chore: updated package.json, updated helm/Chart.yaml, updated helm/values.yaml, updated CMakeLists.txt, updated version, created CHANGELOG.md, bumped 3.0.2 -> 3.0.3

Merge pull request #6 from kinarasystems/devices
includeProvisioned flag is now checked for countOnly.
2025-11-03 12:17:56 +00:00 · 2024-06-19 12:07:08 +00:00 · 2024-06-19 08:06:51 -04:00 · 2024-06-19 07:56:18 -04:00 · 2024-06-11 16:29:20 -04:00 · 2024-06-03 08:27:58 -04:00
121 changed files with 10993 additions and 3643 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,19 +1,19 @@
-name: CI
+name: Build Docker image
 on:
  push:
    paths-ignore:
      - 'openapi/**'
      - '**.md'
      - 'version'
      - 'package*.json'
      - 'helm/*.yaml'
      - 'CMakeLists.txt'
    branches:
-      - master
+      - kinara
      - 'release/*'
    tags:
      - 'v*'
  pull_request:
    branches:
-      - master
+      - kinara
      - 'release/*'
 defaults:
  run:
@@ -21,81 +21,102 @@ defaults:
 jobs:
  docker:
    runs-on: ubuntu-20.04
    env:
      DOCKER_REGISTRY_URL: tip-tip-wlan-cloud-ucentral.jfrog.io
      DOCKER_REGISTRY_USERNAME: ucentral
    steps:
    - name: Checkout actions repo
      uses: actions/checkout@v3
      with:
        repository: Telecominfraproject/.github
        path: github
    - name: Build and push Docker image
      uses: ./github/composite-actions/docker-image-build
      with:
        image_name: owgw
        registry: tip-tip-wlan-cloud-ucentral.jfrog.io
        registry_user: ucentral
        registry_password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
    - name: Notify on failure via Slack
      if: failure() && github.ref == 'refs/heads/master'
      uses: rtCamp/action-slack-notify@v2
      env:
        SLACK_USERNAME: GitHub Actions failure notifier
        SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
        SLACK_COLOR: "${{ job.status }}"
        SLACK_ICON: https://raw.githubusercontent.com/quintessence/slack-icons/master/images/github-logo-slack-icon.png
        SLACK_TITLE: Docker build failed for OWGW service
  trigger-testing:
    if: startsWith(github.ref, 'refs/pull/')
    runs-on: ubuntu-latest
-    needs: docker
+    env:
      ECR_REGISTRY: 471112855615.dkr.ecr.us-east-1.amazonaws.com
      ECR_REPOSITORY: owgw
      AWS_REGION: us-east-1
    steps:
-    - name: Get base branch name and set as output
+      - name: Checkout source
-      id: get_base_branch
+        uses: actions/checkout@v4
        with:
          path: build
          token: ${{ secrets.GIT_PUSH_PAT }}
          persist-credentials: true
      - name: Checkout dot github repo
        uses: actions/checkout@v4
        with:
          repository: kinarasystems/.github
          ref: main
          path: tools
          token: ${{ secrets.GIT_PUSH_PAT }}
      - name: Bump version and checkin
        if: github.ref == 'refs/heads/kinara'
        id: bump-version
        run: |
-        echo "branch=$(echo ${GITHUB_BASE_REF##*/} | sed 's/master/main/g')" >> $GITHUB_OUTPUT
+          cd build
          ../tools/utils/setup-git-credentials "${{ secrets.GIT_PUSH_PAT}}"
          ../tools/utils/ver-bump -b -a -p -V kv -y helm/Chart.yaml -Y helm/values.yaml -M CMakeLists.txt
-    - name: Checkout actions repo
+      - name: Configure AWS credentials
-      uses: actions/checkout@v3
+        uses: aws-actions/configure-aws-credentials@v4
        with:
-        repository: Telecominfraproject/.github
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        path: github
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_REGION }}
-    - name: Trigger testing of OpenWifi Docker Compose deployment and wait for result
+      - name: Login to Amazon ECR
