fluent-bit: convert kmsg pri field from char to string

In order to support filtering based on serverity and facility in logmngr config, we need to be able to configure regex on the priority field, but kmsg input plugin sends the priority field as char, on which regex does not work. We also cannot use the type converter filter which is present in fluent bit, because it does not support the source data type to be char. Therefore, we change priority from a char to a string field.
2025-12-28 23:29:17 +08:00 · 2025-08-29 12:30:04 +00:00
66 changed files with 652 additions and 881 deletions
--- a/bbfdm/Makefile
+++ b/bbfdm/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bbfdm
-PKG_VERSION:=1.18.5
+PKG_VERSION:=1.17.6

 USE_LOCAL:=0
 ifneq ($(USE_LOCAL),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bbfdm.git
-PKG_SOURCE_VERSION:=1596a6a8c1d5063587e92b61d1b12bdd51240c27
+PKG_SOURCE_VERSION:=c9af4e50cef5336e7842578d3d10f1f7bce2d8b0
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
@@ -55,7 +55,7 @@ define Package/dm-service
  CATEGORY:=Utilities
  SUBMENU:=TRx69
  TITLE:=Datamodel ubus backend to expose micro-service tree
-  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libbbfdm-ubus +bbf_configmngr +libeasy
+  DEPENDS:=+libuci +libubox +libubus +libblobmsg-json +libjson-c +libbbfdm-api +libbbfdm-ubus +bbf_configmngr
 endef

 define Package/bbf_configmngr
@@ -183,7 +183,6 @@ define Package/bbf_configmngr/install

 	$(INSTALL_BIN) ./files/etc/init.d/bbf_configd $(1)/etc/init.d/bbf_configd
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_config_notify.sh $(1)/usr/share/bbfdm/scripts/
-	$(INSTALL_BIN) $(PKG_BUILD_DIR)/utilities/files/usr/share/bbfdm/scripts/bbf_default_reload.sh $(1)/etc/bbfdm/
 	$(INSTALL_DATA) ./files/etc/bbfdm/critical_services.json $(1)/etc/bbfdm/
 endef

--- a/bbfdm/files/etc/bbfdm/critical_services.json
+++ b/bbfdm/files/etc/bbfdm/critical_services.json
@@ -1,51 +1,23 @@
 {
 	"usp": [
-			"/etc/config/firewall",
-			"/etc/bbfdm/dmmap/dmmap_firewall",
-			"/etc/config/network",
-			"/etc/bbfdm/dmmap/IP",
-			"/etc/bbfdm/dmmap/Ethernet",
-			"/etc/bbfdm/dmmap/GRE",
-			"/etc/bbfdm/dmmap/IPv6rd",
-			"/etc/bbfdm/dmmap/PPP",
-			"/etc/bbfdm/dmmap/Routing",
-			"/etc/config/dhcp",
-			"/etc/bbfdm/dmmap/dmmap_dhcp",
-			"/etc/bbfdm/dmmap/dmmap_dhcp_client",
-			"/etc/bbfdm/dmmap/dmmap_dhcp_relay",
-			"/etc/bbfdm/dmmap/dmmap_dhcpv6",
-			"/etc/config/time",
-			"/etc/bbfdm/dmmap/dmmap_time",
-			"/etc/config/mapcontroller",
-			"/etc/config/wireless",
-			"/etc/bbfdm/dmmap/WiFi",
-			"/etc/config/ieee1905",
-			"/etc/config/mosquitto",
-			"/etc/config/nginx",
-			"/etc/config/netmode",
-			"/etc/bbfdm/dmmap/dmmap_netmode"
+			"firewall",
+			"network",
+			"dhcp",
+			"time",
+			"wireless",
+			"ieee1905",
+			"mapcontroller",
+			"mosquitto",
+			"nginx",
+			"netmode"
 	],
 	"cwmp": [
-			"/etc/config/firewall",
-			"/etc/bbfdm/dmmap/dmmap_firewall",
-			"/etc/config/network",
-			"/etc/bbfdm/dmmap/IP",
-			"/etc/bbfdm/dmmap/Ethernet",
-			"/etc/bbfdm/dmmap/GRE",
-			"/etc/bbfdm/dmmap/IPv6rd",
-			"/etc/bbfdm/dmmap/PPP",
-			"/etc/bbfdm/dmmap/Routing",
-			"/etc/config/dhcp",
-			"/etc/bbfdm/dmmap/dmmap_dhcp",
-			"/etc/bbfdm/dmmap/dmmap_dhcp_client",
-			"/etc/bbfdm/dmmap/dmmap_dhcp_relay",
-			"/etc/bbfdm/dmmap/dmmap_dhcpv6",
-			"/etc/config/mapcontroller",
-			"/etc/config/wireless",
-			"/etc/bbfdm/dmmap/WiFi",
-			"/etc/config/time",
-			"/etc/bbfdm/dmmap/dmmap_time",
-			"/etc/config/netmode",
-			"/etc/bbfdm/dmmap/dmmap_netmode"
+			"firewall",
+			"network",
+			"dhcp",
+			"mapcontroller",
+			"wireless",
+			"time",
+			"netmode"
 	]
 }
--- a/bbfdm/files/etc/init.d/bbf_configd
+++ b/bbfdm/files/etc/init.d/bbf_configd
@@ -27,6 +27,6 @@ start_service()
 service_triggers() {
 	for config_file in /etc/config/*; do
 		config_name=$(basename "$config_file")
-		procd_add_config_trigger "config.change" "$config_name" /usr/share/bbfdm/scripts/bbf_config_notify.sh "$config_name"
+		procd_add_config_trigger "config.change" "$config_name" /usr/share/bbfdm/scripts/bbf_config_notify.sh
 	done
 }
--- a/bridgemngr/Makefile
+++ b/bridgemngr/Makefile
@@ -5,13 +5,14 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bridgemngr
-PKG_VERSION:=1.1.4
+PKG_VERSION:=1.1.1

+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr.git
-PKG_SOURCE_VERSION:=e5e0d9adfc919c25d88a867d42a9c500cb09f834
+PKG_SOURCE_URL:=https://dev.iopsys.eu/network/bridgemngr
+PKG_SOURCE_VERSION:=b6a657e1c83b49f09323b4012ef229c604b82854
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/bulkdata/Makefile
+++ b/bulkdata/Makefile
@@ -7,13 +7,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=bulkdata
-PKG_VERSION:=2.1.21
+PKG_VERSION:=2.1.20

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/bulkdata.git
-PKG_SOURCE_VERSION:=fdfffad21f1c0c15654c9a9740c5fb7beb6542e5
+PKG_SOURCE_VERSION:=a5e57962938ca143ede65d92be90b6e9fce66e15
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/decollector/Makefile
+++ b/decollector/Makefile
@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=decollector
-PKG_VERSION:=6.2.1.13
+PKG_VERSION:=6.2.1.10

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=269aa271c2f8048dad9846be786620339a67bcaa
+PKG_SOURCE_VERSION:=c9fad0fafad290bc19b7ad1a8e6c7e2cc4f55ad1
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/decollector.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
--- a/dslmngr/files/airoha/sbin/xdsl_wan
+++ b/dslmngr/files/airoha/sbin/xdsl_wan
@@ -5,8 +5,6 @@ source "/lib/functions/network.sh"
 source "/lib/functions/system.sh"

 PREVLINK=""
-LINK=""
-LINKSPEED=""
 PREVWANMODE=""
 WANMODE=""
 CONFIGURED=0
@@ -152,12 +150,6 @@ while [ true ]; do

 	if [ "$LINK" != "$PREVLINK" -a \( "$LINK" = "down" -o "$LINK" = "up" \) ]; then
 		if [ "$LINK" = "down" ]; then
-			if [ ! -s /tmp/qos/wan_link_shape_rate ]; then
-				rm -rf /tmp/qos/wan_link_shape_rate
-				rm -rf /tmp/qos/wan_link_speed
-				/usr/sbin/qos-uplink-bandwidth
-			fi
-
 			[ "$CONFIGURED" -eq 0 ] && configure_lines # Needs to be done once the slave SoC is in down state and we've not been able to auto-sync.
 			if [ -n "$WANMODE" ]; then
 				if [ "$WANMODE" = "PTM" ]; then
@@ -234,26 +226,6 @@ while [ true ]; do

 			call_wan_hotplug "up" "$WANPORT"
 			PREVWANMODE="$WANMODE"
-
-			if [ ! -s /tmp/qos/wan_link_shape_rate ]; then
-				LINKSPEED="$(awk '/far-end interleaved channel bit rate/{print $6}' /proc/tc3162/adsl_stats)"
-				LINKSPEED=$((LINKSPEED))
-				if [ "$LINKSPEED" -eq 0 ]; then
-					LINKSPEED="$(awk '/far-end fast channel bit rate/{print $6}' /proc/tc3162/adsl_stats)"
-					LINKSPEED=$((LINKSPEED))
-				fi
-
-				if [ "$LINKSPEED" -ne 0 ]; then
-					mkdir -p /tmp/qos
-					touch /tmp/qos/wan_link_shape_rate
-
-					/userfs/bin/qosrule discpline Rate uplink-bandwidth ${LINKSPEED}
-					hw_nat -! > /dev/null 2>&1
-				else
-					rm -rf /tmp/qos/wan_link_speed
-					/usr/sbin/qos-uplink-bandwidth
-				fi
-			fi
 		fi

 		# Toggle link state
--- a/fdtextract/Makefile
+++ b/fdtextract/Makefile
@@ -10,14 +10,19 @@ PKG_NAME:=fdtextract
 PKG_RELEASE:=1
 PKG_VERSION:=1.0

-PKG_SOURCE_URL:=https://dev.iopsys.eu/system/fdtextract.git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/fdtextract.git
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=7917dbcb29724476cd46164eec29848df1e5fb67
+PKG_SOURCE_VERSION:=e3cefda3b26c9aea3021b20725ce7b31b33eebc4
 PKG_MIRROR_HASH:=skip

 PKG_LICENSE:=GPLv2
 PKG_LICENSE_FILES:=LICENSE

+RSTRIP:=true
+export BUILD_DIR
+
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_PARALLEL:=1

@@ -35,7 +40,9 @@ endef

 define Package/$(PKG_NAME)/install
 	$(INSTALL_DIR) $(1)/usr/sbin
+
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/fdtextract $(1)/usr/sbin/
+	$(STRIP) $(1)/usr/sbin/fdtextract
 endef

 $(eval $(call BuildPackage,$(PKG_NAME)))
--- a/fluent-bit/patches/0030-kmsg_pri_as_string.patch
+++ b/fluent-bit/patches/0030-kmsg_pri_as_string.patch
@@ -0,0 +1,20 @@
+diff --git a/plugins/in_kmsg/in_kmsg.c b/plugins/in_kmsg/in_kmsg.c
+index cd5c4cd17..04bbe2b2e 100644
+--- a/plugins/in_kmsg/in_kmsg.c
+++ b/plugins/in_kmsg/in_kmsg.c
+@@ -182,11 +182,14 @@ static inline int process_line(const char *line,
+                 &ts);
+     }
+ 
+    char priority_str[4] = {0}; /* enough for "255" + NUL */
+    snprintf(priority_str, sizeof(priority_str), "%u", (unsigned char) priority);
+
+     if (ret == FLB_EVENT_ENCODER_SUCCESS) {
+         ret = flb_log_event_encoder_append_body_values(
+                 &ctx->log_encoder,
+                 FLB_LOG_EVENT_CSTRING_VALUE("priority"),
+-                FLB_LOG_EVENT_CHAR_VALUE(priority),
+                FLB_LOG_EVENT_STRING_VALUE(priority_str, strlen(priority_str)),
+ 
+                 FLB_LOG_EVENT_CSTRING_VALUE("sequence"),
+                 FLB_LOG_EVENT_UINT64_VALUE(sequence),
--- a/hostmngr/Makefile
+++ b/hostmngr/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=hostmngr
-PKG_VERSION:=1.4.0
+PKG_VERSION:=1.3.1

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=230d55ae6769e1ebde02cef3f718e6c4cf1b1962
+PKG_SOURCE_VERSION:=3663ca4d001508509774115d6797b932f9ed4f69
 PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/hostmngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/icwmp/Makefile
+++ b/icwmp/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=icwmp
-PKG_VERSION:=9.10.4
+PKG_VERSION:=9.10.0

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/icwmp.git
-PKG_SOURCE_VERSION:=505d3d63e06d84b144ce2eb63ea89af723abf0ed
+PKG_SOURCE_VERSION:=b4db243c1d057d0242a4badae53e9c57e442d27a
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
+++ b/icwmp/files/etc/udhcpc.user.d/udhcpc_icwmp_opt43.user
@@ -77,7 +77,6 @@ get_opt43() {
 config_load cwmp
 config_get wan_intf cpe default_wan_interface "wan"
 config_get dhcp_discovery acs dhcp_discovery "0"
-config_get_bool insecure_enable acs insecure_enable "0"
 config_get dhcp_url acs dhcp_url ""
 config_get min_wait_intvl acs dhcp_retry_min_wait_interval "0"
 config_get intvl_multi acs dhcp_retry_interval_multiplier "0"
@@ -103,17 +102,6 @@ if [ "${wan_intf}" = "${INTERFACE}" ]; then
 		return 0
 	fi

