From 2d5a7fe943c1fa22d0a675b5934066fd6dcfe771 Mon Sep 17 00:00:00 2001 From: Parthiban Selvaraj Date: Thu, 18 Sep 2025 10:47:59 +0000 Subject: [PATCH 1/5] RDKB-58910, RDKB-60010 : Move the WAN IPV6 configuration from brlan0 Reason for change: [NTP] Remove sky specific workarounds from the NTP script . Test Procedure: Updated in Jira. Risks: none Priority: P1 Signed-off-by: Parthiban Selvaraj --- source/scripts/init/service.d/service_ntpd.sh | 51 ++++--------------- 1 file changed, 9 insertions(+), 42 deletions(-) diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index bd8859d6..cee0f2e7 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -50,7 +50,6 @@ NTP_CONF_TMP=/tmp/ntp.conf NTP_CONF_QUICK_SYNC=/tmp/ntp_quick_sync.conf LOCKFILE=/var/tmp/service_ntpd.pid BIN=ntpd -WAN_IPv6_UP=0 QUICK_SYNC_PID="" QUICK_SYNC_DONE=0 @@ -171,33 +170,7 @@ wan_wait () #Make sure WAN interface has an IPv4 or IPv6 address before telling NTP to listen on Interface WAN_IPv4=`ifconfig -a "$WAN_INTERFACE" | grep inet | grep -v inet6 | tr -s " " | cut -d ":" -f2 | cut -d " " -f1 | head -n1` - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$LANIPV6Support" = "true" ]; then - CURRENT_WAN_IPV6_STATUS=`sysevent get ipv6_connection_state` - if [ "up" = "$CURRENT_WAN_IPV6_STATUS" ] ; then - ULAprefix=`sysevent get ula_address |cut -d ':' -f1` - if [ -z "$ULAprefix" ]; then - WAN_IPv6=`ifconfig "$NTPD_IPV6_INTERFACE" | grep inet6 | grep Global | awk '/inet6/{print $3}' | grep -v 'fdd7' | cut -d '/' -f1 | head -n1` - else - WAN_IPv6=`ifconfig "$NTPD_IPV6_INTERFACE" | grep inet6 | grep Global | awk '/inet6/{print $3}' | grep -v 'fdd7' | grep -v "$ULAprefix" | cut -d '/' -f1 | head -n1` - fi - WAN_IPv6_UP=1 - # SHARMAN-2301 - #This change is for UK MAP-T SR213. When NTP servers are IPv4 only and there is no IPv4 WAN IP on the interface we will use $NTPD_IPV6_INTERFACE(currently brlan0) ipv4 ip to sort ntpd daemon socket problems and routing. - if [ "$BOX_TYPE" = "SR213" ] || [ "$LANIPV6Support" == "true" ]; then - MAPT_STATS=$(sysevent get mapt_config_flag) - echo_t "SERVICE_NTPD : MAPT_STATS=$MAPT_STATS" - if [ x"$MAPT_STATS" = x"set" ]; then - IPV4_CONN_STATE=$(sysevent get ipv4_connection_state) - echo_t "SERVICE_NTPD : IPV4_CONN_STATE=$IPV4_CONN_STATE" - if [ x"$IPV4_CONN_STATE" != x"up" ]; then - WAN_IPv4=`ifconfig "$NTPD_IPV6_INTERFACE" | grep inet\ \addr | cut -d ':' -f2 |cut -d ' ' -f1` - fi - fi - fi - fi - else - WAN_IPv6=`ifconfig "$WAN_INTERFACE" | grep inet6 | grep Global | awk '/inet6/{print $3}' | cut -d '/' -f1 | head -n1` - fi + WAN_IPv6=`ifconfig "$WAN_INTERFACE" | grep inet6 | grep Global | awk '/inet6/{print $3}' | cut -d '/' -f1 | head -n1` if [ -n "$WAN_IPv4" ] || [ -n "$WAN_IPv6" ]; then if [ "$2" = "quickSync" ];then @@ -399,6 +372,7 @@ service_start () syscfg set ntp_status 2 if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$LANIPV6Support" = "true" ]; then + #TODO : could be a common code. WAN_IPV6_STATUS=`sysevent get ipv6_connection_state` if [ "started" != "$CURRENT_WAN_STATUS" ] && [ "up" != "$WAN_IPV6_STATUS" ] ; then syscfg set ntp_status 2 @@ -626,22 +600,12 @@ service_start () if [ -n "$QUICK_SYNC_WAN_IP" ]; then # Try and Force Quick Sync to Run on a single interface - uptime=$(cut -d. -f1 /proc/uptime) + uptime=$(cut -d. -f1 /proc/uptime) uptime_ms=$((uptime*1000)) echo_t "SERVICE_NTPD : Starting NTP Quick Sync" >> $NTPD_LOG_NAME - t2ValNotify "SYST_INFO_NTP_START_split" $uptime_ms - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$ntpHealthCheck" = "true" ]; then - if [ $WAN_IPv6_UP -eq 1 ]; then - $BIN -c $NTP_CONF_QUICK_SYNC --interface "$QUICK_SYNC_WAN_IP" -x -gq -l $NTPD_LOG_NAME & - QUICK_SYNC_PID=$! - else - $BIN -c $NTP_CONF_QUICK_SYNC --interface "$QUICK_SYNC_WAN_IP" -x -gq -4 -l $NTPD_LOG_NAME & - QUICK_SYNC_PID=$! - fi - else - $BIN -c $NTP_CONF_QUICK_SYNC --interface "$QUICK_SYNC_WAN_IP" -x -gq -l $NTPD_LOG_NAME & - QUICK_SYNC_PID=$! - fi + t2ValNotify "SYST_INFO_NTP_START_split" $uptime_ms + $BIN -c $NTP_CONF_QUICK_SYNC --interface "$QUICK_SYNC_WAN_IP" -x -gq -l $NTPD_LOG_NAME & + QUICK_SYNC_PID=$! if [ -n "$QUICK_SYNC_PID" ];then set_ntp_quicksync_status fi @@ -656,6 +620,7 @@ service_start () systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + #TODO : could be a common code. sysevent set firewall-restart fi fi @@ -812,6 +777,7 @@ case "$1" in wan-status) if [ "started" = "$CURRENT_WAN_STATUS" ] ; then if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$ntpHealthCheck" = "true" ]; then + #TODO : could be a common code. Will affect common NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` if [ $NTP_STATUS == 3 ] && [ -n "$NTPD_PROCESS" ];then @@ -844,6 +810,7 @@ case "$1" in ;; ipv6_connection_state) if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$ntpHealthCheck" = "true" ]; then + #TODO : could be a common code. NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` #SKYH4-6932: When IPv6 comes up after ipv4, IPv6 listners won't be added and hence with ipv6 only ntp servers, we will have time syncing problems. So checking time sync status along with ntpd process, if time isn't synced there will conf update and ntpd restart. From 7ea7a04e9e178526a349f26b5d9695a75388ccc6 Mon Sep 17 00:00:00 2001 From: Jonathan Wu Date: Mon, 24 Nov 2025 20:38:02 +0000 Subject: [PATCH 2/5] RDKB-60010 : Remove sky specific from the NTP script Reason for change: Remove Sky specific workaround from NTP script Test Procedure: None Risks: None Priority: P1 Signed-off-by: Jonathan Wu --- .github/CODEOWNERS | 2 +- .github/workflows/cla.yml | 13 +- ...gration_stateless_diffscan_target_repo.yml | 13 +- CHANGELOG.md | 66 +--- source/firewall/firewall.c | 121 +------ source/firewall/firewall.h | 6 +- source/firewall/firewall_ext.c | 2 +- source/firewall/firewall_ipv6.c | 28 +- .../igd/src/inc/igd_platform_dependent_inf.h | 8 +- .../init/c_registration/15_dhcp_server.c | 2 +- .../scripts/init/defaults/system_defaults_arm | 2 - source/scripts/init/service.d/lan_handler.sh | 2 +- source/scripts/init/service.d/logrotate.sh | 4 +- source/scripts/init/service.d/pmon.sh | 4 +- .../scripts/init/service.d/service_crond.sh | 4 +- .../dhcp_server_functions.sh | 7 +- source/scripts/init/service.d/service_igd.sh | 2 +- source/scripts/init/service.d/service_ipv4.sh | 2 +- .../init/service.d/service_mcastproxy.sh | 2 +- .../service.d/service_multinet/handle_gre.sh | 6 +- source/scripts/init/service.d/service_ntpd.sh | 8 +- source/scripts/init/service.d/service_sshd.sh | 16 +- .../service_sshd/service_dropbearssh.sh | 2 +- .../apply_system_defaults.c | 12 +- source/scripts/init/system/utopia_init.sh | 6 +- source/scripts/init/system/utopia_init_xb6.sh | 4 +- source/service_dhcp/dhcp_server_functions.c | 3 +- source/service_routed/service_routed.c | 25 +- source/syscfg/lib/syscfg_lib.c | 310 ++---------------- source/sysevent/lib/sysevent.h | 6 +- source/sysevent/server/syseventd.h | 7 +- source/sysevent/server/syseventd_main.c | 2 - source/sysevent/server/worker_threads.c | 8 +- 33 files changed, 128 insertions(+), 577 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index bbbaa1df..0f5f5932 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,4 +2,4 @@ # the repo. Unless a later match takes precedence, # @global-owner1 and @global-owner2 will be requested for # review when someone opens a pull request. -* @rdkcentral/utopia-maintainers @rdkcentral/rdkb-maintainers +* @rdkcentral/advsecurity-maintainers diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index c58b1b0b..05504793 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -1,20 +1,13 @@ name: "CLA" - -permissions: - contents: read - pull-requests: write - actions: write - statuses: write - on: issue_comment: types: [created] pull_request_target: - types: [opened, closed, synchronize] + types: [opened,closed,synchronize] jobs: CLA-Lite: name: "Signature" - uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@v1 + uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@main secrets: - PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} \ No newline at end of file diff --git a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml index 7b8c1cba..da02b8b4 100644 --- a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml +++ b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml @@ -1,18 +1,11 @@ name: Fossid Stateless Diff Scan -on: - pull_request: - types: [opened, synchronize, reopened] - -permissions: - contents: read - pull-requests: read +on: pull_request jobs: call-fossid-workflow: - if: ${{ ! github.event.pull_request.head.repo.fork }} - uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@1.0.0 - secrets: + uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@develop + secrets: FOSSID_CONTAINER_USERNAME: ${{ secrets.FOSSID_CONTAINER_USERNAME }} FOSSID_CONTAINER_PASSWORD: ${{ secrets.FOSSID_CONTAINER_PASSWORD }} FOSSID_HOST_USERNAME: ${{ secrets.FOSSID_HOST_USERNAME }} diff --git a/CHANGELOG.md b/CHANGELOG.md index def893ae..483067b9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,76 +4,12 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). -#### [1.3.0](https://github.com/rdkcentral/utopia/compare/1.2.2...1.3.0) - -- XB10-2198: SYS_SH_dnsmasq_restart is continuous with 8.2p5s1 upgrade [`#119`](https://github.com/rdkcentral/utopia/pull/119) -- revert of kernel_pid.max val set from utopia_init.sh file [`#117`](https://github.com/rdkcentral/utopia/pull/117) -- RDKB-60798-IPv6 Support for WiFi Hotspot [`#115`](https://github.com/rdkcentral/utopia/pull/115) -- XER10-1687-Observing intermittent ovsh crash [`#114`](https://github.com/rdkcentral/utopia/pull/114) -- RDKB-61612 : WAN Failover Utility is required in Ethwan mode similar to DOCSIS [`#97`](https://github.com/rdkcentral/utopia/pull/97) -- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`#111`](https://github.com/rdkcentral/utopia/pull/111) -- SHARMAN-1210:Add telemetry support to report FW info from both banks [`#70`](https://github.com/rdkcentral/utopia/pull/70) -- IPv6 support for WIFI hotspot [`#52`](https://github.com/rdkcentral/utopia/pull/52) -- Presence Notification [`04d5da3`](https://github.com/rdkcentral/utopia/commit/04d5da34148680adce639b27d63f790a5438832a) -- Merge tag '1.2.2' into develop [`3b14a92`](https://github.com/rdkcentral/utopia/commit/3b14a92d8a532ec9e34064eb5b0ddc861fe1c88f) -- Merge tag '1.2.1' into develop [`d652c3a`](https://github.com/rdkcentral/utopia/commit/d652c3a4266e78d843c330383c334f79a3e051ea) - -#### [1.2.2](https://github.com/rdkcentral/utopia/compare/1.2.1...1.2.2) - -> 28 October 2025 - -- Add CHANGELOG.md for hotfix 1.2.2 [`d101335`](https://github.com/rdkcentral/utopia/commit/d1013350a35701126277638f15726ada20e84ad9) -- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`71f62ac`](https://github.com/rdkcentral/utopia/commit/71f62ac3e8601aaa4bb3147488bd40d49c127dfc) - -#### [1.2.1](https://github.com/rdkcentral/utopia/compare/1.2.0...1.2.1) - -> 23 October 2025 - -- RDKB-61777: [utopia] Code development to remove _64BIT_ARCH_SUPPORT_ macro [`#99`](https://github.com/rdkcentral/utopia/pull/99) -- XB9-429 : Upstream xb9 specific changes to github repo [`#53`](https://github.com/rdkcentral/utopia/pull/53) -- XF10-18 : XF10 Model support in Utopia Scripts [`#73`](https://github.com/rdkcentral/utopia/pull/73) -- RDKCOM-5434: RDKBDEV-3290,RDKBACCL-1052 fynecli connection was not established from remote ubuntu pc via 49153 port [`#47`](https://github.com/rdkcentral/utopia/pull/47) -- Update service_routed.c [`92feb43`](https://github.com/rdkcentral/utopia/commit/92feb43e4b9528b801ada6c7b6c5be286ba9329a) -- Update service_routed.c [`9eedf98`](https://github.com/rdkcentral/utopia/commit/9eedf983fbc74a4701b7e15226f2efea11040e8f) -- Add CHANGELOG.md for Release 1.2.1 [`9715e7f`](https://github.com/rdkcentral/utopia/commit/9715e7f5b7df31507f69a2e29e556b2baf5964d3) - -#### [1.2.0](https://github.com/rdkcentral/utopia/compare/1.1.3...1.2.0) - -> 9 October 2025 - -- Update CODEOWNERS [`#100`](https://github.com/rdkcentral/utopia/pull/100) -- Add the XF10 product common flag [`#72`](https://github.com/rdkcentral/utopia/pull/72) -- RDKB-59938 : Observing SYSCFG DB stored with junk values [`#61`](https://github.com/rdkcentral/utopia/pull/61) -- Deploy fossid_integration_stateless_diffscan_target_repo action [`#93`](https://github.com/rdkcentral/utopia/pull/93) -- Update CODEOWNERS [`#81`](https://github.com/rdkcentral/utopia/pull/81) -- Deploy cla action [`#82`](https://github.com/rdkcentral/utopia/pull/82) -- Add CHANGELOG.md for Release 1.2.0 [`29800ce`](https://github.com/rdkcentral/utopia/commit/29800ce8221a3251b5bab5fb0b43ded3ff82fab8) - -#### [1.1.3](https://github.com/rdkcentral/utopia/compare/1.1.2...1.1.3) - -> 25 September 2025 - -- RDKB-61786: Revert the changes of RDKB-60131 [`#77`](https://github.com/rdkcentral/utopia/pull/77) -- Rebase with develop [`#75`](https://github.com/rdkcentral/utopia/pull/75) -- RDKB-58679: Add PSM changes for vlan [`#56`](https://github.com/rdkcentral/utopia/pull/56) -- RDKB-60956: Default OAUTH AuthMode feature to SSO in firmware [`#71`](https://github.com/rdkcentral/utopia/pull/71) -- RDKB-61412 : Add RDKBPOD generic vendor name for all extender devices [`#68`](https://github.com/rdkcentral/utopia/pull/68) -- RDKB-60813 : Webui attack handling in Firewall [`#66`](https://github.com/rdkcentral/utopia/pull/66) -- RDKB-60232 : Option 82 rules for Amenity bridges [`#65`](https://github.com/rdkcentral/utopia/pull/65) -- RDKDEV-1132, RDKBACCL-846: Migrate scripts from RPI to BPI [`#49`](https://github.com/rdkcentral/utopia/pull/49) -- RDKB-61372: Handling recovery cases of Unknown/Invalid syscfg PartnerID [`#51`](https://github.com/rdkcentral/utopia/pull/51) -- Merge branch 'release/1.1.2' [`#59`](https://github.com/rdkcentral/utopia/pull/59) -- Add CHANGELOG.md for Release 1.1.3 [`a3baf10`](https://github.com/rdkcentral/utopia/commit/a3baf10901f136401d834b5e3f07b18ec1480588) -- Update firewall.h [`7c2b6ab`](https://github.com/rdkcentral/utopia/commit/7c2b6ab093e0c66d53261357995b407f65287233) - #### [1.1.2](https://github.com/rdkcentral/utopia/compare/1.1.1...1.1.2) -> 12 September 2025 - - RDKB-60957: Add Utopia RFC defaults for xmeminsight Tool [`#48`](https://github.com/rdkcentral/utopia/pull/48) -- Add CHANGELOG.md for release 1.1.2 [`7d54a7b`](https://github.com/rdkcentral/utopia/commit/7d54a7b302b870e3d4366d0bdbbb93510f8a8e51) - Update system_defaults_xd4 [`c37af2a`](https://github.com/rdkcentral/utopia/commit/c37af2a17733f4acdfd422354d0d261b8bccee5b) - Update system_defaults_bci [`201f075`](https://github.com/rdkcentral/utopia/commit/201f075ca07729b955ce0af67df480867ea039ab) +- Update system_defaults_arm [`956c7ac`](https://github.com/rdkcentral/utopia/commit/956c7ac5565d709181b3d7f28ef7761c1e37278f) #### [1.1.1](https://github.com/rdkcentral/utopia/compare/1.1.0...1.1.1) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index c7181ea4..4a77fe25 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -697,7 +697,6 @@ char current_wan_ip6_addr[128]; bool isDefHttpsPortUsed = FALSE ; int current_wan_ipv6_num = 0; char default_wan_ifname[50]; // name of the regular wan interface -char hotspot_wan_ifname[50]; int rfstatus; /* * For timed internet access rules we use cron @@ -1456,23 +1455,7 @@ static int do_wan_nat_lan_clients_mapt(FILE *fp) return 0; } #endif //FEATURE_MAPT -void do_webui_attack_filter(FILE *filter_fp) -{ - FIREWALL_DEBUG("Entering do_webui_attack_filter\n"); - fprintf(filter_fp, ":%s - [0:0]\n", "UPLOAD_ATTACK_FILTER"); - fprintf(filter_fp, "-A UPLOAD_ATTACK_FILTER -m string --algo bm --string \"%s\" -j DROP \n", " from PSM - memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); - rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); - if(rc == CCSP_SUCCESS && pStr != NULL){ - FIREWALL_DEBUG("HotSpot wan interface fetched \n"); - safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); - ERR_CHK(safec_rc); - Ansc_FreeMemory_Callback(pStr); - pStr = NULL; - } - FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); - memset(mesh_wan_ipv6addr,0,sizeof(mesh_wan_ipv6addr)); get_ip6address(mesh_wan_ifname, mesh_wan_ipv6addr, &mesh_wan_ipv6_num,IPV6_ADDR_SCOPE_GLOBAL); #endif @@ -5278,37 +5248,6 @@ static int do_nat_ephemeral(FILE *fp) return(0); } -void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4) -{ - FIREWALL_DEBUG(" Entering applyHotspotPostRoutingRules \n"); - char sysEventName[256]; - if (isIpv4 == true) - { - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) - { - FIREWALL_DEBUG("Apply Post Routing Rules for IPv4\n"); - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); - fprintf(fp, "-A postrouting_towan -o %s -j SNAT --to-source %s\n" , current_wan_ifname, current_wan_ipaddr); - } - } - else - { - memset(current_wan_ip6_addr, 0, sizeof(current_wan_ip6_addr)); - memset(sysEventName, 0, sizeof(sysEventName)); - snprintf(sysEventName, sizeof(sysEventName),"tr_%s_dhcpv6_client_v6addr", hotspot_wan_ifname); - sysevent_get(sysevent_fd, sysevent_token, sysEventName, current_wan_ip6_addr, sizeof(current_wan_ip6_addr)); - - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) - { - FIREWALL_DEBUG("Apply Post Routing Rules for IPv6\n"); - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); - fprintf(fp, "-A POSTROUTING -o %s -j SNAT --to-source %s\n", current_wan_ifname, current_wan_ip6_addr); - } - - } - FIREWALL_DEBUG(" Exiting applyHotspotPostRoutingRules \n"); -} - #if defined(_BWG_PRODUCT_REQ_) /* * Procedure : do_raw_table_staticip @@ -5461,14 +5400,7 @@ static int do_wan_nat_lan_clients(FILE *fp) #ifdef RDKB_EXTENDER_ENABLED fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); #else - #ifdef WAN_FAILOVER_SUPPORTED - if (0 == checkIfULAEnabled()) - { - applyHotspotPostRoutingRules(fp, true); - } else { fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); - } - #endif #endif #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) } @@ -5998,7 +5930,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) fprintf(fp, "-A INPUT -j wanattack\n"); //Smurf attack, actually the below rules are to prevent us from being the middle-man host -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6018,7 +5950,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request -j xlog_drop_wanattack\n"); // ICMP Smurf Attack (timestamp) -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPSmurfAttack -p icmp -m icmp --icmp-type timestamp-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6040,7 +5972,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //ICMP Flooding. Mark traffic bit rate > 5/s as attack and limit 6 log entries per hour fprintf(fp, "-A ICMPFlooding -p icmp -m limit --limit 5/s --limit-burst 10 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPFlooding -p icmp %s -j LOG --log-prefix \"DoS Attack - ICMP Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6062,7 +5994,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //TCP SYN Flooding fprintf(fp, "-A TCPSYNFlooding -p tcp --syn -m limit --limit 10/s --limit-burst 20 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_)/* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A TCPSYNFlooding -p tcp --syn %s -j LOG --log-prefix \"DoS Attack - TCP SYN Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6086,7 +6018,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) if(isWanReady) { /* Allow multicast packet through */ fprintf(fp, "-A LANDAttack -p udp -s %s -d 224.0.0.0/8 -j RETURN\n", wan_ip); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A LANDAttack -s %s %s -j LOG --log-prefix \"DoS Attack - LAND Attack\" --log-level 7\n", wan_ip, logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6275,26 +6207,6 @@ static int remote_access_set_proto(FILE *filt_fp, FILE *nat_fp, const char *port FIREWALL_DEBUG("Exiting remote_access_set_proto\n"); return 0; } -int wan_lan_webui_attack(FILE *fp, const char *interface) -{ - int rc = 0; - char httpport[64] = {0}; - char httpsport[64] = {0}; - char query[MAX_QUERY]; - //lan side attack protection - fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport 80 -j UPLOAD_ATTACK_FILTER\n", interface); - fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport 443 -j UPLOAD_ATTACK_FILTER\n", interface); - //wan side attack protection - rc = syscfg_get(NULL, "mgmt_wan_httpaccess", query, sizeof(query)); - rc |= syscfg_get(NULL, "mgmt_wan_httpport", httpport, sizeof(httpport)); - if ((rc == 0) && atoi(query) == 1) - fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport %s -j UPLOAD_ATTACK_FILTER\n", current_wan_ifname, httpport); - rc = syscfg_get(NULL, "mgmt_wan_httpsaccess", query, sizeof(query)); - rc |= syscfg_get(NULL, "mgmt_wan_httpsport", httpsport, sizeof(httpsport)); - if ((rc == 0) && atoi(query) == 1) - fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport %s -j UPLOAD_ATTACK_FILTER\n", current_wan_ifname, httpsport ); - return 0; -} int lan_access_set_proto(FILE *fp,const char *port, const char *interface) { if ((0 == strcmp("80", port)) || (0 == strcmp("443", port))) { @@ -10046,7 +9958,7 @@ static void do_add_TCP_MSS_rules(FILE *mangle_fp) static int do_lan2wan(FILE *mangle_fp, FILE *filter_fp, FILE *nat_fp) { FIREWALL_DEBUG("Entering do_lan2wan\n"); -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) if (isNatReady) { FILE *f = NULL; @@ -12133,10 +12045,6 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif fprintf(filter_fp, "-A OUTPUT -o lo -p tcp -m tcp --sport 49152:49153 -j ACCEPT\n"); fprintf(filter_fp, "-A OUTPUT ! -o brlan0 -p tcp -m tcp --sport 49152:49153 -j DROP\n"); - /* For EasyMesh Controller Communication */ -#if defined(_PLATFORM_BANANAPI_R4_) - fprintf(filter_fp, "-I OUTPUT -o %s -p tcp --sport 49153 -j ACCEPT\n",get_current_wan_ifname()); -#endif #ifdef CONFIG_CISCO_FEATURE_CISCOCONNECT fprintf(filter_fp, ":%s - [0:0]\n", "pp_disabled"); if(isGuestNetworkEnabled) { @@ -12325,8 +12233,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * // Video Analytics Firewall rule to allow port 58081 only from LAN interface do_OpenVideoAnalyticsPort (filter_fp); - - do_webui_attack_filter(filter_fp); + // Create iptable chain to ratelimit remote management(8080, 8181) packets do_webui_rate_limit(filter_fp); @@ -12365,7 +12272,6 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp, "-A INPUT -i lo -m state --state NEW -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -j general_input\n"); - wan_lan_webui_attack(filter_fp,lan_ifname); // Rate limiting the webui-access lan side lan_access_set_proto(filter_fp, "80",lan_ifname); lan_access_set_proto(filter_fp, "443",lan_ifname); @@ -13176,10 +13082,6 @@ int do_block_ports(FILE *filter_fp) fprintf(filter_fp, "-A INPUT -i lo -p udp -m udp --dport 1900 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 49152:49153 -j DROP\n"); - /* For EasyMesh Controller Communication */ -#if defined(_PLATFORM_BANANAPI_R4_) - fprintf(filter_fp, "-I INPUT -i %s -p tcp --dport 49153 -j ACCEPT\n",get_current_wan_ifname()); -#endif fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 1900 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 21515 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 21515 -j DROP\n"); @@ -13702,7 +13604,7 @@ WAN_FAILOVER_SUPPORT_CHECk_END prepare_MoCA_bridge_firewall(raw_fp, mangle_fp, nat_fp, filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) /* To avoid open ssh connection to CM IP TCXB6-2879*/ if (!isBridgeMode) { @@ -13943,7 +13845,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n #else fprintf(filter_fp, "-A INPUT ! -i %s -j wan2self_mgmt\n", isBridgeMode == 0 ? lan_ifname : cmdiag_ifname); #endif - do_webui_attack_filter(filter_fp); + // Create iptable chain to ratelimit remote management packets do_webui_rate_limit(filter_fp); WAN_FAILOVER_SUPPORT_CHECK @@ -14060,7 +13962,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n lan_http_access(filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) if (isBridgeMode) { FILE *f = NULL; @@ -14090,7 +13992,6 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n #endif fprintf(filter_fp, ":%s ACCEPT [0:0]\n", "FORWARD"); fprintf(filter_fp, ":%s ACCEPT [0:0]\n", "OUTPUT"); - wan_lan_webui_attack(filter_fp,cmdiag_ifname); // Rate limiting the webui-access lan side lan_access_set_proto(filter_fp, "80",cmdiag_ifname); lan_access_set_proto(filter_fp, "443",cmdiag_ifname); diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 8e28cc43..6b9ae880 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -115,7 +115,6 @@ extern int sysevent_fd; extern char sysevent_ip[19]; extern unsigned short sysevent_port; #define PSM_VALUE_GET_STRING(name, str) PSM_Get_Record_Value2(bus_handle, CCSP_SUBSYS, name, NULL, &(str)) -#define PSM_HOTSPOT_WAN_IFNAME "dmsb.wanmanager.if.3.Name" int get_ip6address (char * ifname, char ipArry[][40], int * p_num, unsigned int scope_in); @@ -146,8 +145,7 @@ int do_wpad_isatap_blockv4 (FILE *fp); int do_blockfragippktsv4(FILE *fp); int do_portscanprotectv4(FILE *fp); int do_ipflooddetectv4(FILE *fp); -void do_webui_attack_filter(FILE *filter_fp); -int wan_lan_webui_attack(FILE *fp, const char *interface); + // Rule preparation functions int prepare_rabid_rules(FILE *filter_fp, FILE *mangle_fp, ip_ver_t ver); @@ -348,8 +346,6 @@ extern char dev_type[20]; extern char mesh_wan_ifname[32]; #endif -void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4); -extern char hotspot_wan_ifname[50]; extern int current_wan_ipv6_num; extern char default_wan_ifname[50]; // name of the regular wan interface extern char current_wan_ipv6[IF_IPV6ADDR_MAX][40]; diff --git a/source/firewall/firewall_ext.c b/source/firewall/firewall_ext.c index a887f5b2..b603603b 100644 --- a/source/firewall/firewall_ext.c +++ b/source/firewall/firewall_ext.c @@ -211,7 +211,7 @@ int prepare_ipv4_rule_ex_mode(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE do_wan2self_attack(filter_fp,cellular_ipaddr); fprintf(filter_fp, "-A INPUT -i %s -p tcp -m tcp --dport 22 -j SSH_FILTER\n",cellular_ifname); -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) fprintf(filter_fp, "-A INPUT -i brlan112 -d 169.254.70.0/24 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan112 -m pkttype ! --pkt-type unicast -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan113 -d 169.254.71.0/24 -j ACCEPT\n"); diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index fb1f7907..be0e81d6 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -1959,10 +1959,6 @@ void do_ipv6_sn_filter(FILE* fp) { fprintf(fp, "-A PREROUTING -i %s -d %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i], mcastAddrStr); /* NS Throttling rules for WAN and LAN */ fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i]); - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) - { - fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); - } fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j DROP\n", ifnames[i]); } @@ -2112,24 +2108,22 @@ int checkIfULAEnabled() void applyIpv6ULARules(FILE* fp) { - #if defined (RDKB_EXTENDER_ENABLED) + #ifdef RDKB_EXTENDER_ENABLED if(strlen(current_wan_ipv6[0]) > 0) { - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); + + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); } #else - FIREWALL_DEBUG("Applying applyIpv6ULARules \n"); applyRoutingRules(fp,GLOBAL_IPV6); applyRoutingRules(fp,ULA_IPV6); #endif } - #endif void do_ipv6_nat_table(FILE* fp) { - FIREWALL_DEBUG("Entering do_ipv6_nat_table \n"); char IPv6[INET6_ADDRSTRLEN] = "0"; fprintf(fp, "*nat\n"); fprintf(fp, ":%s - [0:0]\n", "prerouting_devices"); @@ -2223,19 +2217,7 @@ void do_ipv6_nat_table(FILE* fp) } } #ifdef _PLATFORM_RASPBERRYPI_ - if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) - { - #if defined (WAN_FAILOVER_SUPPORTED) - if (0 == checkIfULAEnabled()) - { - applyHotspotPostRoutingRules(fp, false); - } - #endif - } - else - { - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); - } + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); #endif #ifdef _PLATFORM_BANANAPI_R4_ diff --git a/source/igd/src/inc/igd_platform_dependent_inf.h b/source/igd/src/inc/igd_platform_dependent_inf.h index 2f291581..380c17b8 100644 --- a/source/igd/src/inc/igd_platform_dependent_inf.h +++ b/source/igd/src/inc/igd_platform_dependent_inf.h @@ -81,18 +81,12 @@ #define UPC "RDKB_ARM" #endif -#if defined(_SCXF11BFL_PRODUCT_REQ_) - #undef CONFIG_VENDOR_MODEL - #define CONFIG_VENDOR_MODEL "SCXF11BFL" -#elif defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "SCER11BEL" #elif defined(_XER5_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "VTER11QEL" -#elif defined(_XB9_PRODUCT_REQ_) - #undef CONFIG_VENDOR_MODEL - #define CONFIG_VENDOR_MODEL "CWA438TCOM" #elif defined(_XB10_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #if defined (IGD_SERCOMMXB10_INFO) diff --git a/source/scripts/init/c_registration/15_dhcp_server.c b/source/scripts/init/c_registration/15_dhcp_server.c index 2aee6edd..be64b31a 100644 --- a/source/scripts/init/c_registration/15_dhcp_server.c +++ b/source/scripts/init/c_registration/15_dhcp_server.c @@ -57,7 +57,7 @@ const char* SERVICE_CUSTOM_EVENTS[] = { NULL }; #elif defined(CORE_NET_LIB) && \ - ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) && !defined(_SCXF11BFL_PRODUCT_REQ_) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ + ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ (defined(_CBR_PRODUCT_REQ_) && !defined(_CBR2_PRODUCT_REQ_))) const char* SERVICE_CUSTOM_EVENTS[] = { "syslog-status|/usr/bin/service_dhcp", diff --git a/source/scripts/init/defaults/system_defaults_arm b/source/scripts/init/defaults/system_defaults_arm index ace916f5..a3a7ad25 100755 --- a/source/scripts/init/defaults/system_defaults_arm +++ b/source/scripts/init/defaults/system_defaults_arm @@ -1429,8 +1429,6 @@ $DscpSleepInterval_2=0 #Ccsp CMagent Docsis linkdown timeout default value is 900sec $DocsisLinkDownTimeOut=900 -#Ccsp Ethagent EWAN linkdown timeout default value is 900sec -$EWanLinkDownTimeout=900 #LLDEnable default value is false $LldEnable=false diff --git a/source/scripts/init/service.d/lan_handler.sh b/source/scripts/init/service.d/lan_handler.sh index 1ed07d97..6c020d9a 100755 --- a/source/scripts/init/service.d/lan_handler.sh +++ b/source/scripts/init/service.d/lan_handler.sh @@ -502,7 +502,7 @@ case "$1" in ;; lan-start) - if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then L3Net=`sysevent get primary_lan_l3net` if [ -z "$L3Net" ]; then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : L3Net is null" diff --git a/source/scripts/init/service.d/logrotate.sh b/source/scripts/init/service.d/logrotate.sh index 581ac859..56623cb2 100644 --- a/source/scripts/init/service.d/logrotate.sh +++ b/source/scripts/init/service.d/logrotate.sh @@ -2,7 +2,7 @@ source /etc/device.properties -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then source /etc/utopia/service.d/log_capture_path.sh VARLOG_DIR_THRESHOLD=3000 VAR_TMP_FILE_THRESHOLD=1000 @@ -86,7 +86,7 @@ if [ $dir -gt $VARLOG_DIR_THRESHOLD ]; then fi # If any file reaches 1MB inside /var/tmp, empty the file. -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] ||[ "$BOX_TYPE" == "SCXF11BFL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then var_tmp_files=`ls /var/tmp/` for tmp_file in $var_tmp_files; do tmp_file_size=`du /var/tmp/$tmp_file | awk -v sum=0 '{print sum+=$1}' | tail -1` diff --git a/source/scripts/init/service.d/pmon.sh b/source/scripts/init/service.d/pmon.sh index 6674c713..8f8852f5 100755 --- a/source/scripts/init/service.d/pmon.sh +++ b/source/scripts/init/service.d/pmon.sh @@ -93,8 +93,8 @@ do_check_process() { LOCAL_CONF_FILE=/tmp/pmon.conf$$ - # Add static pmon entries - commented-out below line - selfheal takes care of it. - # echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE + # Add static pmon entries + echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE # Add dynamic pmon entries stashed in sysevent # by various modules diff --git a/source/scripts/init/service.d/service_crond.sh b/source/scripts/init/service.d/service_crond.sh index 2ad282d2..cd78c2fa 100755 --- a/source/scripts/init/service.d/service_crond.sh +++ b/source/scripts/init/service.d/service_crond.sh @@ -124,7 +124,7 @@ service_start () #RDKB-45059 log the zebra.conf status for every 12 hours echo "0 */12 * * * /usr/ccsp/tad/Zebra_conf_status.sh" >> $CRONTAB_FILE - if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then + if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then #run idm recovery for each 10 minutes echo "*/10 * * * * /etc/idm/idm_recovery.sh" >> $CRONTAB_FILE fi @@ -190,7 +190,7 @@ service_start () addCron "48 * * * * sh /etc/sky/monitor_dhd_dump.sh &" fi - if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then #RDKB-43895 log the firmware bank informations in selfheal log echo "5 */12 * * * /usr/bin/FwBankInfo" >> $CRONTAB_FILE fi diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index cd10fa2b..94761641 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1075,14 +1075,13 @@ fi #fi #Option for parsing plume vendor code - if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] ; then echo "dhcp-option=vendor:Plume,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:PP203X,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:SE401,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:HIXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXL11BWL,43,tag=123" >> $LOCAL_DHCP_CONF - echo "dhcp-option=vendor:RDKBPOD,43,tag=123" >> $LOCAL_DHCP_CONF fi if [ "dns_only" != "$3" ] ; then @@ -1202,7 +1201,7 @@ fi echo "${PREFIX}""dhcp-option=l2sd0.4090,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then + elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then echo "interface=brlan112" >> $LOCAL_DHCP_CONF if [ "$BOX_TYPE" = "WNXL11BWL" ]; then echo "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF @@ -1300,7 +1299,7 @@ fi echo "${PREFIX}""dhcp-option=br403,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then + elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]]; then echo "interface=brlan6" >> $LOCAL_DHCP_CONF echo "dhcp-range=169.254.0.5,169.254.0.