diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e594810
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+*.rpm
+*.log
+*spec-20*
+*.tar.xz
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..6dfb915
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,21 @@
+# Makefile for source rpm: smeserver-bridge-interface
+# $Id: Makefile,v 1.1 2021/01/14 20:08:10 brianr Exp $
+NAME := smeserver-bridge-interface
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attept a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)
diff --git a/README.md b/README.md
index c4a4d45..48b2672 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,15 @@
-# smeserver-bridge-interface
+# smeserver-bridge-interface
-SMEServer Koozali developed git repo for smeserver-bridge-interface smecontribs
\ No newline at end of file
+SMEServer Koozali developed git repo for smeserver-bridge-interface smecontribs
+
+## Wiki
+
https://wiki.koozali.org/
+
+## Bugzilla
+Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=smeserver-bridge-interface&product=SME%20Contribs&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)
+
+## Description
+
+
*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
+*Once it has been checked, then this comment will be deleted*
+
diff --git a/contriborbase b/contriborbase
new file mode 100644
index 0000000..9b7fd51
--- /dev/null
+++ b/contriborbase
@@ -0,0 +1 @@
+contribs10
diff --git a/createlinks b/createlinks
new file mode 100644
index 0000000..ea45ad5
--- /dev/null
+++ b/createlinks
@@ -0,0 +1,42 @@
+#!/usr/bin/perl -w
+
+use esmith::Build::CreateLinks qw(:all);
+
+# our event specific for updating with yum without reboot
+$event = "smeserver-bridge-interface-update";
+
+
+#add here the path to your templates needed to expand
+#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
+
+foreach my $file (qw(
+ /etc/systemd/system-preset/49-koozali.preset
+ /usr/lib/systemd/system/dhcpd.service.d/50koozali.conf
+
+))
+{
+ templates2events( $file, $event );
+}
+
+
+#action needed in case we have a systemd unit
+#event_link("systemd-default", $event, "10");
+#event_link("systemd-reload", $event, "50");
+event_link("systemd-default", $event, "88");
+event_link("systemd-reload", $event, "89");
+
+
+#action specific to this package
+#event_link("bridge-disable", "$event", "02");
+#event_link("bridge-enable", "$event", "98");
+event_link("bridge-enable", "$event", "87");
+
+#services we need to restarta
+#none?
+event_services($event, "dhcpd" => "restart");
+event_services($event, "bridge" => "restart");
+
+foreach my $event (qw/console-save bootstrap-console-save/){
+ event_link("bridge-disable", "$event", "02");
+ event_link("bridge-enable", "$event", "98");
+}
diff --git a/root/etc/e-smith/db/configuration/defaults/bridge/bridgeInterface b/root/etc/e-smith/db/configuration/defaults/bridge/bridgeInterface
new file mode 100644
index 0000000..6d1e6fa
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/bridge/bridgeInterface
@@ -0,0 +1 @@
+br0
diff --git a/root/etc/e-smith/db/configuration/defaults/bridge/status b/root/etc/e-smith/db/configuration/defaults/bridge/status
new file mode 100644
index 0000000..86981e6
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/bridge/status
@@ -0,0 +1 @@
+enabled
diff --git a/root/etc/e-smith/db/configuration/defaults/bridge/tapInterface b/root/etc/e-smith/db/configuration/defaults/bridge/tapInterface
new file mode 100644
index 0000000..d727766
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/bridge/tapInterface
@@ -0,0 +1 @@
+tap0
diff --git a/root/etc/e-smith/db/configuration/defaults/bridge/type b/root/etc/e-smith/db/configuration/defaults/bridge/type
new file mode 100644
index 0000000..24e1098
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/defaults/bridge/type
@@ -0,0 +1 @@
+service
diff --git a/root/etc/e-smith/db/configuration/migrate/50bridge-interface b/root/etc/e-smith/db/configuration/migrate/50bridge-interface
new file mode 100644
index 0000000..312affb
--- /dev/null
+++ b/root/etc/e-smith/db/configuration/migrate/50bridge-interface
@@ -0,0 +1,21 @@
+{