-      uses: ./github/composite-actions/trigger-workflow-and-wait
+        id: login-ecr
        uses: aws-actions/amazon-ecr-login@v2
      - name: Build, tag, and push image to Amazon ECR
        id: build-image
        env:
-        BASE_BRANCH: ${{ steps.get_base_branch.outputs.branch }}
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-      with:
+          IMAGE_TAG: ${{ github.sha }}
-        owner: Telecominfraproject
+          GITHUB_REF: ${{ github.ref }}
-        repo: wlan-testing
+        run: |
-        workflow: ow_docker-compose.yml
+          cd build
-        token: ${{ secrets.WLAN_TESTING_PAT }}
+          version=$(cat version)
-        ref: master
+          ../tools/utils/docker_build \
-        inputs: '{"deployment_version": "${{ env.BASE_BRANCH }}", "owgw_version": "${{ github.sha }}", "owsec_version": "${{ env.BASE_BRANCH }}", "owfms_version": "${{ env.BASE_BRANCH }}", "owprov_version": "${{ env.BASE_BRANCH }}", "owanalytics_version": "${{ env.BASE_BRANCH }}", "owsub_version": "${{ env.BASE_BRANCH }}", "microservice": "owgw"}'
+              -m kinara \
              -b "$GITHUB_REF" \
              -t "$IMAGE_TAG" \
              -r "$ECR_REGISTRY/$ECR_REPOSITORY" \
              -v "kv${version}"
-  trigger-deploy-to-dev:
+      - name: Notify via Teams
        #if: failure() && github.ref == 'refs/heads/kinara'
        if: always()
        uses: skitionek/notify-microsoft-teams@master
        with:
          webhook_url: ${{ secrets.MS_TEAMS_WEBHOOK }}
          needs: ${{ toJson(needs) }}
          job: ${{ toJson(job) }}
          steps: ${{ toJson(steps) }}
          dry_run: False
  deploy-to-dev:
    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/master'
+    if: github.ref == 'refs/heads/kinara'
    env:
      DEPLOY_NAME: owgw
      AWS_DEFAULT_REGION: us-east-1
      AWS_NAMESPACE: kic-dev1
      AWS_EKS_NAME: kinara-dev
      KUBECTL_VERSION: "v1.27.14"
    needs:
      - docker
    steps:
-    - name: Checkout actions repo
+      - name: Configure AWS credentials
-      uses: actions/checkout@v3
+        uses: aws-actions/configure-aws-credentials@v4
        with:
-        repository: Telecominfraproject/.github
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        path: github
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_DEFAULT_REGION }}
-    - name: Trigger deployment of the latest version to dev instance and wait for result
+      - name: Fetch kubeconfig
-      uses: ./github/composite-actions/trigger-workflow-and-wait
+        run: |
-      with:
+          aws eks update-kubeconfig --name ${{ env.AWS_EKS_NAME }} --region ${{ env.AWS_DEFAULT_REGION }}
-        owner: Telecominfraproject
+
-        repo: wlan-testing
+      - name: Install kubectl
-        workflow: ucentralgw-dev-deployment.yaml
+        run: |
-        token: ${{ secrets.WLAN_TESTING_PAT }}
+          curl -s -LO "https://dl.k8s.io/release/${{ env.KUBECTL_VERSION }}/bin/linux/amd64/kubectl"
-        ref: master
+          sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
-        inputs: '{"force_latest": "true"}'
+
      - name: Rolling update of deployment
        run: |
          kubectl rollout restart deployment/${{ env.DEPLOY_NAME }} -n ${{ env.AWS_NAMESPACE }}
--- a/.github/workflows/cleanup.yml
+++ b/.github/workflows/cleanup.yml
@@ -1,26 +0,0 @@
 name: Clean up PR Docker images
 on:
  pull_request:
    branches:
      - master
    types: [ closed ]
 defaults:
  run:
    shell: bash
 jobs:
  cleanup:
    runs-on: ubuntu-latest
    steps:
    - name: Cleanup Docker image with PR branch tag 
      run: | 
        export PR_BRANCH_TAG=$(echo ${GITHUB_HEAD_REF#refs/heads/} | tr '/' '-')