-	if [ "${insecure_enable}" -eq "0" ]; then
-		case $DHCP_ACS_URL in
-		https://*)
-			log "ACS url $DHCP_ACS_URL has https"
-			;;
-		*)
-			return 0
-			;;
-		esac
-	fi
-
 	sec=$(uci -q get cwmp.acs)

 	if [ -z "${sec}" ]; then
--- a/ieee1905/Makefile
+++ b/ieee1905/Makefile
@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=ieee1905
-PKG_VERSION:=8.7.37
+PKG_VERSION:=8.7.34

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=c711e1e132478d6443ffb5aad15d12b90f0d59b5
+PKG_SOURCE_VERSION:=81c99af824bd5bd217213e4e731798a6469157b8
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/ieee1905.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
--- a/libwifi/Makefile
+++ b/libwifi/Makefile
@@ -1,32 +1,28 @@
 #
-# Copyright (C) 2019-2024 Iopsys
-# Copyright (C) 2025 Genexis Sweden AB
+# Copyright (C) 2020-2023 Iopsys
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=libwifi
-PKG_VERSION:=7.22.2
+PKG_VERSION:=7.14.0

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=cd29f6bcb25f3e48be04244c042d13a908c2b6b1
-PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/libwifi.git
+PKG_SOURCE_VERSION:=b4b8f524a93d03fd1f89d4c32b8eaca90d9ccc1a
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/libwifi.git
+PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
 endif

 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_LICENSE:=LGPL-2.1-only
-PKG_LICENSE_FILES:=
-PKG_MAINTAINER:=Anjan Chanda <anjan.chanda@genexis.eu>
-
-MAKE_VERBOSE := 1
+PKG_LICENSE_FILES:=LICENSE

 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/kernel.mk
-include $(INCLUDE_DIR)/cmake.mk

 ifeq ($(CONFIG_TARGET_brcmbca),y)
  TARGET_PLATFORM=BROADCOM
@@ -53,14 +49,8 @@ else ifeq ($(CONFIG_TARGET_airoha),y)
  endif
 else ifeq ($(CONFIG_TARGET_mediatek),y)
  TARGET_PLATFORM=MEDIATEK
-  TARGET_WIFI_TYPE=MAC80211
-  ifeq ($(CONFIG_TARGET_DEVICE_mediatek_filogic_DEVICE_cx750),y)
-    TARGET_WIFI_TYPE=MEDIATEK
-    TARGET_CFLAGS +=-DCONFIG_MTK -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
-  else ifeq ($(CONFIG_TARGET_DEVICE_mediatek_filogic_DEVICE_mediatek_mt7987a-spim-nand-an8801sb),y)
-    TARGET_WIFI_TYPE=MEDIATEK
-    TARGET_CFLAGS +=-DCONFIG_MTK -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
-  endif
+  TARGET_WIFI_TYPE=MEDIATEK
+  TARGET_CFLAGS +=-DCONFIG_MTK -I$(LINUX_DIR)/include/uapi/linux/mtk_nl80211_inc
 else ifeq ($(CONFIG_TARGET_ipq95xx),y)
  TARGET_PLATFORM=IPQ95XX
  TARGET_WIFI_TYPE=QUALCOMM
@@ -76,13 +66,13 @@ else
 endif

 ifneq ($(CONFIG_PACKAGE_kmod-mt7915e_en7523),)
-  TARGET_CFLAGS +=-DMT7915_VENDOR_EXT
+  TARGET_CFLAGS=-DMT7915_VENDOR_EXT
 endif

 PKG_BUILD_DEPENDS:=PACKAGE_kmod-mt7915e_en7523:mt76_en7523

 ifneq ($(CONFIG_PACKAGE_libwifi),)
-  CMAKE_OPTIONS +=-DHAS_WIFI=ON
+TARGET_CFLAGS +=-DHAS_WIFI
 endif

 ifeq ($(CONFIG_LIBWIFI_USE_CTRL_IFACE),y)
@@ -93,8 +83,18 @@ ifeq ($(CONFIG_LIBWIFI_SKIP_PROBES),y)
  TARGET_CFLAGS +=-DLIBWIFI_BRCM_SKIP_PROBES
 endif

+TARGET_CFLAGS += \
+	-I$(STAGING_DIR)/usr/include \
+	-I$(STAGING_DIR)/usr/include/openssl \
+	-I$(STAGING_DIR)/usr/include/libnl3

-CMAKE_OPTIONS += -DPLATFORM=$(TARGET_PLATFORM) -DWIFI_TYPE=$(TARGET_WIFI_TYPE)
+MAKE_FLAGS += \
+	CFLAGS="$(TARGET_CFLAGS) -Wall -I./" \
+	LDFLAGS="$(TARGET_LDFLAGS)" \
+	FPIC="$(FPIC)" \
+	PLATFORM="$(TARGET_PLATFORM)" \
+	WIFI_TYPE="$(TARGET_WIFI_TYPE)" \
+	subdirs="$(subdirs)"

 ifeq ($(LOCAL_DEV),1)
 define Build/Prepare
@@ -102,39 +102,43 @@ define Build/Prepare
 endef
 endif

-define Package/libwifiutils
-	SECTION:=libs
-	CATEGORY:=Libraries
-	TITLE:= WiFi utility library (libwifiutils.so)
-	DEPENDS+=+libnl +libnl-route +libeasy +libopenssl
-endef
-
-define Package/libwifiutils/description
-	Library provides WiFi utility functions
-endef
-
-define Package/libwifi
-	SECTION:=libs
-	CATEGORY:=Libraries
-	TITLE:= WiFi HAL library (libwifi-7.so.m)
-	DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcm963xx-bsp
+define Package/libwifi-common
+  SECTION:=libs
+  CATEGORY:=Libraries
+  TITLE:=libwifi
+  SUBMENU:=IOPSYS HAL libs
+  DEPENDS:=+libopenssl
+  MENU:=1
 endef

 define Package/libwifi/description
-	Library provides WiFi HAL APIs
+  Library provides WiFi HAL APIs and WiFi common utility functions
+endef
+
+define Package/libwifiutils
+  $(call Package/libwifi-common)
+  TITLE:= WiFi utility library (libwifiutils.so)
+  DEPENDS+=+libnl +libnl-route +libeasy
 endef

 define Build/InstallDev/libwifiutils
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/wifidefs.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/wifiutils.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/libwifiutils*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/wifidefs.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/wifiutils.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/libwifiutils*.so* $(1)/usr/lib/
 endef

 define Package/libwifiutils/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifiutils/libwifiutils*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/libwifiutils*.so* $(1)/usr/lib/
+endef
+
+
+define Package/libwifi
+  $(call Package/libwifi-common)
+  TITLE:= WiFi library (libwifi)
+  DEPENDS+=+libnl +libnl-route +libeasy +libwifiutils +TARGET_brcmbca:bcm963xx-bsp
 endef

 define Package/libwifi/config
@@ -155,12 +159,13 @@ define Package/libwifi/config
  endif
 endef

+
 define Build/InstallDev/libwifi
 	$(INSTALL_DIR) $(1)/usr/include
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifi/wifiops.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifi/wifi.h $(1)/usr/include/
-	$(CP) $(PKG_BUILD_DIR)/libwifi/libwifi-7*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/wifiops.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/wifi.h $(1)/usr/include/
+	$(CP) $(PKG_BUILD_DIR)/libwifi-7*.so* $(1)/usr/lib/
 endef


@@ -173,7 +178,7 @@ endef

 define Package/libwifi/install
 	$(INSTALL_DIR) $(1)/usr/lib
-	$(CP) $(PKG_BUILD_DIR)/libwifi/libwifi-7*.so* $(1)/usr/lib/
+	$(CP) $(PKG_BUILD_DIR)/libwifi-7*.so* $(1)/usr/lib/
 endef

 $(eval $(call BuildPackage,libwifiutils))
--- a/logmngr/Makefile
+++ b/logmngr/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=logmngr
-PKG_VERSION:=1.1.4
+PKG_VERSION:=1.1.2

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/system/logmngr.git
-PKG_SOURCE_VERSION:=62441fdfe14a39bff8fff7c62307bd7b54d7240f
+PKG_SOURCE_VERSION:=ad043d5d2e96c1b203a9c5b22ad6e6e1488ad8f2
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/logmngr/files/lib/logmngr/fluent-bit.sh
+++ b/logmngr/files/lib/logmngr/fluent-bit.sh
@@ -92,180 +92,157 @@ create_input_section() {
 	# check if this source section has already been processed
 	syslog_tag_already_processed "$tag" && return

+	# the input in our case is always syslog, hence, this section of the
+	# fluent-bit.conf file has hardcoded values as well that do not depend
+	# on any uci value
 	append_conf "[INPUT]"
 	append_conf "    name        syslog"
-	append_conf "    unix_perm   0666"
 	append_conf "    tag         $tag"
 	append_conf "    path        /dev/log"
 	append_conf ""
 }

-populate_allowed_logs() {
-	local facility_level sev_level
-	local section="$1"
-
-	[ -z "$section" ] && return
-
-	# reset
-	match_pattern=""
-	facilities=""
-	all_facilities=0
-	kern_facility=0
-	severities=""
-	sev_compare=1
-	sev_action=0
-
-	# read config
-	config_get match_pattern $section pattern_match
-
-	config_get facility_level $section facility_level
-	config_get sev_level $section severity_level
-	config_get sev_compare $section severity_compare 1
-	config_get sev_action $section severity_action 0
-
-	# normalize facilities
-	if [ -n "$facility_level" ]; then
-		for f in $facility_level; do
-			if [ "$f" = "24" ]; then
-				all_facilities=1
-				# xargs is used to convert from new line separated numbers to space separated numbers
-				facilities="$(seq 0 23 | xargs)"
-				break
-			fi
-
-			if [ "$f" = "0" ]; then
-				kern_facility=1
-			fi
-		done
-
-		if [ "$all_facilities" -eq 0 ]; then
-			facilities="$facility_level"
-		fi
-	else
-		# default to "all facilities" when unset
-        	all_facilities=1
-	        facilities="$(seq 0 23 | xargs)"
-	fi
-
-	# normalize severities
-	case "$sev_level" in
-		8)  	# all severities
-			severities="$(seq 0 7 | xargs)"
-			;;
-		9)  	# none
-			severities="none"
-			;;
-		"") 	# unset, treat as "all"
-			severities="$(seq 0 7 | xargs)"
-			;;
-		*)
-			if [ "$sev_compare" = "0" ]; then
-				# equal
-				severities="$sev_level"
-			else
-				# equl or higher
-				severities="$(seq 0 $sev_level | xargs)"
-			fi
-			;;
-	esac
-}
-
-create_filter_section() {
-	local match_regex="$1"
-	local pattern="$2"
-
-	[ -z "$match_regex" ] && return
-
-	append_conf "[FILTER]"
-	append_conf "    name        grep"
-	append_conf "    match_regex       $match_regex"
-
-	# we need "logical_op or" only in non-pattern sections
-	if [ "$pattern" = "0" ]; then
-		append_conf "    logical_op  or" # handle multiple filters
-	fi
-}
-
 create_kmsg_input_section() {
 	local tag="$1"
-	local max_sev=7

 	[ -z "$tag" ] && return
+
+	# check if this source section has already been processed
 	kmsg_tag_already_processed "$tag" && return

 	if [ -c "/dev/kmsg" ]; then
 		append_conf "[INPUT]"
 		append_conf "    name       kmsg"
 		append_conf "    tag        $tag"
-
-		# check kern facility (0)
-		if [ "$all_facilities" -eq 1 ] || [ "$kern_facility" -eq 1 ]; then
-			if [ "$severities" != "none" ]; then
-				# severity filtering
-				# only EqualOrHigher is supported by Prio_Level
-				# and only Log action is supported
-				# so set Prio_Level = max severity
-				if [ "$sev_action" = "0" ] && [ "$sev_compare" = "1" ]; then
-					if [ -n "$severities" ]; then
-						max_sev=$(echo $severities | tr ' ' '\n' | sort -n | tail -1)
-					fi
-
-					append_conf "    prio_level $max_sev"
-				fi
-			fi
-		fi
-
 		append_conf ""
-
-		# if severities is none, or
-		# if kern facility has been excluded
-		# then we need to stop kernel logs
-		# sev_action and sev_compare is being checked because we don't want to work with rules that exclude logs
-		if [ "$severities" = "none" ] || { [ "$kern_facility" -eq 0 ] && [ "$all_facilities" -eq 0 ] && [ "$sev_action" = "0" ] && [ "$sev_compare" = "1" ]; }; then
-			# block all
-			# create a filter section that matches on KM* tag
-			# and excludes all messages
-			create_filter_section "KM*" "0"
-			append_conf "    exclude    message ^.*$"
-			append_conf ""
-		fi
 	fi
 }

