j URLFILTER_FORWARD
|
||||
# IPv4 rules
|
||||
iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -ne 0 ]; then
|
||||
# capture DNS responses (UDP/TCP sport 53) in FORWARD
|
||||
iptables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# capture DNS responses (sport 53)
|
||||
iptables -w -A URLFILTER_FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_FORWARD -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
# INPUT: DNS replies to router, skip loopback
|
||||
iptables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# HTTP/HTTPS flows
|
||||
iptables -w -A URLFILTER_FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# OUTPUT: DNS replies from router, skip loopback
|
||||
iptables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# INPUT
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_INPUT"; then
|
||||
iptables -w -N URLFILTER_INPUT
|
||||
iptables -w -I INPUT 1 -j URLFILTER_INPUT
|
||||
# HTTP/HTTPS flows for urlfilter
|
||||
iptables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
iptables -w -A URLFILTER_INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# disable acceleration for https packet so that they can be read by urlfilter
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
|
||||
# OUTPUT
|
||||
if ! iptables -w -nL | grep -q "URLFILTER_OUTPUT"; then
|
||||
iptables -w -N URLFILTER_OUTPUT
|
||||
iptables -w -I OUTPUT 1 -j URLFILTER_OUTPUT
|
||||
# IPv6 rules
|
||||
ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -ne 0 ]; then
|
||||
# capture DNS responses (UDP/TCP sport 53) in FORWARD
|
||||
ip6tables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
iptables -w -A URLFILTER_OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
iptables -w -A URLFILTER_OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
# INPUT: DNS replies to router, skip loopback
|
||||
ip6tables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# ebtables bypass for IPv4
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# OUTPUT: DNS replies from router, skip loopback
|
||||
ip6tables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# IPv6
|
||||
# FORWARD
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_FORWARD6"; then
|
||||
ip6tables -w -N URLFILTER_FORWARD6
|
||||
ip6tables -w -I FORWARD 1 -j URLFILTER_FORWARD6
|
||||
# HTTP/HTTPS flows for urlfilter
|
||||
ip6tables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_FORWARD6 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# INPUT
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_INPUT6"; then
|
||||
ip6tables -w -N URLFILTER_INPUT6
|
||||
ip6tables -w -I INPUT 1 -j URLFILTER_INPUT6
|
||||
|
||||
ip6tables -w -A URLFILTER_INPUT6 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_INPUT6 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# OUTPUT
|
||||
if ! ip6tables -w -nL | grep -q "URLFILTER_OUTPUT6"; then
|
||||
ip6tables -w -N URLFILTER_OUTPUT6
|
||||
ip6tables -w -I OUTPUT 1 -j URLFILTER_OUTPUT6
|
||||
|
||||
ip6tables -w -A URLFILTER_OUTPUT6 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
ip6tables -w -A URLFILTER_OUTPUT6 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
|
||||
fi
|
||||
|
||||
# ebtables bypass for IPv6
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# disable acceleration for https packet so that they can be read by urlfilter
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
remove_iptables_nfqueue_rules() {
|
||||
# IPv4
|
||||
for chain in URLFILTER_FORWARD URLFILTER_INPUT URLFILTER_OUTPUT; do
|
||||
if iptables -w -nL | grep -q "$chain"; then
|
||||
iptables -w -D FORWARD -j $chain 2>/dev/null
|
||||
iptables -w -D INPUT -j $chain 2>/dev/null
|
||||
iptables -w -D OUTPUT -j $chain 2>/dev/null
|
||||
iptables -w -F $chain
|
||||
iptables -w -X $chain
|
||||
fi
|
||||
done
|
||||
iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
# DNS response rules
|
||||
iptables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
# HTTP/HTTPS
|
||||
iptables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
iptables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# IPv6
|
||||
for chain in URLFILTER_FORWARD6 URLFILTER_INPUT6 URLFILTER_OUTPUT6; do
|
||||
