diff --git a/CHANGELOG.md b/CHANGELOG.md index f37b21e5..becd6309 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,13 +4,26 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [2.2.0](https://github.com/rdkcentral/utopia/compare/2.1.0...2.2.0) + +- RDKB-62810,RDKB-62812:Initialize the default variables for Virtual Voice Interface creation [`#171`](https://github.com/rdkcentral/utopia/pull/171) +- RDKB-63137 RDKB-63214: Fetch defaultFile based on Devicemode for Onestack [`#220`](https://github.com/rdkcentral/utopia/pull/220) +- RDKB-60656 : Available memory check for firmware downloads [`#182`](https://github.com/rdkcentral/utopia/pull/182) +- RDKB-62977 RDKB-63450: Native build for Coverity - Updating README.md [`#213`](https://github.com/rdkcentral/utopia/pull/213) +- RDKB-63378 : Set the stackmode for single build [`#206`](https://github.com/rdkcentral/utopia/pull/206) +- RDKB-62977 RDKB-63450: Native build for Coverity - Use Git Submodule [`#207`](https://github.com/rdkcentral/utopia/pull/207) +- Merge tag '2.1.0' into develop [`362d0d3`](https://github.com/rdkcentral/utopia/commit/362d0d3453af6dfe8e1cb2d08e99c946ac0dc638) + #### [2.1.0](https://github.com/rdkcentral/utopia/compare/2.0.1...2.1.0) +> 4 February 2026 + - RDKB-62660: Fix pausing device option from Xfinity app is not working [`#199`](https://github.com/rdkcentral/utopia/pull/199) - RDKB-62977 RDKB-62978: Native Build for Coverity - Updating Code [`#194`](https://github.com/rdkcentral/utopia/pull/194) - XF10-123 : Add script in cron job [`#187`](https://github.com/rdkcentral/utopia/pull/187) - XF10-286: Enable missing features in Firewall for XF10 [`#138`](https://github.com/rdkcentral/utopia/pull/138) - RDKB-62977 RDKB-62978: Native Build for Coverity [`#163`](https://github.com/rdkcentral/utopia/pull/163) +- Add changelog for release 2.1.0 [`f131a56`](https://github.com/rdkcentral/utopia/commit/f131a56ad78c6a9afacb17806ad17ed72a317165) - Merge tag '2.0.1' into develop [`af08995`](https://github.com/rdkcentral/utopia/commit/af0899501306757b966f203f6f4452fde7054551) #### [2.0.1](https://github.com/rdkcentral/utopia/compare/2.0.0...2.0.1) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index b0237dd7..b6c7776c 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -487,6 +487,8 @@ void logPrintMain(char* filename, int line, char *fmt,...); #define LNF_BRIDGE "br106" #endif +BOOL isMAPEReady = 0; + #define V4_BLOCKFRAGIPPKT "v4_BlockFragIPPkts" #define V4_PORTSCANPROTECT "v4_PortScanProtect" #define V4_IPFLOODDETECT "v4_IPFloodDetect" @@ -2500,6 +2502,18 @@ static int prepare_globals_from_configuration(void) isCacheActive = (0 == strcmp("started", transparent_cache_state)) ? 1 : 0; isFirewallEnabled = (0 == strcmp("0", firewall_enabled)) ? 0 : 1; +#ifdef FEATURE_MAPE + char mape_status[32] = {0}; + char d_log[128] = {0}; + syscfg_get(NULL, "mape_config_flag", mape_status, sizeof(mape_status)); + if(!strcmp(mape_status, "true")){//MAP-E + isMAPEReady=1; + syscfg_get(NULL, "mape_ipv4_address", current_wan_ipaddr, sizeof(current_wan_ipaddr)); + } + sprintf(d_log, "isMAPEReady=%d, current_wan_ipaddr=%s\n", isMAPEReady, current_wan_ipaddr); + FIREWALL_DEBUG(d_log); +#endif + #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) isMAPTReady = isMAPTSet(); @@ -5427,6 +5441,10 @@ static int do_wan_nat_lan_clients(FILE *fp) if (!isMAPTReady) { #endif //FEATURE_MAPT +#ifdef FEATURE_MAPE + if(!isMAPEReady) + { +#endif if (IsHotspotActive()) { #if defined (WAN_FAILOVER_SUPPORTED) @@ -5465,6 +5483,9 @@ static int do_wan_nat_lan_clients(FILE *fp) #endif /*WIFI_MANAGE_SUPPORTED*/ } } +#ifdef FEATURE_MAPE + } +#endif #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) } #endif @@ -5495,7 +5516,24 @@ static int do_wan_nat_lan_clients(FILE *fp) } // fprintf(fp, "%s\n", str); - +#ifdef FEATURE_MAPE + if(isMAPEReady) + { + unsigned short min_port = 0; + unsigned short max_port = 0; + + min_port=10000; + max_port=10000; + fprintf(fp, "-A postrouting_towan -o %s -p udp -j MASQUERADE --to-ports %hu-%hu\n", "ip6tnl", min_port, max_port); + fprintf(fp,"-A postrouting_towan -o %s -p tcp -j MASQUERADE --to-ports %hu-%hu\n", "ip6tnl", min_port, max_port); + fprintf(fp, "-A postrouting_towan -o %s -p icmp -j MASQUERADE --to-ports %hu-%hu\n", "ip6tnl", min_port, max_port); + fprintf(fp, "-A postrouting_towan -o %s -j MASQUERADE\n", "ip6tnl"); + } + else + { + fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); + } +#endif if (isCacheActive) { fprintf(fp, "-A PREROUTING -i %s -p tcp --dport 80 -j DNAT --to %s:%s\n", lan_ifname, lan_ipaddr, "3128"); } @@ -6180,7 +6218,14 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) // connection as well char isp_connection[MAX_QUERY]; isp_connection[0] = '\0'; - sysevent_get(sysevent_fd, sysevent_token, "ipv4_wan_ipaddr", isp_connection, sizeof(isp_connection)); + if(isMAPEReady) + { + strcpy(isp_connection, current_wan_ipaddr); + } + else + { + sysevent_get(sysevent_fd, sysevent_token, "ipv4_wan_ipaddr", isp_connection, sizeof(isp_connection)); + } if ('\0' != isp_connection[0] && 0 != strcmp("0.0.0.0", isp_connection) && 0 != strcmp(isp_connection, wan_ip)) { @@ -6213,9 +6258,9 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) // These rules add scanners to the portscan list, and log the attempt. - fprintf(fp, "-A PortScanning -i %s -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix \"Portscan:\" -m limit --limit 1/minute --limit-burst 1\n", current_wan_ifname); + fprintf(fp, "-A PortScanning -i %s -p tcp -m tcp --dport 139 -m recent --name portscan --set -j LOG --log-prefix \"Portscan:\" -m limit --limit 1/minute --limit-burst 1\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); - fprintf(fp, "-A PortScanning -i %s -p tcp -m tcp --dport 139 -m recent --name portscan --set -j xlog_drop_wanattack\n", current_wan_ifname); + fprintf(fp, "-A PortScanning -i %s -p tcp -m tcp --dport 139 -m recent --name portscan --set -j xlog_drop_wanattack\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); } // FIREWALL_DEBUG("Exiting do_wan2self_attack\n"); return(0); @@ -6270,13 +6315,17 @@ static int remote_access_set_proto(FILE *filt_fp, FILE *nat_fp, const char *port if ((ret != 0) || ('\0' == httpsport[0])) { strcpy(httpsport, "8181"); } - if (family == AF_INET) { - if ((0 == strcmp(httpport, port)) || (0 == strcmp(httpsport, port))) { - fprintf(filt_fp, "-A wan2self_mgmt -i %s %s -p tcp -m tcp --dport %s -j webui_limit\n", interface, src, port); - } else { - fprintf(filt_fp, "-A wan2self_mgmt -i %s %s -p tcp -m tcp --dport %s -j ACCEPT \n", interface, src, port); - } - } else { + if (family == AF_INET) + { + if ((0 == strcmp(httpport, port)) || (0 == strcmp(httpsport, port))) + { + fprintf(filt_fp, "-A wan2self_mgmt -i %s %s -p tcp -m tcp --dport %s -j webui_limit\n", interface, src, port); + } + else + { + fprintf(filt_fp, "-A wan2self_mgmt -i %s %s -p tcp -m tcp --dport %s -j ACCEPT\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:interface, src, port); + } + } else { #if defined(_COSA_BCM_MIPS_) //Fix for XF3-5627 if(0 == strcmp("80", port)) { char IPv6[INET6_ADDRSTRLEN]; @@ -9792,7 +9841,7 @@ static int prepare_lan_bandwidth_tracking(FILE *fp) fprintf(fp, "-N bandwidth_%s\n", ip); fprintf(fp, "-A bandwidth_%s -j RETURN\n", ip); - fprintf(fp, "-A lan2wan_bandwidth -s %s -o %s -j bandwidth_%s\n", ip, current_wan_ifname, ip); + fprintf(fp, "-A lan2wan_bandwidth -s %s -o %s -j bandwidth_%s\n", ip, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, ip); hosts++; } @@ -10998,6 +11047,10 @@ static int prepare_multinet_filter_input (FILE *filter_fp) FIREWALL_DEBUG("Entering prepare_multinet_filter_input\n"); #endif +#ifdef FEATURE_MAPE + fprintf(filter_fp, "-I INPUT -i %s -p gre -j ACCEPT\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); +#endif + #if (defined(FEATURE_MAPT) && defined(NAT46_KERNEL_SUPPORT)) || defined(FEATURE_SUPPORT_MAPT_NAT46) if (isMAPTReady) { @@ -11123,12 +11176,12 @@ static int prepare_multinet_filter_forward (FILE *filter_fp) fprintf(filter_fp, "-A INPUT -i %s -m pkttype ! --pkt-type unicast -j ACCEPT\n", net_resp); #ifdef MULTILAN_FEATURE if ( 0 == strncmp( lan_ifname, net_resp, strlen(lan_ifname))){ - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j lan2wan\n", net_resp, current_wan_ifname); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j lan2wan\n", net_resp, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); } - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j wan2lan\n", current_wan_ifname, net_resp); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j wan2lan\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, net_resp); #else - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", net_resp, current_wan_ifname); - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", current_wan_ifname, net_resp); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", net_resp, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, net_resp); #endif /*MULTILAN_FEATURE*/ } #endif /*_HUB4_PRODUCT_REQ_*/ @@ -11651,13 +11704,13 @@ int prepare_lnf_internet_rules(FILE *mangle_fp,int iptype) memset(lnf_ipaddress, 0, sizeof(lnf_ipaddress)); syscfg_get(NULL, "iot_ipaddr", lnf_ipaddress, sizeof(lnf_ipaddress)); fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs0 -m limit --limit 1/minute -j LOG --log-prefix \"Internet packets in LnF\"\n", - current_wan_ifname,lnf_ipaddress); - fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs0 -j DROP\n",current_wan_ifname,lnf_ipaddress); + isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname,lnf_ipaddress); + fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs0 -j DROP\n",isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname,lnf_ipaddress); fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs1 -m limit --limit 1/minute -j LOG --log-prefix \"Internet packets in LnF\"\n", - current_wan_ifname,lnf_ipaddress); - fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs1 -j DROP\n",current_wan_ifname,lnf_ipaddress); - fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -j ACCEPT\n",current_wan_ifname,lnf_ipaddress); + isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname,lnf_ipaddress); + fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -m dscp --dscp-class cs1 -j DROP\n",isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname,lnf_ipaddress); + fprintf(mangle_fp, "-A FORWARD -i %s -d %s/24 -j ACCEPT\n",isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname,lnf_ipaddress); } else { @@ -11827,6 +11880,43 @@ static void do_secure_backhaul(FILE *filter_fp) } #endif #endif + +#ifdef FEATURE_MAPE +int prepare_mape_rules(FILE *mangle_fp) +{ + char mape_enable[64] = {0}; + char lan_ip_address[64] = {0}; + char lan_subnet_mask[64] = {0}; + char lan_prefix[80] = {0}; + + syscfg_get(NULL,"mape_config_flag",mape_enable, sizeof(mape_enable)); + if( mape_enable[0] != '\0' ) + { + if (strcmp(mape_enable, "true") == 0) + { + syscfg_get(NULL, "lan_ipaddr", lan_ip_address, sizeof(lan_ip_address)); + if( lan_ip_address[0] != '\0' ) + { + syscfg_get(NULL, "lan_netmask", lan_subnet_mask, sizeof(lan_subnet_mask)); + if( lan_subnet_mask[0] != '\0' ) + { + unsigned int lanSubnetMask = inet_network(lan_subnet_mask); + unsigned int subnetCount = 0; + while (lanSubnetMask) + { + subnetCount += lanSubnetMask & 1; + lanSubnetMask = lanSubnetMask >> 1; + } + snprintf(lan_prefix, sizeof(lan_prefix), "%s/%u", lan_ip_address, subnetCount); + fprintf(mangle_fp, "-A PREROUTING -p all -i %s -d %s -j ACCEPT\n", current_wan_ifname, lan_prefix); + } + } + } + } + return 0; +} +#endif + /* * Procedure : prepare_subtables * Purpose : prepare the iptables-restore file that establishes all @@ -11926,7 +12016,9 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * prepare_lnf_internet_rules(mangle_fp,4); prepare_dscp_rule_for_host_mngt_traffic(mangle_fp); prepare_xconf_rules(mangle_fp); - +#ifdef FEATURE_MAPE + prepare_mape_rules(mangle_fp); +#endif #ifdef CONFIG_BUILD_TRIGGER #ifndef CONFIG_KERNEL_NF_TRIGGER_SUPPORT @@ -12092,7 +12184,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * } else // Add erouter0 prerouting_fromwan chain for 'Dual Stack' line only #endif //FEATURE_MAPT - fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan\n", current_wan_ifname); + fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); prepare_multinet_prerouting_nat(nat_fp); #ifdef CONFIG_BUILD_TRIGGER #ifdef CONFIG_KERNEL_NF_TRIGGER_SUPPORT @@ -12145,10 +12237,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif //NAT46_KERNEL_SUPPORT if (!isMAPTReady) { // Add erouter0 prerouting_fromwan_todmz chain for 'Dual Stack' line only - fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan_todmz\n", current_wan_ifname); + fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan_todmz\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); fprintf(nat_fp, "-A POSTROUTING -j postrouting_ephemeral\n"); // This breaks emta DNS routing on XF3. We may need some special rule here. - fprintf(nat_fp, "-A POSTROUTING -o %s -j postrouting_towan\n", current_wan_ifname); + fprintf(nat_fp, "-A POSTROUTING -o %s -j postrouting_towan\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); } #endif // FEATURE_MAPT @@ -12157,10 +12249,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * if( 0 != strncmp( devicePartnerId, "sky-", 4 ) ) #endif { - fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan_todmz\n", current_wan_ifname); + fprintf(nat_fp, "-A PREROUTING -i %s -j prerouting_fromwan_todmz\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); fprintf(nat_fp, "-A POSTROUTING -j postrouting_ephemeral\n"); // This breaks emta DNS routing on XF3. We may need some special rule here. - fprintf(nat_fp, "-A POSTROUTING -o %s -j postrouting_towan\n", current_wan_ifname); + fprintf(nat_fp, "-A POSTROUTING -o %s -j postrouting_towan\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); } #endif //_HUB4_PRODUCT_REQ_ ENDS @@ -12442,6 +12534,9 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp, "-A INPUT -i lo -m state --state NEW -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -j general_input\n"); +#ifdef FEATURE_MAPE + fprintf(filter_fp, "-A INPUT -i %s -j wan2self\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); +#endif wan_lan_webui_attack(filter_fp,lan_ifname); // Rate limiting the webui-access lan side lan_access_set_proto(filter_fp, "80",lan_ifname); @@ -12518,7 +12613,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", ecm_wan_ifname); } #endif /*_HUB4_PRODUCT_REQ_*/ - fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", current_wan_ifname); + fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); #if !defined(_HUB4_PRODUCT_REQ_) && !defined(_PLATFORM_RASPBERRYPI_) && !defined(_PLATFORM_TURRIS_) && !defined(_PLATFORM_BANANAPI_R4_) && !defined (NO_MTA_FEATURE_SUPPORT) #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) if( 0 != strncmp( devicePartnerId, "sky-", 4 ) ) @@ -12529,10 +12624,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(filter_fp, "-A INPUT -i %s -j lan2self\n", lan_ifname); fprintf(filter_fp, "-A INPUT -i %s -j wan2self\n", current_wan_ifname); - if ('\0' != default_wan_ifname[0] && 0 != strlen(default_wan_ifname) && 0 != strcmp(default_wan_ifname, current_wan_ifname)) { + if ('\0' != default_wan_ifname[0] && 0 != strlen(default_wan_ifname) && 0 != strcmp(default_wan_ifname, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname)) { // even if current_wan_ifname is ppp we still want to consider default wan ifname as an interface // but dont duplicate - fprintf(filter_fp, "-A INPUT -i %s -j wan2self\n", default_wan_ifname); + fprintf(filter_fp, "-A INPUT -i %s -j wan2self\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:default_wan_ifname); } if (FALSE == bAmenityEnabled) { @@ -12546,6 +12641,16 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * updateAmenityNetworkRules(filter_fp,mangle_fp , AF_INET); #endif } + #if defined(VOICE_MTA_SUPPORT) + char cVoiceRule[64] = {0}; + sysevent_get(sysevent_fd, sysevent_token, "VoiceIpRule", cVoiceRule, sizeof(cVoiceRule)); + FIREWALL_DEBUG("%s: VoiceIpRule=%s\n" COMMA __FUNCTION__ COMMA cVoiceRule); + if (strlen(cVoiceRule) > 0) + { + fprintf(filter_fp,"%s\n", cVoiceRule); + FIREWALL_DEBUG("%s: Applied VoiceIpRule\n" COMMA __FUNCTION__); + } + #endif //Add wan2self restrictions to other wan interfaces //ping is allowed to cm and mta inferfaces regardless the firewall level #if !defined(_HUB4_PRODUCT_REQ_) @@ -12714,8 +12819,8 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif fprintf(filter_fp, "-A FORWARD -j general_forward\n"); - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j wan2lan\n", current_wan_ifname, lan_ifname); - fprintf(filter_fp, "-A FORWARD -i %s -o %s -j lan2wan\n", lan_ifname, current_wan_ifname); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j wan2lan\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, lan_ifname); + fprintf(filter_fp, "-A FORWARD -i %s -o %s -j lan2wan\n", lan_ifname, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); // need br0 to br0 for virtual services) fprintf(filter_fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", lan_ifname, lan_ifname); prepare_multinet_filter_forward(filter_fp); @@ -12781,8 +12886,8 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp,"-A INPUT -i %s -m pkttype ! --pkt-type unicast -j ACCEPT\n",iot_ifName); //fprintf(filter_fp,"-A FORWARD -i %s -o %s -j ACCEPT\n",iot_ifName,iot_ifName); //fprintf(filter_fp, "-I FORWARD 2 -i %s -o %s -j lan2wan_iot_allow\n", iot_ifName,current_wan_ifname); - fprintf(filter_fp, "-I FORWARD 2 -i %s -o %s -j ACCEPT\n", iot_ifName,current_wan_ifname); - fprintf(filter_fp, "-I FORWARD 3 -i %s -o %s -j wan2lan_iot_allow\n", current_wan_ifname, iot_ifName); + fprintf(filter_fp, "-I FORWARD 2 -i %s -o %s -j ACCEPT\n", iot_ifName,isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); + fprintf(filter_fp, "-I FORWARD 3 -i %s -o %s -j wan2lan_iot_allow\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, iot_ifName); //zqiu: R5337 //do_lan2wan_IoT_Allow(filter_fp); do_wan2lan_IoT_Allow(filter_fp); @@ -13894,6 +13999,9 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n //zqiu: RDKB-5686: xconf rule should work for pseudo bridge mode prepare_xconf_rules(mangle_fp); +#ifdef FEATURE_MAPE + prepare_mape_rules(mangle_fp); +#endif #ifdef CONFIG_BUILD_TRIGGER #ifndef CONFIG_KERNEL_NF_TRIGGER_SUPPORT @@ -14021,7 +14129,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n fprintf(filter_fp, "-A INPUT -p tcp -m multiport --dports 80,443 -d %s -j ACCEPT\n",lan0_ipaddr); #endif #if defined (MULTILAN_FEATURE) - fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", current_wan_ifname); + fprintf(filter_fp, "-A INPUT -i %s -j wan2self_mgmt\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); #else fprintf(filter_fp, "-A INPUT ! -i %s -j wan2self_mgmt\n", isBridgeMode == 0 ? lan_ifname : cmdiag_ifname); #endif diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 2d3bc2a4..7a82d772 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -147,6 +147,9 @@ extern BOOL isMAPTReady; #endif // NAT46_KERNEL_SUPPORT #endif +#define MAPE_TUNNEL_INTERFACE "ip6tnl" +extern BOOL isMAPEReady; + /* HUB4 application specific