-generate_syslog_filter() {
-	local param="regex"
+generate_facility_regex() {
+	local facility_level=$1
+	local pri=0

-	[ "$sev_action" = "1" ] && param="exclude"
-
-	# start adding the fluent-bit filter section
-	create_filter_section "SL*" "0"
-
-	if [ "$severities" = "none" ]; then
-		append_conf "    exclude    pri ^.*$"
+	if [ "$facility_level" == "24" ]; then
+		# value 24 means all facility level, which is as good as not
+		# generating a filter section, so return
 		return
 	fi

-	for fval in $facilities; do
-		for sval in $severities; do
-			local pri=$((fval * 8 + sval))
-			append_conf "    $param        pri ^${pri}$"
+	# facility_level is a list value, hence, generate regex for
+	# each value
+	IFS=" "
+	for val in $facility_level; do
+		# as per rfc 5424 and 3164, pri in syslog msg is
+		# facility*8+severity. Severity value can range from 0-7 hence
+		# generate regex for each.
+		for sval in 0 1 2 3 4 5 6 7; do
+			pri=`expr $val \* 8 + $sval`
+			append_conf "    regex        pri $pri"
 		done
 	done
-
-	append_conf ""
 }

-generate_pattern_filter() {
+generate_severity_regex() {
+	local sev_level="$1"
+	local sev_compare="$2"
+	local sev_action="$3"
+
+	local pri=0
+	local param="exclude"
+
+	if [ "$sev_action" == "0" ]; then
+		param="regex"
+	fi
+
+	local fval=0
+	if [ "$sev_compare" == "0" ]; then
+		# generate regex for all facility values, with severity=sev_level
+		while [ $fval -le 23 ] ; do
+			pri=`expr $fval \* 8 + $sev_level`
+			append_conf "    $param        pri $pri"
+			fval=$((fval + 1))
+		done
+	elif [ "$sev_compare" == "1" ]; then
+		# generate regex for all severity value greater than or equal to
+		# sev_level. please, lower value have higher precedence, so sev_level
+		# 0 which is emergency has higher precedence than error which is 3
+		while [ $fval -le 23 ] ; do
+			sval=0
+			while [ $sev_level -ge $sval ]; do
+				pri=`expr $fval \* 8 + $sval`
+				append_conf "    $param        pri $pri"
+				sval=$((sval + 1))
+			done
+			fval=$((fval + 1))
+		done
+	fi
+}
+
+handle_filter_conf() {
+	local section="$1" # config filter
+	local filter_name="$2"
+	local name
+
+	# no need to proceed if name of filter section is not one of the values
+	# listed in option filter in config action section
+	config_get name $section name
+	if [ "$name" != "$filter_name" ]; then
+		return
+	fi
+
+	# as per data model, at a time either facility_level or severity_level can
+	# be specified along with pattern_match. hence, first process and generate
+	# regex for pattern_match which is common in both condition. Next, we will
+	# process facility_level and return if facility level is defined and not
+	# process severity related params at all.
+
+	local pattern_match
+	config_get pattern_match $section pattern_match
+	if [ -n "$pattern_match" ]; then
+		append_conf "    regex        $pattern_match"
+	fi
+
+	local facility_level
+	config_get facility_level $section facility_level
+
+	if [ -n "$facility_level" ]; then
+		generate_facility_regex $facility_level
+		# return from here since if facility_level is defined, then no
+		# need to process severity_level
+		return
+	fi
+
+	local sev_level
+	local sev_compare
+	local sev_action
+	config_get sev_level $section severity_level
+
+	if [ -n "$sev_level" ]; then
+		# value 1 of severity compare corresponds to data model
+		# and system default which is EqualorHigher
+		config_get sev_compare $section severity_compare 1
+		# value 0 of severity action corresponds to data model
+		# and system default that is log
+		config_get sev_action $section severity_action 0
+
+		generate_severity_regex $sev_level $sev_compare $sev_action
+	fi
+}
+
+create_filter_section() {
 	local match_regex="$1"
-	local match_pattern="$2"

 	[ -z "$match_regex" ] && return
-	[ -z "$match_pattern" ] && return

-	# start adding the fluent-bit filter section
-	create_filter_section "$match_regex" "1"
-	append_conf "    regex        message $match_pattern"
-	append_conf ""
+	append_conf "[FILTER]"
+	append_conf "    name        grep"
+	append_conf "    match_regex       $match_regex"
+	append_conf "    logical_op  or" # handle multiple filters
+}
+
+handle_filter_ref() {
+	local filter_name="$1"
+	config_foreach handle_filter_conf filter "$filter_name"
 }

 handle_log_file() {
@@ -298,7 +275,6 @@ handle_log_file() {
 	append_conf "    match_regex  $match_regex"
 	append_conf "    file         $file"

-
 	if [ -n "$template" ]; then
 		append_conf "    format       template"
 		append_conf "    template     ${template}"
@@ -373,7 +349,7 @@ handle_log_remote() {
 resolve_source_section() {
 	local src_section="$1"
 	local linker="$2"
-	local src_name syslog_en kernel_en
+	local src_name syslog_en kernel_en source_tag_syslog source_tag_kmsg

 	config_get src_name "$src_section" name
 	[ "$src_name" = "$linker" ] || return
@@ -388,11 +364,13 @@ resolve_source_section() {
 	if [ "$syslog_en" = "1" ]; then
 		source_tag_syslog="SL$src_name"
 		create_input_section "$source_tag_syslog"
+		action_tags="$source_tag_syslog $action_tags"
 	fi

 	if [ "$kernel_en" = "1" ]; then
 		source_tag_kmsg="KM$src_name"
 		create_kmsg_input_section "$source_tag_kmsg"
+		action_tags="$source_tag_kmsg $action_tags"
 	fi
 }

@@ -428,30 +406,10 @@ build_match_regex() {
 	echo "$regex"
 }

-handle_filter_conf() {
-	local section="$1" # config filter
-	local filter_name="$2"
-	local name
-
-	config_get name $section name
-	[ "$name" = "$filter_name" ] || return
-
-	populate_allowed_logs "$filter_name"
-}
-
 handle_action() {
-	local tag_regex filter source_ref template_ref source_sec log_template finst
+	local tag_regex filter source_ref template_ref source_sec log_template
 	local action_section="$1"
-	local source_tag_syslog source_tag_kmsg
-
-	# shared variables set by populate_allowed_logs
-	match_pattern=""
-	facilities=""
-	all_facilities=0
-	kern_facility=1
-	severities=""
-	sev_compare=1
-	sev_action=0
+	local action_tags=""

 	config_get action_name "$action_section" name
 	config_get filter "$action_section" filter
@@ -461,26 +419,27 @@ handle_action() {
 	[ -z "$action_name" ] && return
 	[ -z "$source_ref" ] && return

-	# read filter section and populate relevant variables
-	# these variables will be used by create_kmsg_input_section
-	# generate_syslog_filter, and generate_pattern_filter functions
-	if [ -n "$filter" ]; then
-		for finst in $filter; do
-			config_foreach handle_filter_conf filter "$finst"
-		done
-	fi
-
 	# Resolve referenced source sections
 	for source_sec in $source_ref; do
 		config_foreach resolve_source_section source "$source_sec"
 	done

 	# build a regex that will match all the sources for this action
-	tag_regex=$(build_match_regex "$source_tag_syslog $source_tag_kmsg")
+	tag_regex=$(build_match_regex "$action_tags")

 	if [ -n "$filter" ]; then
-		generate_pattern_filter "$tag_regex" "$match_pattern"
-		generate_syslog_filter
+		# the only fluentbit filter that is useful for the datamodel is
+		# grep. Also, fluentbit does not seem to handle multiple instances
+		# of FILTER of same kind. Hence, each filter section corresponding
+		# to an action entry in the uci would translate for us into a set of
+		# regex/exclude values instead of individual FILTER section per uci
+		# section filter is a list, treat according
+		create_filter_section "$tag_regex"
+
+		IFS=" "
+		for finst in $filter; do
+			handle_filter_ref $finst
+		done
 	fi

 	# get the template expression if any is present
--- a/map-agent/Config.in
+++ b/map-agent/Config.in
@@ -55,10 +55,6 @@ config AGENT_OPER_CHANNEL_CHANGE_RELAY_MCAST
 config AGENT_USE_LIBDPP
 	bool "Depend on libdpp for DPP EasyConnect"

-config AGENT_ZEROTOUCH_DPP
-	bool "Enable Zero-touch DPP bootstrapping. Depends on libztdpp.so"
-	default n
-
 config AGENT_CHECK_PARTIAL_WIFI_RELOAD
 	bool "Option that allow SSID/PSK simple reload"
 	default y
--- a/map-agent/Makefile
+++ b/map-agent/Makefile
@@ -1,14 +1,13 @@
 #
-# Copyright (C) 2020-2024 IOPSYS Software Solutions AB
-# Copyright (C) 2025 Genexis Sweden AB
+# Copyright (C) 2020-2023 IOPSYS Software Solutions AB
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-agent
-PKG_VERSION:=6.4.3.0
+PKG_VERSION:=6.4.1.6
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=bb4e5b3a9ee594ac07d3f9df5f47c5df595d8037
+PKG_SOURCE_VERSION:=ed2e65007c2a0bacb642b0e72b803df64ef826ed
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@iopsys.eu>

 PKG_LICENSE:=BSD-3-Clause
@@ -27,7 +26,7 @@ include $(INCLUDE_DIR)/package.mk
 define Package/map-agent
  SECTION:=utils
  CATEGORY:=Utilities
-  TITLE:=Wi-Fi Multi-AP Agent (EasyMesh R6)
+  TITLE:=WiFi multi-AP Agent (EasyMesh R2)
  DEPENDS:=+libwifi +libuci +libubox +ubus +libeasy +libieee1905 +ieee1905 \
 	   +ieee1905-map-plugin +ip-bridge +AGENT_USE_LIBDPP:libdpp \
 	   +uuidgen +openssl-util +!TARGET_brcmbca:ebtables-legacy \
@@ -38,12 +37,8 @@ ifeq ($(CONFIG_AGENT_USE_LIBDPP),y)
  TARGET_CFLAGS += -DUSE_LIBDPP
 endif

-ifeq ($(CONFIG_AGENT_ZEROTOUCH_DPP),y)
-  TARGET_CFLAGS += -DZEROTOUCH_DPP
-endif
-
 define Package/map-agent/description
-  This package provides EasyMesh R6 compliant Wi-Fi Multi-AP Agent.
+ This package implements EasyMesh R2 compliant WiFi Agent.
 endef

 define Package/map-agent/config
--- a/map-controller/Config.in
+++ b/map-controller/Config.in
@@ -39,10 +39,6 @@ config CONTROLLER_EASYMESH_VENDOR_EXT_OUI
 config CONTROLLER_USE_LIBDPP
 	bool "Depend on libdpp for DPP EasyConnect"

-config CONTROLLER_ZEROTOUCH_DPP
-	bool "Enable Zero-touch DPP bootstrapping via passphrase."
-	default n
-
 config CONTROLLER_PROPAGATE_PROBE_REQ
 	depends on CONTROLLER_EASYMESH_VENDOR_EXT
 	bool "Enable publishing probe requests vendor specific messages as UBUS events"
--- a/map-controller/Makefile
+++ b/map-controller/Makefile
@@ -6,9 +6,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-controller
-PKG_VERSION:=6.4.4.0
+PKG_VERSION:=6.4.1.0
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_SOURCE_VERSION:=d2e91ca156dbe0b44f0fc551b0a353137343fdf1
+PKG_SOURCE_VERSION:=45355bd49d9260c666b4d1e629184878cec3f72d
 PKG_MAINTAINER:=Jakob Olsson <jakob.olsson@genexis.eu>