+ my $bridge = $DB->get('bridge') || $DB->new_record('bridge', {type => 'service'});
+ my $brStatus = $bridge->prop('status') || 'enabled';
+
+ # Return nothing if bridge is disabled
+ return "" if ($brStatus eq 'disabled');
+
+ my $br = $bridge->prop('bridgeInterface') || 'br0';
+ my $IntIfConf = $DB->get('InternalInterface');
+ my $IntIfName = $IntIfConf->prop('Name');
+
+ # If the InternalInterface Name is the same as the bridge, there's nothing to do
+ return "" if ($IntIfName eq $br);
+
+ # else, we store the old InternalInterface Name in ethernetInterface
+ # and we set the InternalInterface to be the bridge
+
+ $bridge->set_prop('ethernetInterface',$IntIfName);
+ $IntIfConf->set_prop('Name',$br);
+}
+
diff --git a/root/etc/e-smith/events/actions/bridge-disable b/root/etc/e-smith/events/actions/bridge-disable
new file mode 100644
index 0000000..e774e98
--- /dev/null
+++ b/root/etc/e-smith/events/actions/bridge-disable
@@ -0,0 +1,35 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+#----------------------------------------------------------------------
+
+use esmith::ConfigDB;
+
+my $c = esmith::ConfigDB->open() || die "Error opening the ConfigDB\n";
+my $bridge = $c->get('bridge') || $c->new_record('bridge', {type => 'service'});
+my $status = $bridge->prop('status') || 'enabled';
+my $internal = $bridge->prop('ethernetInterface') || 'eth0';
+
+if ($status eq 'enabled'){
+ $c->set_prop('bridge', 'OldStatus', 'enabled');
+ $c->set_prop('bridge', 'status', 'disabled');
+ $c->set_prop('InternalInterface', 'Name', "$internal");
+}
+
+exit (0);
diff --git a/root/etc/e-smith/events/actions/bridge-enable b/root/etc/e-smith/events/actions/bridge-enable
new file mode 100644
index 0000000..5182891
--- /dev/null
+++ b/root/etc/e-smith/events/actions/bridge-enable
@@ -0,0 +1,38 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+#----------------------------------------------------------------------
+
+use esmith::ConfigDB;
+
+my $c = esmith::ConfigDB->open() || die "Error opening the ConfigDB\n";
+my $bridge = $c->get('bridge') || $c->new_record('bridge', {type => 'service'});
+my $status = $bridge->prop('status') || 'enabled';
+my $internal = $bridge->prop('bridgeInterface') || 'br0';
+
+if ($status eq 'disabled'){
+ my $oldstatus = $bridge->prop('OldStatus') || 'disabled';
+ if ($oldstatus eq 'enabled'){
+ $c->set_prop('bridge', 'status', 'enabled');
+ $c->set_prop('InternalInterface', 'Name', "$internal");
+ $c->get_prop_and_delete('bridge','OldStatus');
+ }
+}
+
+exit (0);
diff --git a/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/41service b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/41service
new file mode 100644
index 0000000..693c88b
--- /dev/null
+++ b/root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/41service
@@ -0,0 +1,20 @@
+{
+$interface=$InternalInterface{'Name'}||"hum";
+$bridgeif=(defined $bridge{bridgeInterface} )? $bridge{bridgeInterface}: "";
+#$bridgedif=(defined $bridge{ethernetInterface} ) ? $bridge{ethernetInterface} : undef;
+#$interface=(defined $bridgedif && $bridgedif eq $interface && defined $bridgeif) ? $bridgeif : $interface;
+# extra code if we want to hide the ethernet interface, howecer with only a little noise in dhcp log, we can keep the two intefaces
+$interface=( "$interface" ne "$bridgeif" && defined $bridgeif ) ? "$interface $bridgeif" : $interface;
+
+$configfile='/etc/dhcpd.conf';
+$leasefile='/var/lib/dhcpd/dhcpd.leases';
+$OUT .="";
+}
+
+[Service]
+# added for bridge interface
+ExecStart=
+ExecStart=/usr/bin/sh -c 'exec /usr/sbin/dhcpd -f -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases -user dhcpd -group dhcpd --no-pid {$bridgeif} >>/var/log/dhcpd/current 2>>/var/log/dhcpd/current'
+Restart=always
+RestartSec=5
+
diff --git a/root/sbin/e-smith/systemd/bridge-run b/root/sbin/e-smith/systemd/bridge-run
new file mode 100644
index 0000000..e2a5ada
--- /dev/null
+++ b/root/sbin/e-smith/systemd/bridge-run
@@ -0,0 +1,181 @@
+#!/bin/bash
+# Bridge service on SME
+# This service will configure a bridge interface on your server
+# allowing each enslaved interfaces to act as a switch port.