if ip6tables -w -nL | grep -q "$chain"; then
|
||||
ip6tables -w -D FORWARD -j $chain 2>/dev/null
|
||||
ip6tables -w -D INPUT -j $chain 2>/dev/null
|
||||
ip6tables -w -D OUTPUT -j $chain 2>/dev/null
|
||||
ip6tables -w -F $chain
|
||||
ip6tables -w -X $chain
|
||||
fi
|
||||
done
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2>/dev/null
|
||||
ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
|
||||
if [ "$?" -eq 0 ]; then
|
||||
# DNS response rules
|
||||
ip6tables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
# HTTP/HTTPS
|
||||
ip6tables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
ip6tables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
|
||||
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
remove_internet_schedule_rules() {
|
||||
@@ -567,62 +551,6 @@ remove_internet_schedule_rules() {
|
||||
fi
|
||||
}
|
||||
|
||||
# Global array for resolved IPs
|
||||
URLFILTER_IPS=""
|
||||
|
||||
# Resolve hostname or MAC to IP from lease_file
|
||||
get_host_ip() {
|
||||
local host="$1"
|
||||
local ip
|
||||
local lease_file="/tmp/dhcp.leases"
|
||||
|
||||
[ -f "$lease_file" ] || lease_file="/etc/parentalcontrol/dhcp.leases"
|
||||
[ -f "$lease_file" ] || { log "Error: get_host_ip(): No DHCP lease file found."; return 1; }
|
||||
|
||||
# try DHCP lease lookup
|
||||
ip="$(awk -v h="$host" '
|
||||
{
|
||||
mac=$2; ipaddr=$3; name=$4
|
||||
if (h == name || h == mac) { print ipaddr; exit }
|
||||
}' "$lease_file")"
|
||||
|
||||
[ -n "$ip" ] && URLFILTER_IPS="$URLFILTER_IPS $ip"
|
||||
}
|
||||
|
||||
# Process each profile section
|
||||
resolve_profile_hosts() {
|
||||
local section="$1"
|
||||
local hostlist
|
||||
|
||||
config_get hostlist "$section" host
|
||||
[ -z "$hostlist" ] && return
|
||||
|
||||
for h in $hostlist; do
|
||||
get_host_ip "$h"
|
||||
done
|
||||
}
|
||||
|
||||
# Main function to collect IPs and delete conntrack entries
|
||||
flush_conntrack_for_hosts() {
|
||||
URLFILTER_IPS=""
|
||||
local count max
|
||||
|
||||
config_foreach resolve_profile_hosts profile
|
||||
|
||||
URLFILTER_IPS="$(echo "$URLFILTER_IPS" | tr ' ' '\n' | sort -u | xargs)"
|
||||
for ip in $URLFILTER_IPS; do
|
||||
count=0
|
||||
max=1000
|
||||
while conntrack -D -s "$ip" >/dev/null 2>&1; do
|
||||
count=$((count+1))
|
||||
if [ $count -ge $max ]; then
|
||||
log "Warning: Forced to stop conntrack delete after $max deletions for $ip (possible loop)"
|
||||
break
|
||||
fi
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
OVERRIDE_JSON="/etc/parentalcontrol/urlbundle_override.json"
|
||||
DM_PLUGIN_PATH="/usr/share/bbfdm/micro_services/parentalcontrol/urlbundle_override.json"
|
||||
|
||||
|
||||
@@ -161,23 +161,7 @@ handle_download_url() {
|
||||
# If the URL is HTTP, fetch the file size
|
||||
local bundle_file_size
|
||||
if echo "$sanitized_url" | grep -qE "^https?://"; then
|
||||
bundle_file_header="$(curl -Is --max-time 30 "$sanitized_url" 2>/var/log/urlfilter_curl_err.log)"
|
||||
curl_rc=$?
|
||||
|
||||
case $curl_rc in
|
||||
0)
|
||||
# Success
|
||||
;;
|
||||
6|7|28|35|52|55|56)
|
||||
log_info "handle_download_url: URL not reachable (curl rc=$curl_rc): ${sanitized_url}"
|
||||
return 1
|
||||
;;
|
||||
*)
|
||||
log_info "handle_download_url: unexpected curl rc=$curl_rc for ${sanitized_url}"
|
||||
;;
|
||||
esac
|
||||
|
||||
bundle_file_size="$(echo "$bundle_file_header" | grep -i 'content-length' | cut -d: -f2 | xargs)"
|
||||
bundle_file_size="$(curl -I "$sanitized_url" 2>&1 | grep -i 'content-length' | cut -d: -f2 | xargs)"
|
||||
[ -z "$bundle_file_size" ] && bundle_file_size=0
|
||||
else
|
||||
# If it's a file:// URL, get the file size from the filesystem
|
||||
|
||||
@@ -5,11 +5,11 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-base
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu.git
|
||||
PKG_SOURCE_VERSION:=c87ba4d9648280dde6987493fc423cdd64128b09
|
||||
PKG_SOURCE_VERSION:=6ee43863415b54c312a56e113a7a91d5ae25df28
|
||||
PKG_MIRROR_HASH:=skip
|
||||
|
||||
SULU_MOD:=core
|
||||
|
||||
@@ -5,12 +5,12 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-builder
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
|
||||
PKG_SOURCE_VERSION:=ff551283f7b05674f3215a0ece2de777223347ee