 LOCAL_DEV=0
@@ -36,9 +36,6 @@ ifeq ($(CONFIG_CONTROLLER_USE_LIBDPP),y)
  TARGET_CFLAGS += -DUSE_LIBDPP
 endif

-ifeq ($(CONFIG_CONTROLLER_ZEROTOUCH_DPP),y)
-  TARGET_CFLAGS += -DZEROTOUCH_DPP
-endif

 define Package/map-controller/description
 This package provides WiFi MultiAP Controller as per the EasyMesh-R2 specs.
@@ -84,7 +81,6 @@ define Build/InstallDev
 	$(CP) $(PKG_BUILD_DIR)/src/cntlr_commands_impl.h $(1)/usr/include/map-controller
 	$(CP) $(PKG_BUILD_DIR)/src/cntlr_commands.h $(1)/usr/include/map-controller
 	$(CP) $(PKG_BUILD_DIR)/src/cntlr_apis.h $(1)/usr/include/map-controller
-	$(CP) $(PKG_BUILD_DIR)/src/cntlr_plugin.h $(1)/usr/include/map-controller
 	$(CP) $(PKG_BUILD_DIR)/src/wifi_opclass.h $(1)/usr/include/map-controller
 	$(CP) $(PKG_BUILD_DIR)/src/steer_module.h $(1)/usr/include/map-controller
 	$(CP) $(PKG_BUILD_DIR)/src/timer.h $(1)/usr/include/map-controller
--- a/map-controller/files/etc/config/mapcontroller
+++ b/map-controller/files/etc/config/mapcontroller
@@ -4,13 +4,14 @@ config controller 'controller'
 	option registrar '2 5 6'
 	option debug '2'
 	option bcn_metrics_max_num '10'
+	option initial_channel_scan '0'
 	option enable_ts '0'
 	option primary_vid '1'
 	option primary_pcp '0'
 	option stale_sta_timeout '20d'
 	option de_collect_interval '60'

-config sta_steering 'sta_steering'
+config sta_steering
 	option enable_sta_steer '1'
 	option enable_bsta_steer '0'
 	option rcpi_threshold_2g '70'
@@ -23,7 +24,7 @@ config sta_steering 'sta_steering'
 	option plugins_policy 'any'
 	list plugins 'rcpi'

-config channel_plan 'channel_plan'
+config channel_plan
 	option preclear_dfs '0'
 	option acs '0'

--- a/map-controller/files/etc/init.d/mapcontroller
+++ b/map-controller/files/etc/init.d/mapcontroller
@@ -20,6 +20,7 @@ validate_controller_section() {
 		'registrar:string' \
 		'debug:range(0,16)' \
 		'bcn_metrics_max_num:range(1,256)' \
+		'initial_channel_scan:bool:true' \
 		'resend_num:uinteger:0' \
 		'allow_bgdfs:range(0,2629744)' \
 		'stale_sta_timeout:string' \
--- a/map-controller/files/etc/uci-defaults/99-mapcntlr-uci-rename-singletons
+++ b/map-controller/files/etc/uci-defaults/99-mapcntlr-uci-rename-singletons
@@ -1,18 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-cfg=mapcontroller
-
-# singleton sections
-sections="channel_plan sta_steering"
-
-for sec in $sections; do
-    # find unnamed section of given type, only index 0
-    s=$(uci show $cfg | grep -oE "@${sec}\[0\]" | sort -u)
-    [ "$s" = "" ] && continue
-
-    uci rename $cfg.$s=$sec
-done
-
-uci commit $cfg
--- a/map-plugins/Makefile
+++ b/map-plugins/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=map-plugins
-PKG_VERSION:=1.2.1
+PKG_VERSION:=0.0.4

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=a76610182366cf05ed7e8f5fbac26890b709eeb4
+PKG_SOURCE_VERSION:=74bf151851112ecee731d447af016c8dc668adcf
 PKG_SOURCE_URL:=https://dev.iopsys.eu/multi-ap/map-plugins.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -27,18 +27,11 @@ include $(INCLUDE_DIR)/package.mk

 include $(wildcard plugins/*.mk)

-TARGET_CFLAGS += \
-	-I$(STAGING_DIR)/usr/include \
-	-I$(STAGING_DIR)/usr/include/libnl3 \
-	-D_GNU_SOURCE
-
 MAKE_FLAGS += \
 	CFLAGS="$(TARGET_CFLAGS) -Wall"

 plugins := \
-	$(if $(CONFIG_PACKAGE_map-plugins-steer-rate),steer-rate)   \
-	$(if $(CONFIG_PACKAGE_map-plugins-bsteer),bsteer) \
-	$(if $(CONFIG_PACKAGE_map-plugins-zero-touch),zero-touch)
+	$(if $(CONFIG_PACKAGE_map-plugins-steer-rate),steer-rate)

 ppkg:=$(patsubst plugins/%.mk,map-plugins-%,$(wildcard plugins/*.mk))

@@ -59,8 +52,7 @@ define Package/map-plugins
 endef

 define Package/map-plugins/description
-	Provides extra Multi-AP services viz. steering, channel-planning,
-	self-organizing network, zero-touch onboarding etc.
+	Provides extra Multi-AP services viz. steering, channel-planning etc.
 endef

 define Package/map-plugins/install
@@ -68,8 +60,9 @@ define Package/map-plugins/install
 endef

 define Build/Compile
-	$(foreach p,$(plugins),$(call Build/Compile/map-plugins-$(p), $(1)))
+	$(foreach p,$(ppkg),$(call Build/Compile/$(p),$(1)))
 endef

+
 $(eval $(call BuildPackage,map-plugins))
 $(eval $(foreach p,$(ppkg),$(call BuildPackage,$(p))))
--- a/map-plugins/plugins/bsteer.mk
+++ b/map-plugins/plugins/bsteer.mk
@@ -1,20 +0,0 @@
-define Package/map-plugins-bsteer
-	$(call Package/map-plugins/Default)
-	TITLE:=Wi-Fi backhaul steering plugin based on maximizing backhaul throughput
-	DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
-		 +libjson-c +libblobmsg-json +map-controller \
-		 +map-plugins
-endef
-
-define Package/map-plugins-bsteer/install
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(INSTALL_DIR) $(1)/usr/lib/mapcontroller
-	$(CP) $(PKG_BUILD_DIR)/steer/bsteer/bsteer.so $(1)/usr/lib/mapcontroller/bsteer.so
-endef
-
-define Build/Compile/map-plugins-bsteer
-	$(MAKE) -C $(PKG_BUILD_DIR)/steer/bsteer \
-		CC="$(TARGET_CC)" \
-		CFLAGS="$(TARGET_CFLAGS)" \
-		LDFLAGS="$(TARGET_LDFLAGS)";
-endef
--- a/map-plugins/plugins/steer-rate.mk
+++ b/map-plugins/plugins/steer-rate.mk
@@ -16,5 +16,5 @@ define Build/Compile/map-plugins-steer-rate
 	$(MAKE) -C $(PKG_BUILD_DIR)/steer/rate \
 		CC="$(TARGET_CC)" \
 		CFLAGS="$(TARGET_CFLAGS)" \
-		LDFLAGS="$(TARGET_LDFLAGS)";
+		LDFLAGS="$(TARGET_LDFLAGS)"
 endef
--- a/map-plugins/plugins/zero-touch.mk
+++ b/map-plugins/plugins/zero-touch.mk
@@ -1,22 +0,0 @@
-define Package/map-plugins-zero-touch
-	$(call Package/map-plugins/Default)
-	TITLE:=Full Zero-touch bootstrapping of Wi-Fi Repeater device(s)
-	DEPENDS= +libubox +libuci +libubus +libeasy +libnl-genl \
-		 +libjson-c +libblobmsg-json +map-controller \
-		 +map-plugins
-endef
-
-define Package/map-plugins-zero-touch/install
-	$(INSTALL_DIR) $(1)/usr/lib
-	$(INSTALL_DIR) $(1)/usr/lib/mapcontroller
-	$(CP) $(PKG_BUILD_DIR)/zero-touch/zerotouch.so $(1)/usr/lib/mapcontroller/zerotouch.so
-	$(CP) $(PKG_BUILD_DIR)/zero-touch/libztdpp.so $(1)/usr/lib/libztdpp.so
-
-endef
-
-define Build/Compile/map-plugins-zero-touch
-	$(MAKE) -C $(PKG_BUILD_DIR)/zero-touch \
-		CC="$(TARGET_CC)" \
-		CFLAGS="$(TARGET_CFLAGS)" \
-		LDFLAGS="$(TARGET_LDFLAGS)";
-endef
--- a/mosquitto-auth-shadow/Config.in
+++ b/mosquitto-auth-shadow/Config.in
@@ -1,7 +0,0 @@
-if PACKAGE_mosquitto-auth-shadow
-
-config MOSQUITTO_AUTH_PAM_SUPPORT
-	bool "Enable support of Linux PAM module for Authentication"
-	default y
-
-endif
--- a/mosquitto-auth-shadow/Makefile
+++ b/mosquitto-auth-shadow/Makefile
@@ -14,13 +14,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=mosquitto-auth-shadow
-PKG_VERSION:=1.1.0
+PKG_VERSION:=1.0.1

 PKG_MAINTAINER:=Erik Karlsson <erik.karlsson@genexis.eu>
 PKG_LICENSE:=EPL-2.0

 PKG_BUILD_PARALLEL:=1
-PKG_CONFIG_DEPENDS:=CONFIG_MOSQUITTO_AUTH_PAM_SUPPORT

 include $(INCLUDE_DIR)/package.mk

@@ -28,7 +27,7 @@ define Package/mosquitto-auth-shadow
  SECTION:=net
  CATEGORY:=Network
  TITLE:=mosquitto - /etc/shadow authentication plugin
-  DEPENDS:=+mosquitto-ssl +MOSQUITTO_AUTH_PAM_SUPPORT:libpam
+  DEPENDS:=+mosquitto-ssl
  USERID:=mosquitto=200:mosquitto=200 mosquitto=200:shadow=11
 endef

@@ -37,14 +36,6 @@ define Package/mosquitto-auth-shadow/description
  users using /etc/shadow
 endef

-define Package/mosquitto-auth-shadow/config
-	source "$(SOURCE)/Config.in"
-endef
-
-ifeq ($(CONFIG_MOSQUITTO_AUTH_PAM_SUPPORT),y)
-TARGET_CFLAGS+=-DENABLE_PAM_SUPPORT
-endif
-
 define Package/mosquitto-auth-shadow/install
 	$(INSTALL_DIR) $(1)/usr/lib
 	$(INSTALL_BIN) $(PKG_BUILD_DIR)/mosquitto_auth_shadow.so $(1)/usr/lib/
--- a/mosquitto-auth-shadow/src/Makefile
+++ b/mosquitto-auth-shadow/src/Makefile
@@ -19,7 +19,7 @@ all: $(TARGETS)
 	$(CC) $(CFLAGS) -Wall -Werror -fPIC -c -o $@ $<

 mosquitto_auth_shadow.so: mosquitto_auth_shadow.pic.o
-	$(CC) $(LDFLAGS) -shared -o $@ $^ $(if $(filter -DENABLE_PAM_SUPPORT,$(CFLAGS)),-lpam)
+	$(CC) $(LDFLAGS) -shared -o $@ $^

 clean:
 	rm -f *.o $(TARGETS)
--- a/mosquitto-auth-shadow/src/mosquitto_auth_shadow.c
+++ b/mosquitto-auth-shadow/src/mosquitto_auth_shadow.c
@@ -15,78 +15,22 @@
 #include <string.h>
 #include <shadow.h>
 #include <crypt.h>
-#include <stdlib.h>
 #include <mosquitto.h>
 #include <mosquitto_broker.h>
 #include <mosquitto_plugin.h>

-#ifdef ENABLE_PAM_SUPPORT
-#include <security/pam_appl.h>
-
-static int pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
-{
-	int i;
-	const char *pass = (const char *)appdata_ptr;
-
-	*resp = calloc(num_msg, sizeof(struct pam_response));
-	if (*resp == NULL) {
-		mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed to allocate buffer for validation");
-		return PAM_BUF_ERR;
-	}
-
-	if (pass == NULL)
-		return PAM_SUCCESS;
-
-	for (i = 0; i < num_msg; ++i) {
-		if (msg[i]->msg_style == PAM_PROMPT_ECHO_OFF) {
-			(*resp)[i].resp = strdup(pass);
-			if ((*resp)[i].resp == NULL) {
-				for (int j = 0; j < i ; j++)
-					free((*resp)[j].resp);
-
-				free(*resp);
-				*resp = NULL;
-				mosquitto_log_printf(MOSQ_LOG_ERR, "pam failed in strdup");
-				return PAM_BUF_ERR;
-			}
-		}
-	}
-	return PAM_SUCCESS;
-}
-
-static int process_pam_auth_callback(struct mosquitto_evt_basic_auth *ed)
-{
-	struct pam_conv conv;
-	int retval;
-	pam_handle_t *pamh = NULL;
-
-	conv.conv = pam_conversation;
-	conv.appdata_ptr = (void *)ed->password;
-
-	retval = pam_start("mosquitto", ed->username, &conv, &pamh);
-	if (retval != PAM_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_ERR, "pam start failed: %s", pam_strerror(pamh, retval));
-		return MOSQ_ERR_AUTH;
-	}
-
-	retval = pam_authenticate(pamh, 0);
-	pam_end(pamh, retval);
-	if (retval == PAM_SUCCESS) {
-		mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] logged in", ed->username);
-		return MOSQ_ERR_SUCCESS;
-	}
-
-	mosquitto_log_printf(MOSQ_LOG_NOTICE, "pam user [%s] failed authentication, err [%s]", ed->username, pam_strerror(pamh, retval));
-	return MOSQ_ERR_AUTH;
-}
-#else
-static int process_shadow_auth_callback(struct mosquitto_evt_basic_auth *ed)
+static int basic_auth_callback(int event, void *event_data, void *userdata)
 {
+	struct mosquitto_evt_basic_auth *ed = event_data;
 	struct spwd spbuf, *sp = NULL;
 	char buf[256];
 	struct crypt_data data;
 	char *hash;