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Bridge Interface
+BRIDGE_IF=$(/sbin/e-smith/db configuration getprop bridge bridgeInterface)
+BRIDGE_PROMISC=$(/sbin/e-smith/db configuration getprop bridge Promiscuous)
+
+# Define list of TAP interfaces to be bridged,
+# for example tap="tap0 tap1 tap2".
+# Defaults is tap0
+TAP_IF=$(/sbin/e-smith/db configuration getprop bridge tapInterface)
+# Replace ; and , with spaces
+TAP_IF=$(echo $TAP_IF | sed -e "s/[,;]/ /g")
+
+# Define physical ethernet interface to be bridged
+# with TAP interface(s) above.
+ETH_IF=$(/sbin/e-smith/db configuration getprop bridge ethernetInterface)
+ETH_MAC=$(/sbin/e-smith/db configuration getprop InternalInterface HWAddress)
+ETH_IP=$(/sbin/e-smith/db configuration get LocalIP)
+ETH_MASK=$(/sbin/e-smith/db configuration getprop InternalInterface Netmask)
+
+# System mode: serveronly, server&gateway ...
+MODE=$(/sbin/e-smith/db configuration get SystemMode)
+
+# Path of openvpn binary
+openvpn=""
+openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
+for location in $openvpn_locations
+do
+ if [ -f "$location" ]
+ then
+ openvpn=$location
+ fi
+done
+
+# Check that binary exists
+if ! [ -f $openvpn ]
+then
+ echo "openvpn binary not found"
+ exit 0
+fi
+
+
+
+# Sub to reconfigure the firewall
+firewall(){
+ /sbin/e-smith/expand-template /etc/rc.d/init.d/masq >/dev/null 2>&1
+ #/sbin/service masq restart >/dev/null 2>&1
+ /usr/bin/systemctl try-restart masq.service >/dev/null 2>&1
+
+}
+
+# Sub to restart dhcpd
+dhcpd(){
+ #/usr/bin/sv t dhcpd
+ /usr/bin/systemctl try-restart dhcpd.service >/dev/null 2>&1
+}
+
+# Sub to reconfigures routes and defaults gateway
+routes(){
+ # We need to push all the routes of local networks as the interface has changed
+ for NET in $(/sbin/e-smith/db networks keys); do
+ SYSTEM=$(/sbin/e-smith/db networks getprop $NET SystemLocalNetwork)
+ if (! test $SYSTEM); then
+ NETMASK=$(/sbin/e-smith/db networks getprop $NET Mask)
+ ROUTER=$(/sbin/e-smith/db networks getprop $NET Router)
+ /sbin/route add -net $NET netmask $NETMASK gw $ROUTER >/dev/null 2>&1
+ fi
+ done
+
+ # If the server runs in serveronly, we need to reconfigure the default gateway:
+ if [ $MODE == 'serveronly' ]; then
+ GW=$(/sbin/e-smith/db configuration get GatewayIP)
+ /sbin/route add default gw $GW >/dev/null 2>&1
+ fi
+}
+
+start(){
+ # prep : filtering module
+ /usr/sbin/modprobe br_netfilter
+
+ # First, create the bridge interface
+ /usr/sbin/brctl addbr $BRIDGE_IF
+
+ # Then, create the tap interface(s) and enslave it in the bridge one
+ for t in $TAP_IF; do
+ $openvpn --mktun --dev $t >/dev/null 2>&1
+ /sbin/ifconfig $t 0.0.0.0 promisc up >/dev/null 2>&1
+ /usr/sbin/brctl addif $BRIDGE_IF $t >/dev/null 2>&1
+ done
+
+ # Now make the real ethernet interface promiscuous
+ /sbin/ifconfig $ETH_IF 0.0.0.0 promisc up >/dev/null 2>&1
+ sleep 1
+
+ # And add it to the bridge
+ /usr/sbin/brctl addif $BRIDGE_IF $ETH_IF >/dev/null 2>&1
+
+ [ -n "$ETH_MAC" ] && /sbin/ifconfig $BRIDGE_IF hw ether $ETH_MAC
+
+ [ "$BRIDGE_PROMISC" == "yes" ] && /sbin/ifconfig $BRIDGE_IF promisc
+
+ # Now configure the LocalIP on the bridge interface