        if [[ ! $PR_BRANCH_TAG =~ (main|master|release-*) ]]; then
          echo "PR branch is $PR_BRANCH_TAG, deleting Docker image"
          curl -s -uucentral:${{ secrets.DOCKER_REGISTRY_PASSWORD }} -X DELETE "https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral/owgw/$PR_BRANCH_TAG"
        else
          echo "PR branch is $PR_BRANCH_TAG, not deleting Docker image"
        fi
--- a/.github/workflows/enforce-jira-issue-key.yml
+++ b/.github/workflows/enforce-jira-issue-key.yml
@@ -1,24 +0,0 @@
 name: Ensure Jira issue is linked
 on:
  pull_request:
    types: [opened, edited, reopened, synchronize]
    branches:
      - 'release/*'
 jobs:
  check_for_issue_key:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout actions repo
        uses: actions/checkout@v3
        with:
          repository: Telecominfraproject/.github
          path: github
      - name: Run JIRA check
        uses: ./github/composite-actions/enforce-jira-issue-key
        with:
          jira_base_url: ${{ secrets.TIP_JIRA_URL }}
          jira_user_email: ${{ secrets.TIP_JIRA_USER_EMAIL }}
          jira_api_token: ${{ secrets.TIP_JIRA_API_TOKEN }}
--- a/.github/workflows/openapi-pages.yml
+++ b/.github/workflows/openapi-pages.yml
@@ -1,41 +0,0 @@
 name: Update OpenAPI docs on GitHub Pages
 on:
  push:
    paths:
      - 'openapi/**'
    branches:
      - master
  workflow_dispatch:
 defaults:
  run:
    shell: bash
 jobs:
  docsgen:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Generate static HTML page with docs from OpenAPI definition
        run: |
          docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli:v6.2.1 generate -i https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentralgw/master/openapi/owgw.yaml -g html2 --skip-validate-spec -o /local/
      - name: Update OpenAPI docs
        run: |
          mkdir tmp-docs
          mv index.html tmp-docs/index.html
          mkdir -p ~/.ssh
          ssh-keyscan -H github.com >> ~/.ssh/known_hosts
          echo https://tip-automation:${{ secrets.GIT_PUSH_PAT }}@github.com > ~/.git-credentials
          git config --global credential.helper store
          git config --global user.email "tip-automation@telecominfraproject.com"
          git config --global user.name "TIP Automation User"
          git pull
          git checkout gh-pages || git checkout -b gh-pages
          rm -rf docs
          mv tmp-docs docs
          git add docs
          git commit -m'Update OpenAPI docs for GitHub pages'
          git push --set-upstream origin gh-pages
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,46 +0,0 @@
 name: Release chart package
 on:
  push:
    tags:
      - 'v*'
 defaults:
  run:
    shell: bash
 jobs:
  helm-package:
    runs-on: ubuntu-20.04
    env:
      HELM_REPO_URL: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
      HELM_REPO_USERNAME: ucentral
    steps:
      - name: Checkout uCentral assembly chart repo
        uses: actions/checkout@v3
        with:
          path: wlan-cloud-ucentralgw
      - name: Build package
        working-directory: wlan-cloud-ucentralgw/helm
        run: |
          helm plugin install https://github.com/aslafy-z/helm-git --version 0.10.0
          helm repo add bitnami https://charts.bitnami.com/bitnami
          helm repo update
          helm dependency update
          mkdir dist
          helm package . -d dist
      - name: Generate GitHub release body
        working-directory: wlan-cloud-ucentralgw/helm
        run: |
          pip3 install yq -q
          echo "Docker image - tip-tip-wlan-cloud-ucentral.jfrog.io/owgw:$GITHUB_REF_NAME" > release.txt
          echo "Helm charted may be attached to this release" >> release.txt