+	/* Let other plugins or broker decide about anonymous login */
+	if (ed->username == NULL)
+		return MOSQ_ERR_PLUGIN_DEFER;
+
 	getspnam_r(ed->username, &spbuf, buf, sizeof(buf), &sp);

 	if (sp == NULL || sp->sp_pwdp == NULL)
@@ -110,22 +54,6 @@ static int process_shadow_auth_callback(struct mosquitto_evt_basic_auth *ed)

 	return MOSQ_ERR_AUTH;
 }
-#endif
-
-static int basic_auth_callback(int event, void *event_data, void *userdata)
-{
-	struct mosquitto_evt_basic_auth *ed = event_data;
-
-	/* Let other plugins or broker decide about anonymous login */
-	if (ed->username == NULL)
-		return MOSQ_ERR_PLUGIN_DEFER;
-
-#ifdef ENABLE_PAM_SUPPORT
-	return process_pam_auth_callback(ed);
-#else
-	return process_shadow_auth_callback(ed);
-#endif
-}

 int mosquitto_plugin_version(int supported_version_count,
 			     const int *supported_versions)
--- a/obuspa/Makefile
+++ b/obuspa/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=obuspa
-PKG_VERSION:=10.0.7.4
+PKG_VERSION:=10.0.7.0

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/obuspa.git
-PKG_SOURCE_VERSION:=84d5ae575134d501b8ca171a5a65c6f410f01d08
+PKG_SOURCE_VERSION:=6584b9f8facf0e688b80ca40d5961bad3f4922f8
 PKG_MAINTAINER:=Vivek Dutta <vivek.dutta@iopsys.eu>
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
--- a/obuspa/files/etc/init.d/obuspa
+++ b/obuspa/files/etc/init.d/obuspa
@@ -6,7 +6,7 @@ USE_PROCD=1

 PROG=/usr/sbin/obuspa
 CONFIGURATION=obuspa
-FIRST_BOOT="/etc/obuspa/boot_marker"
+
 ENV_PROFILE="/root/.profile"
 KEEP_FILE="/lib/upgrade/keep.d/obuspa"

@@ -871,12 +871,6 @@ sync_uci_with_db()
 		return 0;
 	fi

-	# Skip overriding uci in case of Firstboot
-	if [ ! -f "${FIRST_BOOT}" ]; then
-		return 0
-	fi
-
-	log "Syncing obuspa uci with usp.db ...."
 	config_load obuspa
 	sync_db_controller
 	sync_db_localagent_mtp
@@ -984,6 +978,7 @@ db_init()
 		# Only do this if db have reasonable data
 		val="$(awk 'END{print NR}' ${DB_DUMP})"
 		if [ "$val" -gt 15 ]; then
+			log "Syncing obuspa uci with usp.db ...."
 			sync_uci_with_db
 		fi
 	fi
@@ -1031,7 +1026,6 @@ db_init()
 		cat ${CTRUST_RESET_FILE} >> ${RESET_FILE}
 		rm ${CTRUST_RESET_FILE}
 	fi
-	[ -f "${FIRST_BOOT}" ] || touch "${FIRST_BOOT}"
 }

 start_service() {
@@ -1049,6 +1043,7 @@ start_service() {
 		procd_set_param respawn \
 			"${respawn_threshold:-10}" \
 			"${respawn_timeout:-10}" "${respawn_retry:-5}"
+		#procd_set_param limits core="unlimited"
 	fi
 	procd_close_instance ${CONFIGURATION}
 }
--- a/packet-capture-diagnostics/files/scripts/packetcapture
+++ b/packet-capture-diagnostics/files/scripts/packetcapture
@@ -97,13 +97,15 @@ packet_capture_launch() {
 	fi

 	if [ -n "${interface}" ]; then
-		intf=$(ifstatus "${interface}" | jsonfilter -e '$.l3_device')
+		intf=$(ifstatus "${interface}" | jq ".l3_device")

 		if [ -z "${intf}" ]; then
 			# Error
 			packet_capture_error "Error_Internal" "${proto}"
 			return
 		fi
+
+		intf=$(eval echo "${intf}")
 	fi

 	cmd="timeout ${duration} tcpdump -w ${filename}"
--- a/parental-control/Makefile
+++ b/parental-control/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=parental-control
-PKG_VERSION:=1.4.1
+PKG_VERSION:=1.3.1

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/network/parental-control.git
-PKG_SOURCE_VERSION:=995bbe59d74a3b589dd3b7f4491875e37aa7e24a
+PKG_SOURCE_VERSION:=b1e5b3f81f08271bdaf9cb4bda8a7696a27be3c6
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/parental-control/files/etc/init.d/parentalcontrol
+++ b/parental-control/files/etc/init.d/parentalcontrol
@@ -12,9 +12,7 @@ validate_global_section() {
 	uci_validate_section parentalcontrol globals globals \
 	    'enable:bool:1' \
 	    'loglevel:uinteger:3' \
-	    'queue_num:uinteger:53' \
 	    'bundle_path:string' \
-	    'default_wan_interface:string:wan' \
 	    'urlfilter:bool'
 }

@@ -26,12 +24,11 @@ remove_fw_rules() {
 }

 configure_fw_rules() {
-	local enable urlfilter queue_num
+	local enable urlfilter

 	config_load parentalcontrol
 	config_get_bool enable globals enable 0
 	config_get_bool urlfilter globals urlfilter 0
-	config_get queue_num globals queue_num 53

 	remove_fw_rules

@@ -40,11 +37,6 @@ configure_fw_rules() {
 		return 0
 	fi

-	if [ "${queue_num}" -lt 0 ] || [ "${queue_num}" -gt 65535 ]; then
-	        log "ERROR: queue_num not in 0-65535"
-		return 1
-	fi
-
 	if [ "${urlfilter}" -eq "1" ]; then
 		if [ ! -f "${OVERRIDE_JSON}" ]; then
 			# throw error
@@ -56,11 +48,11 @@ configure_fw_rules() {
 				hw_nat -! > /dev/null 2>&1
 			fi
 			if which conntrack > /dev/null 2>&1; then
-				flush_conntrack_for_hosts
+				conntrack -F > /dev/null 2>&1
 			fi

 			# this is for urlfilter daemon
-			add_iptables_nfqueue_rules "$queue_num"
+			add_iptables_nfqueue_rules
 		fi
 	fi

@@ -115,7 +107,7 @@ start_service() {

 	procd_open_instance "parentalcontrol"
 	procd_set_param command nice -n 10 "${PROG}"  # Lower priority
-	procd_append_param command -l "${loglevel}"
+	procd_append_param command -l ${loglevel}
 	procd_set_param respawn
 	procd_close_instance
 }
@@ -128,19 +120,11 @@ stop_service() {
 }

 reload_service() {
-	local arg="$1"
-
 	ret=$(ubus call service list '{"name":"parentalcontrol"}' | jsonfilter -qe '@.parentalcontrol.instances.parentalcontrol.running')
 	if [ "$ret" != "true" ]; then
 		stop
 		start
 	else
-		if [ "$arg" = "network" ]; then
-			pidof_sync="$(pidof sync_bundles.sh)"
-			[ -n "$pidof_sync" ] && kill "$pidof_sync"
-			sleep 5
-		fi
-
 		configure_fw_rules
 		copy_dhcp_leases
 		ubus send parentalcontrol.reload
@@ -148,19 +132,6 @@ reload_service() {
 }

 service_triggers() {
-	local enable urlfilter default_wan_interface 
-
-	validate_global_section || {
-		return 1
-	}
-
-	if [ "${urlfilter}" = "1" ] && [ "$enable" = "1" ] && [ -n "$default_wan_interface" ]; then
-		log "Adding interface trigger for $default_wan_interface"
-		procd_open_trigger
-		procd_add_interface_trigger "interface.*.up" "$default_wan_interface" /etc/init.d/parentalcontrol reload "network"
-		procd_close_trigger
-	fi
-
 	procd_add_reload_trigger "parentalcontrol"
 	procd_add_reload_trigger "schedules"
 }
--- a/parental-control/files/lib/parentalcontrol/parentalcontrol.sh
+++ b/parental-control/files/lib/parentalcontrol/parentalcontrol.sh
@@ -438,118 +438,102 @@ add_internet_schedule_rules() {
 }

 add_iptables_nfqueue_rules() {
-    local queue_num="$1"
+	local filter_used

-    # Check if urlfilter used
-    if ! uci show parentalcontrol | grep -q profile_urlfilter; then
-        return
-    fi
+	# Check if urlfilter used
+	if ! uci show parentalcontrol | grep -q profile_urlfilter; then
+		return
+	fi

-    # IPv4
-    # FORWARD
-    if ! iptables -w -nL | grep -q "URLFILTER_FORWARD"; then
-        iptables -w -N URLFILTER_FORWARD
-        iptables -w -I FORWARD 1 -j URLFILTER_FORWARD
+	# IPv4 rules
+	iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
+	if [ "$?" -ne 0 ]; then
+		# capture DNS responses (UDP/TCP sport 53) in FORWARD
+		iptables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass

-        # capture DNS responses (sport 53)
-        iptables -w -A URLFILTER_FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
-        iptables -w -A URLFILTER_FORWARD -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
+		# INPUT: DNS replies to router, skip loopback
+		iptables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass

-        # HTTP/HTTPS flows
-        iptables -w -A URLFILTER_FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
-        iptables -w -A URLFILTER_FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
+		# OUTPUT: DNS replies from router, skip loopback
+		iptables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass

-    # INPUT
-    if ! iptables -w -nL | grep -q "URLFILTER_INPUT"; then
-        iptables -w -N URLFILTER_INPUT
-        iptables -w -I INPUT 1 -j URLFILTER_INPUT
+		# HTTP/HTTPS flows for urlfilter
+		iptables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass

-        iptables -w -A URLFILTER_INPUT -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-        iptables -w -A URLFILTER_INPUT -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
+		# disable acceleration for https packet so that they can be read by urlfilter
+		ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -A FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
+	fi

-    # OUTPUT
-    if ! iptables -w -nL | grep -q "URLFILTER_OUTPUT"; then
-        iptables -w -N URLFILTER_OUTPUT
-        iptables -w -I OUTPUT 1 -j URLFILTER_OUTPUT
+	# IPv6 rules
+	ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
+	if [ "$?" -ne 0 ]; then
+		# capture DNS responses (UDP/TCP sport 53) in FORWARD
+		ip6tables -w -I FORWARD 1 -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -I FORWARD 1 -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass

-        iptables -w -A URLFILTER_OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-        iptables -w -A URLFILTER_OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
+		# INPUT: DNS replies to router, skip loopback
+		ip6tables -w -I INPUT 1 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -I INPUT 1 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass

-    # ebtables bypass for IPv4
-    ebtables --concurrent -A FORWARD -p ip --ip-protocol 6  --ip-destination-port 443 -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -A FORWARD -p ip --ip-protocol 6  --ip-source-port 53    -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -A FORWARD -p ip --ip-protocol 17 --ip-source-port 53    -j SKIPLOG 2>/dev/null
+		# OUTPUT: DNS replies from router, skip loopback
+		ip6tables -w -I OUTPUT 1 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -I OUTPUT 1 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass

-    # IPv6
-    # FORWARD
-    if ! ip6tables -w -nL | grep -q "URLFILTER_FORWARD6"; then
-        ip6tables -w -N URLFILTER_FORWARD6
-        ip6tables -w -I FORWARD 1 -j URLFILTER_FORWARD6
+		# HTTP/HTTPS flows for urlfilter
+		ip6tables -w -I FORWARD 1 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -I FORWARD 1 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass

-        ip6tables -w -A URLFILTER_FORWARD6 -p tcp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
-        ip6tables -w -A URLFILTER_FORWARD6 -p udp --sport 53 -j NFQUEUE --queue-num $queue_num --queue-bypass
-
-        ip6tables -w -A URLFILTER_FORWARD6 -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
-        ip6tables -w -A URLFILTER_FORWARD6 -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
-
-    # INPUT
-    if ! ip6tables -w -nL | grep -q "URLFILTER_INPUT6"; then
-        ip6tables -w -N URLFILTER_INPUT6
-        ip6tables -w -I INPUT 1 -j URLFILTER_INPUT6
-
-        ip6tables -w -A URLFILTER_INPUT6 -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-        ip6tables -w -A URLFILTER_INPUT6 -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
-
-    # OUTPUT
-    if ! ip6tables -w -nL | grep -q "URLFILTER_OUTPUT6"; then
-        ip6tables -w -N URLFILTER_OUTPUT6
-        ip6tables -w -I OUTPUT 1 -j URLFILTER_OUTPUT6
-
-        ip6tables -w -A URLFILTER_OUTPUT6 -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-        ip6tables -w -A URLFILTER_OUTPUT6 -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num $queue_num --queue-bypass
-    fi
-
-    # ebtables bypass for IPv6
-    ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6  --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6  --ip6-source-port 53    -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53    -j SKIPLOG 2>/dev/null
+		# disable acceleration for https packet so that they can be read by urlfilter
+		ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -A FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
+	fi
 }

 remove_iptables_nfqueue_rules() {
-    # IPv4
-    for chain in URLFILTER_FORWARD URLFILTER_INPUT URLFILTER_OUTPUT; do
-        if iptables -w -nL | grep -q "$chain"; then
-            iptables -w -D FORWARD -j $chain 2>/dev/null
-            iptables -w -D INPUT   -j $chain 2>/dev/null
-            iptables -w -D OUTPUT  -j $chain 2>/dev/null
-            iptables -w -F $chain
-            iptables -w -X $chain
-        fi
-    done
+	iptables -w -nL FORWARD | grep -iqE "NFQUEUE"
+	if [ "$?" -eq 0 ]; then
+		# DNS response rules
+		iptables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D INPUT  -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D INPUT  -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass

-    ebtables --concurrent -D FORWARD -p ip --ip-protocol 6  --ip-destination-port 443 -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -D FORWARD -p ip --ip-protocol 6  --ip-source-port 53    -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53    -j SKIPLOG 2>/dev/null
+		# HTTP/HTTPS
+		iptables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
+		iptables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass

-    # IPv6
-    for chain in URLFILTER_FORWARD6 URLFILTER_INPUT6 URLFILTER_OUTPUT6; do
-        if ip6tables -w -nL | grep -q "$chain"; then
-            ip6tables -w -D FORWARD -j $chain 2>/dev/null
-            ip6tables -w -D INPUT   -j $chain 2>/dev/null
-            ip6tables -w -D OUTPUT  -j $chain 2>/dev/null
-            ip6tables -w -F $chain
-            ip6tables -w -X $chain
-        fi
-    done
+		ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-destination-port 443 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -D FORWARD -p ip --ip-protocol 6 --ip-source-port 53 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -D FORWARD -p ip --ip-protocol 17 --ip-source-port 53 -j SKIPLOG 2> /dev/null
+	fi

-    ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6  --ip6-destination-port 443 -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6  --ip6-source-port 53    -j SKIPLOG 2>/dev/null
-    ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53    -j SKIPLOG 2>/dev/null
+	ip6tables -w -nL FORWARD | grep -iqE "NFQUEUE"
+	if [ "$?" -eq 0 ]; then
+		# DNS response rules
+		ip6tables -w -D FORWARD -p tcp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D FORWARD -p udp --sport 53 -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D INPUT  -p tcp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D INPUT  -p udp --sport 53 ! -i lo -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D OUTPUT -p tcp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D OUTPUT -p udp --sport 53 ! -o lo -j NFQUEUE --queue-num 0 --queue-bypass
+
+		# HTTP/HTTPS
+		ip6tables -w -D FORWARD -p tcp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
+		ip6tables -w -D FORWARD -p udp --match multiport --ports 80,443 -j NFQUEUE --queue-num 0 --queue-bypass
+
+		ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-destination-port 443 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 6 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
+		ebtables --concurrent -D FORWARD -p ip6 --ip6-protocol 17 --ip6-source-port 53 -j SKIPLOG 2> /dev/null
+	fi
 }

 remove_internet_schedule_rules() {
@@ -567,62 +551,6 @@ remove_internet_schedule_rules() {
 	fi
 }

-# Global array for resolved IPs
-URLFILTER_IPS=""
-
-# Resolve hostname or MAC to IP from lease_file
-get_host_ip() {
-	local host="$1"
-	local ip
-	local lease_file="/tmp/dhcp.leases"
-
-	[ -f "$lease_file" ] || lease_file="/etc/parentalcontrol/dhcp.leases"
-	[ -f "$lease_file" ] || { log "Error: get_host_ip(): No DHCP lease file found."; return 1; }
-
-	# try DHCP lease lookup
-	ip="$(awk -v h="$host" '
-	{
-		mac=$2; ipaddr=$3; name=$4
-		if (h == name || h == mac) { print ipaddr; exit }
-	}' "$lease_file")"
-
-	[ -n "$ip" ] && URLFILTER_IPS="$URLFILTER_IPS $ip"
-}
-
-# Process each profile section
-resolve_profile_hosts() {
-	local section="$1"
-	local hostlist
-
-	config_get hostlist "$section" host
-	[ -z "$hostlist" ] && return
-
-	for h in $hostlist; do
-		get_host_ip "$h"
-	done
-}
-
-# Main function to collect IPs and delete conntrack entries
-flush_conntrack_for_hosts() {
-	URLFILTER_IPS=""
-	local count max
-
-	config_foreach resolve_profile_hosts profile
-
-	URLFILTER_IPS="$(echo "$URLFILTER_IPS" | tr ' ' '\n' | sort -u | xargs)"
-	for ip in $URLFILTER_IPS; do
-		count=0
-		max=1000
-		while conntrack -D -s "$ip" >/dev/null 2>&1; do
-			count=$((count+1))
-			if [ $count -ge $max ]; then
-				log "Warning: Forced to stop conntrack delete after $max deletions for $ip (possible loop)"
-				break
-			fi
-		done
-	done
-}
-
 OVERRIDE_JSON="/etc/parentalcontrol/urlbundle_override.json"
 DM_PLUGIN_PATH="/usr/share/bbfdm/micro_services/parentalcontrol/urlbundle_override.json"

--- a/parental-control/files/lib/parentalcontrol/sync_bundles.sh
+++ b/parental-control/files/lib/parentalcontrol/sync_bundles.sh
@@ -161,23 +161,7 @@ handle_download_url() {
 		# If the URL is HTTP, fetch the file size
 		local bundle_file_size
 		if echo "$sanitized_url" | grep -qE "^https?://"; then
-			bundle_file_header="$(curl -Is --max-time 30 "$sanitized_url" 2>/var/log/urlfilter_curl_err.log)"
-			curl_rc=$?
-
-			case $curl_rc in
-				0)
-					# Success
-					;;
-				6|7|28|35|52|55|56)
-					log_info "handle_download_url: URL not reachable (curl rc=$curl_rc): ${sanitized_url}"
-					return 1
-					;;
-				*)
-					log_info "handle_download_url: unexpected curl rc=$curl_rc for ${sanitized_url}"
-					;;
-			esac
-
-			bundle_file_size="$(echo "$bundle_file_header" | grep -i 'content-length' | cut -d: -f2 | xargs)"
+			bundle_file_size="$(curl -I "$sanitized_url" 2>&1 | grep -i 'content-length' | cut -d: -f2 | xargs)"
 			[ -z "$bundle_file_size" ] && bundle_file_size=0
 		else
 			# If it's a file:// URL, get the file size from the filesystem
--- a/periodicstats/Makefile
+++ b/periodicstats/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=periodicstats
-PKG_VERSION:=1.6.1
+PKG_VERSION:=1.6.0

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/periodicstats.git
-PKG_SOURCE_VERSION:=dd8353d84ef9431936d09c7379d0e4b20035cdb3
+PKG_SOURCE_VERSION:=63c65f55d00442f5bc1f5a3100abf94e52cd0075
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/peripheral_manager/Makefile
+++ b/peripheral_manager/Makefile
@@ -0,0 +1,60 @@
+#
+# Copyright (C) 2019 iopsys
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+include $(INCLUDE_DIR)/kernel.mk
+
+PKG_NAME:=peripheral_manager
+PKG_VERSION:=1.0.6
+PKG_RELEASE:=1
+
+PKG_SOURCE_VERSION:=21522c2003b8c61904acc61ff97e54fc9b0c3c92
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL:=https://dev.iopsys.eu/iopsys/peripheral-manager
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_RELEASE)-$(PKG_SOURCE_VERSION).tar.gz
+PKG_MIRROR_HASH:=skip
+PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+PKG_LICENSE:=GPLv2
+PKG_LICENSE_FILES:=LICENSE
+
+# support parallel build
+PKG_BUILD_PARALLEL:=1
+
+# run install target when cross compiling. basically, make install DESTDIR=$(PKG_INSTALL_DIR)
+# this way we don't need to pick out the resulting files from the build dir.
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+define Package/peripheral_manager
+	CATEGORY:=Utilities
+	TITLE:=Application deamon for handling of peripheral
+	URL:=
+	DEPENDS:=+libuci +libubus +libblobmsg-json
+endef
+
+define Package/peripheral_manager/description
+	Application handling peripheral
+endef
+
+CMAKE_OPTIONS +=  \
+		-DCMAKE_BUILD_TYPE:String="Release" \
+
+define Package/peripheral_manager/install
+	$(CP) ./files/* $(1)/
+	$(INSTALL_DIR) $(1)/etc/
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_DIR) $(1)/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/peripheral_manager $(1)/sbin/
+#	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/gpio_test $(1)/sbin/
+endef
+
+$(eval $(call BuildPackage,peripheral_manager))
--- a/peripheral_manager/files/etc/init.d/ledmngr
+++ b/peripheral_manager/files/etc/init.d/ledmngr
@@ -0,0 +1,62 @@
+#!/bin/sh /etc/rc.common
+
+START=20
+USE_PROCD=1
+
+setled() {
+	local enable
+	local brightness
+
+	config_get_bool enable $1 enable 1
+	config_get brightness $1 brightness 100
+	ubus call led.$1 set "{\"enable\":$enable,\"brightness\":$brightness}"
+}
+
+start_service() {
+	local enable
+
+	config_load leds
+	config_foreach setled led
+	config_get_bool enable leds enable 1
+
+	if [ "$enable" == "0" ]; then
+		ubus call leds set  '{"state" : "alloff"}'
+	else
+		ubus call leds set  '{"state" : "normal"}'
+	fi
+}
+
+boot() {
+	local led ledname
+
+	ubus list led* >/dev/null || sleep 1
+	ubus list led* >/dev/null || sleep 1
+
+	[ -f /etc/config/leds ] || touch /etc/config/leds
+
+	if ! uci -q get leds.leds >/dev/null; then
+		uci set leds.leds=leds
+		uci set leds.leds.enable=1
+	fi
+
+	for led in $(ubus list led.*); do
+		ledname=${led:4}
+		case $ledname in
+			*phy*) continue ;;
+		esac
+		if ! uci -q  get leds.$ledname >/dev/null; then
+			uci set leds.$ledname=led
+			uci set leds.$ledname.enable=1
+		fi
+	done
+
+	uci commit leds
+
+	start
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "leds"
+}
+
--- a/peripheral_manager/files/etc/init.d/peripheral_manager
+++ b/peripheral_manager/files/etc/init.d/peripheral_manager
@@ -0,0 +1,25 @@
+#!/bin/sh /etc/rc.common
+
+START=12
+STOP=89
+
+USE_PROCD=1
+NAME=peripheral_manager
+PROG=/sbin/peripheral_manager
+
+start_service() {
+	procd_open_instance
+	procd_set_param command "$PROG" -f
+	procd_set_param respawn
+	procd_close_instance
+}
+
+service_running() {
+	ubus -t 2 wait_for led.status
+	ubus call led.status set '{"state":"notice"}'
+	ubus -t 2 wait_for buttons
+}
+
+stop_service() {
+    ubus call leds set '{"state":"alloff"}'
+}
--- a/peripheral_manager/files/sbin/ledctl
+++ b/peripheral_manager/files/sbin/ledctl
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+usage () {
+	echo "Usage: ledctl [normal|test|allon|alloff|production]"
+	exit 1
+}
+
+[ $# -ne 1 ] && usage
+ledstate=$(echo $1 | tr 'A-Z' 'a-z')
+
+case $ledstate in
+	normal|test|allon|alloff|production)
+		ubus call leds set "{\"state\" : \"$ledstate\"}"
+	;;
+	*)
+		usage
+	;;
+esac
+
--- a/qosmngr/files/airoha/lib/qos/airoha.sh
+++ b/qosmngr/files/airoha/lib/qos/airoha.sh
@@ -134,10 +134,6 @@ hw_init_all() {
    # set_wan_ingress_rate "0" - Not needed, done in policer.sh
    set_wan_egress_rate "0" "0"

-    # Don't put TCP ACKs into a high priority queue
-    echo 0 > /proc/qdma_lan/tcp_ack_flag
-    echo 0 > /proc/qdma_wan/tcp_ack_flag
-
    return 0
 }