+ /sbin/e-smith/db configuration setprop InternalInterface Name $BRIDGE_IF
+ /sbin/ifconfig $BRIDGE_IF $ETH_IP netmask $ETH_MASK >/dev/null 2>&1
+
+ # Push the routes for the new interface
+ routes
+
+ # Now we have to reconfigure the firewall
+ firewall
+
+ # And dhcpd (the configuration file is expanded each time the service starts
+ # so no need to do it manually
+ dhcpd
+}
+
+stop(){
+ # Shutdown the bridge and remove it
+ /sbin/ifconfig $BRIDGE_IF down >/dev/null 2>&1
+ /usr/sbin/brctl delbr $BRIDGE_IF >/dev/null 2>&1
+
+ # Then delete each tap interfaces
+ for t in $TAP_IF; do
+ $openvpn --rmtun --dev $t >/dev/null 2>&1
+ done
+
+ # Reconfigure the ethernet interface
+ /sbin/e-smith/db configuration setprop InternalInterface Name $ETH_IF
+ /sbin/ifconfig $ETH_IF $ETH_IP netmask $ETH_MASK up -promisc >/dev/null 2>&1
+
+ # Push the routes
+ routes
+
+ # restart the firewall
+ firewall
+
+ # and dhcp
+ dhcpd
+}
+
+case "$1" in
+ start)
+ echo -n $"Starting Bridge Service: "
+ start
+ RETVAL=$?
+ ;;
+ stop)
+ echo -n $"Stoping Bridge Service: "
+ stop
+ RETVAL=$?
+ ;;
+ restart)
+ echo -n $"Restarting Bridge Service: "
+ stop && start
+ RETVAL=$?
+ ;;
+ adjust)
+ echo -n $"Restarting Bridge Service: "
+ stop && start
+ RETVAL=$?
+ ;;
+ *)
+ echo "Usage: $0 start|stop|restart"
+ ;;
+esac
+
+if [ $RETVAL -eq 0 ]; then
+ echo_success
+else
+ echo_failure
+fi
+echo
+
+exit $RETVAL
+
diff --git a/root/usr/lib/systemd/system/bridge.service b/root/usr/lib/systemd/system/bridge.service
new file mode 100644
index 0000000..b7a5bc1
--- /dev/null
+++ b/root/usr/lib/systemd/system/bridge.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=Bridge Interface for VPN use.
+#After=network.target
+After=network.service
+After=wan.service
+Requires=network.service
+PartOf=network.service
+Before=network-online.target
+
+[Service]
+Type=forking
+ExecStart=/sbin/e-smith/systemd/bridge-run start
+ExecStop=/sbin/e-smith/systemd/bridge-run stop
+RemainAfterExit=true
+Type=oneshot
+
+[Install]
+WantedBy=sme-server.target
+
diff --git a/smeserver-bridge-interface.spec b/smeserver-bridge-interface.spec
new file mode 100644
index 0000000..78581b2
--- /dev/null
+++ b/smeserver-bridge-interface.spec
@@ -0,0 +1,130 @@
+# $Id: smeserver-bridge-interface.spec,v 1.10 2022/12/25 07:16:58 terryfage Exp $
+# Authority: vip-ire
+# Name: Daniel Berteaud
+
+%define version 0.2
+%define release 10
+%define name smeserver-bridge-interface
+
+
+Summary: Configure a bridge interface
+Name: %{name}
+Version: %{version}
+Release: %{release}%{?dist}
+License: GPL
+Group: System/Servers
+Source: %{name}-%{version}.tar.xz
+
+BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot
+URL: http://www.firewall-services.com/
+
+BuildRequires: e-smith-devtools
+
+Requires: bridge-utils
+Requires: openvpn
+Requires: e-smith-base >= 5.8.1-23
+Buildarch: noarch
+Conflicts: smeserver-openvpn-bridge.fws
+Conflicts: smeserver-openvpn-bridge-fws
+AutoReqProv: no
+
+
+%description
+This package allows you to replace the internal interface with a bridge
+interface (and the original internal interface enslaved to it).