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF diff --git a/source/scripts/init/service.d/service_igd.sh b/source/scripts/init/service.d/service_igd.sh index 5f8018b6..8f50557b 100755 --- a/source/scripts/init/service.d/service_igd.sh +++ b/source/scripts/init/service.d/service_igd.sh @@ -133,7 +133,7 @@ handle_ipv4_status() { IGD `sysevent get ipv4_${1}-ifname` & sysevent set ${SERVICE_NAME}_${1}-pid $! #RDKB-44364:To avoid IGD process init failure due to UPNP_E_SOCKET_BIND [-203] error - if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then check_IGD_is_up ${1} fi fi diff --git a/source/scripts/init/service.d/service_ipv4.sh b/source/scripts/init/service.d/service_ipv4.sh index ba62cf17..f3004e1c 100755 --- a/source/scripts/init/service.d/service_ipv4.sh +++ b/source/scripts/init/service.d/service_ipv4.sh @@ -113,7 +113,7 @@ handle_l2_status () { echo_t "service_ipv4 : Triggering RDKB_FIREWALL_RESTART" t2CountNotify "RF_INFO_RDKB_FIREWALL_RESTART" sysevent set firewall-restart - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then uptime=$(cut -d. -f1 /proc/uptime) if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "RDKB_FIREWALL_RESTART:$uptime" diff --git a/source/scripts/init/service.d/service_mcastproxy.sh b/source/scripts/init/service.d/service_mcastproxy.sh index 5b923378..1185bd79 100755 --- a/source/scripts/init/service.d/service_mcastproxy.sh +++ b/source/scripts/init/service.d/service_mcastproxy.sh @@ -113,7 +113,7 @@ fi else cat $LOCAL_CONF_FILE > $CONF_FILE rm -f $LOCAL_CONF_FILE - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then $BIN $CONF_FILE & else $BIN -c $CONF_FILE & diff --git a/source/scripts/init/service.d/service_multinet/handle_gre.sh b/source/scripts/init/service.d/service_multinet/handle_gre.sh index 68f810b3..7eed8365 100755 --- a/source/scripts/init/service.d/service_multinet/handle_gre.sh +++ b/source/scripts/init/service.d/service_multinet/handle_gre.sh @@ -265,12 +265,12 @@ create_tunnel () { fi fi ifconfig $2 up - if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ] + if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] then echo addif $2 wan > /proc/driver/flowmgr/cmd touch /tmp/.gre_flowmanager_enable fi - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do GRE=`psmcli get dmsb.l2net.$i.Members.Gre | grep $2` @@ -303,7 +303,7 @@ destroy_tunnel () { touch "/tmp/destroy_tunnel_lock" fi echo "Destroying tunnel... remote" - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do STAT=`sysevent get gre_"$i"_inst` diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index 45555209..3c14705c 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -523,7 +523,7 @@ service_start () fi #if [ -n "$QUICK_SYNC_WAN_IP" ]; then if [ -n "$PEER_INTERFACE_IP" ]; then - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then if [ -z "$SOURCE_PING_INTF" ]; then MASK="255.255.255.0" else @@ -618,7 +618,8 @@ service_start () echo_t "SERVICE_NTPD : Starting NTP Daemon" >> $NTPD_LOG_NAME systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + #TODO : could be a common code. sysevent set firewall-restart fi fi @@ -806,8 +807,9 @@ case "$1" in fi ;; ipv6_connection_state) - # Removed Sky products check except Hub4 due to SKYH4-6932 synchronization issue. + # keep HUB4 due to SKYH4-6932 if [ "$BOX_TYPE" = "HUB4" ] || [ "$ntpHealthCheck" = "true" ]; then + #TODO : could be a common code. NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` #SKYH4-6932: When IPv6 comes up after ipv4, IPv6 listners won't be added and hence with ipv6 only ntp servers, we will have time syncing problems. So checking time sync status along with ntpd process, if time isn't synced there will conf update and ntpd restart. diff --git a/source/scripts/init/service.d/service_sshd.sh b/source/scripts/init/service.d/service_sshd.sh index c6b0d4c3..e67deee0 100755 --- a/source/scripts/init/service.d/service_sshd.sh +++ b/source/scripts/init/service.d/service_sshd.sh @@ -56,7 +56,7 @@ else echo_t "[utopia]: dropbear using prod authorization keys" fi -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then CMINTERFACE=$WAN_INTERFACE elif ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ]); then CMINTERFACE=$WAN_INTERFACE @@ -92,7 +92,7 @@ fi get_listen_params() { LISTEN_PARAMS="" #Get IPv4 address of wan0 - if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]) ; then + if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ]) ; then if [ "$WAN0_IS_DUMMY" = "true" ]; then CM_IPV4=`ifconfig privbr:0 | grep "inet addr" | awk '/inet/{print $2}' | cut -f2 -d:` #Get IPv6 address of wan0 @@ -145,7 +145,7 @@ do_start() { #chmod 755 $DIR_NAME #fi - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then get_listen_params CMINTERFACE=$WAN_INTERFACE fi @@ -195,7 +195,7 @@ do_start() { commandString="$commandString -p [$CM_IPV6]:22" fi fi - elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then + elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then # In IPv6 only case (MAP-T), and if IPv6 GUA on LAN enabled case, use brlan0 interface to get v6 global address. CM_IPV6=`ip -6 addr show dev brlan0 scope global | awk '/inet/{print $2}' | cut -d '/' -f1 | head -n1` if [ ! -z "$CM_IPV6" ]; then @@ -236,7 +236,7 @@ do_start() { getConfigFile $DROPBEAR_PARAMS_1 getConfigFile $DROPBEAR_PARAMS_2 - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 $LISTEN_PARAMS -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE if [ -z "$LISTEN_PARAMS" ] ; then echo_t "[utopia]: dropbear was not started for erouter0 interface with valid params." @@ -257,7 +257,7 @@ do_start() { if ([ "$MANUFACTURE" = "Technicolor" ] || [ "$MODEL_NUM" = "SG417DBCT" ]) ; then echo dropbear -E -s -K 60 -b /etc/sshbanner.txt ${commandString} -r ${DROPBEAR_PARAMS_1} -r ${DROPBEAR_PARAMS_2} -a -P ${PID_FILE} dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE - elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then + elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE else dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -p [$CM_IP]:22 -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE @@ -302,7 +302,7 @@ service_start() { echo_t "[utopia] starting ${SERVICE_NAME} service" ulog ${SERVICE_NAME} status "starting ${SERVICE_NAME} service" - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then CMINTERFACE=$WAN_INTERFACE ifconfig $CMINTERFACE | grep Global ret=$? @@ -341,7 +341,7 @@ service_start() { fi #Disable monitoring dropbear as we don't have a seperate dropbear process running always #dropbear process would be running on demand basis - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then $PMON setproc ssh dropbear $PID_FILE "/etc/utopia/service.d/service_sshd.sh sshd-restart" fi diff --git a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh index 6bb62256..c845daa4 100755 --- a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh +++ b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh @@ -44,7 +44,7 @@ source /etc/utopia/service.d/log_capture_path.sh source /etc/device.properties -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then CMINTERFACE="erouter0" else if [ "$WAN0_IS_DUMMY" = "true" ]; then diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 306ab561..284ddb66 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -51,7 +51,7 @@ #include "time.h" #include "secure_wrapper.h" #include -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) #include "platform_hal.h" #endif #include @@ -691,7 +691,7 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC static int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); @@ -1329,10 +1329,6 @@ static int ApplyPartnersObjectItemsIntoSysevents( char *pcPartnerID ) { sysevent_set (global_fd, global_id, "HotSpotSupport", value, 0); } - else if ( 0 == strcmp ( key, "Device.X_RDK_Features.VlanDiscovery.Enable") ) - { - sysevent_set (global_fd, global_id, "VlanDiscoverySupport", value, 0); - } pCJsonChildParam = pCJsonChildParam->next; } @@ -2410,7 +2406,7 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) // For Sky, we need to pull the default login from the /tmp/serial.txt file. FILE *fp = NULL; char DefaultPassword[25] = {0}; - #if defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) + #if defined (_SCER11BEL_PRODUCT_REQ_) fp = popen("grep 'WIFI_PASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); #else fp = popen("grep 'WIFIPASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); @@ -3380,7 +3376,7 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) else { -#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) +#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) //Partner ID is null so need to set default partner ID as "comcast" memset( PartnerID, 0, sizeof( PartnerID ) ); #if defined (_RDK_REF_PLATFORM_) diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index fca35332..05bb09c3 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -122,7 +122,7 @@ MWO_PATH="/nvram/mwo" CHANNEL_KEEPOUT_PATH="/nvram/mesh" ENCRYPT_SYSCFG=false -if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then +if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ]; then ENCRYPT_SYSCFG=true fi @@ -136,7 +136,7 @@ if [ -d $SYSCFG_ENCRYPTED_PATH ]; then fi fi -if [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then +if [ "$MODEL_NUM" = "SCER11BEL" ]; then if [ "$ENCRYPT_SYSCFG" = false ]; then if [ ! -f $SYSCFG_BKUP_FILE ] && [ -f $SYSCFG_NEW_FILE ]; then echo_t "[utopia][init] DOWNGRADE to unsecured syscfg.db" @@ -852,6 +852,6 @@ if [ "$BOX_TYPE" = "VNTXER5" ]; then fi fi -if [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then +if [ "$BOX_TYPE" = "SCER11BEL" ]; then /etc/reset_reason_log.sh & fi diff --git a/source/scripts/init/system/utopia_init_xb6.sh b/source/scripts/init/system/utopia_init_xb6.sh index f21e3c78..d899a82c 100755 --- a/source/scripts/init/system/utopia_init_xb6.sh +++ b/source/scripts/init/system/utopia_init_xb6.sh @@ -771,7 +771,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then fi syscfg set X_RDKCENTRAL-COM_LastRebootReason "factory-reset" syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" - if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then + if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then # Enable AUTOWAN by default for XB7, change is made here so that it will take effect only after FR syscfg set selected_wan_mode "0" fi @@ -783,7 +783,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then #syscfg set X_RDKCENTRAL-COM_LastRebootReason "WPS-Factory-Reset" #syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" rm -f /nvram/WPS_Factory_Reset - elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then + elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then echo "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index 0c34285b..a2ac340f 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1568,7 +1568,6 @@ int prepare_dhcp_conf (char *input) fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXE12AWR,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:SE401,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXL11BWL,43,tag=123\n"); - fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:RDKBPOD,43,tag=123\n"); // Set dnsmasq tag for XLE as "extender". fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-vendorclass=set:extender,WNXL11BWL\n"); @@ -1927,7 +1926,7 @@ int prepare_dhcp_conf (char *input) #endif /*WIFI_MANAGE_SUPPORTED*/ } -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined (_SCXF11BFL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) fprintf(l_fLocal_Dhcp_ConfFile, "interface=brlan112\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite\n"); diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 4a4e8f26..070ec3e2 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -197,8 +197,7 @@ int GetDeviceNetworkMode() } #endif -#if defined(_RDKB_GLOBAL_PRODUCT_REQ_) - +#if defined(_SCER11BEL_PRODUCT_REQ_) /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { @@ -216,7 +215,7 @@ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) return FALSE; } -#endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ +#endif /** _SCER11BEL_PRODUCT_REQ_ */ STATIC int fw_restart(struct serv_routed *sr) { @@ -563,8 +562,8 @@ STATIC int route_set(struct serv_routed *sr) } #endif -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /* _SCER11BEL_PRODUCT_REQ_ */ { @@ -1020,8 +1019,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) else { #endif - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", prefix, sizeof(prefix)); @@ -1331,7 +1330,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) fprintf(fp, " ipv6 nd ra-interval 30\n"); //Set ra-interval to default 30 secs as per Erouter Specs. } #else -#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_) ) || defined (_WNXL11BWL_PRODUCT_REQ_) +#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || defined (_WNXL11BWL_PRODUCT_REQ_) fprintf(fp, " ipv6 nd ra-interval 3\n"); #else #if defined(_SCER11BEL_PRODUCT_REQ_) @@ -1405,7 +1404,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_other_flag", o_flag, sizeof(o_flag)); if (strcmp(o_flag, "1") == 0) fprintf(fp, " ipv6 nd other-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) #if defined(_SCER11BEL_PRODUCT_REQ_) else if ((strcmp(o_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else @@ -1666,7 +1665,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) { // Modifying rdnss value to fix the zebra config. #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (0 == strncmp(lan_addr, tok, strlen(lan_addr))) @@ -2080,8 +2079,8 @@ STATIC int radv_start(struct serv_routed *sr) return -1; } -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -2137,7 +2136,7 @@ STATIC int rip_start(struct serv_routed *sr) if (!serv_can_start(sr->sefd, sr->setok, "rip")) return -1; #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (!sr->lan_ready) { diff --git a/source/syscfg/lib/syscfg_lib.c b/source/syscfg/lib/syscfg_lib.c