          echo "Deployment artifacts may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/$GITHUB_REF_NAME" >> release.txt
      - name: Create GitHub release
        uses: softprops/action-gh-release@v1
        with:
          body_path: wlan-cloud-ucentralgw/helm/release.txt
          files: wlan-cloud-ucentralgw/helm/dist/*
--- a/.gitignore
+++ b/.gitignore
@@ -21,10 +21,11 @@ _deps
 /docker-compose/.env
 /docker-compose/.env_*
 /cmake-build/
 /uploads/
 test_scripts/curl/token.json
 .vscode/c_cpp_properties.json
 test_scripts/curl/result.json
 *.swp
 helm/charts/*
 !helm/charts/.gitkeep
 /portal-test/
 /src/ow_version.h
--- a/.idea/.gitignore
+++ b/.idea/.gitignore
@@ -6,3 +6,5 @@
 /dataSources.local.xml
 # Editor-based HTTP Client requests
 /httpRequests/
 # GitHub Copilot persisted chat sessions
 /copilot/chatSessions
--- a/.idea/misc.xml
+++ b/.idea/misc.xml
@@ -1,5 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
  <component name="Black">
    <option name="sdkName" value="Python 3.9 (wlan-cloud-ucentralgw)" />
  </component>
  <component name="CMakeWorkspace" PROJECT_DIR="$PROJECT_DIR$" />
  <component name="CidrRootsConfiguration">
    <excludeRoots>
--- a/BUILDING.md
+++ b/BUILDING.md
@@ -1,5 +1,5 @@
 # Building from source
-In order to build the OWGW, you will need to install its dependencies, which includes the following:
+In order to build OWGW, you will need to install its dependencies, which includes the following:
 - cmake
 - boost
 - POCO 1.10.1 or later
@@ -12,43 +12,43 @@ In order to build the OWGW, you will need to install its dependencies, which inc
 The build is done in 2 parts. The first part is to build a local copy of the framework tailored to your environment. This
 framework is called [Poco](https://github.com/pocoproject/poco). The version used in this project has a couple of fixes
-from the master copy needed for cmake. Please use the version of this [Poco fix](https://github.com/AriliaWireless/poco). Building
+from the master copy needed for cmake. Please use the version of this [Poco fix](https://github.com/Telecominfraproject/wlan-cloud-lib-poco). Building
 Poco may take several minutes depending on the platform you are building on.
 ## Ubuntu
 These instructions have proven to work on Ubuntu 20.4.
 ```bash
-sudo apt install git cmake g++ libssl-dev libmariadb-dev 
+sudo apt install git cmake g++ libssl-dev libmariadb-dev \
-sudo apt install libpq-dev libaprutil1-dev apache2-dev libboost-all-dev
+    libpq-dev libaprutil1-dev apache2-dev libboost-all-dev \
-sudo apt install librdkafka-dev // default-libmysqlclient-dev
+    librdkafka-dev // default-libmysqlclient-dev \
-sudo apt install nlohmann-json-dev
+    nlohmann-json-dev
-cd ~
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-poco --branch poco-tip-v1 poco
 git clone https://github.com/AriliaWireless/poco --branch poco-tip-v1
 cd poco
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
-cd ~
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-cppkafka --branch tip-v1 cppkafka
 git clone https://github.com/AriliaWireless/cppkafka --branch tip-v1
 cd cppkafka
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
-cd ~
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-valijson --branch tip-v1 valijson
 git clone https://github.com/AriliaWireless/valijson --branch tip-v1
 cd valijson
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
 git clone https://github.com/fmtlib/fmt --branch 9.0.0 /fmtlib
 cd fmtlib
@@ -57,56 +57,59 @@ cd cmake-build
 cmake ..
 make
 make install
 cd ../..
 cd ~
 git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralgw
 cd wlan-cloud-ucentralgw
 mkdir cmake-build
 cd cmake-build
 cmake ..
 make -j 8
 cd ../..