|
||||
PKG_SOURCE_VERSION:=cca6a777e46584c888a1a06fafa75f7a063b803d
|
||||
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/sulu-$(PKG_VERSION)/sulu-builder-$(PKG_SOURCE_VERSION)
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
|
||||
. /lib/functions.sh
|
||||
. /usr/share/libubox/jshn.sh
|
||||
#. /lib/functions/iopsys-environment.sh
|
||||
|
||||
RESTART_REQ=0
|
||||
_RESTART_SERVICES="0"
|
||||
@@ -169,20 +170,18 @@ _create_mosquitto_acl() {
|
||||
|
||||
users="$(_get_sulu_user_roles)"
|
||||
if [ -f "${ACL_FILE}" ]; then
|
||||
acl_users="$(awk '/^user / {print $2}' "${ACL_FILE}")"
|
||||
for user in ${acl_users}; do
|
||||
if ! echo "$users" | grep -qwF "$user"; then
|
||||
acl_users="$(awk '/^user/ {print $2}' "${ACL_FILE}")"
|
||||
for user in ${users}; do
|
||||
if ! grep -q "$user" "${acl_users}"; then
|
||||
rm -f "${ACL_FILE}"
|
||||
RESTART_REQ="1"
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
[ -f "${ACL_FILE}" ] || touch "${ACL_FILE}"
|
||||
touch "${ACL_FILE}"
|
||||
|
||||
agentid="$(_get_agent_id)"
|
||||
for user in ${users}; do
|
||||
if ! grep -qxF "user $user" "${ACL_FILE}"; then
|
||||
if ! grep -q "user $user" "${ACL_FILE}"; then
|
||||
{
|
||||
echo "user ${user}"
|
||||
echo "topic read /usp/${agentid}/${user}/controller/reply-to"
|
||||
@@ -201,7 +200,9 @@ _create_mosquitto_acl() {
|
||||
}
|
||||
|
||||
update_obuspa_config() {
|
||||
|
||||
RESTART_REQ=0
|
||||
uci_load obuspa
|
||||
_update_obuspa_config_rbac
|
||||
uci_commit obuspa
|
||||
|
||||
@@ -217,7 +218,7 @@ configure_sulu() {
|
||||
generate_sulu_conn_config
|
||||
}
|
||||
|
||||
while getopts ":r" opt; do
|
||||
while getopts ":rq" opt; do
|
||||
case ${opt} in
|
||||
r)
|
||||
_RESTART_SERVICES="1"
|
||||
|
||||
@@ -1,16 +1,15 @@
|
||||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
UCI_TEMPLATE="/etc/nginx/uci.conf.template"
|
||||
|
||||
if [ ! -f "/etc/config/mosquitto" ]; then
|
||||
logger -t sulu.ucidefault "Local mosquitto broker not available"
|
||||
return 1
|
||||
echo "Local mosquitto broker not available"
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [ ! -f "${UCI_TEMPLATE}" ]; then
|
||||
logger -t sulu.ucidefault "nginx utils not installed, sulu can't run"
|
||||
return 1
|
||||
echo "nginx utils not installed, sulu can't run"
|
||||
return 0
|
||||
fi
|
||||
|
||||
update_nginx_uci_template()
|
||||
@@ -20,7 +19,7 @@ update_nginx_uci_template()
|
||||
port="$(uci -q get mosquitto.sulu.port)"
|
||||
port="${port:-9009}"
|
||||
|
||||
if ! grep -w "upstream websocket" ${UCI_TEMPLATE} | grep -wq "127.0.0.1:${port}"; then
|
||||
if ! grep -q "upstream websocket" ${UCI_TEMPLATE}; then
|
||||
sed -i '/#UCI_HTTP_CONFIG$/i\ map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
|
||||
sed -i "/#UCI_HTTP_CONFIG$/i\ upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}
|
||||
fi
|
||||
@@ -28,30 +27,37 @@ update_nginx_uci_template()
|
||||
|
||||
add_sulu_config_to_mosquitto()
|
||||
{
|
||||
uci_add mosquitto listener sulu
|
||||
uci_set mosquitto sulu enabled 1
|
||||
uci_set mosquitto sulu port '9009'
|
||||
uci_set mosquitto sulu no_remote_access '1'
|
||||
uci_set mosquitto sulu protocol 'websockets'
|
||||
uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
|
||||
uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
|
||||
if ! uci_get mosquitto sulu >/dev/null 2>&1; then
|
||||
uci_add mosquitto listener sulu
|
||||
uci_set mosquitto sulu enabled 1
|
||||
uci_set mosquitto sulu port '9009'
|
||||
uci_set mosquitto sulu no_remote_access '1'
|
||||
uci_set mosquitto sulu protocol 'websockets'
|
||||
uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
|
||||
uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
|
||||
fi
|
||||
}
|
||||
|
||||
add_sulu_userinterface_uci()
|
||||
{
|
||||
if [ -f "/etc/config/userinterface" ]; then
|
||||
uci_load userinterface
|
||||
|
||||
if ! uci_get userinterface _sulu_s >/dev/null 2>&1; then
|
||||
uci_add userinterface http_access _sulu_s
|
||||
uci_set userinterface _sulu_s path_prefix '/sulu'
|
||||
uci_set userinterface _sulu_s port '8443'
|
||||
uci_set userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
|
||||
