Gitiles
Code Review Sign In
git01.mediatek.com / filogic / rdk-b / meta-cmf-filogic / ee5d3997c5a2e314bcf634d6536ce9f63f315364^! / .
commitee5d3997c5a2e314bcf634d6536ce9f63f315364[log] [tgz]
authordeveloper <developer@mediatek.com>Wed Oct 11 16:15:56 2023 -0700
committerdeveloper <developer@mediatek.com>Wed Oct 11 16:38:29 2023 -0700
tree080ccd9af2ab9cb389b2e5d0aa43c5de8ce39689
parentc0beadb0a52e20fa9cf3355ee8d3f0bf8d1ba8d6 [diff]
[rdkb][common][app][enable ssh by default]

[Description]
Enable ssh by default at boot-up

[Release-log]
N/A


diff --git a/recipes-ccsp/util/utopia.bbappend b/recipes-ccsp/util/utopia.bbappend
index f0c934e..3cdc0e6 100644
--- a/recipes-ccsp/util/utopia.bbappend
+++ b/recipes-ccsp/util/utopia.bbappend

@@ -11,6 +11,7 @@
     file://0001-fix-lan-handler-for-filogic.patch;apply=no \
     file://0003-remove-autoconf.patch;apply=no \
     file://system_defaults \
+    file://0004-enable-sshd-by-default-at-bootup.patch;apply=no \
 "
 SRC_URI_append_dunfell = "file://0001-Work-around-for-brlan0-issue.patch;apply=no"
 
@@ -43,6 +44,9 @@
         bbnote "Patching firewall-secure-onboard.patch"
         patch -p1 < ${WORKDIR}/firewall-secure-onboard.patch || echo "ERROR or Patch already applied"
 
+	bbnote "Patching 0004-enable-sshd-by-default-at-bootup.patch"
+        patch -p1 < ${WORKDIR}/0004-enable-sshd-by-default-at-bootup.patch
+
         touch filogic_patch_applied
     fi
 }

diff --git a/recipes-ccsp/util/utopia/0004-enable-sshd-by-default-at-bootup.patch b/recipes-ccsp/util/utopia/0004-enable-sshd-by-default-at-bootup.patch
new file mode 100644
index 0000000..5d3ef81
--- /dev/null
+++ b/recipes-ccsp/util/utopia/0004-enable-sshd-by-default-at-bootup.patch

@@ -0,0 +1,35 @@
+diff --git a/source/scripts/init/system/utopia_init.sh b/source/scripts/init/system/utopia_init.sh
+index 8b6533b..0450c36 100755
+--- a/source/scripts/init/system/utopia_init.sh
++++ b/source/scripts/init/system/utopia_init.sh
+@@ -441,14 +441,14 @@ wan_ifname=`sysevent get wan_ifname`
+ 
+ #disable telnet / ssh ports
+ iptables -A INPUT -i "$lan_ifname" -p tcp --dport 23 -j DROP
+-iptables -A INPUT -i "$lan_ifname" -p tcp --dport 22 -j DROP
++#iptables -A INPUT -i "$lan_ifname" -p tcp --dport 22 -j DROP
+ iptables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 23 -j DROP
+-iptables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 22 -j DROP
++#iptables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 22 -j DROP
+ 
+ ip6tables -A INPUT -i "$lan_ifname" -p tcp --dport 23 -j DROP
+-ip6tables -A INPUT -i "$lan_ifname" -p tcp --dport 22 -j DROP
++#ip6tables -A INPUT -i "$lan_ifname" -p tcp --dport 22 -j DROP
+ ip6tables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 23 -j DROP
+-ip6tables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 22 -j DROP
++#ip6tables -A INPUT -i "$cmdiag_ifname" -p tcp --dport 22 -j DROP
+ 
+ #protect from IPv6 NS flooding
+ ip6tables -t mangle -A PREROUTING -i "$ecm_wan_ifname" -d ff00::/8 -p ipv6-icmp -m icmp6 --icmpv6-type 135 -j DROP
+@@ -698,7 +698,7 @@ syscfg set ntp_status 2
+ echo_t "[utopia][init] setting Multicast MAC before any switch configs"
+ $UTOPIA_PATH/service_multinet_exec set_multicast_mac &
+ 
+-if [ "$MODEL_NUM" = "DPC3939B" ] || [ "$MODEL_NUM" = "DPC3941B" ]; then
++if [ "$MODEL_NUM" = "DPC3939B" ] || [ "$MODEL_NUM" = "DPC3941B" ] || [ "$MODEL_NAME" = "Filogic" ]; then
+ 	echo_t "[utopia][init] started dropbear process"
+ 	/etc/utopia/service.d/service_sshd.sh sshd-start &
+ fi
+-- 
+2.18.0
+