index 8b0d6466..c036575a 100644 --- a/source/syscfg/lib/syscfg_lib.c +++ b/source/syscfg/lib/syscfg_lib.c @@ -58,7 +58,6 @@ #include "syscfg_lib.h" // internal interface #include "syscfg.h" // external interface used by users #include "safec_lib_common.h" -#include //#define VERBOSE_DEBUG @@ -75,122 +74,6 @@ static int syscfg_init_internal (void); static int load_from_file (const char *fname); static int commit_to_file (const char *fname); -#define DEFAULT_FILE "/etc/utopia/system_defaults" - -typedef struct { - char key[MAX_NAME_LEN]; - char value[MAX_NAME_LEN]; -} ConfigEntry; - -typedef struct ConfigNode { - ConfigEntry entry; - struct ConfigNode *next; -} ConfigNode; - -typedef struct { - const char *name; - unsigned int len; -} KeyEntry; - -void _syscfg_find_corrupted_keys(); - -ConfigNode **syscfg_default_ht = NULL; - -static char *trim(char *in) -{ - while (isspace((unsigned char)*in)) in++; - char *end = in + strlen(in) - 1; - while (end > in && isspace((unsigned char)*end)) *end-- = '\0'; - return in; -} - -static int parse_line(char *in, char **name, char **value) { - char *tok = strchr(in, '='); - if (!tok) return -1; - *tok = '\0'; - *name = in; - *value = tok + 1; - return 0; -} - -static unsigned int hash_index (const char *str) -{ - unsigned int hash = 5381 % SYSCFG_SZ; - int c; - - while ((c = *str++)) { - hash = ((hash << 5) + hash) + c; - } - - return hash % SYSCFG_SZ; -} - -static int _syscfg_add_default_entry(const char *key, const char *value) -{ - unsigned int index = hash_index(key); - ConfigNode *new_node = malloc(sizeof(ConfigNode)); - if (!new_node) { - ulog_LOG_Err("Memory allocation failed"); - return ERR_MEM_ALLOC; - } - - strncpy(new_node->entry.key, key, MAX_NAME_LEN - 1); - new_node->entry.key[MAX_NAME_LEN - 1] = '\0'; - strncpy(new_node->entry.value, value, MAX_NAME_LEN - 1); - new_node->entry.value[MAX_NAME_LEN - 1] = '\0'; - new_node->next = syscfg_default_ht[index]; - syscfg_default_ht[index] = new_node; - - return 0; -} - -static int _syscfg_getall_defaults(void) -{ - char buf[1024]; - char *line; - char *name; - char *value; - FILE *fp = NULL; - - fp = fopen (DEFAULT_FILE, "r"); - if (fp == NULL) - { - ulog_LOG_Err("[utopia] no system default file (%s) found\n", DEFAULT_FILE); - return -1; - } - - size_t size = SYSCFG_SZ * sizeof(ConfigNode *); - syscfg_default_ht = (ConfigNode **)mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); - - if (syscfg_default_ht == MAP_FAILED) - { - perror("mmap failed"); - syscfg_default_ht = NULL; - return -1; - } - - while (fgets (buf, sizeof(buf), fp) != NULL) - { - line = trim (buf); - - if (line[0] == '$') - { - int offset = (line[1] == '$') ? 2 : 1; - if (parse_line(line + offset, &name, &value) == 0) - { - _syscfg_add_default_entry(trim(name), trim(value)); - } - else - { - ulog_LOG_Err("[utopia] [error] set_syscfg_defaults failed to parse line (%s)\n", line); - } - } - } - fclose (fp); - return 0; -} - - /****************************************************************************** * External syscfg library access apis *****************************************************************************/ @@ -494,7 +377,7 @@ void syscfg_destroy (void) syscfg_initialized = 0; } } -static int _syscfg_getall_defaults(void); + /* * Procedure : syscfg_create * Purpose : SYSCFG initialization from persistent storage @@ -538,8 +421,6 @@ int syscfg_create (const char *file, long int max_file_sz) if (0 != rc) { ulog_LOG_Err("Error loading from store"); } - /* Getting all system defaults & validate with current configurations */ - _syscfg_find_corrupted_keys(); shmdt(syscfg_ctx); @@ -626,9 +507,8 @@ static int syscfg_init_internal (void) */ static char *syscfg_parse (const char *str, char **name, char **value) { - char *n = NULL; - char *p = NULL; - int len = 0; + char *n, *p; + int len; if (NULL == str || NULL == name || NULL == value) { return NULL; @@ -643,7 +523,7 @@ static char *syscfg_parse (const char *str, char **name, char **value) memcpy(*name, str, len); (*name)[len] = '\0'; n++; - p = strchrnul(n,'\0'); + p = strchrnul(n,'\n'); if (p) { len = p - n; *value = malloc(len+1); @@ -985,10 +865,8 @@ static int make_ht_entry (const char *name, int namelen, const char *value, shmo entry->value_sz = valuelen + 1; entry->next = 0; p_entry_name = HT_ENTRY_NAME(ctx,ht_entry_offset); - memset(p_entry_name, 0, namelen + 1); memcpy(p_entry_name, name, namelen + 1); p_entry_value = HT_ENTRY_VALUE(ctx,ht_entry_offset); - memset(p_entry_value, 0, valuelen + 1); memcpy(p_entry_value, value, valuelen + 1); } @@ -1311,122 +1189,6 @@ static size_t _syscfg_getall2 (char *buf, size_t bufsz, int nolock) return (bufsz - len); /* size does not include final nul terminator */ } -static int _syscfg_find_in_defaults (const char *name) -{ - unsigned int index = hash_index(name); - if (index) - { - ConfigNode *new_node = syscfg_default_ht[index]; - - if ( new_node && (strcmp(new_node->entry.key, name) == 0)) - { - return 1; - } - } - - return 0; -} - -static void _syscfg_default_ht_destroy(void) -{ - if (!syscfg_default_ht) - { - return; - } - - for (size_t i = 0; i < SYSCFG_SZ; ++i) - { - ConfigNode *n = syscfg_default_ht[i]; - while (n) - { - ConfigNode *next = n->next; - free(n); - n = next; - } - syscfg_default_ht[i] = NULL; - } - - size_t size = SYSCFG_SZ * sizeof(ConfigNode *); - if (munmap(syscfg_default_ht, size) == -1) - { - perror("munmap syscfg_default_ht"); - } - syscfg_default_ht = NULL; -} - -void _syscfg_find_corrupted_keys() -{ - int key_count = 0; - unsigned int max_key_len = 0; - - if (_syscfg_getall_defaults() < 0) - { - printf("_syscfg_getall_defaults failed!\n"); - } - - size_t keys_size = SYSCFG_SZ * sizeof(KeyEntry); - KeyEntry *keys = (KeyEntry *)mmap(NULL, keys_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); - - if (keys == MAP_FAILED) - { - perror("mmap failed"); - _syscfg_default_ht_destroy(); - return; - } - - syscfg_shm_ctx *ctx = syscfg_ctx; - rw_lock(ctx); - - /* find max string length */ - for (int i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { - for (shmoff_t entry = ctx->ht[i]; entry; entry = HT_ENTRY_NEXT(ctx, entry)) { - const char *key = HT_ENTRY_NAME(ctx, entry); - unsigned int len = strlen(key); - keys[key_count].name = key; - keys[key_count].len = len; - if (len > max_key_len) - max_key_len = len; - key_count++; - } - } - - for (int i = 0; i < key_count; i++) - { - const char *query = keys[i].name; - unsigned int query_len = keys[i].len; - unsigned int longest_len = 0; - const char *longest_super = NULL; - - for (int j = 0; j < key_count; j++) { - if (i == j || keys[j].len < query_len) continue; - - if (strstr(keys[j].name, query) && - (strcmp(keys[j].name + strlen(keys[j].name) - strlen(query), query) == 0)) - { - if (keys[j].len > longest_len) - { - longest_len = keys[j].len; - longest_super = keys[j].name; - if (longest_len == max_key_len) break; - } - } - } - - if (longest_super) { - if (!_syscfg_find_in_defaults(query)) - printf("[utopia] - [%s] May be a corrupted key of [%s]\n", query, longest_super); - } - } - - _syscfg_default_ht_destroy(); - - if (munmap(keys, keys_size) == -1) - { - perror("munmap failed"); - } - - rw_unlock(ctx); -} /****************************************************************************** * shared-memory create, initialize and attach/detach APIs @@ -1841,38 +1603,49 @@ static void _syscfg_file_unlock (int fd) static int load_from_file (const char *fname) { - char *inbuf = NULL; + int fd; + ssize_t count; + char *inbuf = NULL, *buf = NULL; char *name = NULL, *value = NULL; - FILE *fd = fopen(fname, "r"); - if (NULL == fd) { + fd = open(fname, O_RDONLY); + if (-1 == fd) { return ERR_IO_FILE_OPEN; } inbuf = malloc(SYSCFG_SZ); if (NULL == inbuf) { - fclose(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ + close(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ return ERR_MEM_ALLOC; } - memset(inbuf, 0, SYSCFG_SZ); - while (fgets(inbuf, SYSCFG_SZ, fd) != NULL) - { - // Remove trailing newline, if any - inbuf[strcspn(inbuf, "\r\n")] = '\0'; - syscfg_parse(inbuf, &name, &value); + count = read(fd, inbuf, SYSCFG_SZ); + close(fd); + + if (count <= 0) { + free(inbuf); + return 1; + } + + buf = inbuf; + /*CID 135472 String not null terminated */ + buf[count] = '\0'; + do { + buf = syscfg_parse(buf, &name, &value); if (name && value) { - if (name[0] != '\0') - syscfg_set(NULL, name, value); + syscfg_set(NULL, name, value); free(name); - name = NULL; + name = NULL; /*RDKB-7135, CID-33405, set null after free*/ free(value); - value = NULL; + value = NULL; /*RDKB-7135, CID-33137, set null after free*/ } - memset(inbuf, 0, SYSCFG_SZ); - } + + // skip any special chars leftover + if (buf && *buf == '\n') { + buf++; + } + } while (buf); free(inbuf); - fclose(fd); return 0; } @@ -1973,30 +1746,19 @@ static int commit_to_file (const char *fname) _syscfg_file_lock(fd); shmoff_t entry; - off_t file_offset = 0; for (i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { entry = ctx->ht[i]; while (entry) { - memset(buf, 0, sizeof(buf)); ct = snprintf(buf, sizeof(buf), "%s=%s\n", HT_ENTRY_NAME(ctx,entry), HT_ENTRY_VALUE(ctx,entry)); - if (ct > 0) { - ssize_t written = write(fd, buf, ct); - if (written < 0) { - ret = ERR_IO_FILE_WRITE; - goto end; - } - file_offset += written; - } - entry = HT_ENTRY_NEXT(ctx, entry); + write(fd, buf, ct); + entry = HT_ENTRY_NEXT(ctx,entry); } } - ftruncate(fd, file_offset); + _syscfg_file_unlock(fd); - end: - _syscfg_file_unlock(fd); - close(fd); + close(fd); ret = access(SYSCFG_BKUP_FILE, F_OK); if ( ret == 0 ) { diff --git a/source/sysevent/lib/sysevent.h b/source/sysevent/lib/sysevent.h index 56feea9f..87d1aa43 100644 --- a/source/sysevent/lib/sysevent.h +++ b/source/sysevent/lib/sysevent.h @@ -93,7 +93,11 @@ extern "C" { * as is commonly done for reading from an fd into a buffer * and then using that buffer as a structure */ -typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(sizeof(void*)))); +#ifdef _64BIT_ARCH_SUPPORT_ +typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(8))); +#else +typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(4))); +#endif /* * Errors diff --git a/source/sysevent/server/syseventd.h b/source/sysevent/server/syseventd.h index 8c126dab..1c68469c 100644 --- a/source/sysevent/server/syseventd.h +++ b/source/sysevent/server/syseventd.h @@ -96,8 +96,11 @@ extern sem_t worker_sem; // e.g Multinet process is taking more time to finish in some of the field units. #define MAX_ACTIVATION_BLOCKING_SECS 300 -/* Scale stack size based on pointer size - larger for 64-bit architectures */ -#define WORKER_THREAD_STACK_SIZE (sizeof(void*) == 8 ? 8192*1024 : 65536) +#if defined (_64BIT_ARCH_SUPPORT_) +#define WORKER_THREAD_STACK_SIZE 8192*1024 /* the default stack size per process is 8MB */ +#else +#define WORKER_THREAD_STACK_SIZE 65536 +#endif #define SANITY_THREAD_STACK_SIZE 65536 diff --git a/source/sysevent/server/syseventd_main.c b/source/sysevent/server/syseventd_main.c index 08e2fabf..4cc1c071 100644 --- a/source/sysevent/server/syseventd_main.c +++ b/source/sysevent/server/syseventd_main.c @@ -1388,8 +1388,6 @@ int main (int argc, char **argv) clilen = sizeof(cli_addr); int rc = select(maxfd, &rd_set, NULL, NULL, NULL); if (-1 == rc) { - // stop hogging processor in case of error - sleep(1); continue; } diff --git a/source/sysevent/server/worker_threads.c b/source/sysevent/server/worker_threads.c index d3165ef1..c5b58094 100644 --- a/source/sysevent/server/worker_threads.c +++ b/source/sysevent/server/worker_threads.c @@ -2950,10 +2950,6 @@ static int handle_message_from_trigger_thread(int fd) return(rc); } -static int is_valid_fd(int fd) -{ - return fd >= 0 && fcntl(fd, F_GETFD) != -1; -} /* * Procedure : worker_thread_main * Purpose : Thread start routine for worker @@ -3025,9 +3021,9 @@ void *worker_thread_main(void *arg) if ((global_clients.clients)[i].used) { int cur_fd; cur_fd = (global_clients.clients)[i].fd; - if (0 == is_valid_fd(cur_fd)) { + if (-1 == cur_fd) { SE_INC_LOG(ERROR, - printf("Thread id %d line %d main select got used client with a bad fd. Ignoring cur_fd = %d\n",thread_get_id(worker_data_key), __LINE__, cur_fd); + printf("main select got used client with a bad fd. Ignoring\n"); ) incr_stat_info(STAT_WORKER_MAIN_SELECT_BAD_FD); } else { From c4fbe7e3b8d7bf2c65bbec0fd9681321ff1e194b Mon Sep 17 00:00:00 2001 From: Jonathan Wu Date: Tue, 25 Nov 2025 16:57:38 +0000 Subject: [PATCH 3/5] Revert "RDKB-60010 : Remove sky specific from the NTP script" This reverts commit 7ea7a04e9e178526a349f26b5d9695a75388ccc6. --- .github/CODEOWNERS | 2 +- .github/workflows/cla.yml | 13 +- ...gration_stateless_diffscan_target_repo.yml | 13 +- CHANGELOG.md | 66 +++- source/firewall/firewall.c | 121 ++++++- source/firewall/firewall.h | 6 +- source/firewall/firewall_ext.c | 2 +- source/firewall/firewall_ipv6.c | 28 +- .../igd/src/inc/igd_platform_dependent_inf.h | 8 +- .../init/c_registration/15_dhcp_server.c | 2 +- .../scripts/init/defaults/system_defaults_arm | 2 + source/scripts/init/service.d/lan_handler.sh | 2 +- source/scripts/init/service.d/logrotate.sh | 4 +- source/scripts/init/service.d/pmon.sh | 4 +- .../scripts/init/service.d/service_crond.sh | 4 +- .../dhcp_server_functions.sh | 7 +- source/scripts/init/service.d/service_igd.sh | 2 +- source/scripts/init/service.d/service_ipv4.sh | 2 +- .../init/service.d/service_mcastproxy.sh | 2 +- .../service.d/service_multinet/handle_gre.sh | 6 +- source/scripts/init/service.d/service_ntpd.sh | 8 +- source/scripts/init/service.d/service_sshd.sh | 16 +- .../service_sshd/service_dropbearssh.sh | 2 +- .../apply_system_defaults.c | 12 +- source/scripts/init/system/utopia_init.sh | 6 +- source/scripts/init/system/utopia_init_xb6.sh | 4 +- source/service_dhcp/dhcp_server_functions.c | 3 +- source/service_routed/service_routed.c | 25 +- source/syscfg/lib/syscfg_lib.c | 310 ++++++++++++++++-- source/sysevent/lib/sysevent.h | 6 +- source/sysevent/server/syseventd.h | 7 +- source/sysevent/server/syseventd_main.c | 2 + source/sysevent/server/worker_threads.c | 8 +- 33 files changed, 577 insertions(+), 128 deletions(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 0f5f5932..bbbaa1df 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -2,4 +2,4 @@ # the repo. Unless a later match takes precedence, # @global-owner1 and @global-owner2 will be requested for # review when someone opens a pull request. -* @rdkcentral/advsecurity-maintainers +* @rdkcentral/utopia-maintainers @rdkcentral/rdkb-maintainers diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 05504793..c58b1b0b 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -1,13 +1,20 @@ name: "CLA" + +permissions: + contents: read + pull-requests: write + actions: write + statuses: write + on: issue_comment: types: [created] pull_request_target: - types: [opened,closed,synchronize] + types: [opened, closed, synchronize] jobs: CLA-Lite: name: "Signature" - uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@main + uses: rdkcentral/cmf-actions/.github/workflows/cla.yml@v1 secrets: - PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} \ No newline at end of file + PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ASSISTANT }} diff --git a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml index da02b8b4..7b8c1cba 100644 --- a/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml +++ b/.github/workflows/fossid_integration_stateless_diffscan_target_repo.yml @@ -1,11 +1,18 @@ name: Fossid Stateless Diff Scan -on: pull_request +on: + pull_request: + types: [opened, synchronize, reopened] + +permissions: + contents: read + pull-requests: read jobs: call-fossid-workflow: - uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@develop - secrets: + if: ${{ ! github.event.pull_request.head.repo.fork }} + uses: rdkcentral/build_tools_workflows/.github/workflows/fossid_integration_stateless_diffscan.yml@1.0.0 + secrets: FOSSID_CONTAINER_USERNAME: ${{ secrets.FOSSID_CONTAINER_USERNAME }} FOSSID_CONTAINER_PASSWORD: ${{ secrets.FOSSID_CONTAINER_PASSWORD }} FOSSID_HOST_USERNAME: ${{ secrets.FOSSID_HOST_USERNAME }} diff --git a/CHANGELOG.md b/CHANGELOG.md index 483067b9..def893ae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,12 +4,76 @@ All notable changes to this project will be documented in this file. Dates are d Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog). +#### [1.3.0](https://github.com/rdkcentral/utopia/compare/1.2.2...1.3.0) + +- XB10-2198: SYS_SH_dnsmasq_restart is continuous with 8.2p5s1 upgrade [`#119`](https://github.com/rdkcentral/utopia/pull/119) +- revert of kernel_pid.max val set from utopia_init.sh file [`#117`](https://github.com/rdkcentral/utopia/pull/117) +- RDKB-60798-IPv6 Support for WiFi Hotspot [`#115`](https://github.com/rdkcentral/utopia/pull/115) +- XER10-1687-Observing intermittent ovsh crash [`#114`](https://github.com/rdkcentral/utopia/pull/114) +- RDKB-61612 : WAN Failover Utility is required in Ethwan mode similar to DOCSIS [`#97`](https://github.com/rdkcentral/utopia/pull/97) +- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`#111`](https://github.com/rdkcentral/utopia/pull/111) +- SHARMAN-1210:Add telemetry support to report FW info from both banks [`#70`](https://github.com/rdkcentral/utopia/pull/70) +- IPv6 support for WIFI hotspot [`#52`](https://github.com/rdkcentral/utopia/pull/52) +- Presence Notification [`04d5da3`](https://github.com/rdkcentral/utopia/commit/04d5da34148680adce639b27d63f790a5438832a) +- Merge tag '1.2.2' into develop [`3b14a92`](https://github.com/rdkcentral/utopia/commit/3b14a92d8a532ec9e34064eb5b0ddc861fe1c88f) +- Merge tag '1.2.1' into develop [`d652c3a`](https://github.com/rdkcentral/utopia/commit/d652c3a4266e78d843c330383c334f79a3e051ea) + +#### [1.2.2](https://github.com/rdkcentral/utopia/compare/1.2.1...1.2.2) + +> 28 October 2025 + +- Add CHANGELOG.md for hotfix 1.2.2 [`d101335`](https://github.com/rdkcentral/utopia/commit/d1013350a35701126277638f15726ada20e84ad9) +- RDKB-62232: Syntax error in /etc/utopia/service.d/service_ntpd.sh [`71f62ac`](https://github.com/rdkcentral/utopia/commit/71f62ac3e8601aaa4bb3147488bd40d49c127dfc) + +#### [1.2.1](https://github.com/rdkcentral/utopia/compare/1.2.0...1.2.1) + +> 23 October 2025 + +- RDKB-61777: [utopia] Code development to remove _64BIT_ARCH_SUPPORT_ macro [`#99`](https://github.com/rdkcentral/utopia/pull/99) +- XB9-429 : Upstream xb9 specific changes to github repo [`#53`](https://github.com/rdkcentral/utopia/pull/53) +- XF10-18 : XF10 Model support in Utopia Scripts [`#73`](https://github.com/rdkcentral/utopia/pull/73) +- RDKCOM-5434: RDKBDEV-3290,RDKBACCL-1052 fynecli connection was not established from remote ubuntu pc via 49153 port [`#47`](https://github.com/rdkcentral/utopia/pull/47) +- Update service_routed.c [`92feb43`](https://github.com/rdkcentral/utopia/commit/92feb43e4b9528b801ada6c7b6c5be286ba9329a) +- Update service_routed.c [`9eedf98`](https://github.com/rdkcentral/utopia/commit/9eedf983fbc74a4701b7e15226f2efea11040e8f) +- Add CHANGELOG.md for Release 1.2.1 [`9715e7f`](https://github.com/rdkcentral/utopia/commit/9715e7f5b7df31507f69a2e29e556b2baf5964d3) + +#### [1.2.0](https://github.com/rdkcentral/utopia/compare/1.1.3...1.2.0) + +> 9 October 2025 + +- Update CODEOWNERS [`#100`](https://github.com/rdkcentral/utopia/pull/100) +- Add the XF10 product common flag [`#72`](https://github.com/rdkcentral/utopia/pull/72) +- RDKB-59938 : Observing SYSCFG DB stored with junk values [`#61`](https://github.com/rdkcentral/utopia/pull/61) +- Deploy fossid_integration_stateless_diffscan_target_repo action [`#93`](https://github.com/rdkcentral/utopia/pull/93) +- Update CODEOWNERS [`#81`](https://github.com/rdkcentral/utopia/pull/81) +- Deploy cla action [`#82`](https://github.com/rdkcentral/utopia/pull/82) +- Add CHANGELOG.md for Release 1.2.0 [`29800ce`](https://github.com/rdkcentral/utopia/commit/29800ce8221a3251b5bab5fb0b43ded3ff82fab8) + +#### [1.1.3](https://github.com/rdkcentral/utopia/compare/1.1.2...1.1.3) + +> 25 September 2025 + +- RDKB-61786: Revert the changes of RDKB-60131 [`#77`](https://github.com/rdkcentral/utopia/pull/77) +- Rebase with develop [`#75`](https://github.com/rdkcentral/utopia/pull/75) +- RDKB-58679: Add PSM changes for vlan [`#56`](https://github.com/rdkcentral/utopia/pull/56) +- RDKB-60956: Default OAUTH AuthMode feature to SSO in firmware [`#71`](https://github.com/rdkcentral/utopia/pull/71) +- RDKB-61412 : Add RDKBPOD generic vendor name for all extender devices [`#68`](https://github.com/rdkcentral/utopia/pull/68) +- RDKB-60813 : Webui attack handling in Firewall [`#66`](https://github.com/rdkcentral/utopia/pull/66) +- RDKB-60232 : Option 82 rules for Amenity bridges [`#65`](https://github.com/rdkcentral/utopia/pull/65) +- RDKDEV-1132, RDKBACCL-846: Migrate scripts from RPI to BPI [`#49`](https://github.com/rdkcentral/utopia/pull/49) +- RDKB-61372: Handling recovery cases of Unknown/Invalid syscfg PartnerID [`#51`](https://github.com/rdkcentral/utopia/pull/51) +- Merge branch 'release/1.1.2' [`#59`](https://github.com/rdkcentral/utopia/pull/59) +- Add CHANGELOG.md for Release 1.1.3 [`a3baf10`](https://github.com/rdkcentral/utopia/commit/a3baf10901f136401d834b5e3f07b18ec1480588) +- Update firewall.h [`7c2b6ab`](https://github.com/rdkcentral/utopia/commit/7c2b6ab093e0c66d53261357995b407f65287233) + #### [1.1.2](https://github.com/rdkcentral/utopia/compare/1.1.1...1.1.2) +> 12 September 2025 + - RDKB-60957: Add Utopia RFC defaults for xmeminsight Tool [`#48`](https://github.com/rdkcentral/utopia/pull/48) +- Add CHANGELOG.md for release 1.1.2 [`7d54a7b`](https://github.com/rdkcentral/utopia/commit/7d54a7b302b870e3d4366d0bdbbb93510f8a8e51) - Update system_defaults_xd4 [`c37af2a`](https://github.com/rdkcentral/utopia/commit/c37af2a17733f4acdfd422354d0d261b8bccee5b) - Update system_defaults_bci [`201f075`](https://github.com/rdkcentral/utopia/commit/201f075ca07729b955ce0af67df480867ea039ab) -- Update system_defaults_arm [`956c7ac`](https://github.com/rdkcentral/utopia/commit/956c7ac5565d709181b3d7f28ef7761c1e37278f) #### [1.1.1](https://github.com/rdkcentral/utopia/compare/1.1.0...1.1.1) diff --git a/source/firewall/firewall.c b/source/firewall/firewall.c index 4a77fe25..c7181ea4 100644 --- a/source/firewall/firewall.c +++ b/source/firewall/firewall.c @@ -697,6 +697,7 @@ char current_wan_ip6_addr[128]; bool isDefHttpsPortUsed = FALSE ; int current_wan_ipv6_num = 0; char default_wan_ifname[50]; // name of the regular wan interface +char hotspot_wan_ifname[50]; int rfstatus; /* * For timed internet access rules we use cron @@ -1455,7 +1456,23 @@ static int do_wan_nat_lan_clients_mapt(FILE *fp) return 0; } #endif //FEATURE_MAPT - +void do_webui_attack_filter(FILE *filter_fp) +{ + FIREWALL_DEBUG("Entering do_webui_attack_filter\n"); + fprintf(filter_fp, ":%s - [0:0]\n", "UPLOAD_ATTACK_FILTER"); + fprintf(filter_fp, "-A UPLOAD_ATTACK_FILTER -m string --algo bm --string \"%s\" -j DROP \n", " from PSM + memset(hotspot_wan_ifname,0,sizeof(hotspot_wan_ifname)); + rc = PSM_VALUE_GET_STRING(PSM_HOTSPOT_WAN_IFNAME, pStr); + if(rc == CCSP_SUCCESS && pStr != NULL){ + FIREWALL_DEBUG("HotSpot wan interface fetched \n"); + safec_rc = strcpy_s(hotspot_wan_ifname, sizeof(hotspot_wan_ifname),pStr); + ERR_CHK(safec_rc); + Ansc_FreeMemory_Callback(pStr); + pStr = NULL; + } + FIREWALL_DEBUG(" line:%d current_wan_ifname:%s hotspot_wan_ifname %s \n" COMMA __LINE__ COMMA current_wan_ifname COMMA hotspot_wan_ifname); + memset(mesh_wan_ipv6addr,0,sizeof(mesh_wan_ipv6addr)); get_ip6address(mesh_wan_ifname, mesh_wan_ipv6addr, &mesh_wan_ipv6_num,IPV6_ADDR_SCOPE_GLOBAL); #endif @@ -5248,6 +5278,37 @@ static int do_nat_ephemeral(FILE *fp) return(0); } +void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4) +{ + FIREWALL_DEBUG(" Entering applyHotspotPostRoutingRules \n"); + char sysEventName[256]; + if (isIpv4 == true) + { + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + FIREWALL_DEBUG("Apply Post Routing Rules for IPv4\n"); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipaddr); + fprintf(fp, "-A postrouting_towan -o %s -j SNAT --to-source %s\n" , current_wan_ifname, current_wan_ipaddr); + } + } + else + { + memset(current_wan_ip6_addr, 0, sizeof(current_wan_ip6_addr)); + memset(sysEventName, 0, sizeof(sysEventName)); + snprintf(sysEventName, sizeof(sysEventName),"tr_%s_dhcpv6_client_v6addr", hotspot_wan_ifname); + sysevent_get(sysevent_fd, sysevent_token, sysEventName, current_wan_ip6_addr, sizeof(current_wan_ip6_addr)); + + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + FIREWALL_DEBUG("Apply Post Routing Rules for IPv6\n"); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ip6_addr); + fprintf(fp, "-A POSTROUTING -o %s -j SNAT --to-source %s\n", current_wan_ifname, current_wan_ip6_addr); + } + + } + FIREWALL_DEBUG(" Exiting applyHotspotPostRoutingRules \n"); +} + #if defined(_BWG_PRODUCT_REQ_) /* * Procedure : do_raw_table_staticip @@ -5400,7 +5461,14 @@ static int do_wan_nat_lan_clients(FILE *fp) #ifdef RDKB_EXTENDER_ENABLED fprintf(fp, "-A postrouting_towan -j MASQUERADE\n"); #else + #ifdef WAN_FAILOVER_SUPPORTED + if (0 == checkIfULAEnabled()) + { + applyHotspotPostRoutingRules(fp, true); + } else { fprintf(fp, "-A postrouting_towan -j SNAT --to-source %s\n", natip4); + } + #endif #endif #if defined (FEATURE_MAPT) || defined (FEATURE_SUPPORT_MAPT_NAT46) } @@ -5930,7 +5998,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) fprintf(fp, "-A INPUT -j wanattack\n"); //Smurf attack, actually the below rules are to prevent us from being the middle-man host -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -5950,7 +6018,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) #endif /*_HUB4_PRODUCT_REQ_*/ fprintf(fp, "-A SmurfAttack -p icmp -m icmp --icmp-type address-mask-request -j xlog_drop_wanattack\n"); // ICMP Smurf Attack (timestamp) -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPSmurfAttack -p icmp -m icmp --icmp-type timestamp-request %s -j LOG --log-prefix \"DoS Attack - Smurf Attack\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -5972,7 +6040,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //ICMP Flooding. Mark traffic bit rate > 5/s as attack and limit 6 log entries per hour fprintf(fp, "-A ICMPFlooding -p icmp -m limit --limit 5/s --limit-burst 10 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A ICMPFlooding -p icmp %s -j LOG --log-prefix \"DoS Attack - ICMP Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -5994,7 +6062,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) //TCP SYN Flooding fprintf(fp, "-A TCPSYNFlooding -p tcp --syn -m limit --limit 10/s --limit-burst 20 -j RETURN\n"); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_)/* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A TCPSYNFlooding -p tcp --syn %s -j LOG --log-prefix \"DoS Attack - TCP SYN Flooding\" --log-level 7\n", logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6018,7 +6086,7 @@ int do_wan2self_attack(FILE *fp,char* wan_ip) if(isWanReady) { /* Allow multicast packet through */ fprintf(fp, "-A LANDAttack -p udp -s %s -d 224.0.0.0/8 -j RETURN\n", wan_ip); -#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ +#if defined(_HUB4_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_XER5_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) /* ULOG target removed in kernels 3.17+ */ fprintf(fp, "-A LANDAttack -s %s %s -j LOG --log-prefix \"DoS Attack - LAND Attack\" --log-level 7\n", wan_ip, logRateLimit); #elif defined(_PROPOSED_BUG_FIX_) if (LINUX_VERSION_CODE >= KERNEL_VERSION(3,17,0)) @@ -6207,6 +6275,26 @@ static int remote_access_set_proto(FILE *filt_fp, FILE *nat_fp, const char *port FIREWALL_DEBUG("Exiting remote_access_set_proto\n"); return 0; } +int wan_lan_webui_attack(FILE *fp, const char *interface) +{ + int rc = 0; + char httpport[64] = {0}; + char httpsport[64] = {0}; + char query[MAX_QUERY]; + //lan side attack protection + fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport 80 -j UPLOAD_ATTACK_FILTER\n", interface); + fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport 443 -j UPLOAD_ATTACK_FILTER\n", interface); + //wan side attack protection + rc = syscfg_get(NULL, "mgmt_wan_httpaccess", query, sizeof(query)); + rc |= syscfg_get(NULL, "mgmt_wan_httpport", httpport, sizeof(httpport)); + if ((rc == 0) && atoi(query) == 1) + fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport %s -j UPLOAD_ATTACK_FILTER\n", current_wan_ifname, httpport); + rc = syscfg_get(NULL, "mgmt_wan_httpsaccess", query, sizeof(query)); + rc |= syscfg_get(NULL, "mgmt_wan_httpsport", httpsport, sizeof(httpsport)); + if ((rc == 0) && atoi(query) == 1) + fprintf(fp, "-A INPUT -i %s -p tcp -m tcp --dport %s -j UPLOAD_ATTACK_FILTER\n", current_wan_ifname, httpsport ); + return 0; +} int lan_access_set_proto(FILE *fp,const char *port, const char *interface) { if ((0 == strcmp("80", port)) || (0 == strcmp("443", port))) { @@ -9958,7 +10046,7 @@ static void do_add_TCP_MSS_rules(FILE *mangle_fp) static int do_lan2wan(FILE *mangle_fp, FILE *filter_fp, FILE *nat_fp) { FIREWALL_DEBUG("Entering do_lan2wan\n"); -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) if (isNatReady) { FILE *f = NULL; @@ -12045,6 +12133,10 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * #endif fprintf(filter_fp, "-A OUTPUT -o lo -p tcp -m tcp --sport 49152:49153 -j ACCEPT\n"); fprintf(filter_fp, "-A OUTPUT ! -o brlan0 -p tcp -m tcp --sport 49152:49153 -j DROP\n"); + /* For EasyMesh Controller Communication */ +#if defined(_PLATFORM_BANANAPI_R4_) + fprintf(filter_fp, "-I OUTPUT -o %s -p tcp --sport 49153 -j ACCEPT\n",get_current_wan_ifname()); +#endif #ifdef CONFIG_CISCO_FEATURE_CISCOCONNECT fprintf(filter_fp, ":%s - [0:0]\n", "pp_disabled"); if(isGuestNetworkEnabled) { @@ -12233,7 +12325,8 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * // Video Analytics Firewall rule to allow port 58081 only from LAN interface do_OpenVideoAnalyticsPort (filter_fp); - + + do_webui_attack_filter(filter_fp); // Create iptable chain to ratelimit remote management(8080, 8181) packets do_webui_rate_limit(filter_fp); @@ -12272,6 +12365,7 @@ static int prepare_subtables(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE * fprintf(filter_fp, "-A INPUT -i lo -m state --state NEW -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -j general_input\n"); + wan_lan_webui_attack(filter_fp,lan_ifname); // Rate limiting the webui-access lan side lan_access_set_proto(filter_fp, "80",lan_ifname); lan_access_set_proto(filter_fp, "443",lan_ifname); @@ -13082,6 +13176,10 @@ int do_block_ports(FILE *filter_fp) fprintf(filter_fp, "-A INPUT -i lo -p udp -m udp --dport 1900 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 49152:49153 -j DROP\n"); + /* For EasyMesh Controller Communication */ +#if defined(_PLATFORM_BANANAPI_R4_) + fprintf(filter_fp, "-I INPUT -i %s -p tcp --dport 49153 -j ACCEPT\n",get_current_wan_ifname()); +#endif fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 1900 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p tcp -m tcp --dport 21515 -j DROP\n"); fprintf(filter_fp, "-A INPUT ! -i brlan0 -p udp -m udp --dport 21515 -j DROP\n"); @@ -13604,7 +13702,7 @@ WAN_FAILOVER_SUPPORT_CHECk_END prepare_MoCA_bridge_firewall(raw_fp, mangle_fp, nat_fp, filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) /* To avoid open ssh connection to CM IP TCXB6-2879*/ if (!isBridgeMode) { @@ -13845,7 +13943,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n #else fprintf(filter_fp, "-A INPUT ! -i %s -j wan2self_mgmt\n", isBridgeMode == 0 ? lan_ifname : cmdiag_ifname); #endif - + do_webui_attack_filter(filter_fp); // Create iptable chain to ratelimit remote management packets do_webui_rate_limit(filter_fp); WAN_FAILOVER_SUPPORT_CHECK @@ -13962,7 +14060,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n lan_http_access(filter_fp); #endif -#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) +#if defined(_COSA_BCM_ARM_) && (defined(_CBR_PRODUCT_REQ_) || defined(_XB6_PRODUCT_REQ_)) && !defined(_SCER11BEL_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) if (isBridgeMode) { FILE *f = NULL; @@ -13992,6 +14090,7 @@ static int prepare_disabled_ipv4_firewall(FILE *raw_fp, FILE *mangle_fp, FILE *n #endif fprintf(filter_fp, ":%s ACCEPT [0:0]\n", "FORWARD"); fprintf(filter_fp, ":%s ACCEPT [0:0]\n", "OUTPUT"); + wan_lan_webui_attack(filter_fp,cmdiag_ifname); // Rate limiting the webui-access lan side lan_access_set_proto(filter_fp, "80",cmdiag_ifname); lan_access_set_proto(filter_fp, "443",cmdiag_ifname); diff --git a/source/firewall/firewall.h b/source/firewall/firewall.h index 6b9ae880..8e28cc43 100644 --- a/source/firewall/firewall.h +++ b/source/firewall/firewall.h @@ -115,6 +115,7 @@ extern int sysevent_fd; extern char sysevent_ip[19]; extern unsigned short sysevent_port; #define PSM_VALUE_GET_STRING(name, str) PSM_Get_Record_Value2(bus_handle, CCSP_SUBSYS, name, NULL, &(str)) +#define PSM_HOTSPOT_WAN_IFNAME "dmsb.wanmanager.if.3.Name" int get_ip6address (char * ifname, char ipArry[][40], int * p_num, unsigned int scope_in); @@ -145,7 +146,8 @@ int do_wpad_isatap_blockv4 (FILE *fp); int do_blockfragippktsv4(FILE *fp); int do_portscanprotectv4(FILE *fp); int do_ipflooddetectv4(FILE *fp); - +void do_webui_attack_filter(FILE *filter_fp); +int wan_lan_webui_attack(FILE *fp, const char *interface); // Rule preparation functions int prepare_rabid_rules(FILE *filter_fp, FILE *mangle_fp, ip_ver_t ver); @@ -346,6 +348,8 @@ extern char dev_type[20]; extern char mesh_wan_ifname[32]; #endif +void applyHotspotPostRoutingRules(FILE *fp, bool isIpv4); +extern char hotspot_wan_ifname[50]; extern int current_wan_ipv6_num; extern char default_wan_ifname[50]; // name of the regular wan interface extern char current_wan_ipv6[IF_IPV6ADDR_MAX][40]; diff --git a/source/firewall/firewall_ext.c b/source/firewall/firewall_ext.c index b603603b..a887f5b2 100644 --- a/source/firewall/firewall_ext.c +++ b/source/firewall/firewall_ext.c @@ -211,7 +211,7 @@ int prepare_ipv4_rule_ex_mode(FILE *raw_fp, FILE *mangle_fp, FILE *nat_fp, FILE do_wan2self_attack(filter_fp,cellular_ipaddr); fprintf(filter_fp, "-A INPUT -i %s -p tcp -m tcp --dport 22 -j SSH_FILTER\n",cellular_ifname); -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fprintf(filter_fp, "-A INPUT -i brlan112 -d 169.254.70.0/24 -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan112 -m pkttype ! --pkt-type unicast -j ACCEPT\n"); fprintf(filter_fp, "-A INPUT -i brlan113 -d 169.254.71.0/24 -j ACCEPT\n"); diff --git a/source/firewall/firewall_ipv6.c b/source/firewall/firewall_ipv6.c index be0e81d6..fb1f7907 100644 --- a/source/firewall/firewall_ipv6.c +++ b/source/firewall/firewall_ipv6.c @@ -1959,6 +1959,10 @@ void do_ipv6_sn_filter(FILE* fp) { fprintf(fp, "-A PREROUTING -i %s -d %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i], mcastAddrStr); /* NS Throttling rules for WAN and LAN */ fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -m limit --limit 20/sec -j ACCEPT\n", ifnames[i]); + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + fprintf(fp, "-A INPUT -s %s -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 133 -m limit --limit 100/sec -j ACCEPT\n" , current_wan_ip6_addr , current_wan_ifname); + } fprintf(fp, "-A PREROUTING -i %s -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j DROP\n", ifnames[i]); } @@ -2108,22 +2112,24 @@ int checkIfULAEnabled() void applyIpv6ULARules(FILE* fp) { - #ifdef RDKB_EXTENDER_ENABLED + #if defined (RDKB_EXTENDER_ENABLED) if(strlen(current_wan_ipv6[0]) > 0) { - FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); - - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); + FIREWALL_DEBUG("Source natting all traffic on %s interface to %s address\n" COMMA current_wan_ifname COMMA current_wan_ipv6); + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n",current_wan_ifname); } #else + FIREWALL_DEBUG("Applying applyIpv6ULARules \n"); applyRoutingRules(fp,GLOBAL_IPV6); applyRoutingRules(fp,ULA_IPV6); #endif } + #endif void do_ipv6_nat_table(FILE* fp) { + FIREWALL_DEBUG("Entering do_ipv6_nat_table \n"); char IPv6[INET6_ADDRSTRLEN] = "0"; fprintf(fp, "*nat\n"); fprintf(fp, ":%s - [0:0]\n", "prerouting_devices"); @@ -2217,7 +2223,19 @@ void do_ipv6_nat_table(FILE* fp) } } #ifdef _PLATFORM_RASPBERRYPI_ - fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); + if(strncmp(current_wan_ifname, hotspot_wan_ifname, strlen(current_wan_ifname) ) == 0) + { + #if defined (WAN_FAILOVER_SUPPORTED) + if (0 == checkIfULAEnabled()) + { + applyHotspotPostRoutingRules(fp, false); + } + #endif + } + else + { + fprintf(fp, "-A POSTROUTING -o %s -j MASQUERADE\n", current_wan_ifname); + } #endif #ifdef _PLATFORM_BANANAPI_R4_ diff --git a/source/igd/src/inc/igd_platform_dependent_inf.h b/source/igd/src/inc/igd_platform_dependent_inf.h index 380c17b8..2f291581 100644 --- a/source/igd/src/inc/igd_platform_dependent_inf.h +++ b/source/igd/src/inc/igd_platform_dependent_inf.h @@ -81,12 +81,18 @@ #define UPC "RDKB_ARM" #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCXF11BFL_PRODUCT_REQ_) + #undef CONFIG_VENDOR_MODEL + #define CONFIG_VENDOR_MODEL "SCXF11BFL" +#elif defined(_SCER11BEL_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "SCER11BEL" #elif defined(_XER5_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #define CONFIG_VENDOR_MODEL "VTER11QEL" +#elif defined(_XB9_PRODUCT_REQ_) + #undef CONFIG_VENDOR_MODEL + #define CONFIG_VENDOR_MODEL "CWA438TCOM" #elif defined(_XB10_PRODUCT_REQ_) #undef CONFIG_VENDOR_MODEL #if defined (IGD_SERCOMMXB10_INFO) diff --git a/source/scripts/init/c_registration/15_dhcp_server.c b/source/scripts/init/c_registration/15_dhcp_server.c index be64b31a..2aee6edd 100644 --- a/source/scripts/init/c_registration/15_dhcp_server.c +++ b/source/scripts/init/c_registration/15_dhcp_server.c @@ -57,7 +57,7 @@ const char* SERVICE_CUSTOM_EVENTS[] = { NULL }; #elif defined(CORE_NET_LIB) && \ - ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ + ((defined(_XB6_PRODUCT_REQ_) && !defined (_XB8_PRODUCT_REQ_) && !defined(_XER5_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) && !defined(_SCXF11BFL_PRODUCT_REQ_) || (defined(_WNXL11BWL_PRODUCT_REQ_)) || \ (defined(_CBR_PRODUCT_REQ_) && !defined(_CBR2_PRODUCT_REQ_))) const char* SERVICE_CUSTOM_EVENTS[] = { "syslog-status|/usr/bin/service_dhcp", diff --git a/source/scripts/init/defaults/system_defaults_arm b/source/scripts/init/defaults/system_defaults_arm index a3a7ad25..ace916f5 100755 --- a/source/scripts/init/defaults/system_defaults_arm +++ b/source/scripts/init/defaults/system_defaults_arm @@ -1429,6 +1429,8 @@ $DscpSleepInterval_2=0 #Ccsp CMagent Docsis linkdown timeout default value is 900sec $DocsisLinkDownTimeOut=900 +#Ccsp Ethagent EWAN linkdown timeout default value is 900sec +$EWanLinkDownTimeout=900 #LLDEnable default value is false $LldEnable=false diff --git a/source/scripts/init/service.d/lan_handler.sh b/source/scripts/init/service.d/lan_handler.sh index 6c020d9a..1ed07d97 100755 --- a/source/scripts/init/service.d/lan_handler.sh +++ b/source/scripts/init/service.d/lan_handler.sh @@ -502,7 +502,7 @@ case "$1" in ;; lan-start) - if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$RPI_SPECIFIC" = "rpi" ] || [ "$BOX_TYPE" = "bpi" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then L3Net=`sysevent get primary_lan_l3net` if [ -z "$L3Net" ]; then echo_t "RDKB_SYSTEM_BOOT_UP_LOG : L3Net is null" diff --git a/source/scripts/init/service.d/logrotate.sh b/source/scripts/init/service.d/logrotate.sh index 56623cb2..581ac859 100644 --- a/source/scripts/init/service.d/logrotate.sh +++ b/source/scripts/init/service.d/logrotate.sh @@ -2,7 +2,7 @@ source /etc/device.properties -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then source /etc/utopia/service.d/log_capture_path.sh VARLOG_DIR_THRESHOLD=3000 VAR_TMP_FILE_THRESHOLD=1000 @@ -86,7 +86,7 @@ if [ $dir -gt $VARLOG_DIR_THRESHOLD ]; then fi # If any file reaches 1MB inside /var/tmp, empty the file. -if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" == "HUB4" ] || [ "$BOX_TYPE" == "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] ||[ "$BOX_TYPE" == "SCXF11BFL" ]; then var_tmp_files=`ls /var/tmp/` for tmp_file in $var_tmp_files; do tmp_file_size=`du /var/tmp/$tmp_file | awk -v sum=0 '{print sum+=$1}' | tail -1` diff --git a/source/scripts/init/service.d/pmon.sh b/source/scripts/init/service.d/pmon.sh index 8f8852f5..6674c713 100755 --- a/source/scripts/init/service.d/pmon.sh +++ b/source/scripts/init/service.d/pmon.sh @@ -93,8 +93,8 @@ do_check_process() { LOCAL_CONF_FILE=/tmp/pmon.conf$$ - # Add static pmon entries - echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE + # Add static pmon entries - commented-out below line - selfheal takes care of it. + # echo "syseventd /var/run/syseventd.pid /etc/utopia/service.d/syseventd_restart.sh" > $LOCAL_CONF_FILE # Add dynamic pmon entries stashed in sysevent # by various modules diff --git a/source/scripts/init/service.d/service_crond.sh b/source/scripts/init/service.d/service_crond.sh index cd78c2fa..2ad282d2 100755 --- a/source/scripts/init/service.d/service_crond.sh +++ b/source/scripts/init/service.d/service_crond.sh @@ -124,7 +124,7 @@ service_start () #RDKB-45059 log the zebra.conf status for every 12 hours echo "0 */12 * * * /usr/ccsp/tad/Zebra_conf_status.sh" >> $CRONTAB_FILE - if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "XB6" ] || [ "$BOX_TYPE" == "VNTXER5" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then #run idm recovery for each 10 minutes echo "*/10 * * * * /etc/idm/idm_recovery.sh" >> $CRONTAB_FILE fi @@ -190,7 +190,7 @@ service_start () addCron "48 * * * * sh /etc/sky/monitor_dhd_dump.sh &" fi - if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then #RDKB-43895 log the firmware bank informations in selfheal log echo "5 */12 * * * /usr/bin/FwBankInfo" >> $CRONTAB_FILE fi diff --git a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh index 94761641..cd10fa2b 100755 --- a/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh +++ b/source/scripts/init/service.d/service_dhcp_server/dhcp_server_functions.sh @@ -1075,13 +1075,14 @@ fi #fi #Option for parsing plume vendor code - if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] ; then + if [ "$BOX_TYPE" = "XB6" ] || [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then echo "dhcp-option=vendor:Plume,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:PP203X,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:SE401,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:HIXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXE12AWR,43,tag=123" >> $LOCAL_DHCP_CONF echo "dhcp-option=vendor:WNXL11BWL,43,tag=123" >> $LOCAL_DHCP_CONF + echo "dhcp-option=vendor:RDKBPOD,43,tag=123" >> $LOCAL_DHCP_CONF fi if [ "dns_only" != "$3" ] ; then @@ -1201,7 +1202,7 @@ fi echo "${PREFIX}""dhcp-option=l2sd0.4090,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then + elif [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "$MODEL_NUM" = "CGM601TCOM" ] || [ "$MODEL_NUM" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "SG417DBCT" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ] || [ "$BOX_TYPE" = "VNTXER5" ]; then echo "interface=brlan112" >> $LOCAL_DHCP_CONF if [ "$BOX_TYPE" = "WNXL11BWL" ]; then echo "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF @@ -1299,7 +1300,7 @@ fi echo "${PREFIX}""dhcp-option=br403,6,$WAN_DHCP_NS" >> $LOCAL_DHCP_CONF fi - elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]]; then + elif [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [[ "$BOX_TYPE" = "SCER11BEL" ]] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then echo "interface=brlan6" >> $LOCAL_DHCP_CONF echo "dhcp-range=169.254.0.5,169.254.0.253,255.255.255.0,infinite" >> $LOCAL_DHCP_CONF diff --git a/source/scripts/init/service.d/service_igd.sh b/source/scripts/init/service.d/service_igd.sh index 8f50557b..5f8018b6 100755 --- a/source/scripts/init/service.d/service_igd.sh +++ b/source/scripts/init/service.d/service_igd.sh @@ -133,7 +133,7 @@ handle_ipv4_status() { IGD `sysevent get ipv4_${1}-ifname` & sysevent set ${SERVICE_NAME}_${1}-pid $! #RDKB-44364:To avoid IGD process init failure due to UPNP_E_SOCKET_BIND [-203] error - if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then check_IGD_is_up ${1} fi fi diff --git a/source/scripts/init/service.d/service_ipv4.sh b/source/scripts/init/service.d/service_ipv4.sh index f3004e1c..ba62cf17 100755 --- a/source/scripts/init/service.d/service_ipv4.sh +++ b/source/scripts/init/service.d/service_ipv4.sh @@ -113,7 +113,7 @@ handle_l2_status () { echo_t "service_ipv4 : Triggering RDKB_FIREWALL_RESTART" t2CountNotify "RF_INFO_RDKB_FIREWALL_RESTART" sysevent set firewall-restart - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then uptime=$(cut -d. -f1 /proc/uptime) if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "RDKB_FIREWALL_RESTART:$uptime" diff --git a/source/scripts/init/service.d/service_mcastproxy.sh b/source/scripts/init/service.d/service_mcastproxy.sh index 1185bd79..5b923378 100755 --- a/source/scripts/init/service.d/service_mcastproxy.sh +++ b/source/scripts/init/service.d/service_mcastproxy.sh @@ -113,7 +113,7 @@ fi else cat $LOCAL_CONF_FILE > $CONF_FILE rm -f $LOCAL_CONF_FILE - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "WNXL11BWL" ] || [ "$BOX_TYPE" == "rpi" ] || [ "$BOX_TYPE" == "bpi" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then $BIN $CONF_FILE & else $BIN -c $CONF_FILE & diff --git a/source/scripts/init/service.d/service_multinet/handle_gre.sh b/source/scripts/init/service.d/service_multinet/handle_gre.sh index 7eed8365..68f810b3 100755 --- a/source/scripts/init/service.d/service_multinet/handle_gre.sh +++ b/source/scripts/init/service.d/service_multinet/handle_gre.sh @@ -265,12 +265,12 @@ create_tunnel () { fi fi ifconfig $2 up - if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] + if [ ! -f /tmp/.gre_flowmanager_enable ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ] then echo addif $2 wan > /proc/driver/flowmgr/cmd touch /tmp/.gre_flowmanager_enable fi - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do GRE=`psmcli get dmsb.l2net.$i.Members.Gre | grep $2` @@ -303,7 +303,7 @@ destroy_tunnel () { touch "/tmp/destroy_tunnel_lock" fi echo "Destroying tunnel... remote" - if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then + if [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then INST=`psmcli getallinst dmsb.l2net.