uci_add_list userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
|
||||
uci_set userinterface _sulu_s _nginx_uci_manage_ssl 'self-signed'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_certificate '/etc/nginx/conf.d/_lan.crt'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_certificate_key '/etc/nginx/conf.d/_lan.key'
|
||||
uci_set userinterface _sulu_s _nginx_ssl_session_cache 'none'
|
||||
uci_set userinterface _sulu_s _nginx_error_page '503 /maintenance.html'
|
||||
uci_set userinterface _sulu_s protocol 'HTTPS'
|
||||
uci_set userinterface _sulu_s role 'admin user'
|
||||
uci_add_list userinterface _sulu_s role 'admin'
|
||||
uci_add_list userinterface _sulu_s role 'user'
|
||||
fi
|
||||
|
||||
if ! uci_get userinterface _suluredirect >/dev/null 2>&1; then
|
||||
uci_add userinterface http_access _suluredirect
|
||||
uci_set userinterface _suluredirect redirect '_sulu_s'
|
||||
uci_set userinterface _suluredirect protocol 'HTTP'
|
||||
|
||||
@@ -2,16 +2,23 @@
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
uci_load nginx
|
||||
# this is to make sure to not mess up existing config
|
||||
if uci_get nginx _sulu_s >/dev/null 2>&1; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
update_default_nginx_listner() {
|
||||
if [ ! -f "/etc/config/nginx" ]; then
|
||||
return 0
|
||||
|
||||
if [ ! -f /etc/config/nginx ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
if ! uci_get nginx _lan >/dev/null 2>&1; then
|
||||
return 0
|
||||
return
|
||||
fi
|
||||
|
||||
if ! opkg list-installed | grep -q "^luci "; then
|
||||
if ! opkg list-installed |grep -q "luci "; then
|
||||
echo "Luci not installed, removing luci config"
|
||||
uci_remove nginx _lan
|
||||
uci_remove nginx _redirect2ssl
|
||||
@@ -21,7 +28,7 @@ update_default_nginx_listner() {
|
||||
uci_add_list nginx _lan listen "[::]:8443 ssl default_server"
|
||||
|
||||
if ! uci_get nginx _redirect2ssl >/dev/null 2>&1; then
|
||||
return 0
|
||||
return
|
||||
fi
|
||||
|
||||
uci_remove nginx _redirect2ssl listen
|
||||
@@ -32,19 +39,17 @@ update_default_nginx_listner() {
|
||||
}
|
||||
|
||||
move_sulu_to_443_and_80() {
|
||||
if ! config_load userinterface; then
|
||||
return 0
|
||||
uci_load userinterface
|
||||
if [ ! -f /etc/config/userinterface ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
set_port() {
|
||||
local protocol port
|
||||
|
||||
local protocol
|
||||
config_get protocol "$1" protocol
|
||||
config_get port "$1" port
|
||||
|
||||
if [ "$protocol" == "HTTPS" ] && [ "${port}" -eq "8443" ]; then
|
||||
if [ "$protocol" == "HTTPS" ]; then
|
||||
uci_set userinterface "$1" port "443"
|
||||
elif [ "$protocol" == "HTTP" ] && [ "${port}" -eq "8080" ]; then
|
||||
elif [ "$protocol" == "HTTP" ]; then
|
||||
uci_set userinterface "$1" port "80"
|
||||
fi
|
||||
}
|
||||
|
||||
@@ -5,11 +5,11 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-theme-genexis
|
||||
PKG_VERSION:=5.1.7
|
||||
PKG_VERSION:=5.1.2
|
||||
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/gnx/sulu-theme-genexis
|
||||
PKG_SOURCE_VERSION:=d329108aa49a0d57325cd8e639c80ba70c126f3f
|
||||
PKG_SOURCE_VERSION:=bf58defd238eaf4d9e42df68942df2c8f7c4f136
|
||||
PKG_MIRROR_HASH:=skip
|
||||
|
||||
include ../sulu-builder/sulu.mk
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=sulu-vendorext
|
||||
PKG_VERSION:=0.0.4
|
||||
PKG_VERSION:=0.0.1
|
||||
|
||||
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
|
||||
|
||||
@@ -22,13 +22,16 @@ define Build/Compile
|
||||
endef
|
||||
|
||||
define Package/sulu-vendorext/install
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_firewall.json $(1) firewallmngr
|
||||
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_CWMP.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_extra_info.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_guest_wifi_5.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_mesh.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_voip.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_wan.json $(1) sysmngr
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_guest_wifi_2_4.json $(1) sysmngr
|
||||
|
||||
$(BBFDM_REGISTER_SERVICES) ./bbfdm_service.json $(1) suluvendorext