 ```
 ## Fedora
 The following instructions have proven to work on Fedora 33
 ```bash
-sudo yum install cmake g++ openssl-devel mysql-devel mysql apr-util-devel boost boost-devel
+sudo yum install cmake g++ openssl-devel mysql-devel mysql apr-util-devel boost boost-devel \
-sudo yum install yaml-cpp-devel lua-devel 
+    yaml-cpp-devel lua-devel
 sudo dnf install postgresql.x86_64 librdkafka-devel
 sudo dnf install postgresql-devel json-devel
-git clone https://github.com/AriliaWireless/poco --branch poco-tip-v1
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-poco --branch poco-tip-v1 poco
 cd poco
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
-git clone https://github.com/AriliaWireless/cppkafka --branch tip-v1
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-cppkafka --branch tip-v1 cppkafka
 cd cppkafka
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
-cd ~
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-valijson --branch tip-v1 valijson
 git clone https://github.com/AriliaWireless/valijson --branch tip-v1
 cd valijson
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
 cd ~
 git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralgw
 cd wlan-cloud-ucentralgw
 mkdir cmake-build
 cd cmake-build
 cmake ..
 make
 cd ../..
 ```
 ## macOS Build
@@ -125,7 +128,7 @@ brew install openssl \
 	nlohmann-json \
 	fmt
-git clone https://github.com/AriliaWireless/poco --branch poco-tip-v1
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-poco --branch poco-tip-v1 poco
 pushd poco
 mkdir cmake-build
 push cmake-build
@@ -135,7 +138,7 @@ sudo cmake --build . --target install
 popd
 popd
-git clone https://github.com/AriliaWireless/cppkafka --branch tip-v1
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-cppkafka --branch tip-v1 cppkafka
 pushd cppkafka
 mkdir cmake-build
 pushd cmake-build
@@ -145,10 +148,10 @@ sudo cmake --build . --target install
 popd
 popd
-git clone https://github.com/AriliaWireless/valijson --branch tip-v1
+git clone https://github.com/Telecominfraproject/wlan-cloud-lib-valijson --branch tip-v1 valijson
-cd valijson
+pushd valijson
 mkdir cmake-build
-cd cmake-build
+pushd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
@@ -171,20 +174,23 @@ support. You can build with only SQLite support by not installing the packages f
 adding -DSMALL_BUILD=1 on the cmake build line.
 ```bash
-sudo apt install git cmake g++ libssl-dev libaprutil1-dev apache2-dev libboost-all-dev libyaml-cpp-dev
+sudo apt install git cmake g++ libssl-dev libaprutil1-dev apache2-dev \
-git clone https://github.com/stephb9959/poco
+    libboost-all-dev libyaml-cpp-dev
 git clone https://github.com/Telecominfraproject/wlan-cloud-lib-poco --branch poco-tip-v1 poco
 cd poco
 mkdir cmake-build
 cd cmake-build
 cmake ..
 cmake --build . --config Release
 sudo cmake --build . --target install
 cd ../..
 cd ~
 git clone https://github.com/Telecominfraproject/wlan-cloud-ucentralgw
 cd wlan-cloud-ucentralgw
 mkdir cmake-build
 cd cmake-build
 cmake -DSMALL_BUILD=1 ..
 make
 cd ../..