` for i in $INST; do STAT=`sysevent get gre_"$i"_inst` diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index 3c14705c..45555209 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -523,7 +523,7 @@ service_start () fi #if [ -n "$QUICK_SYNC_WAN_IP" ]; then if [ -n "$PEER_INTERFACE_IP" ]; then - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then if [ -z "$SOURCE_PING_INTF" ]; then MASK="255.255.255.0" else @@ -618,8 +618,7 @@ service_start () echo_t "SERVICE_NTPD : Starting NTP Daemon" >> $NTPD_LOG_NAME systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then - #TODO : could be a common code. + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then sysevent set firewall-restart fi fi @@ -807,9 +806,8 @@ case "$1" in fi ;; ipv6_connection_state) - # keep HUB4 due to SKYH4-6932 + # Removed Sky products check except Hub4 due to SKYH4-6932 synchronization issue. if [ "$BOX_TYPE" = "HUB4" ] || [ "$ntpHealthCheck" = "true" ]; then - #TODO : could be a common code. NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` #SKYH4-6932: When IPv6 comes up after ipv4, IPv6 listners won't be added and hence with ipv6 only ntp servers, we will have time syncing problems. So checking time sync status along with ntpd process, if time isn't synced there will conf update and ntpd restart. diff --git a/source/scripts/init/service.d/service_sshd.sh b/source/scripts/init/service.d/service_sshd.sh index e67deee0..c6b0d4c3 100755 --- a/source/scripts/init/service.d/service_sshd.sh +++ b/source/scripts/init/service.d/service_sshd.sh @@ -56,7 +56,7 @@ else echo_t "[utopia]: dropbear using prod authorization keys" fi -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then CMINTERFACE=$WAN_INTERFACE elif ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ]); then CMINTERFACE=$WAN_INTERFACE @@ -92,7 +92,7 @@ fi get_listen_params() { LISTEN_PARAMS="" #Get IPv4 address of wan0 - if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ]) ; then + if ([ "$WAN_INTERFACE" = "$DEFAULT_WAN_INTERFACE" ] && [ "$BOX_TYPE" != "VNTXER5" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]) ; then if [ "$WAN0_IS_DUMMY" = "true" ]; then CM_IPV4=`ifconfig privbr:0 | grep "inet addr" | awk '/inet/{print $2}' | cut -f2 -d:` #Get IPv6 address of wan0 @@ -145,7 +145,7 @@ do_start() { #chmod 755 $DIR_NAME #fi - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then get_listen_params CMINTERFACE=$WAN_INTERFACE fi @@ -195,7 +195,7 @@ do_start() { commandString="$commandString -p [$CM_IPV6]:22" fi fi - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then + elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then # In IPv6 only case (MAP-T), and if IPv6 GUA on LAN enabled case, use brlan0 interface to get v6 global address. CM_IPV6=`ip -6 addr show dev brlan0 scope global | awk '/inet/{print $2}' | cut -d '/' -f1 | head -n1` if [ ! -z "$CM_IPV6" ]; then @@ -236,7 +236,7 @@ do_start() { getConfigFile $DROPBEAR_PARAMS_1 getConfigFile $DROPBEAR_PARAMS_2 - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 $LISTEN_PARAMS -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE if [ -z "$LISTEN_PARAMS" ] ; then echo_t "[utopia]: dropbear was not started for erouter0 interface with valid params." @@ -257,7 +257,7 @@ do_start() { if ([ "$MANUFACTURE" = "Technicolor" ] || [ "$MODEL_NUM" = "SG417DBCT" ]) ; then echo dropbear -E -s -K 60 -b /etc/sshbanner.txt ${commandString} -r ${DROPBEAR_PARAMS_1} -r ${DROPBEAR_PARAMS_2} -a -P ${PID_FILE} dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE - elif ([ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]) ; then + elif [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" = "true" ]; then dropbear -E -s -b /etc/sshbanner.txt $commandString -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -a -P $PID_FILE -K 60 $USE_DEVKEYS 2>>$CONSOLEFILE else dropbear -E -s -b /etc/sshbanner.txt -a -r $DROPBEAR_PARAMS_1 -r $DROPBEAR_PARAMS_2 -p [$CM_IP]:22 -P $PID_FILE $USE_DEVKEYS 2>>$CONSOLEFILE @@ -302,7 +302,7 @@ service_start() { echo_t "[utopia] starting ${SERVICE_NAME} service" ulog ${SERVICE_NAME} status "starting ${SERVICE_NAME} service" - if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ]) ;then + if ([ "$BOX_TYPE" = "XB6" -a "$MANUFACTURE" = "Arris" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ] || [ "$BOX_TYPE" = "VNTXER5" ] || [ "$BOX_TYPE" = "SCER11BEL" -a "$LANIPV6Support" != "true" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]) ;then CMINTERFACE=$WAN_INTERFACE ifconfig $CMINTERFACE | grep Global ret=$? @@ -341,7 +341,7 @@ service_start() { fi #Disable monitoring dropbear as we don't have a seperate dropbear process running always #dropbear process would be running on demand basis - if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ]; then + if [ "$BOX_TYPE" != "HUB4" ] && [ "$BOX_TYPE" != "SR300" ] && [ "$BOX_TYPE" != "SE501" ] && [ "$BOX_TYPE" != "WNXL11BWL" ] && [ "$BOX_TYPE" != "SR213" ] && [ "$BOX_TYPE" != "SCER11BEL" ] && [ "$BOX_TYPE" != "SCXF11BFL" ]; then $PMON setproc ssh dropbear $PID_FILE "/etc/utopia/service.d/service_sshd.sh sshd-restart" fi diff --git a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh index c845daa4..6bb62256 100755 --- a/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh +++ b/source/scripts/init/service.d/service_sshd/service_dropbearssh.sh @@ -44,7 +44,7 @@ source /etc/utopia/service.d/log_capture_path.sh source /etc/device.properties -if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$BOX_TYPE" = "SCXF11BFL" ]; then CMINTERFACE="erouter0" else if [ "$WAN0_IS_DUMMY" = "true" ]; then diff --git a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c index 284ddb66..306ab561 100644 --- a/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c +++ b/source/scripts/init/src/apply_system_defaults/apply_system_defaults.c @@ -51,7 +51,7 @@ #include "time.h" #include "secure_wrapper.h" #include -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) #include "platform_hal.h" #endif #include @@ -691,7 +691,7 @@ static int GetDevicePropertiesEntry (char *pOutput, int size, char *sDevicePropC static int getFactoryPartnerId (char *pValue) { -#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) +#if defined (_XB6_PRODUCT_REQ_) || defined(_HUB4_PRODUCT_REQ_) || defined(_SR300_PRODUCT_REQ_) || defined(_WNXL11BWL_PRODUCT_REQ_) || defined(_SCER11BEL_PRODUCT_REQ_) || defined (_RDKB_GLOBAL_PRODUCT_REQ_) if(0 == platform_hal_getFactoryPartnerId(pValue)) { APPLY_PRINT("%s:%d - %s\n",__FUNCTION__, __LINE__,pValue); @@ -1329,6 +1329,10 @@ static int ApplyPartnersObjectItemsIntoSysevents( char *pcPartnerID ) { sysevent_set (global_fd, global_id, "HotSpotSupport", value, 0); } + else if ( 0 == strcmp ( key, "Device.X_RDK_Features.VlanDiscovery.Enable") ) + { + sysevent_set (global_fd, global_id, "VlanDiscoverySupport", value, 0); + } pCJsonChildParam = pCJsonChildParam->next; } @@ -2406,7 +2410,7 @@ static int apply_partnerId_default_values (char *data, char *PartnerID) // For Sky, we need to pull the default login from the /tmp/serial.txt file. FILE *fp = NULL; char DefaultPassword[25] = {0}; - #if defined (_SCER11BEL_PRODUCT_REQ_) + #if defined (_SCER11BEL_PRODUCT_REQ_) || defined(_SCXF11BFL_PRODUCT_REQ_) fp = popen("grep 'WIFI_PASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); #else fp = popen("grep 'WIFIPASSWORD' /tmp/serial.txt | cut -d '=' -f 2 | tr -d [:space:]", "r"); @@ -3376,7 +3380,7 @@ static void getPartnerIdWithRetry(char* buf, char* PartnerID) else { -#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) +#if !defined (_XB6_PRODUCT_REQ_) && !defined(_HUB4_PRODUCT_REQ_) && !defined(_SR300_PRODUCT_REQ_) && !defined(_SCXF11BFL_PRODUCT_REQ_) //Partner ID is null so need to set default partner ID as "comcast" memset( PartnerID, 0, sizeof( PartnerID ) ); #if defined (_RDK_REF_PLATFORM_) diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh index 05bb09c3..fca35332 100755 --- a/source/scripts/init/system/utopia_init.sh +++ b/source/scripts/init/system/utopia_init.sh @@ -122,7 +122,7 @@ MWO_PATH="/nvram/mwo" CHANNEL_KEEPOUT_PATH="/nvram/mesh" ENCRYPT_SYSCFG=false -if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ]; then +if [ "$MODEL_NUM" = "VTER11QEL" ] || [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then ENCRYPT_SYSCFG=true fi @@ -136,7 +136,7 @@ if [ -d $SYSCFG_ENCRYPTED_PATH ]; then fi fi -if [ "$MODEL_NUM" = "SCER11BEL" ]; then +if [ "$MODEL_NUM" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then if [ "$ENCRYPT_SYSCFG" = false ]; then if [ ! -f $SYSCFG_BKUP_FILE ] && [ -f $SYSCFG_NEW_FILE ]; then echo_t "[utopia][init] DOWNGRADE to unsecured syscfg.db" @@ -852,6 +852,6 @@ if [ "$BOX_TYPE" = "VNTXER5" ]; then fi fi -if [ "$BOX_TYPE" = "SCER11BEL" ]; then +if [ "$BOX_TYPE" = "SCER11BEL" ] || [ "$MODEL_NUM" = "SCXF11BFL" ]; then /etc/reset_reason_log.sh & fi diff --git a/source/scripts/init/system/utopia_init_xb6.sh b/source/scripts/init/system/utopia_init_xb6.sh index d899a82c..f21e3c78 100755 --- a/source/scripts/init/system/utopia_init_xb6.sh +++ b/source/scripts/init/system/utopia_init_xb6.sh @@ -771,7 +771,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then fi syscfg set X_RDKCENTRAL-COM_LastRebootReason "factory-reset" syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" - if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then + if [ "$MODEL_NUM" = "CGM4331COM" ] || [ "$MODEL_NUM" = "CGM4981COM" ] || [ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "$MODEL_NUM" = "CGM4140COM" ] || [ "$MODEL_NUM" = "CGA4332COM" ] || [ "$MODEL_NUM" = "TG4482A" ] || [ "$MODEL_NUM" = "INTEL_PUMA" ]; then # Enable AUTOWAN by default for XB7, change is made here so that it will take effect only after FR syscfg set selected_wan_mode "0" fi @@ -783,7 +783,7 @@ if [ "$FACTORY_RESET_REASON" = "true" ]; then #syscfg set X_RDKCENTRAL-COM_LastRebootReason "WPS-Factory-Reset" #syscfg set X_RDKCENTRAL-COM_LastRebootCounter "1" rm -f /nvram/WPS_Factory_Reset - elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then + elif ([ "${MODEL_NUM}" = "CGM601TCOM" ] || [ "${MODEL_NUM}" = "SG417DBCT" ] || [ "${MODEL_NUM}" = "CWA438TCOM" ] || [ "${MODEL_NUM}" = "CVA601ZCOM" ]) && [ -f /nvram/.image_upgrade_and_FR_done ]; then echo "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" if [ -e "/usr/bin/onboarding_log" ]; then /usr/bin/onboarding_log "[utopia][init] Detected last reboot reason as FirmwareDownloadAndFactoryReset" diff --git a/source/service_dhcp/dhcp_server_functions.c b/source/service_dhcp/dhcp_server_functions.c index a2ac340f..0c34285b 100644 --- a/source/service_dhcp/dhcp_server_functions.c +++ b/source/service_dhcp/dhcp_server_functions.c @@ -1568,6 +1568,7 @@ int prepare_dhcp_conf (char *input) fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXE12AWR,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:SE401,43,tag=123\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:WNXL11BWL,43,tag=123\n"); + fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-option=vendor:RDKBPOD,43,tag=123\n"); // Set dnsmasq tag for XLE as "extender". fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-vendorclass=set:extender,WNXL11BWL\n"); @@ -1926,7 +1927,7 @@ int prepare_dhcp_conf (char *input) #endif /*WIFI_MANAGE_SUPPORTED*/ } -#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) +#if defined(_WNXL11BWL_PRODUCT_REQ_) || defined (_SCER11BEL_PRODUCT_REQ_) || defined (_SCXF11BFL_PRODUCT_REQ_) fprintf(l_fLocal_Dhcp_ConfFile, "interface=brlan112\n"); fprintf(l_fLocal_Dhcp_ConfFile, "dhcp-range=169.254.70.5,169.254.70.253,255.255.255.0,infinite\n"); diff --git a/source/service_routed/service_routed.c b/source/service_routed/service_routed.c index 070ec3e2..4a4e8f26 100644 --- a/source/service_routed/service_routed.c +++ b/source/service_routed/service_routed.c @@ -197,7 +197,8 @@ int GetDeviceNetworkMode() } #endif -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_RDKB_GLOBAL_PRODUCT_REQ_) + /** IsThisCurrentPartnerID() */ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) { @@ -215,7 +216,7 @@ static unsigned char IsThisCurrentPartnerID( const char* pcPartnerID ) return FALSE; } -#endif /** _SCER11BEL_PRODUCT_REQ_ */ +#endif /** _RDKB_GLOBAL_PRODUCT_REQ_ */ STATIC int fw_restart(struct serv_routed *sr) { @@ -562,8 +563,8 @@ STATIC int route_set(struct serv_routed *sr) } #endif -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if ( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /* _SCER11BEL_PRODUCT_REQ_ */ { @@ -1019,8 +1020,8 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) else { #endif - #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) - #if defined(_SCER11BEL_PRODUCT_REQ_) + #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) + #if defined(_SCER11BEL_PRODUCT_REQ_) if ( FALSE == IsThisCurrentPartnerID("sky-") ) { sysevent_get(sefd, setok, "lan_prefix", prefix, sizeof(prefix)); @@ -1330,7 +1331,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) fprintf(fp, " ipv6 nd ra-interval 30\n"); //Set ra-interval to default 30 secs as per Erouter Specs. } #else -#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_)) || defined (_WNXL11BWL_PRODUCT_REQ_) +#if (!defined (_HUB4_PRODUCT_REQ_) && !defined(_SCER11BEL_PRODUCT_REQ_) ) || defined (_WNXL11BWL_PRODUCT_REQ_) fprintf(fp, " ipv6 nd ra-interval 3\n"); #else #if defined(_SCER11BEL_PRODUCT_REQ_) @@ -1404,7 +1405,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) syscfg_get(NULL, "router_other_flag", o_flag, sizeof(o_flag)); if (strcmp(o_flag, "1") == 0) fprintf(fp, " ipv6 nd other-config-flag\n"); -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) #if defined(_SCER11BEL_PRODUCT_REQ_) else if ((strcmp(o_flag, "0") == 0) && ( TRUE == IsThisCurrentPartnerID("sky-") )) #else @@ -1665,7 +1666,7 @@ STATIC int gen_zebra_conf(int sefd, token_t setok) { // Modifying rdnss value to fix the zebra config. #if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (0 == strncmp(lan_addr, tok, strlen(lan_addr))) @@ -2079,8 +2080,8 @@ STATIC int radv_start(struct serv_routed *sr) return -1; } -#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined (_HUB4_PRODUCT_REQ_) && (!defined (_WNXL11BWL_PRODUCT_REQ_)) || defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) #endif /** _SCER11BEL_PRODUCT_REQ_ */ { @@ -2136,7 +2137,7 @@ STATIC int rip_start(struct serv_routed *sr) if (!serv_can_start(sr->sefd, sr->setok, "rip")) return -1; #if !defined (_HUB4_PRODUCT_REQ_) || defined (_WNXL11BWL_PRODUCT_REQ_) -#if defined(_SCER11BEL_PRODUCT_REQ_) +#if defined(_SCER11BEL_PRODUCT_REQ_) if( TRUE == IsThisCurrentPartnerID("sky-") ) { if (!sr->lan_ready) { diff --git a/source/syscfg/lib/syscfg_lib.c b/source/syscfg/lib/syscfg_lib.c index c036575a..8b0d6466 100644 --- a/source/syscfg/lib/syscfg_lib.c +++ b/source/syscfg/lib/syscfg_lib.c @@ -58,6 +58,7 @@ #include "syscfg_lib.h" // internal interface #include "syscfg.h" // external interface used by users #include "safec_lib_common.h" +#include //#define VERBOSE_DEBUG @@ -74,6 +75,122 @@ static int syscfg_init_internal (void); static int load_from_file (const char *fname); static int commit_to_file (const char *fname); +#define DEFAULT_FILE "/etc/utopia/system_defaults" + +typedef struct { + char key[MAX_NAME_LEN]; + char value[MAX_NAME_LEN]; +} ConfigEntry; + +typedef struct ConfigNode { + ConfigEntry entry; + struct ConfigNode *next; +} ConfigNode; + +typedef struct { + const char *name; + unsigned int len; +} KeyEntry; + +void _syscfg_find_corrupted_keys(); + +ConfigNode **syscfg_default_ht = NULL; + +static char *trim(char *in) +{ + while (isspace((unsigned char)*in)) in++; + char *end = in + strlen(in) - 1; + while (end > in && isspace((unsigned char)*end)) *end-- = '\0'; + return in; +} + +static int parse_line(char *in, char **name, char **value) { + char *tok = strchr(in, '='); + if (!tok) return -1; + *tok = '\0'; + *name = in; + *value = tok + 1; + return 0; +} + +static unsigned int hash_index (const char *str) +{ + unsigned int hash = 5381 % SYSCFG_SZ; + int c; + + while ((c = *str++)) { + hash = ((hash << 5) + hash) + c; + } + + return hash % SYSCFG_SZ; +} + +static int _syscfg_add_default_entry(const char *key, const char *value) +{ + unsigned int index = hash_index(key); + ConfigNode *new_node = malloc(sizeof(ConfigNode)); + if (!new_node) { + ulog_LOG_Err("Memory allocation failed"); + return ERR_MEM_ALLOC; + } + + strncpy(new_node->entry.key, key, MAX_NAME_LEN - 1); + new_node->entry.key[MAX_NAME_LEN - 1] = '\0'; + strncpy(new_node->entry.value, value, MAX_NAME_LEN - 1); + new_node->entry.value[MAX_NAME_LEN - 1] = '\0'; + new_node->next = syscfg_default_ht[index]; + syscfg_default_ht[index] = new_node; + + return 0; +} + +static int _syscfg_getall_defaults(void) +{ + char buf[1024]; + char *line; + char *name; + char *value; + FILE *fp = NULL; + + fp = fopen (DEFAULT_FILE, "r"); + if (fp == NULL) + { + ulog_LOG_Err("[utopia] no system default file (%s) found\n", DEFAULT_FILE); + return -1; + } + + size_t size = SYSCFG_SZ * sizeof(ConfigNode *); + syscfg_default_ht = (ConfigNode **)mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + + if (syscfg_default_ht == MAP_FAILED) + { + perror("mmap failed"); + syscfg_default_ht = NULL; + return -1; + } + + while (fgets (buf, sizeof(buf), fp) != NULL) + { + line = trim (buf); + + if (line[0] == '$') + { + int offset = (line[1] == '$') ? 