|
||||
$(BBFDM_INSTALL_MS_DM) ./extn/X_IOWRT_EU_MAPController.json $(1) suluvendorext
|
||||
$(BBFDM_INSTALL_MS_PLUGIN) ./extn/X_GENEXIS_EU_firewall.json $(1) firewallmngr
|
||||
|
||||
$(CP) ./files/* $(1)/
|
||||
endef
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"daemon": {
|
||||
"enable": "1",
|
||||
"service_name": "suluvendorext",
|
||||
"service_name": "hostmngr",
|
||||
"unified_daemon": false,
|
||||
"services": [
|
||||
{
|
||||
"parent_dm": "Device.",
|
||||
"object": "X_IOWRT_EU_MAPController"
|
||||
"object": "Hosts"
|
||||
}
|
||||
],
|
||||
"config": {
|
||||
|
||||
182
sulu/sulu-vendorext/extn/X_GENEXIS_EU_CWMP.json
Normal file
182
sulu/sulu-vendorext/extn/X_GENEXIS_EU_CWMP.json
Normal file
@@ -0,0 +1,182 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.CWMPManagementServer.": {
|
||||
"type": "object",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/cwmp",
|
||||
"EnableCWMP": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "cpe"
|
||||
},
|
||||
"option": {
|
||||
"name": "enable"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"log_to_console": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "cpe"
|
||||
},
|
||||
"option": {
|
||||
"name": "log_to_console"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.CWMPManagementServer.acs.": {
|
||||
"type": "object",
|
||||
"version": "2.15",
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"dependency": "file:/etc/config/cwmp",
|
||||
"url": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "url"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"userid": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "userid"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"password": {
|
||||
"type": "string",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "passwd"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"periodic_interval_enable": {
|
||||
"type": "boolean",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "periodic_inform_enable"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"periodic_inform_interval": {
|
||||
"type": "int",
|
||||
"version": "2.15",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "cwmp",
|
||||
"section": {
|
||||
"name": "acs"
|
||||
},
|
||||
"option": {
|
||||
"name": "periodic_inform_interval"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
180
sulu/sulu-vendorext/extn/X_GENEXIS_EU_extra_info.json
Normal file
180
sulu/sulu-vendorext/extn/X_GENEXIS_EU_extra_info.json
Normal file
@@ -0,0 +1,180 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.external_info.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"support_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "support_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"faq_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "faq_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_phone": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_phone"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"contact_times": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "contact_times"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"livechat_link": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "livechat_link"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"extra_info": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "heimgard",
|
||||
"section": {
|
||||
"name": "help_support"
|
||||
},
|
||||
"option": {
|
||||
"name": "extra_info"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
168
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_2_4.json
Normal file
168
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_2_4.json
Normal file
@@ -0,0 +1,168 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.guest2.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"ssid": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
]
|
||||
},
|
||||
"encryption": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"key": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest2"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
167
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_5.json
Normal file
167
sulu/sulu-vendorext/extn/X_GENEXIS_EU_guest_wifi_5.json
Normal file