+It's usefull for OpenVPN in bridge mode but can also be used for virtual host
+configuration
+
+%changelog
+* Sat Sep 07 2024 cvs2git.sh aka Brian Read 0.2-10.sme
+- Roll up patches and move to git repo [SME: 12338]
+
+* Sat Sep 07 2024 BogusDateBot
+- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
+ by assuming the date is correct and changing the weekday.
+
+* Sun Dec 25 2022 Terry Fage 0.2-9.sme
+- make bridge interface compat to e-smith-base on install [SME: 12271]
+
+* Fri Dec 16 2022 Terry Fage 0.2-8.sme
+- make bridge interface up on install [SME: 12271]
+
+* Tue Mar 23 2021 Jean-Philippe Pialasse 0.2-7.sme
+- make bridge interface up on install [SME: 11485]
+- modify support for dhcp with bridge
+
+* Thu Jan 28 2021 Brian Read 0.2-6.sme
+- Change-After-in-Service-file-to-network-service-from-target [SME: 11324]
+
+* Sun Jan 24 2021 Brian Read 0.2-5.sme
+- Add-Restart-to-service-file.patch [SME: 11324 ]
+
+* Sat Jan 23 2021 Brian Read 0.2-4.sme
+- Move exec to /sbin/e-smith/systemd/bridge-run, add service file [SME: 11324]
+
+* Thu Jan 14 2021 Brian Read 0.2-2.sme
+- Initial Import to SME10 [SME: 11324]
+- Update-Createlinks-for-systemd.patch
+
+* Mon Nov 11 2013 Daniel B. - 0.2-1.sme
+- Rebuild for SME9
+
+* Tue Jun 19 2012 Daniel B. - 0.1-6.sme
+- Wait after physical interface config
+ (fix a random bug in serveronly mode)
+- Ensure the bridge takes the MAC address of the physical interface
+- Optionally set the bridge interface in promiscuous mode
+
+* Tue Apr 19 2011 Daniel B. - 0.1-5.sme
+- Fix ifcfg templates expension on SME8 [SME: 6092]
+
+* Fri May 29 2009 Daniel B. [0.1-4]
+- Enhance init script to display what it's doing (starting/stoping etc...)
+- Cleanup in spec file
+
+* Fri Jan 16 2009 Daniel B. [0.1-3]
+- Set default status to enabled
+
+* Mon Jan 12 2009 Daniel B. [0.1-2]
+- possibility to set multiple tap interfaces separated with commas
+
+* Fri Dec 12 2008 Daniel B. [0.1-1]
+- Set the Name of InternalInterface to br0 when starting
+- Do not set the Name of InternalInterface to br0 if service is disabled
+ (during databases initialization)
+
+* Tue Dec 02 2008 Daniel B. [0.1-0]
+- initial release
+
+%prep
+
+%setup -q -n %{name}-%{version}
+
+%build
+# Build symlinks
+perl createlinks
+
+%install
+rm -rf $RPM_BUILD_ROOT
+(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
+/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
+ > %{name}-%{version}-%{release}-filelist
+
+chmod +x %{buildroot}/sbin/e-smith/systemd/bridge-run
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files -f %{name}-%{version}-%{release}-filelist
+%defattr(-,root,root)
+
+
+%post
+
+%preun
+#if [ $1 = 0 ] ; then
+# /etc/rc.d/init.d/bridge stop >& /dev/null || :
+#fi
+
+true