@@ -439,6 +435,4 @@ hw_commit_all() {
            /userfs/bin/ifc add vip pbit $pbit
        done
    fi
-
-    hw_nat -! > /dev/null 2>&1
 }
--- a/qosmngr/files/airoha/usr/sbin/qos-uplink-bandwidth
+++ b/qosmngr/files/airoha/usr/sbin/qos-uplink-bandwidth
@@ -14,13 +14,11 @@ PREV_LINKSPEED=$(cat ${LINKSPEED_FILE} 2>/dev/null)
 [ -z "${PREV_LINKSPEED}" ] && PREV_LINKSPEED=0

 if [ $((LINKSPEED)) -ne $((PREV_LINKSPEED)) -a $((LINKSPEED)) -ne 0 ]; then
-	if [ $((LINKSPEED)) -ge 100 ]; then
+	if [ $((LINKSPEED)) -ge 10000 ]; then
 		/userfs/bin/qosrule discpline Rate uplink-bandwidth $((LINKSPEED*1000*999/1000))
 	else
-		/userfs/bin/qosrule discpline Rate uplink-bandwidth $((LINKSPEED*1000*990/1000))
+		/userfs/bin/qosrule discpline Rate uplink-bandwidth $((LINKSPEED*1000))
 	fi
 	mkdir -p "/tmp/qos"
 	echo ${LINKSPEED} > ${LINKSPEED_FILE}
-
-	hw_nat -! > /dev/null 2>&1
 fi
--- a/ssdpd/src/datamodel.c
+++ b/ssdpd/src/datamodel.c
@@ -341,30 +341,6 @@ static int set_UPnPDevice_Enable(char *refparam, struct dmctx *ctx, void *data,
 	return 0;
 }

-/*#Device.UPnP.Device.UPnPIGD!UCI:upnpd/upnpd,config/igdv1*/
-static int get_UPnPDevice_UPnPIGD(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
-{
-	*value = dmuci_get_option_value_fallback_def("upnpd", "config", "igdv1", "1");
-	return 0;
-}
-
-static int set_UPnPDevice_UPnPIGD(char *refparam, struct dmctx *ctx, void *data, char *instance, char *value, int action)
-{
-	bool b;
-
-	switch (action) {
-		case VALUECHECK:
-			if (bbfdm_validate_boolean(ctx, value))
-				return FAULT_9007;
-			return 0;
-		case VALUESET:
-			string_to_bool(value, &b);
-			dmuci_set_value("upnpd", "config", "igdv1", b ? "1" : "0");
-			return 0;
-	}
-	return 0;
-}
-
 static int get_UPnPDeviceCapabilities_UPnPArchitecture(char *refparam, struct dmctx *ctx, void *data, char *instance, char **value)
 {
 	*value = "1";
@@ -833,12 +809,12 @@ DMLEAF tUPnPDeviceCapabilitiesParams[] = {
 DMLEAF tUPnPDeviceParams[] = {
 /* PARAM, permission, type, getvalue, setvalue, bbfdm_type, version*/
 {"Enable", &DMWRITE, DMT_BOOL, get_UPnPDevice_Enable, set_UPnPDevice_Enable, BBFDM_BOTH},
-{"UPnPIGD", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPIGD, set_UPnPDevice_UPnPIGD, BBFDM_BOTH},
 //{"UPnPMediaServer", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPMediaServer, set_UPnPDevice_UPnPMediaServer, BBFDM_BOTH},
 //{"UPnPMediaRenderer", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPMediaRenderer, set_UPnPDevice_UPnPMediaRenderer, BBFDM_BOTH},
 //{"UPnPWLANAccessPoint", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPWLANAccessPoint, set_UPnPDevice_UPnPWLANAccessPoint, BBFDM_BOTH},
 //{"UPnPQoSDevice ", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPQoSDevice , set_UPnPDevice_UPnPQoSDevice , BBFDM_BOTH},
 //{"UPnPQoSPolicyHolder", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPQoSPolicyHolder, set_UPnPDevice_UPnPQoSPolicyHolder, BBFDM_BOTH},
+//{"UPnPIGD", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPIGD, set_UPnPDevice_UPnPIGD, BBFDM_BOTH},
 //{"UPnPDMBasicMgmt", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPDMBasicMgmt, set_UPnPDevice_UPnPDMBasicMgmt, BBFDM_BOTH},
 //{"UPnPDMConfigurationMgmt", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPDMConfigurationMgmt, set_UPnPDevice_UPnPDMConfigurationMgmt, BBFDM_BOTH},
 //{"UPnPDMSoftwareMgmt", &DMWRITE, DMT_BOOL, get_UPnPDevice_UPnPDMSoftwareMgmt, set_UPnPDevice_UPnPDMSoftwareMgmt, BBFDM_BOTH},
--- a/sulu/sulu-base/Makefile
+++ b/sulu/sulu-base/Makefile
@@ -5,11 +5,11 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=sulu-base
-PKG_VERSION:=5.1.1
+PKG_VERSION:=5.0.4

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu.git
-PKG_SOURCE_VERSION:=08195779cbc2d1d7410cb324b9e35692b0579a7e
+PKG_SOURCE_VERSION:=47f52fb0fe4a9824590c8be9ee7b8985631c39cf
 PKG_MIRROR_HASH:=skip

 SULU_MOD:=core
--- a/sulu/sulu-builder/Makefile
+++ b/sulu/sulu-builder/Makefile
@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=sulu-builder
-PKG_VERSION:=5.1.1
+PKG_VERSION:=5.1.0
 PKG_RELEASE:=1

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
-PKG_SOURCE_VERSION:=7f646ecf643967f4b4b2c545a31bbef0514b34bc
+PKG_SOURCE_VERSION:=ef5345ea0275e632f021dfcf3b62c8d09fbb5800
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_DIR:=$(BUILD_DIR)/sulu-$(PKG_VERSION)/sulu-builder-$(PKG_SOURCE_VERSION)
--- a/sulu/sulu-builder/files/etc/sulu/sulu.sh
+++ b/sulu/sulu-builder/files/etc/sulu/sulu.sh
@@ -4,6 +4,7 @@

 . /lib/functions.sh
 . /usr/share/libubox/jshn.sh
+#. /lib/functions/iopsys-environment.sh

 RESTART_REQ=0
 _RESTART_SERVICES="0"
@@ -169,20 +170,18 @@ _create_mosquitto_acl() {

 	users="$(_get_sulu_user_roles)"
 	if [ -f "${ACL_FILE}" ]; then
-		acl_users="$(awk '/^user / {print $2}' "${ACL_FILE}")"
-		for user in ${acl_users}; do
-			if ! echo "$users" | grep -qwF "$user"; then
+		acl_users="$(awk '/^user/ {print $2}' "${ACL_FILE}")"
+		for user in ${users}; do
+			if ! grep -q "$user" "${acl_users}"; then
 				rm -f "${ACL_FILE}"
-				RESTART_REQ="1"
-				break
 			fi
 		done
 	fi
-	[ -f "${ACL_FILE}" ] || touch "${ACL_FILE}"
+	touch "${ACL_FILE}"

 	agentid="$(_get_agent_id)"
 	for user in ${users}; do
-		if ! grep -qxF "user $user" "${ACL_FILE}"; then
+		if ! grep -q "user $user" "${ACL_FILE}"; then
 			{
 				echo "user ${user}"
 				echo "topic read  /usp/${agentid}/${user}/controller/reply-to"
@@ -201,7 +200,9 @@ _create_mosquitto_acl() {
 }

 update_obuspa_config() {
+
 	RESTART_REQ=0
+	uci_load obuspa
 	_update_obuspa_config_rbac
 	uci_commit obuspa

@@ -217,7 +218,7 @@ configure_sulu() {
 	generate_sulu_conn_config
 }

-while getopts ":r" opt; do
+while getopts ":rq" opt; do
 	case ${opt} in
 	r)
 		_RESTART_SERVICES="1"
--- a/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config
+++ b/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config
@@ -1,16 +1,15 @@
 #!/bin/sh

-. /lib/functions.sh
 UCI_TEMPLATE="/etc/nginx/uci.conf.template"

 if [ ! -f "/etc/config/mosquitto" ]; then
-	logger -t sulu.ucidefault "Local mosquitto broker not available"
-	return 1
+	echo "Local mosquitto broker not available"
+	return 0
 fi

 if [ ! -f "${UCI_TEMPLATE}" ]; then
-	logger -t sulu.ucidefault "nginx utils not installed, sulu can't run"
-	return 1
+	echo "nginx utils not installed, sulu can't run"
+	return 0
 fi

 update_nginx_uci_template()
@@ -20,7 +19,7 @@ update_nginx_uci_template()
 	port="$(uci -q get mosquitto.sulu.port)"
 	port="${port:-9009}"

-	if ! grep -w "upstream websocket" ${UCI_TEMPLATE} | grep -wq "127.0.0.1:${port}"; then
+	if ! grep -q "upstream websocket" ${UCI_TEMPLATE}; then
 		sed -i '/#UCI_HTTP_CONFIG$/i\   map $http_upgrade $connection_upgrade { default upgrade; "" close; }' ${UCI_TEMPLATE}
 		sed -i "/#UCI_HTTP_CONFIG$/i\   upstream websocket { server 127.0.0.1:${port}; }" ${UCI_TEMPLATE}
 	fi
@@ -28,29 +27,36 @@ update_nginx_uci_template()

 add_sulu_config_to_mosquitto()
 {
-	uci_add mosquitto listener sulu
-	uci_set mosquitto sulu enabled 1
-	uci_set mosquitto sulu port '9009'
-	uci_set mosquitto sulu no_remote_access '1'
-	uci_set mosquitto sulu protocol 'websockets'
-	uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
-	uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
+	if ! uci_get mosquitto sulu >/dev/null 2>&1; then
+		uci_add mosquitto listener sulu
+		uci_set mosquitto sulu enabled 1
+		uci_set mosquitto sulu port '9009'
+		uci_set mosquitto sulu no_remote_access '1'
+		uci_set mosquitto sulu protocol 'websockets'
+		uci_set mosquitto sulu auth_plugin '/usr/lib/mosquitto_auth_shadow.so'
+		uci_set mosquitto sulu acl_file '/etc/sulu/mqtt.acl'
+	fi
 }

 add_sulu_userinterface_uci()
 {
-	if [ -f "/etc/config/userinterface" ]; then
+	uci_load userinterface
+
+	if ! uci_get userinterface _sulu_s >/dev/null 2>&1; then
 		uci_add userinterface http_access _sulu_s
 		uci_set userinterface _sulu_s path_prefix '/sulu'
 		uci_set userinterface _sulu_s port '8443'
-		uci_set userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
+		uci_add_list userinterface _sulu_s _nginx_include '/etc/sulu/nginx.locations'
 		uci_set userinterface _sulu_s _nginx_uci_manage_ssl 'self-signed'
 		uci_set userinterface _sulu_s _nginx_ssl_certificate '/etc/nginx/conf.d/_lan.crt'
 		uci_set userinterface _sulu_s _nginx_ssl_certificate_key '/etc/nginx/conf.d/_lan.key'
 		uci_set userinterface _sulu_s _nginx_ssl_session_cache 'none'
 		uci_set userinterface _sulu_s protocol 'HTTPS'
-		uci_set userinterface _sulu_s role 'admin user'
+		uci_add_list userinterface _sulu_s role 'admin'
+		uci_add_list userinterface _sulu_s role 'user'
+	fi

+	if ! uci_get userinterface _suluredirect >/dev/null 2>&1; then
 		uci_add userinterface http_access _suluredirect
 		uci_set userinterface _suluredirect redirect '_sulu_s'
 		uci_set userinterface _suluredirect protocol 'HTTP'
--- a/sulu/sulu-builder/files/etc/uci-defaults/41-make-sulu-default-ui
+++ b/sulu/sulu-builder/files/etc/uci-defaults/41-make-sulu-default-ui
@@ -2,16 +2,23 @@

 . /lib/functions.sh

+uci_load nginx
+# this is to make sure to not mess up existing config
+if uci_get nginx _sulu_s >/dev/null 2>&1; then
+  exit 0
+fi
+
 update_default_nginx_listner() {
-  if [ ! -f "/etc/config/nginx" ]; then
-    return 0
+
+  if [ ! -f /etc/config/nginx ]; then
+    return
  fi

  if ! uci_get nginx _lan >/dev/null 2>&1; then
-    return 0
+    return
  fi

-  if ! opkg list-installed | grep -q "^luci "; then
+  if ! opkg list-installed |grep -q "luci "; then
    echo "Luci not installed, removing luci config"
    uci_remove nginx _lan
    uci_remove nginx _redirect2ssl
@@ -21,7 +28,7 @@ update_default_nginx_listner() {
    uci_add_list nginx _lan listen "[::]:8443 ssl default_server"

    if ! uci_get nginx _redirect2ssl >/dev/null 2>&1; then
-        return 0
+        return
    fi

    uci_remove nginx _redirect2ssl listen
@@ -32,19 +39,17 @@ update_default_nginx_listner() {
 }

 move_sulu_to_443_and_80() {
-  if ! config_load userinterface; then
-    return 0
+  uci_load userinterface
+  if [ ! -f /etc/config/userinterface ]; then
+    return
  fi

  set_port() {
-    local protocol port
-
+    local protocol
    config_get protocol "$1" protocol
-    config_get port "$1" port
-
-    if [ "$protocol" == "HTTPS" ] && [ "${port}" -eq "8443" ]; then
+    if [ "$protocol" == "HTTPS" ]; then
      uci_set userinterface "$1" port "443"
-    elif [ "$protocol" == "HTTP" ] && [ "${port}" -eq "8080" ]; then
+    elif [ "$protocol" == "HTTP" ]; then
      uci_set userinterface "$1" port "80"
    fi
  }
--- a/sulu/sulu-theme-genexis/Makefile
+++ b/sulu/sulu-theme-genexis/Makefile
@@ -5,7 +5,7 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=sulu-theme-genexis
-PKG_VERSION:=5.1.1
+PKG_VERSION:=5.0.3