@@ -0,0 +1,167 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.guest5.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"ssid": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "ssid"
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
]
|
||||
},
|
||||
"encryption": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "encryption"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"key": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "key"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"enabled": {
|
||||
"type": "boolean",
|
||||
"version": "1.00",
|
||||
"read": true,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "get",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
},
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "uci",
|
||||
"uci": {
|
||||
"file": "mapcontroller",
|
||||
"section": {
|
||||
"name": "guest5"
|
||||
},
|
||||
"option": {
|
||||
"name": "enabled"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
75
sulu/sulu-vendorext/extn/X_GENEXIS_EU_voip.json
Normal file
75
sulu/sulu-vendorext/extn/X_GENEXIS_EU_voip.json
Normal file
@@ -0,0 +1,75 @@
|
||||
{
|
||||
"Device.DeviceInfo.X_GENEXIS_EU.voip.": {
|
||||
"type": "object",
|
||||
"version": "1.00",
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"access": false,
|
||||
"array": false,
|
||||
"reset": {
|
||||
"type": "string",
|
||||
"version": "1.00",
|
||||
"read": false,
|
||||
"write": true,
|
||||
"protocols": [
|
||||
"cwmp",
|
||||
"usp"
|
||||
],
|
||||
"mapping": [
|
||||
{
|
||||
"rpc": "set",
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "voip",
|
||||
"method": "reset",
|
||||
"args": {
|
||||
"sip": "@Value"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"reset()": {
|
||||
"type": "command",
|
||||
"async": true,
|
||||
"protocols": [
|
||||
"usp"
|
||||
],
|
||||
"input": {
|
||||
"sip": {
|
||||
"type": "string",
|
||||
"read": "true",
|
||||
"write": "true",
|
||||
"protocols": [
|
||||
"usp"
|
||||
]
|
||||
}
|
||||
},
|
||||
"output": {
|
||||
"result": {
|
||||
"type": "string",
|
||||
"read": "true",
|
||||
"write": "false",
|
||||
"protocols": [
|
||||
"usp"
|
||||
]
|
||||
}
|
||||
},
|
||||
"mapping": [
|
||||
{
|
||||
"type": "ubus",
|
||||
"ubus": {
|
||||
"object": "voip",
|
||||
"method": "reset",
|
||||
"args": {
|
||||
"sip": "@Input.sip"
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
92
sulu/sulu-vendorext/files/etc/init.d/hmg_ap_to_mld_creds_sync
Executable file
92
sulu/sulu-vendorext/files/etc/init.d/hmg_ap_to_mld_creds_sync
Executable file
@@ -0,0 +1,92 @@
|
||||
#!/bin/sh /etc/rc.common
|
||||
|
||||
START=97
|
||||
USE_PROCD=1
|
||||
|
||||
start_service() {
|
||||
# --- STEP 1: process fronthaul APs with mld_id ---
|
||||
mld_ids=$(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1 | while read -r ap; do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
uci -q get "$ap.mld_id"
|
||||
done | sort -u | grep -v '^$')
|
||||
|
||||
for mld_id in $mld_ids; do
|
||||
ap_list=""
|
||||
ssid_ref=""
|
||||
key_ref=""
|
||||
ssid_mismatch=0
|
||||
|
||||
# collect all fronthaul APs with this mld_id
|
||||
for ap in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
cur_id=$(uci -q get "$ap.mld_id")
|
||||
[ "$cur_id" = "$mld_id" ] || continue
|
||||
|
||||
cur_ssid=$(uci -q get "$ap.ssid")
|
||||
cur_key=$(uci -q get "$ap.key")
|
||||
|
||||
ap_list="$ap_list $ap"
|
||||
|
||||
if [ -z "$ssid_ref" ]; then
|
||||
ssid_ref="$cur_ssid"
|
||||
key_ref="$cur_key"
|
||||
elif [ "$cur_ssid" != "$ssid_ref" ]; then
|
||||
ssid_mismatch=1
|
||||
fi
|
||||
done
|
||||
|
||||
if [ "$ssid_mismatch" -eq 1 ]; then
|
||||
for ap in $ap_list; do
|
||||
logger -t mldsync "Removing mld_id from $ap due to SSID mismatch"
|
||||
uci -q delete "$ap.mld_id"
|
||||
done
|
||||
else
|
||||
for mld in $(uci show mapcontroller | grep "^mapcontroller.@mld\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$mld.id")" = "$mld_id" ] || continue
|
||||
logger -t mldsync "Updating $mld with ssid=$ssid_ref and key=$key_ref"
|
||||
uci -q set "$mld.ssid=$ssid_ref"
|
||||
uci -q set "$mld.key=$key_ref"
|
||||
done
|
||||
fi
|
||||
done
|
||||
|
||||
# --- STEP 2: handle fronthaul APs with no mld_id but same SSID ---
|