2 : 1; + if (parse_line(line + offset, &name, &value) == 0) + { + _syscfg_add_default_entry(trim(name), trim(value)); + } + else + { + ulog_LOG_Err("[utopia] [error] set_syscfg_defaults failed to parse line (%s)\n", line); + } + } + } + fclose (fp); + return 0; +} + + /****************************************************************************** * External syscfg library access apis *****************************************************************************/ @@ -377,7 +494,7 @@ void syscfg_destroy (void) syscfg_initialized = 0; } } - +static int _syscfg_getall_defaults(void); /* * Procedure : syscfg_create * Purpose : SYSCFG initialization from persistent storage @@ -421,6 +538,8 @@ int syscfg_create (const char *file, long int max_file_sz) if (0 != rc) { ulog_LOG_Err("Error loading from store"); } + /* Getting all system defaults & validate with current configurations */ + _syscfg_find_corrupted_keys(); shmdt(syscfg_ctx); @@ -507,8 +626,9 @@ static int syscfg_init_internal (void) */ static char *syscfg_parse (const char *str, char **name, char **value) { - char *n, *p; - int len; + char *n = NULL; + char *p = NULL; + int len = 0; if (NULL == str || NULL == name || NULL == value) { return NULL; @@ -523,7 +643,7 @@ static char *syscfg_parse (const char *str, char **name, char **value) memcpy(*name, str, len); (*name)[len] = '\0'; n++; - p = strchrnul(n,'\n'); + p = strchrnul(n,'\0'); if (p) { len = p - n; *value = malloc(len+1); @@ -865,8 +985,10 @@ static int make_ht_entry (const char *name, int namelen, const char *value, shmo entry->value_sz = valuelen + 1; entry->next = 0; p_entry_name = HT_ENTRY_NAME(ctx,ht_entry_offset); + memset(p_entry_name, 0, namelen + 1); memcpy(p_entry_name, name, namelen + 1); p_entry_value = HT_ENTRY_VALUE(ctx,ht_entry_offset); + memset(p_entry_value, 0, valuelen + 1); memcpy(p_entry_value, value, valuelen + 1); } @@ -1189,6 +1311,122 @@ static size_t _syscfg_getall2 (char *buf, size_t bufsz, int nolock) return (bufsz - len); /* size does not include final nul terminator */ } +static int _syscfg_find_in_defaults (const char *name) +{ + unsigned int index = hash_index(name); + if (index) + { + ConfigNode *new_node = syscfg_default_ht[index]; + + if ( new_node && (strcmp(new_node->entry.key, name) == 0)) + { + return 1; + } + } + + return 0; +} + +static void _syscfg_default_ht_destroy(void) +{ + if (!syscfg_default_ht) + { + return; + } + + for (size_t i = 0; i < SYSCFG_SZ; ++i) + { + ConfigNode *n = syscfg_default_ht[i]; + while (n) + { + ConfigNode *next = n->next; + free(n); + n = next; + } + syscfg_default_ht[i] = NULL; + } + + size_t size = SYSCFG_SZ * sizeof(ConfigNode *); + if (munmap(syscfg_default_ht, size) == -1) + { + perror("munmap syscfg_default_ht"); + } + syscfg_default_ht = NULL; +} + +void _syscfg_find_corrupted_keys() +{ + int key_count = 0; + unsigned int max_key_len = 0; + + if (_syscfg_getall_defaults() < 0) + { + printf("_syscfg_getall_defaults failed!\n"); + } + + size_t keys_size = SYSCFG_SZ * sizeof(KeyEntry); + KeyEntry *keys = (KeyEntry *)mmap(NULL, keys_size, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); + + if (keys == MAP_FAILED) + { + perror("mmap failed"); + _syscfg_default_ht_destroy(); + return; + } + + syscfg_shm_ctx *ctx = syscfg_ctx; + rw_lock(ctx); + + /* find max string length */ + for (int i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { + for (shmoff_t entry = ctx->ht[i]; entry; entry = HT_ENTRY_NEXT(ctx, entry)) { + const char *key = HT_ENTRY_NAME(ctx, entry); + unsigned int len = strlen(key); + keys[key_count].name = key; + keys[key_count].len = len; + if (len > max_key_len) + max_key_len = len; + key_count++; + } + } + + for (int i = 0; i < key_count; i++) + { + const char *query = keys[i].name; + unsigned int query_len = keys[i].len; + unsigned int longest_len = 0; + const char *longest_super = NULL; + + for (int j = 0; j < key_count; j++) { + if (i == j || keys[j].len < query_len) continue; + + if (strstr(keys[j].name, query) && + (strcmp(keys[j].name + strlen(keys[j].name) - strlen(query), query) == 0)) + { + if (keys[j].len > longest_len) + { + longest_len = keys[j].len; + longest_super = keys[j].name; + if (longest_len == max_key_len) break; + } + } + } + + if (longest_super) { + if (!_syscfg_find_in_defaults(query)) + printf("[utopia] - [%s] May be a corrupted key of [%s]\n", query, longest_super); + } + } + + _syscfg_default_ht_destroy(); + + if (munmap(keys, keys_size) == -1) + { + perror("munmap failed"); + } + + rw_unlock(ctx); +} /****************************************************************************** * shared-memory create, initialize and attach/detach APIs @@ -1603,49 +1841,38 @@ static void _syscfg_file_unlock (int fd) static int load_from_file (const char *fname) { - int fd; - ssize_t count; - char *inbuf = NULL, *buf = NULL; + char *inbuf = NULL; char *name = NULL, *value = NULL; - fd = open(fname, O_RDONLY); - if (-1 == fd) { + FILE *fd = fopen(fname, "r"); + if (NULL == fd) { return ERR_IO_FILE_OPEN; } inbuf = malloc(SYSCFG_SZ); if (NULL == inbuf) { - close(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ + fclose(fd); /*RDKB-7135, CID-33110, free unused resources before exit*/ return ERR_MEM_ALLOC; } - count = read(fd, inbuf, SYSCFG_SZ); - close(fd); - - if (count <= 0) { - free(inbuf); - return 1; - } - - buf = inbuf; - /*CID 135472 String not null terminated */ - buf[count] = '\0'; - do { - buf = syscfg_parse(buf, &name, &value); + memset(inbuf, 0, SYSCFG_SZ); + while (fgets(inbuf, SYSCFG_SZ, fd) != NULL) + { + // Remove trailing newline, if any + inbuf[strcspn(inbuf, "\r\n")] = '\0'; + syscfg_parse(inbuf, &name, &value); if (name && value) { - syscfg_set(NULL, name, value); + if (name[0] != '\0') + syscfg_set(NULL, name, value); free(name); - name = NULL; /*RDKB-7135, CID-33405, set null after free*/ + name = NULL; free(value); - value = NULL; /*RDKB-7135, CID-33137, set null after free*/ + value = NULL; } - - // skip any special chars leftover - if (buf && *buf == '\n') { - buf++; - } - } while (buf); + memset(inbuf, 0, SYSCFG_SZ); + } free(inbuf); + fclose(fd); return 0; } @@ -1746,19 +1973,30 @@ static int commit_to_file (const char *fname) _syscfg_file_lock(fd); shmoff_t entry; + off_t file_offset = 0; for (i = 0; i < SYSCFG_HASH_TABLE_SZ; i++) { entry = ctx->ht[i]; while (entry) { + memset(buf, 0, sizeof(buf)); ct = snprintf(buf, sizeof(buf), "%s=%s\n", HT_ENTRY_NAME(ctx,entry), HT_ENTRY_VALUE(ctx,entry)); - write(fd, buf, ct); - entry = HT_ENTRY_NEXT(ctx,entry); + if (ct > 0) { + ssize_t written = write(fd, buf, ct); + if (written < 0) { + ret = ERR_IO_FILE_WRITE; + goto end; + } + file_offset += written; + } + entry = HT_ENTRY_NEXT(ctx, entry); } } - _syscfg_file_unlock(fd); + ftruncate(fd, file_offset); - close(fd); + end: + _syscfg_file_unlock(fd); + close(fd); ret = access(SYSCFG_BKUP_FILE, F_OK); if ( ret == 0 ) { diff --git a/source/sysevent/lib/sysevent.h b/source/sysevent/lib/sysevent.h index 87d1aa43..56feea9f 100644 --- a/source/sysevent/lib/sysevent.h +++ b/source/sysevent/lib/sysevent.h @@ -93,11 +93,7 @@ extern "C" { * as is commonly done for reading from an fd into a buffer * and then using that buffer as a structure */ -#ifdef _64BIT_ARCH_SUPPORT_ -typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(8))); -#else -typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(4))); -#endif +typedef char se_buffer[SE_MAX_MSG_SIZE+1] __attribute__ ((aligned(sizeof(void*)))); /* * Errors diff --git a/source/sysevent/server/syseventd.h b/source/sysevent/server/syseventd.h index 1c68469c..8c126dab 100644 --- a/source/sysevent/server/syseventd.h +++ b/source/sysevent/server/syseventd.h @@ -96,11 +96,8 @@ extern sem_t worker_sem; // e.g Multinet process is taking more time to finish in some of the field units. #define MAX_ACTIVATION_BLOCKING_SECS 300 -#if defined (_64BIT_ARCH_SUPPORT_) -#define WORKER_THREAD_STACK_SIZE 8192*1024 /* the default stack size per process is 8MB */ -#else -#define WORKER_THREAD_STACK_SIZE 65536 -#endif +/* Scale stack size based on pointer size - larger for 64-bit architectures */ +#define WORKER_THREAD_STACK_SIZE (sizeof(void*) == 8 ? 8192*1024 : 65536) #define SANITY_THREAD_STACK_SIZE 65536 diff --git a/source/sysevent/server/syseventd_main.c b/source/sysevent/server/syseventd_main.c index 4cc1c071..08e2fabf 100644 --- a/source/sysevent/server/syseventd_main.c +++ b/source/sysevent/server/syseventd_main.c @@ -1388,6 +1388,8 @@ int main (int argc, char **argv) clilen = sizeof(cli_addr); int rc = select(maxfd, &rd_set, NULL, NULL, NULL); if (-1 == rc) { + // stop hogging processor in case of error + sleep(1); continue; } diff --git a/source/sysevent/server/worker_threads.c b/source/sysevent/server/worker_threads.c index c5b58094..d3165ef1 100644 --- a/source/sysevent/server/worker_threads.c +++ b/source/sysevent/server/worker_threads.c @@ -2950,6 +2950,10 @@ static int handle_message_from_trigger_thread(int fd) return(rc); } +static int is_valid_fd(int fd) +{ + return fd >= 0 && fcntl(fd, F_GETFD) != -1; +} /* * Procedure : worker_thread_main * Purpose : Thread start routine for worker @@ -3021,9 +3025,9 @@ void *worker_thread_main(void *arg) if ((global_clients.clients)[i].used) { int cur_fd; cur_fd = (global_clients.clients)[i].fd; - if (-1 == cur_fd) { + if (0 == is_valid_fd(cur_fd)) { SE_INC_LOG(ERROR, - printf("main select got used client with a bad fd. Ignoring\n"); + printf("Thread id %d line %d main select got used client with a bad fd. Ignoring cur_fd = %d\n",thread_get_id(worker_data_key), __LINE__, cur_fd); ) incr_stat_info(STAT_WORKER_MAIN_SELECT_BAD_FD); } else { From 9ba634c4ae518443ea721fba3833727c879469b3 Mon Sep 17 00:00:00 2001 From: Parthiban Selvaraj Date: Thu, 15 Jan 2026 17:27:19 +0000 Subject: [PATCH 4/5] revert to older commit to understand the changes Signed-off-by: Parthiban Selvaraj --- source/scripts/init/service.d/service_ntpd.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index 7d639a7f..dab031ef 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -371,7 +371,8 @@ service_start () # Setting Time status as Unsynchronized syscfg set ntp_status 2 - if [ "$LANIPV6Support" = "true" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$LANIPV6Support" = "true" ]; then + #TODO : could be a common code. WAN_IPV6_STATUS=`sysevent get ipv6_connection_state` if [ "started" != "$CURRENT_WAN_STATUS" ] && [ "up" != "$WAN_IPV6_STATUS" ] ; then syscfg set ntp_status 2 @@ -618,7 +619,8 @@ service_start () echo_t "SERVICE_NTPD : Starting NTP Daemon" >> $NTPD_LOG_NAME systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] && [ "$BOX_TYPE" == "SCXF11BFL" ]; then + #TODO : could be a common code. sysevent set firewall-restart fi fi @@ -774,7 +776,8 @@ case "$1" in ;; wan-status) if [ "started" = "$CURRENT_WAN_STATUS" ] ; then - if [ "$ntpHealthCheck" = "true" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$ntpHealthCheck" = "true" ]; then + #TODO : could be a common code. Will affect common NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` if [ $NTP_STATUS == 3 ] && [ -n "$NTPD_PROCESS" ];then @@ -806,8 +809,8 @@ case "$1" in fi ;; ipv6_connection_state) - # Removed Sky products check except Hub4 due to SKYH4-6932 synchronization issue. - if [ "$BOX_TYPE" = "HUB4" ] || [ "$ntpHealthCheck" = "true" ]; then + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$ntpHealthCheck" = "true" ]; then + #TODO : could be a common code. NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` #SKYH4-6932: When IPv6 comes up after ipv4, IPv6 listners won't be added and hence with ipv6 only ntp servers, we will have time syncing problems. So checking time sync status along with ntpd process, if time isn't synced there will conf update and ntpd restart. From 89263a8664059d10f3cf9f5c753d46c1cf02356d Mon Sep 17 00:00:00 2001 From: Parthiban Selvaraj Date: Fri, 16 Jan 2026 12:21:05 +0000 Subject: [PATCH 5/5] Remvoing the use of brlan0 for the Sky platforms Signed-off-by: Parthiban Selvaraj --- source/scripts/init/service.d/service_ntpd.sh | 38 ++----------------- 1 file changed, 3 insertions(+), 35 deletions(-) diff --git a/source/scripts/init/service.d/service_ntpd.sh b/source/scripts/init/service.d/service_ntpd.sh index dab031ef..a16532a6 100644 --- a/source/scripts/init/service.d/service_ntpd.sh +++ b/source/scripts/init/service.d/service_ntpd.sh @@ -372,7 +372,6 @@ service_start () syscfg set ntp_status 2 if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$LANIPV6Support" = "true" ]; then - #TODO : could be a common code. WAN_IPV6_STATUS=`sysevent get ipv6_connection_state` if [ "started" != "$CURRENT_WAN_STATUS" ] && [ "up" != "$WAN_IPV6_STATUS" ] ; then syscfg set ntp_status 2 @@ -546,19 +545,6 @@ service_start () echo "interface ignore wildcard" >> $NTP_CONF_TMP echo "interface listen 127.0.0.1" >> $NTP_CONF_TMP echo "interface listen ::1" >> $NTP_CONF_TMP - #SHARMAN-2301 - #This change is for UK MAP-T SR213. Since we will not have any of the global IP on WAN interface, We need to add the IPv6 interface (currently brlan0) to the config file - if [ "$BOX_TYPE" = "SR213" ] || [ "$LANIPV6Support" = "true" ]; then - MAPT_STATS=$(sysevent get mapt_config_flag) - echo_t "SERVICE_NTPD : MAPT_STATS=$MAPT_STATS" - if [ x"$MAPT_STATS" = x"set" ]; then - IPV4_CONN_STATE=$(sysevent get ipv4_connection_state) - echo_t "SERVICE_NTPD : IPV4_CONN_STATE=$IPV4_CONN_STATE" - if [ x"$IPV4_CONN_STATE" != x"up" ]; then - echo "interface listen $NTPD_IPV6_INTERFACE" >> $NTP_CONF_TMP - fi - fi - fi if [ -n "$WAN_IP" ]; then echo "interface listen $WAN_IP" >> $NTP_CONF_TMP @@ -567,21 +553,6 @@ service_start () fi fi - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$LANIPV6Support" = "true" ]; then - # SKYH4-2006: To listen v6 server, update the conf file after getting valid v6 IP(CURRENT_WAN_V6_PREFIX) - CURRENT_WAN_IPV6_STATUS=`sysevent get ipv6_connection_state` - - if [ "up" = "$CURRENT_WAN_IPV6_STATUS" ] ; then - CURRENT_WAN_V6_PREFIX=`syscfg get ipv6_prefix_address` - if [ -n "$CURRENT_WAN_V6_PREFIX" ]; then - echo "interface listen $CURRENT_WAN_V6_PREFIX" >> $NTP_CONF_TMP - sysevent set ntp_ipv6_listen "set" - else - sysevent set ntp_ipv6_listen "unset" - fi - fi - fi - if [ "$MULTI_CORE" = "yes" ] && [ "$NTPD_IMMED_PEER_SYNC" != "true" ]; then echo "interface listen $HOST_INTERFACE_IP" >> $NTP_CONF_TMP fi @@ -600,10 +571,10 @@ service_start () if [ -n "$QUICK_SYNC_WAN_IP" ]; then # Try and Force Quick Sync to Run on a single interface - uptime=$(cut -d. -f1 /proc/uptime) + uptime=$(cut -d. -f1 /proc/uptime) uptime_ms=$((uptime*1000)) echo_t "SERVICE_NTPD : Starting NTP Quick Sync" >> $NTPD_LOG_NAME - t2ValNotify "SYST_INFO_NTP_START_split" $uptime_ms + t2ValNotify "SYS_INFO_NTPSTART_split" $uptime_ms $BIN -c $NTP_CONF_QUICK_SYNC --interface "$QUICK_SYNC_WAN_IP" -x -gq -l $NTPD_LOG_NAME & QUICK_SYNC_PID=$! if [ -n "$QUICK_SYNC_PID" ];then @@ -619,8 +590,7 @@ service_start () echo_t "SERVICE_NTPD : Starting NTP Daemon" >> $NTPD_LOG_NAME systemctl start $BIN ret_val=$? ### To ensure proper ret_val is obtained - if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] && [ "$BOX_TYPE" == "SCXF11BFL" ]; then - #TODO : could be a common code. + if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" == "SCER11BEL" ] || [ "$BOX_TYPE" == "SCXF11BFL" ]; then sysevent set firewall-restart fi fi @@ -777,7 +747,6 @@ case "$1" in wan-status) if [ "started" = "$CURRENT_WAN_STATUS" ] ; then if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$ntpHealthCheck" = "true" ]; then - #TODO : could be a common code. Will affect common NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` if [ $NTP_STATUS == 3 ] && [ -n "$NTPD_PROCESS" ];then @@ -810,7 +779,6 @@ case "$1" in ;; ipv6_connection_state) if [ "$BOX_TYPE" = "HUB4" ] || [ "$BOX_TYPE" = "SR300" ] || [ "$BOX_TYPE" = "SE501" ] || [ "$BOX_TYPE" = "WNXL11BWL" ] || [ "$BOX_TYPE" = "SR213" ] || [ "$ntpHealthCheck" = "true" ]; then - #TODO : could be a common code. NTPD_PROCESS=`pidof $BIN` NTP_STATUS=`syscfg get ntp_status` #SKYH4-6932: When IPv6 comes up after ipv4, IPv6 listners won't be added and hence with ipv6 only ntp servers, we will have time syncing problems. So checking time sync status along with ntpd process, if time isn't synced there will conf update and ntpd restart.