Fix apply firewall rules at reload event

2025-12-10 07:44:41 +01:00 · 2025-04-07 18:02:23 +05:30 · 2025-04-07 18:02:23 +05:30 · e0fde6e913
commit e0fde6e913
parent dc2cf6979d
6 changed files with 12 additions and 6 deletions
--- a/src/common.h
+++ b/src/common.h
@ -135,7 +135,6 @@ typedef struct config {
 	bool acs_getrpc;
 	bool auto_tc_enable;
 	bool auto_cdu_enable;
-	bool cr_ip_port_change;
 	int retry_min_wait_interval;
 	int retry_interval_multiplier;

@ -224,6 +223,7 @@ typedef struct cwmp {
 	struct ubus_event_handler *intf_ev;
 	bool throttle_session_triggered;
 	bool acs_changed;
+	bool cr_ip_port_change;
 	int curr_delay_reboot;
 	time_t curr_schedule_reboot;
 	char ip_acs[128];
--- a/src/cwmp.c
+++ b/src/cwmp.c
@ -353,7 +353,7 @@ int main(int argc, char **argv)
 	http_server_start();

 	apply_allowed_cr_ip_port();
-	cwmp_ctx.conf.cr_ip_port_change = false;
+	cwmp_ctx.cr_ip_port_change = false;

 	uloop_run();
 	uloop_done();
--- a/src/http.c
+++ b/src/http.c
@ -685,7 +685,7 @@ void icwmp_http_server_init(void)
 		cr_port_str[5] = '\0';
 		set_uci_path_value(NULL, "cwmp.cpe.port", cr_port_str);
 		connection_request_port_value_change(cr_port);
-		cwmp_ctx.conf.cr_ip_port_change = true;
+		cwmp_ctx.cr_ip_port_change = true;
 	}

 	CWMP_LOG(INFO, "Connection Request server initiated with the port: %d", cr_port);
--- a/src/session.c
+++ b/src/session.c
@ -697,10 +697,10 @@ int run_session_end_func(void)
 		CWMP_LOG(ERROR, "config reload failed at session end");
 	}

-	if (cwmp_ctx.conf.cr_ip_port_change == true) {
+	if (cwmp_ctx.cr_ip_port_change == true) {
 		CWMP_LOG(INFO, "Allowed CR IPs are changed");
 		apply_allowed_cr_ip_port();
-		cwmp_ctx.conf.cr_ip_port_change = false;
+		cwmp_ctx.cr_ip_port_change = false;
 	}

 	reinit_cwmp_periodic_session_feature();
--- a/src/ubus_utils.c
+++ b/src/ubus_utils.c
@ -88,6 +88,12 @@ static int reload_cmd(struct blob_buf *b)
 			blobmsg_add_u32(b, "status", 0);
 			blobmsg_add_string(b, "info", "icwmpd config reloaded");

+			if (cwmp_ctx.cr_ip_port_change == true) {
+				CWMP_LOG(INFO, "Allowed CR IPs are changed");
+				apply_allowed_cr_ip_port();
+				cwmp_ctx.cr_ip_port_change = false;
+			}
+
 			if (cwmp_ctx.acs_changed) {
 				CWMP_LOG(INFO, "%s: Schedule session with new ACS since URL changed", __func__);
 				uloop_timeout_cancel(&session_timer);
--- a/src/uci_utils.c
+++ b/src/uci_utils.c
@ -464,7 +464,7 @@ static void config_get_cpe_elements(struct uci_section *s)

 	if (CWMP_STRCMP(cwmp_ctx.conf.valid_cr_ip, allowed_cr_ip) != 0) {
 		snprintf(cwmp_ctx.conf.valid_cr_ip, sizeof(cwmp_ctx.conf.valid_cr_ip), "%s", allowed_cr_ip);
-		cwmp_ctx.conf.cr_ip_port_change = true;
+		cwmp_ctx.cr_ip_port_change = true;
 	}

 	CWMP_LOG(DEBUG, "CWMP CONFIG - cpe allowed_cr_ip: %s", cwmp_ctx.conf.valid_cr_ip);