||||
for ssid in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1 | while read -r ap; do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
[ -z "$(uci -q get "$ap.mld_id")" ] || continue
|
||||
uci -q get "$ap.ssid"
|
||||
done | sort | uniq); do
|
||||
ap_group=""
|
||||
key_ref=""
|
||||
count=0
|
||||
|
||||
for ap in $(uci show mapcontroller | grep "^mapcontroller.@ap\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$ap.type")" = "fronthaul" ] || continue
|
||||
[ "$(uci -q get "$ap.ssid")" = "$ssid" ] || continue
|
||||
[ -z "$(uci -q get "$ap.mld_id")" ] || continue
|
||||
ap_group="$ap_group $ap"
|
||||
key_ref=$(uci -q get "$ap.key")
|
||||
count=$((count + 1))
|
||||
done
|
||||
|
||||
[ "$count" -lt 2 ] && continue
|
||||
|
||||
for ap in $ap_group; do
|
||||
logger -t mldsync "Assigning mld_id=1 to $ap (ssid=$ssid)"
|
||||
uci -q set "$ap.mld_id=1"
|
||||
done
|
||||
|
||||
for mld in $(uci show mapcontroller | grep "^mapcontroller.@mld\[" | cut -d'=' -f1); do
|
||||
[ "$(uci -q get "$mld.id")" = "1" ] || continue
|
||||
logger -t mldsync "Updating $mld with ssid=$ssid and key=$key_ref (from unassigned group)"
|
||||
uci -q set "$mld.ssid=$ssid"
|
||||
uci -q set "$mld.key=$key_ref"
|
||||
done
|
||||
done
|
||||
|
||||
uci -q commit mapcontroller
|
||||
}
|
||||
|
||||
service_triggers() {
|
||||
procd_add_reload_trigger "mapcontroller"
|
||||
}
|
||||
@@ -2,9 +2,8 @@
|
||||
# shellcheck disable=SC1091,SC3043,SC3043
|
||||
|
||||
. /usr/share/libubox/jshn.sh
|
||||
. /lib/functions/network.sh
|
||||
|
||||
persistent_file="/tmp/sulu.json"
|
||||
persistent_file="/opconf/user.json"
|
||||
|
||||
init_json() {
|
||||
json_init
|
||||
@@ -15,33 +14,7 @@ init_json() {
|
||||
fi
|
||||
|
||||
if ! json_select "wan" >/dev/null; then
|
||||
local current_dev=""
|
||||
local current_proto=""
|
||||
local current_vid=""
|
||||
local current_mtu=""
|
||||
local current_username=""
|
||||
local current_password=""
|
||||
local default_gw_interface=""
|
||||
# Load current settings
|
||||
network_find_wan default_gw_interface
|
||||
[ -z "${default_gw_interface}" ] && default_gw_interface="wan"
|
||||
current_dev="$(uci -q get network."${default_gw_interface}".device)"
|
||||
current_proto="$(uci -q get network."${default_gw_interface}".proto || echo "dhcp")"
|
||||
current_vid="$(uci -q get network."${current_dev}".vid)"
|
||||
current_mtu="$(uci -q get network."${default_gw_interface}".mtu)"
|
||||
if [ "pppoe" = "${current_proto}" ]; then
|
||||
current_username="$(uci -q get network."${default_gw_interface}".username)"
|
||||
current_password="$(uci -q get network."${default_gw_interface}".password)"
|
||||
fi
|
||||
json_add_array "wan"
|
||||
json_add_object
|
||||
json_add_string "name" "wan"
|
||||
json_add_string "proto" "${current_proto}"
|
||||
[ -n "${current_vid}" ] && json_add_int "vlan_id" "${current_vid}"
|
||||
[ -n "${current_mtu}" ] && json_add_int "mtu" "${current_mtu}"
|
||||
[ -n "${current_username}" ] && json_add_string "username" "${current_username}"
|
||||
[ -n "${current_password}" ] && json_add_string "password" "${current_password}"
|
||||
json_close_object
|
||||
fi
|
||||
json_close_object
|
||||
json_close_object
|
||||
@@ -58,13 +31,11 @@ save_and_exit() {
|
||||
|
||||
save_userconf() {
|
||||
json_dump >"${persistent_file}"
|
||||
# reload opconf to apply changes from persistent file, discarding output
|
||||
opconf "${persistent_file}" > /dev/null 2>&1
|
||||
# Commit network changes
|
||||
opconf "${persistent_file}"
|
||||
ubus call uci commit '{"config": "network"}'
|
||||
}
|
||||
|
||||
# Create skeleton file if it doesn't exists after that load in $persistent_file
|
||||
# Create skeleton file if it doesn't exists after that load in user.json
|
||||
init_json
|
||||
|
||||
go_L2() {
|
||||
@@ -161,9 +132,6 @@ set_wan_param() {
|
||||
vid | vland_id)
|
||||
json_add_int "vlan_id" "${value}"
|
||||
;;
|
||||
mtu)
|
||||
json_add_int "mtu" "${value}"
|
||||
;;
|
||||
*)
|
||||
logger "sulu_functions: Unkown name '${name}' in set_wan_param"
|
||||
;;
|
||||
@@ -171,7 +139,7 @@ set_wan_param() {
|
||||
json_close_object
|
||||
json_select ..
|
||||
json_select ..
