Skip to content

feat: Add FlushConntrackTable TR-181 parameter#76

Open
jayasrikadiyal wants to merge 1 commit into
developfrom
75-add-flush-conntrack-table-param
Open

feat: Add FlushConntrackTable TR-181 parameter#76
jayasrikadiyal wants to merge 1 commit into
developfrom
75-add-flush-conntrack-table-param

Conversation

@jayasrikadiyal
Copy link
Copy Markdown

@jayasrikadiyal jayasrikadiyal commented May 12, 2026

Summary

Adds a new TR-181 boolean parameter FlushConntrackTable under X_RDKCENTRAL-COM_DeviceFingerPrint to flush the connection tracking table on demand.

Resolves #75.

Changes

  • config/TR181-AdvSecurity.xml: Added FlushConntrackTable boolean parameter definition under X_RDKCENTRAL-COM_DeviceFingerPrint
  • source/AdvSecurityDml/cosa_adv_security_dml.c: Added Get/Set handlers for FlushConntrackTable in DeviceFingerPrint_GetParamBoolValue (always returns FALSE as trigger) and DeviceFingerPrint_SetParamBoolValue (calls CosaAdvSecFlushConntrackTable() when set to TRUE)
  • source/AdvSecurityDml/cosa_adv_security_internal.h: Added CosaAdvSecFlushConntrackTable() function declaration
  • source/AdvSecurityDml/cosa_adv_security_internal.c: Added CosaAdvSecFlushConntrackTable() implementation using v_secure_system("conntrack -F")
  • source/test/CcspAdvSecurityDmlTest/CcspAdvSecurityDmlTest.cpp: Added unit tests for Get, Set(TRUE), and Set(FALSE) cases; updated UnsupportedParam test for new strcmp_s call

Usage

# Flush connection tracking table
dmcli eRT setv Device.DeviceInfo.X_RDKCENTRAL-COM_DeviceFingerPrint.FlushConntrackTable bool true

# Get always returns false (trigger parameter)
dmcli eRT getv Device.DeviceInfo.X_RDKCENTRAL-COM_DeviceFingerPrint.FlushConntrackTable

Testing

  • Unit tests added for all code paths
  • Follows existing DML handler patterns (strcmp_s, v_secure_system, CcspTrace logging)

@jayasrikadiyal
feat: add FlushConntrackTable TR-181 parameter
4fb3ad0 
Add new TR-181 boolean parameter FlushConntrackTable under
X_RDKCENTRAL-COM_DeviceFingerPrint to flush the connection
tracking table on demand.

- Add parameter definition to TR181-AdvSecurity.xml
- Add Get handler (trigger parameter, always returns FALSE)
- Add Set handler (flushes conntrack table when set to TRUE)
- Add CosaAdvSecFlushConntrackTable() using v_secure_system
- Add unit tests for Get, Set(TRUE), and Set(FALSE) cases

Resolves #75
Copilot AI review requested due to automatic review settings May 12, 2026 03:01
@jayasrikadiyal jayasrikadiyal requested review from a team as code owners May 12, 2026 03:01
@jayasrikadiyal jayasrikadiyal mentioned this pull request May 12, 2026
Open
Copilot AI reviewed May 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new TR-181 trigger parameter (Device.DeviceInfo.X_RDKCENTRAL-COM_DeviceFingerPrint.FlushConntrackTable) that allows flushing the conntrack table on-demand via the AdvSecurity DML layer.

Changes:

  • Extended TR-181 data model with a writable boolean FlushConntrackTable parameter under X_RDKCENTRAL-COM_DeviceFingerPrint.
  • Added DML Get/Set handling for the new parameter, treating it as a trigger (Get always returns FALSE; Set(TRUE) triggers the action).
  • Implemented CosaAdvSecFlushConntrackTable() using v_secure_system("conntrack -F") and added unit tests for the new DML branches.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
config/TR181-AdvSecurity.xml Adds the new TR-181 parameter definition under the DeviceFingerPrint object.
source/AdvSecurityDml/cosa_adv_security_dml.c Implements Get/Set handling for FlushConntrackTable trigger behavior.
source/AdvSecurityDml/cosa_adv_security_internal.h Declares CosaAdvSecFlushConntrackTable() for use by the DML layer.
source/AdvSecurityDml/cosa_adv_security_internal.c Implements the conntrack flush action via v_secure_system.
source/test/CcspAdvSecurityDmlTest/CcspAdvSecurityDmlTest.cpp Adds unit tests for Get and Set(TRUE/FALSE) paths and updates unsupported-param coverage.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread source/AdvSecurityDml/cosa_adv_security_internal.c
Comment on lines +3533 to +3534
if (!WIFEXITED(rc) || WEXITSTATUS(rc) != 0)
{
Comment thread source/test/CcspAdvSecurityDmlTest/CcspAdvSecurityDmlTest.cpp
Comment on lines +2944 to +2968
TEST_F(CcspAdvSecurityDmlTestFixture, CheckDeviceFingerPrint_SetParamBoolValue_FlushConntrackTable_True) {
PCOSA_DATAMODEL_AGENT pMyObject = new COSA_DATAMODEL_AGENT;
g_pAdvSecAgent = pMyObject;

const char* ParamName = "FlushConntrackTable";
BOOL bValue = TRUE;
int comparisonResult = 1;
int comparisonResultMatch = 0;

EXPECT_CALL(*g_safecLibMock, _strcmp_s_chk(StrEq("Enable"), strlen("Enable"), StrEq(ParamName), _, _, _))
.Times(1)
.WillOnce(DoAll(SetArgPointee<3>(comparisonResult), Return(EOK)));

EXPECT_CALL(*g_safecLibMock, _strcmp_s_chk(StrEq("FlushConntrackTable"), strlen("FlushConntrackTable"), StrEq(ParamName), _, _, _))
.Times(1)
.WillOnce(DoAll(SetArgPointee<3>(comparisonResultMatch), Return(EOK)));

EXPECT_CALL(*g_securewrapperMock, v_secure_system(HasSubstr("conntrack -F"), _))
.Times(1)
.WillOnce(Return(0));

BOOL result = DeviceFingerPrint_SetParamBoolValue(NULL, (char*)ParamName, bValue);

EXPECT_TRUE(result);

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Task: ADD new TR-181 Parameter

2 participants

@jayasrikadiyal