 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/gnx/sulu-theme-genexis
--- a/swmodd/Makefile
+++ b/swmodd/Makefile
@@ -33,7 +33,7 @@ define Package/swmodd
  DEPENDS:=+libuci +libubox +ubus +libuuid +opkg +libcurl \
 	    +PACKAGE_lxc:lxc +PACKAGE_lxc:liblxc +@BUSYBOX_CONFIG_BUSYBOX \
 	    +@BUSYBOX_CONFIG_FEATURE_SHOW_SCRIPT +@BUSYBOX_CONFIG_SCRIPT \
-	    +jsonfilter +@CONFIG_KERNEL_CGROUPS +SWMODD_LEGACY_CGROUPS:swmodd-cgroup
+	    +jq +@CONFIG_KERNEL_CGROUPS +SWMODD_LEGACY_CGROUPS:swmodd-cgroup
  DEPENDS+=+libbbfdm-api +libbbfdm-ubus +dm-service
 endef

--- a/swmodd/files/etc/init.d/crun
+++ b/swmodd/files/etc/init.d/crun
@@ -101,17 +101,17 @@ configure_crun_container() {
 		uci_set ocicontainer "${1}" password ""
 		result=$(${RUNNER} -b "${BUNDLE}" -n "${name}" -r "${url}" -l "${username}:${password}" -t "${TIMEOUT}")
 		if [ "$?" -eq 0 ]; then
-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_description")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_description")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" description "${result}"
 			fi

-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_vendor")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_vendor")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" vendor "${result}"
 			fi

-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_version")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_version")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" version "${result}"
 			fi
@@ -159,17 +159,17 @@ configure_crun_container() {
 	if [ "${BOOT}" -eq "1" ]; then
 		if [ "${autostart}" -eq 1 ]; then
 			${RUNNER} -U -b "${BUNDLE}" -n "${name}" -e "${envlist}" ${PERM}
-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_description")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_description")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" description "${result}"
 			fi

-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_vendor")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_vendor")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" vendor "${result}"
 			fi

-			result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_version")"
+			result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_version")
 			if [ "${result}" != "null" ]; then
 				uci_set ocicontainer "${1}" version "${result}"
 			fi
@@ -192,17 +192,17 @@ configure_crun_container() {
 				crun resume "${name}"
 			else
 				${RUNNER} -U -b "${BUNDLE}" -n "${name}" -e "${envlist}" ${PERM}
-				result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_description")"
+				result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_description")
 				if [ "${result}" != "null" ]; then
 					uci_set ocicontainer "${1}" description "${result}"
 				fi

-				result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter "@.annotations.org_opencontainers_image_vendor")"
+				result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_vendor")
 				if [ "${result}" != "null" ]; then
 					uci_set ocicontainer "${1}" vendor "${result}"
 				fi

-				result="$(cat ${BUNDLE}/${name}/config.json |jsonfilter -e "@.annotations.org_opencontainers_image_version")"
+				result=$(cat ${BUNDLE}/${name}/config.json |jq ".annotations.org_opencontainers_image_version")
 				if [ "${result}" != "null" ]; then
 					uci_set ocicontainer "${1}" version "${result}"
 				fi
--- a/swmodd/files/etc/swmodd/run.sh
+++ b/swmodd/files/etc/swmodd/run.sh
@@ -86,7 +86,7 @@ run_container() {
 	fi

 	# Only do the network setup if defined in config
-	network="$(cat ${BUNDLE}/${NAME}/config.json |jsonfilter -e '@.linux.namespaces[@.type="network"]')"
+	network="$(cat ${BUNDLE}/${NAME}/config.json |jq '.linux.namespaces[] |select (.type == "network")')"
 	if [ -n "${network}" ] ; then
 		setup_container_network "${name}" "${bridge}"
 	else
@@ -128,7 +128,7 @@ update_config_json() {
 		exit 1;
 	fi
 	cd "${BUNDLE}/${NAME}"
-	if cat config.json |jsonfilter -e '@.linux.namespaces[@.type="network"].path' |grep -q ${NAME}; then
+	if cat config.json |jq '.linux.namespaces[] |select (.type == "network") |.path' |grep -q ${NAME}; then
 		# If netns already configured and no additional permission bit assigned, exit from here
 		if [ -z "${PERM}" ]; then
 			exit 0;
--- a/timemngr/files/etc/uci-defaults/96-system-ntp-migrate
+++ b/timemngr/files/etc/uci-defaults/96-system-ntp-migrate
@@ -85,7 +85,6 @@ migrate_timemngr_config() {
 	fi

 	uci -q delete system.ntp
-	return 0
 }

 migrate_timemngr_config
--- a/tr104/Makefile
+++ b/tr104/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=tr104
-PKG_VERSION:=1.0.40
+PKG_VERSION:=1.0.38

 LOCAL_DEV:=0
 ifeq ($(LOCAL_DEV),0)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/voice/tr104.git
-PKG_SOURCE_VERSION:=f1dcd097b2e4531fabb6fa84b21225a91053ae11
+PKG_SOURCE_VERSION:=6d4a62fb133a1ba1e229425a0156f19d75c5cf90
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/tr143/Makefile
+++ b/tr143/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=tr143
-PKG_VERSION:=1.1.7
+PKG_VERSION:=1.1.5

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/tr143d.git
-PKG_SOURCE_VERSION:=366dbb1424bcf17ca47cce6a9f723e7ada35f5ed
+PKG_SOURCE_VERSION:=11b197020693178449beab67a3411648fd924c36
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/userinterface/Makefile
+++ b/userinterface/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=userinterface
-PKG_VERSION:=1.1.8
+PKG_VERSION:=1.1.7

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/userinterface.git
-PKG_SOURCE_VERSION:=a5970a83b8ac79c4577edc6a994b850cdbe1c82f
+PKG_SOURCE_VERSION:=02bedd40e083cc456b2abed8f711b45c93061815
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/usermngr/Makefile
+++ b/usermngr/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=usermngr
-PKG_VERSION:=1.4.1
+PKG_VERSION:=1.4.0

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/usermngr.git
-PKG_SOURCE_VERSION:=0df79dc0c76bb0d4e903e19b20f85b51de0800a1
+PKG_SOURCE_VERSION:=4023f2045dbf498e332200eb1ee275b4a129483b
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/wifidmd/Makefile
+++ b/wifidmd/Makefile
@@ -5,13 +5,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=wifidmd
-PKG_VERSION:=1.3.12
+PKG_VERSION:=1.3.7

 LOCAL_DEV:=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/bbf/wifidmd.git
-PKG_SOURCE_VERSION:=44828c825f13cb93b28b7bc99c600d94bdf5cb92
+PKG_SOURCE_VERSION:=c2c9d156fb546a20bd3bd8111fc6e489cd586e6c
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_MIRROR_HASH:=skip
 endif
--- a/wifidmd/bbfdm_service.json
+++ b/wifidmd/bbfdm_service.json
@@ -11,17 +11,6 @@
    ],
    "config": {
      "loglevel": "3"
-    },
-    "apply_handler": {
-      "uci": [
-        {
-          "file": [
-            "wireless",
-            "mapcontroller"
-          ],
-          "external_handler": "/etc/wifidmd/bbf_config_reload.sh"
-        }
-      ]
    }
  }
 }
--- a/wifidmd/files/etc/init.d/wifidmd
+++ b/wifidmd/files/etc/init.d/wifidmd
@@ -24,10 +24,12 @@ reload_service()
 	if [ "$ret" != "true" ]; then
 		stop
 		start
+	else
+		procd_send_signal wifidmd '*' SIGUSR1
 	fi
 }

 service_triggers()
 {
-	procd_add_reload_trigger wifidmd
+	procd_add_reload_trigger wifidmd mapcontroller
 }
--- a/wifidmd/files/etc/wifidmd/bbf_config_reload.sh
+++ b/wifidmd/files/etc/wifidmd/bbf_config_reload.sh
@@ -2,25 +2,27 @@

 # Script: bbf_config_reload.sh
 # Description:
-#   This script reloads WiFi Configs based on input args.
-#   Input args should be one of the below or both with space separate
+#   This script reloads WiFi Configs based on JSON input.
+#   Input should be a JSON string with boolean-like values (0 or 1) for:
 #     - "wireless"
 #     - "mapcontroller"
 #
 # Usage:
-#   sh bbf_config_reload.sh wireless mapcontroller
+#   sh bbf_config_reload.sh '{"wireless":"1","mapcontroller":"0"}'
 #
 # Actions:
-#   - If both wireless and mapcontroller → Reload mapcontroller (SIGHUP)
-#   - If only wireless → Commit wireless config via ubus
-#   - If only mapcontroller → Reload mapcontroller (SIGHUP)
+#   - If wireless == 1 and mapcontroller == 1 → Reload mapcontroller (SIGHUP)
+#   - If wireless == 1 and mapcontroller == 0 → Commit wireless config via ubus
+#   - If wireless == 0 and mapcontroller == 1 → Reload mapcontroller (SIGHUP)
 #   - Otherwise → Do nothing

+. /usr/share/libubox/jshn.sh
+
 log() {
 	echo "${@}"|logger -t bbf.config.wifi.reload -p info
 }

-input="$@"
+input="$1"

 # Validate input
 if [ -z "$input" ]; then
@@ -28,19 +30,18 @@ if [ -z "$input" ]; then
 	exit 1
 fi

+# Parse JSON input
+json_load "$input" || {
+	log "Error: Failed to parse JSON input"
+	exit 1
+}
+
+json_get_var wireless wireless
+json_get_var mapcontroller mapcontroller
+
 # Normalize inputs (default to 0 if not set)
-wireless=0
-mapcontroller=0
-
-for arg in ${input}; do
-	if [ "${arg}" == "wireless" ]; then
-		wireless=1
-	fi
-
-	if [ "${arg}" == "mapcontroller" ]; then
-		mapcontroller=1
-	fi
-done
+wireless=${wireless:-0}
+mapcontroller=${mapcontroller:-0}

 # Define function to reload mapcontroller
 reload_mapcontroller() {
@@ -64,4 +65,9 @@ else
 	exit 1
 fi

+# Output success as JSON
+json_init
+json_add_boolean "Success" 1
+json_dump
+
 exit 0
--- a/wifimngr/Makefile
+++ b/wifimngr/Makefile
@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=wifimngr
-PKG_VERSION:=20.1.5
+PKG_VERSION:=20.0.0

 LOCAL_DEV=0
 ifneq ($(LOCAL_DEV),1)
 PKG_SOURCE_PROTO:=git
-PKG_SOURCE_VERSION:=7e113a00839d076d2a25c728bf739fbecdd453ec
+PKG_SOURCE_VERSION:=5b1a033db5fc372a7e21bc896888ecbafb406d13
 PKG_SOURCE_URL:=https://dev.iopsys.eu/hal/wifimngr.git
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)_$(PKG_SOURCE_VERSION).tar.xz
 PKG_MIRROR_HASH:=skip
@@ -51,10 +51,6 @@ define Build/Prepare
 endef
 endif

-ifeq ($(CONFIG_WIFIMNGR_CACHE_SCANRESULTS),y)
-TARGET_CFLAGS += -DWIFI_CACHE_SCANRESULTS
-endif
-
 define Package/wifimngr/install
 	$(CP) ./files/* $(1)/
 	$(INSTALL_DIR) $(1)/usr/sbin
--- a/xmppc/files/etc/init.d/xmppc
+++ b/xmppc/files/etc/init.d/xmppc
@@ -13,7 +13,7 @@ start_service() {
 }

 reload_service() {
-	xmpp_running="$(ubus call service list '{"name":"xmppc"}' | jsonfilter -e '$.xmppc.instances.instance1.running')"
+	xmpp_running="$(ubus call service list '{"name":"xmppc"}' | jq ".xmppc.instances.instance1.running")"
 	if [ "${xmpp_running}" = "true" ]; then
 		procd_send_signal xmppc '*' SIGKILL
 	fi