|
||||
logger -s "sulu_functions Name: '${name}'='${value}'"
|
||||
logger -s "Name: '${name}'='${value}'"
|
||||
save_userconf
|
||||
json_set_namespace old_cb
|
||||
}
|
||||
@@ -190,7 +158,7 @@ get_wan_value() {
|
||||
*) ;;
|
||||
esac
|
||||
|
||||
for json_file in /opconf/*.json ${persistent_file}; do
|
||||
for json_file in /opconf/*.json; do
|
||||
value_from_opconf="$(jsonfilter -e "@.network.wan[@.name='wan'].${variable_name}" <"${json_file}")"
|
||||
[ -n "${value_from_opconf}" ] && final_config="${value_from_opconf}"
|
||||
done
|
||||
|
||||
@@ -57,18 +57,15 @@ set_fwmode() {
|
||||
case "$mode" in
|
||||
low)
|
||||
# add rule for incoming gateway
|
||||
json_init
|
||||
json_load "$(ubus -S call genexis.wan status)"
|
||||
json_load "$(ubus call heimgard.wan status)"
|
||||
json_get_var gateway gateway
|
||||
|
||||
if [ -n "$gateway" ]; then
|
||||
uci set firewall.${allow_gw_rule}=rule
|
||||
uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In'
|
||||
uci set firewall.${allow_gw_rule}.src='wan'
|
||||
uci set firewall.${allow_gw_rule}.src_ip="$gateway"
|
||||
uci set firewall.${allow_gw_rule}.target='ACCEPT'
|
||||
uci reorder firewall.${allow_gw_rule}=1
|
||||
fi
|
||||
uci set firewall.${allow_gw_rule}=rule
|
||||
uci set firewall.${allow_gw_rule}.name='Allow-Gateway-In'
|
||||
uci set firewall.${allow_gw_rule}.src='wan'
|
||||
uci set firewall.${allow_gw_rule}.src_ip="$gateway"
|
||||
uci set firewall.${allow_gw_rule}.target='ACCEPT'
|
||||
uci reorder firewall.${allow_gw_rule}=1
|
||||
;;
|
||||
medium)
|
||||
uci set firewall.wan.input='DROP'
|
||||
|
||||
@@ -99,7 +99,7 @@ call)
|
||||
read -r input
|
||||
_param="$(echo "$input" | jsonfilter -e '@.param')"
|
||||
value="$(echo "$input" | jsonfilter -e '@.value')"
|
||||
logger -t "genexis.wan" "_param: ${_param} value: ${value}"
|
||||
logger -t "heimgard.wan" "_param: ${_param} value: ${value}"
|
||||
json_init
|
||||
reply="$(set_wan_param "$_param" "$value")"
|
||||
json_add_string "status" "${reply}"
|
||||
|
||||
@@ -7,9 +7,10 @@ init_json
|
||||
|
||||
get_netmode() {
|
||||
local _netmode
|
||||
local persistent_file="/opconf/user.json"
|
||||
if [ -f "${persistent_file}" ]; then
|
||||
json_init
|
||||
json_load_file "${persistent_file}"
|
||||
json_load_file '/opconf/user.json'
|
||||
if json_select netmode; then
|
||||
json_get_var _netmode current "unknown"
|
||||
json_select ..
|
||||
|
||||
@@ -85,7 +85,6 @@ migrate_timemngr_config() {
|
||||
fi
|
||||
|
||||
uci -q delete system.ntp
|
||||
return 0
|
||||
}
|
||||
|
||||
migrate_timemngr_config
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=tr143
|
||||
PKG_VERSION:=1.1.3.2
|
||||
PKG_VERSION:=1.1.3.1
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/tr143d.git
|
||||
PKG_SOURCE_VERSION:=54c76c7afd4eb45d929f3512e96f572f2ad4e2ea
|
||||
PKG_SOURCE_VERSION:=1a10867d639afeb535d6c639b95b25648eb4ef7b
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
@@ -5,13 +5,13 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=wifidmd
|
||||
PKG_VERSION:=1.1.33.3
|
||||
PKG_VERSION:=1.1.33.2
|
||||
|
||||
LOCAL_DEV:=0
|
||||
ifneq ($(LOCAL_DEV),1)
|
||||
PKG_SOURCE_PROTO:=git
|
||||
PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/wifidmd.git
|
||||
PKG_SOURCE_VERSION:=98dbea71e67b4fb962fc5abd6657d143a12b39e4
|
||||
PKG_SOURCE_VERSION:=900fdca6e18dce382c99fbfcbca81b7e90cc5598
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
|
||||
PKG_MIRROR_HASH:=skip
|
||||
endif
|
||||
|
||||
Reference in New Issue
Block a user