defines. */ #ifdef _HUB4_PRODUCT_REQ_ #ifdef HUB4_BFD_FEATURE_ENABLED @@ -495,6 +498,11 @@ void do_container_allow(FILE *pFilter, FILE *pMangle, FILE *pNat, int family); */ int do_mapt_rules_v6(FILE *filter_fp); +#ifdef FEATURE_MAPE +//MAPE related function +int prepare_mape_rules(FILE *mangle_fp); +#endif + // HUB4 specific functions #ifdef _HUB4_PRODUCT_REQ_ /** diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index 442402c7..798a6b0a 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -1240,6 +1240,12 @@ void do_ipv6_filter_table(FILE *fp){ // Basic RPF check on the egress & ingress traffic char prefix[129]; prefix[0] = 0; +#ifdef FEATURE_MAPE + char prev_prefix[MAX_QUERY] = {0}; + + sysevent_get(sysevent_fd, sysevent_token, "previous_ipv6_prefix", prev_prefix, sizeof(prev_prefix)); +#endif + #ifdef WAN_FAILOVER_SUPPORTED if (0 == checkIfULAEnabled()) { @@ -1252,6 +1258,12 @@ void do_ipv6_filter_table(FILE *fp){ #else sysevent_get(sysevent_fd, sysevent_token, "ipv6_prefix", prefix, sizeof(prefix)); #endif +#ifdef FEATURE_MAPE + if (prev_prefix[0] != '\0' && prefix[0] != '\0' && strcmp(prev_prefix, prefix) != 0) + { + fprintf(fp, "-A FORWARD -i brlan0 -o erouter0 -s %s -j REJECT --reject-with icmp6-policy-fail\n", prev_prefix); + } +#endif if ( '\0' != prefix[0] ) { //fprintf(fp, "-A FORWARD ! -s %s -i %s -m limit --limit 10/sec -j LOG --log-level %d --log-prefix \"UTOPIA: FW. IPv6 FORWARD anti-spoofing\"\n", prefix, lan_ifname,syslog_level); //fprintf(fp, "-A FORWARD ! -s %s -i %s -m limit --limit 10/sec -j REJECT --reject-with icmp6-adm-prohibited\n", prefix, lan_ifname); @@ -1736,10 +1748,11 @@ static int prepare_ipv6_multinet(FILE *fp) */ fprintf(fp, "-A INPUT -i %s -j ACCEPT\n", iface_name); - fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", iface_name, current_wan_ifname); - fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", iface_name, ecm_wan_ifname); - fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", current_wan_ifname, iface_name); - fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", ecm_wan_ifname, iface_name); + fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", iface_name, isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname); + fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", iface_name, ecm_wan_ifname); + fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", isMAPEReady?MAPE_TUNNEL_INTERFACE:current_wan_ifname, iface_name); + fprintf(fp, "-A FORWARD -i %s -o %s -j ACCEPT\n", ecm_wan_ifname, iface_name); + } } while ((p = strtok(NULL, " ")) != NULL); @@ -2014,6 +2027,9 @@ void do_ipv6_sn_filter(FILE* fp) { prepare_dscp_rules_to_prioritized_clnt(fp); prepare_dscp_rule_for_host_mngt_traffic(fp); prepare_xconf_rules(fp); +#ifdef FEATURE_MAPE + prepare_mape_rules(fp); +#endif #endif #ifdef _COSA_INTEL_XB3_ARM_ diff --git a/source/pmon/pmon.c b/source/pmon/pmon.c index 85cbe84c..4a33efae 100644 --- a/source/pmon/pmon.c +++ b/source/pmon/pmon.c @@ -178,13 +178,11 @@ static int proc_mon (const char *proc_name, const char *pid_file, const char *cm return 0; } v_secure_system("echo ' RDKB_PROCESS_CRASHED : %s is not running, need restart ' >> /rdklogs/logs/SelfHeal.txt.0 ",proc_name); - //dnsmasq selfheal mechanism is in Aggresive Selfheal for DHCP Manager - #if !defined (FEATURE_RDKB_DHCP_MANAGER) if(!strcmp(proc_name,"dnsmasq")) { t2_event_d("SYS_SH_dnsmasq_restart",1); } - #endif + printf("pmon: attempting to restart '%s' using '%s'\n", proc_name, cmd); if (pid_file) { printf("pmon: removing pid file %s\n", pid_file); diff --git a/source/scripts/init/c_registration/15_dhcp_server.c b/source/scripts/init/c_registration/15_dhcp_server.c index 2aee6edd..0b1751a8 100644 --- a/source/scripts/init/c_registration/15_dhcp_server.c +++ b/source/scripts/init/c_registration/15_dhcp_server.c @@ -85,11 +85,7 @@ const char* SERVICE_CUSTOM_EVENTS[] = { void srv_register(void) { sm_register(SERVICE_NAME, SERVICE_DEFAULT_HANDLER, SERVICE_CUSTOM_EVENTS); - - //dnsmasq selfheal mechanism is in Aggresive Selfheal for DHCP Manager - #if !defined (FEATURE_RDKB_DHCP_MANAGER) v_secure_system("/etc/utopia/service.d/pmon.sh register dhcp_server"); - #endif } #ifdef RDKB_EXTENDER_ENABLED @@ -153,10 +149,7 @@ void stop_service() void srv_unregister(void) { - //dnsmasq selfheal mechanism is in Aggresive Selfheal for DHCP Manager - #if !defined (FEATURE_RDKB_DHCP_MANAGER) v_secure_system("/etc/utopia/service.d/pmon.sh unregister dhcp_server"); - #endif #ifdef RDKB_EXTENDER_ENABLED stop_service(); diff --git a/source/scripts/init/defaults/system_defaults_arm b/source/scripts/init/defaults/system_defaults_arm index 4b58b93e..8d29a2aa 100755 --- a/source/scripts/init/defaults/system_defaults_arm +++ b/source/scripts/init/defaults/system_defaults_arm @@ -1497,3 +1497,7 @@ $FwDwld_AvlMem_RsrvThreshold=20 #FwDwld_ImageProcMemPercent Default value $FwDwld_ImageProcMemPercent=0 +#SelfHeal Cron - RFC flag is enabled by default +$SelfHealCronEnable=true +#STAGE Default value +$StageEnabled=false diff --git a/source/scripts/init/defaults/system_defaults_bci b/source/scripts/init/defaults/system_defaults_bci index cb485d56..c611e5d8 100755 --- a/source/scripts/init/defaults/system_defaults_bci +++ b/source/scripts/init/defaults/system_defaults_bci @@ -1346,3 +1346,8 @@ $FwDwld_AvlMem_RsrvThreshold=20 #FwDwld_ImageProcMemPercent Default value $FwDwld_ImageProcMemPercent=0 + +#SelfHeal Cron - RFC flag is enabled by default +$SelfHealCronEnable=true +#STAGE Default value +$StageEnabled=false diff --git a/source/scripts/init/defaults/system_defaults_xd4 b/source/scripts/init/defaults/system_defaults_xd4 index 115d581b..222d7bde 100755 --- a/source/scripts/init/defaults/system_defaults_xd4 +++ b/source/scripts/init/defaults/system_defaults_xd4 @@ -1440,3 +1440,8 @@ $LatencyMeasure_TCPReportInterval=15 $RemoteDebuggerEnabled=false $RemoteDebuggerIssueType=NULL +#FwDwld_AvlMem_RsrvThreshold Default value +$FwDwld_AvlMem_RsrvThreshold=20 + +#FwDwld_ImageProcMemPercent Default value +$FwDwld_ImageProcMemPercent=0 diff --git a/source/scripts/init/service.d/service_crond.sh b/source/scripts/init/service.d/service_crond.sh index 26dd4340..33b9757f 100755 --- a/source/scripts/init/service.d/service_crond.sh +++ b/source/scripts/init/service.d/service_crond.sh @@ -167,13 +167,44 @@ service_start () # Don't Zero iptable Counter echo "58 * * * * /usr/bin/GenFWLog -nz" >> $CRONTAB_FILE - # Monitor syscfg DB every 15minutes - echo "*/15 * * * * /usr/ccsp/tad/syscfg_recover.sh" >> $CRONTAB_FILE + SELFHEAL_CRON_ENABLE=$(syscfg get SelfHealCronEnable) + SELFHEAL_ENABLE=$(syscfg get selfheal_enable) + if [ "$SELFHEAL_CRON_ENABLE" = "true" ] && [ "$SELFHEAL_ENABLE" = "true" ]; then + echo_t "SelfHeal Cron is enabled" + # Monitor selfheal_aggressive.sh based on syscfg value + AGGRESSIVE_INTERVAL=$(syscfg get AggressiveInterval) + if [ -z "$AGGRESSIVE_INTERVAL" ]; then + AGGRESSIVE_INTERVAL=5 + fi + #Write cron rule + echo "*/$AGGRESSIVE_INTERVAL * * * * /usr/ccsp/tad/selfheal_aggressive.sh" >> $CRONTAB_FILE + + # Monitor resource_monitor.sh based on syscfg value + RESOURCE_MONITOR_INTERVAL=$(syscfg get resource_monitor_interval) + if [ -z "$RESOURCE_MONITOR_INTERVAL" ]; then + RESOURCE_MONITOR_INTERVAL=15 + fi + echo "*/$RESOURCE_MONITOR_INTERVAL * * * * /usr/ccsp/tad/resource_monitor.sh" >> $CRONTAB_FILE + + # Monitor self_heal_connectivity_test.sh based on syscfg value + SELFHEAL_PING_INTERVAL=$(syscfg get ConnTest_PingInterval) + if [ -z "$SELFHEAL_PING_INTERVAL" ]; then + SELFHEAL_PING_INTERVAL=60 + fi + echo "*/$SELFHEAL_PING_INTERVAL * * * * /usr/ccsp/tad/self_heal_connectivity_test.sh" >> $CRONTAB_FILE + echo_t "Selfheal cron jobs are started" + + else + echo_t "Selfheal cron is disabled" + # Monitor syscfg DB every 15minutes + echo "*/15 * * * * /usr/ccsp/tad/syscfg_recover.sh" >> $CRONTAB_FILE # Monitor resource_monitor.sh every 5 minutes TCCBR-3288 # if [ "$BOX_TYPE" = "TCCBR" ]; then echo "*/5 * * * * /usr/ccsp/tad/resource_monitor_recover.sh" >> $CRONTAB_FILE # fi + + fi # RDKB-23651 if [ "$THERMALCTRL_ENABLE" = "true" ]; then diff --git a/source/scripts/init/service.d/service_routed.sh b/source/scripts/init/service.d/service_routed.sh index 41421dde..03d65159 100755 --- a/source/scripts/init/service.d/service_routed.sh +++ b/source/scripts/init/service.d/service_routed.sh @@ -67,7 +67,10 @@ case "$1" in lan-status) status=$(sysevent get lan-status) if [ "$status" == "started" ]; then - service_routed start + service_routed start + if [ "$BOX_TYPE" == "WNXL11BWL" ]; then + service_routed radv-start + fi elif [ "$status" == "stopped" ]; then # As per Sky requirement, radvd should run with ULA prefix though the wan-status is down if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$LANULASupport" != "true" ]; then diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 65596924..de9b773a 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -330,7 +330,7 @@ static int handle_version (char* name, char* value) return ret; } -static int check_version (void) +static int check_version (const char* defaultsFile) { char buf[1024]; char *line; @@ -338,11 +338,11 @@ static int check_version (void) char *value; FILE *fp; - fp = fopen (DEFAULT_FILE, "r"); + fp = fopen (defaultsFile, "r"); if (fp == NULL) { - printf ("[utopia] no system default file (%s) found\n", DEFAULT_FILE); + printf ("[utopia] no system default file (%s) found\n", defaultsFile); return -1; } @@ -404,7 +404,7 @@ static int check_version (void) * Parameters : * Return Value : 0 if ok, -1 if not */ -static int set_syscfg_defaults (void) +static int set_syscfg_defaults (const char *defaultsFile) { char buf[1024]; char *line; @@ -412,11 +412,11 @@ static int set_syscfg_defaults (void) char *value; FILE *fp; - fp = fopen (DEFAULT_FILE, "r"); + fp = fopen (defaultsFile, "r"); if (fp == NULL) { - printf ("[utopia] no system default file (%s) found\n", DEFAULT_FILE); + printf ("[utopia] no system default file (%s) found\n", defaultsFile); return -1; } @@ -474,7 +474,7 @@ static int set_syscfg_defaults (void) * Parameters : * Return Value : 0 if ok, -1 if not */ -static int set_sysevent_defaults (void) +static int set_sysevent_defaults (const char *defaultsFile) { char buf[1024]; char *line; @@ -482,11 +482,11 @@ static int set_sysevent_defaults (void) char *value; FILE *fp; - fp = fopen (DEFAULT_FILE, "r"); + fp = fopen (defaultsFile, "r"); if (fp == NULL) { - printf ("[utopia] no system default file (%s) found\n", DEFAULT_FILE); + printf ("[utopia] no system default file (%s) found\n", defaultsFile); return -1; } @@ -561,13 +561,21 @@ static int set_sysevent_defaults (void) */ static int set_defaults(void) { + const char *defaultsFile = DEFAULT_FILE; + +#ifdef _ONESTACK_PRODUCT_REQ_ + // Determine defaults file based on device mode for OneStack products + defaultsFile = onestackutils_get_defaults_file(); + APPLY_PRINT("%s - onestackutils_get_defaults_file returned %s\n", __FUNCTION__, defaultsFile); +#endif // _ONESTACK_PRODUCT_REQ_ + + APPLY_PRINT("%s: defaultsFile: %s\n", __FUNCTION__, defaultsFile); #if ! defined (ALWAYS_CONVERT) - check_version(); + check_version(defaultsFile); #endif - set_syscfg_defaults(); - set_sysevent_defaults(); - + set_syscfg_defaults(defaultsFile); + set_sysevent_defaults(defaultsFile); return 0; } @@ -961,7 +969,9 @@ static int get_PartnerID (char *PartnerID) #endif // _ONESTACK_PRODUCT_REQ_ validatePartnerId ( PartnerID ); +#ifndef _ONESTACK_PRODUCT_REQ_ unlink("/nvram/.partner_ID"); +#endif // _ONESTACK_PRODUCT_REQ_ } set_syscfg_partner_values(PartnerID,"PartnerID"); @@ -1450,6 +1460,19 @@ STATIC void addInSysCfgdDB (char *key, char *value) } } #endif + #if defined (VOICE_MTA_SUPPORT) + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Enabled")) + if (0 == IsValuePresentinSyscfgDB("VoiceSupport_Enabled")) + set_syscfg_partner_values(value, "VoiceSupport_Enabled"); + + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.InterfaceName")) + if (0 == IsValuePresentinSyscfgDB("VoiceSupport_IfaceName")) + set_syscfg_partner_values(value, "VoiceSupport_IfaceName"); + + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Mode")) + if (0 == IsValuePresentinSyscfgDB("VoiceSupport_Mode")) + set_syscfg_partner_values(value, "VoiceSupport_Mode"); + #endif /*VOICE_MTA_SUPPORT*/ if ( 0 == strcmp ( key, "Device.X_RDK_WebConfig.URL") ) { if ( 0 == IsValuePresentinSyscfgDB( "WEBCONFIG_INIT_URL" ) ) @@ -1715,6 +1738,16 @@ STATIC void updateSysCfgdDB (char *key, char *value) set_syscfg_partner_values( value,"IPv4SecondaryDhcpServerOptions" ); } #endif + #if defined (VOICE_MTA_SUPPORT) + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Enabled")) + set_syscfg_partner_values(value, "VoiceSupport_Enabled"); + + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.InterfaceName")) + set_syscfg_partner_values(value, "VoiceSupport_IfaceName"); + + if (0 == strcmp(key, "Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Mode")) + set_syscfg_partner_values(value, "VoiceSupport_Mode"); + #endif /*VOICE_MTA_SUPPORT*/ if ( 0 == strcmp ( key, "Device.X_RDK_WebConfig.URL") ) { set_syscfg_partner_values( value,"WEBCONFIG_INIT_URL" ); @@ -3022,7 +3055,6 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) { APPLY_PRINT("%s - Default Value of StartupIPMode is NULL\n", __FUNCTION__ ); } - paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Default_VoIP_Configuration_FileName"), "ActiveValue"); if ( paramObjVal != NULL ) { @@ -3097,7 +3129,64 @@ if ( paramObjVal != NULL ) { APPLY_PRINT("%s - Default Value of Secondary dhcp server option is NULL\n", __FUNCTION__ ); } + #endif + #if defined (VOICE_MTA_SUPPORT) + paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem(partnerObj,"Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Enabled"),"ActiveValue"); + if(paramObjVal != NULL) + { + char *pVoiceSupportEnabled = NULL; + pVoiceSupportEnabled = paramObjVal->valuestring; + if(pVoiceSupportEnabled != NULL && pVoiceSupportEnabled[0] != '\0') + { + set_syscfg_partner_values(pVoiceSupportEnabled,"VoiceSupport_Enabled"); + } + else + { + APPLY_PRINT("%s - VoiceSupportEnabled Value is NULL\n", __FUNCTION__ ); + } + } + else + { + APPLY_PRINT("%s - VoiceSupportEnabled Object is NULL\n", __FUNCTION__ ); + } + paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem(partnerObj,"Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.InterfaceName"),"ActiveValue"); + if(paramObjVal != NULL) + { + char *pVoiceSupportIfaceName = NULL; + pVoiceSupportIfaceName = paramObjVal->valuestring; + if(pVoiceSupportIfaceName != NULL && pVoiceSupportIfaceName[0] != '\0') + { + set_syscfg_partner_values(pVoiceSupportIfaceName,"VoiceSupport_IfaceName"); + } + else + { + APPLY_PRINT("%s - VoiceSupportIfaceName Value is NULL\n", __FUNCTION__ ); + } + } + else + { + APPLY_PRINT("%s - VoiceSupportIfaceName Object is NULL\n", __FUNCTION__ ); + } + paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem(partnerObj,"Device.X_RDKCENTRAL-COM_Epon_MTA.VoiceSupport.Mode"),"ActiveValue"); + if(paramObjVal != NULL) + { + char *pVoiceSupportMode = NULL; + pVoiceSupportMode = paramObjVal->valuestring; + if(pVoiceSupportMode != NULL && pVoiceSupportMode[0] != '\0') + { + set_syscfg_partner_values(pVoiceSupportMode,"VoiceSupport_Mode"); + } + else + { + APPLY_PRINT("%s - VoiceSupportMode Value is NULL\n", __FUNCTION__ ); + } + } + else + { + APPLY_PRINT("%s - VoiceSupportMode Object is NULL\n", __FUNCTION__ ); + } + #endif /*VOICE_MTA_SUPPORT*/ paramObjVal = cJSON_GetObjectItem(cJSON_GetObjectItem( partnerObj, "Device.DeviceInfo.X_RDKCENTRAL-COM_Syndication.WANsideSSH.Enable"), "ActiveValue"); if ( paramObjVal != NULL ) { @@ -3374,7 +3463,9 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) retryCount--; } +#ifndef _ONESTACK_PRODUCT_REQ_ set_defaults(); + if (syscfg_dirty) { @@ -3382,6 +3473,7 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) syscfg_commit(); APPLY_PRINT("Number_Of_Entries_Commited_to_Sysconfig_Database=%d\n",syscfg_dirty); } +#endif #if defined(_SYNDICATION_BUILDS_) v_secure_system( "/lib/rdk/apply_partner_customization.sh" ); @@ -3454,6 +3546,19 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) get_PartnerID ( PartnerID ); } +#ifdef _ONESTACK_PRODUCT_REQ_ + // For OneStack products, set_defaults() must be called after get_PartnerID() to ensure the partner ID and device mode are correctly configured + set_defaults(); + + if (syscfg_dirty) + { + printf("[utopia] [init] committing default syscfg values\n"); + syscfg_commit(); + APPLY_PRINT("Number_Of_Entries_Commited_to_Sysconfig_Database=%d\n",syscfg_dirty); + } +#endif + + #if defined (_RDKB_GLOBAL_PRODUCT_REQ_) CheckAndHandleInvalidPartnerIDRecoveryProcess(PartnerID); #endif // (_RDKB_GLOBAL_PRODUCT_REQ_) diff --git a/source/service_deviceMode/service_devicemode.c b/source/service_deviceMode/service_devicemode.c index 3626ba66..01bff266 100644 --- a/source/service_deviceMode/service_devicemode.c +++ b/source/service_deviceMode/service_devicemode.c @@ -417,7 +417,9 @@ int service_start(int mode) sysevent_set(sysevent_fd, sysevent_token, "lnf-setup", buf, 0); #endif runCommandInShellBlocking("systemctl restart CcspLMLite.service"); - sysevent_set(sysevent_fd, sysevent_token, "zebra-restart", "", 0); +#if !defined(_WNXL11BWL_PRODUCT_REQ_) + sysevent_set(sysevent_fd, sysevent_token, "zebra-restart", "", 0); +#endif } break; case DEVICE_MODE_EXTENDER: diff --git a/source/service_routed/Makefile.am b/source/service_routed/Makefile.am index e869e8de..59d6cb01 100644 --- a/source/service_routed/Makefile.am +++ b/source/service_routed/Makefile.am @@ -40,6 +40,13 @@ service_routed_LDADD = $(top_builddir)/source/util/utils/libutopiautil.la \ $(top_builddir)/source/utctx/lib/libutctx.la \ $(top_builddir)/source/ulog/libulog.la \ -ltelemetry_msgsender + +service_routed_LDFLAGS = + if CORE_NET_LIB_FEATURE_SUPPORT -service_routed_LDFLAGS = -lnet +service_routed_LDFLAGS += -lnet +endif + +if ONESTACK_PRODUCT_REQ +service_routed_LDFLAGS += -L${PKG_CONFIG_SYSROOT_DIR}$(libdir) -lrdkb_feature_mode_gate endif diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 34e7ca35..388ba213 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -136,7 +136,7 @@ struct serv_routed { bool wan_ready; }; -#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) +#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) || defined (_XB10_PRODUCT_REQ_) #ifdef _BWG_PRODUCT_REQ_ #define LOG_FILE "/rdklogs/logs/ArmConsolelog.txt.0" #else @@ -2127,7 +2127,7 @@ STATIC int radv_restart(struct serv_routed *sr) STATIC int rip_start(struct serv_routed *sr) { char enable[16]; -#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) +#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) || defined (_ONESTACK_PRODUCT_REQ_) char ripd_conf_status[16]; #endif if (!serv_can_start(sr->sefd, sr->setok, "rip")) @@ -2172,7 +2172,7 @@ sleep(45); /*sleep upto update ripd.conf after reboot*/ sysevent_set(sr->sefd, sr->setok, "rip-status", "error", 0); return -1; } -#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) +#if defined (_CBR_PRODUCT_REQ_) || defined (_BWG_PRODUCT_REQ_) || defined (_CBR2_PRODUCT_REQ_) || defined (_ONESTACK_PRODUCT_REQ_) int retries=0; while (retries<20) { memset(ripd_conf_status,0,sizeof(ripd_conf_status));