 ```
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,4 @@
 ## 3.0.3 (June 19, 2024)
 - chore: updated package.json, updated helm/Chart.yaml, updated helm/values.yaml, updated CMakeLists.txt, updated version, created CHANGELOG.md, bumped 3.0.2 -> 3.0.3
 - Merge pull request #6 from kinarasystems/devices
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,7 +1,8 @@
 cmake_minimum_required(VERSION 3.13)
-project(owgw VERSION 2.11.0)
+project(owgw VERSION 3.0.3)
-set(CMAKE_CXX_STANDARD 17)
+set(CMAKE_CXX_STANDARD 20)
 set(CMAKE_CXX_STANDARD_REQUIRED True)
 if(UNIX AND APPLE)
    set(OPENSSL_ROOT_DIR /usr/local/opt/openssl)
@@ -148,6 +149,7 @@ add_executable( owgw
        src/RESTAPI/RESTAPI_script_handler.cpp src/RESTAPI/RESTAPI_script_handler.h
        src/RESTAPI/RESTAPI_regulatory.cpp src/RESTAPI/RESTAPI_regulatory.h
        src/RESTAPI/RESTAPI_radiussessions_handler.cpp src/RESTAPI/RESTAPI_radiussessions_handler.h
        src/storage/storage_blacklist.cpp src/storage/storage_tables.cpp src/storage/storage_logs.cpp
        src/storage/storage_command.cpp src/storage/storage_healthcheck.cpp src/storage/storage_statistics.cpp
        src/storage/storage_device.cpp src/storage/storage_capabilities.cpp src/storage/storage_defconfig.cpp
@@ -175,7 +177,7 @@ add_executable( owgw
        src/SDKcalls.cpp
        src/SDKcalls.h
        src/StateUtils.cpp src/StateUtils.h
-        src/AP_WS_ReactorPool.h
+        src/AP_WS_Reactor_Pool.h
        src/AP_WS_Connection.h
        src/AP_WS_Connection.cpp
        src/TelemetryClient.h src/TelemetryClient.cpp
@@ -199,7 +201,7 @@ add_executable( owgw
        src/AP_WS_Process_deviceupdate.cpp
        src/AP_WS_Process_telemetry.cpp
        src/AP_WS_Process_venuebroadcast.cpp
-        src/RADSEC_server.h
+        src/RADIUS_Destination.h
        src/UI_GW_WebSocketNotifications.cpp src/UI_GW_WebSocketNotifications.h
        src/framework/RESTAPI_SystemConfiguration.h
        src/ScriptManager.cpp src/ScriptManager.h
@@ -211,7 +213,8 @@ add_executable( owgw
        src/RegulatoryInfo.cpp src/RegulatoryInfo.h
        src/RADIUSSessionTracker.cpp src/RADIUSSessionTracker.h
        src/libs/Scheduler.h src/libs/InterruptableSleep.h src/libs/ctpl_stl.h src/libs/Cron.h
-        src/GenericScheduler.cpp src/GenericScheduler.h src/framework/default_device_types.h src/AP_WS_Process_rebootLog.cpp src/AP_WS_ConfigAutoUpgrader.cpp src/AP_WS_ConfigAutoUpgrader.h src/RESTAPI/RESTAPI_default_firmwares.cpp src/RESTAPI/RESTAPI_default_firmwares.h src/RESTAPI/RESTAPI_default_firmware.cpp src/RESTAPI/RESTAPI_default_firmware.h src/storage/storage_def_firmware.cpp src/firmware_revision_cache.h src/sdks/sdk_fms.h)
+        src/GenericScheduler.cpp src/GenericScheduler.h src/framework/default_device_types.h src/AP_WS_Process_rebootLog.cpp src/AP_WS_ConfigAutoUpgrader.cpp src/AP_WS_ConfigAutoUpgrader.h src/RESTAPI/RESTAPI_default_firmwares.cpp src/RESTAPI/RESTAPI_default_firmwares.h src/RESTAPI/RESTAPI_default_firmware.cpp src/RESTAPI/RESTAPI_default_firmware.h src/storage/storage_def_firmware.cpp src/firmware_revision_cache.h src/sdks/sdk_fms.h
        src/AP_WS_LookForUpgrade.cpp)
 if(NOT SMALL_BUILD)
@@ -223,13 +226,16 @@ INSTALL(TARGETS owgw
 target_link_libraries(owgw PUBLIC
        ${Poco_LIBRARIES}
-        ${ZLIB_LIBRARIES})
+        ${ZLIB_LIBRARIES}
 )
 if(NOT SMALL_BUILD)
    target_link_libraries(owgw PUBLIC
-            ${MySQL_LIBRARIES} ${ZLIB_LIBRARIES}
+            ${MySQL_LIBRARIES}
            ${ZLIB_LIBRARIES}
            CppKafka::cppkafka
            fmt::fmt
            resolv
    )
    if(UNIX AND NOT APPLE)
        target_link_libraries(owgw PUBLIC PocoJSON)
--- a/17
+++ b/17
@@ -17,8 +17,8 @@ FROM build-base AS poco-build
 ARG POCO_VERSION
-ADD https://api.github.com/repos/AriliaWireless/poco/git/refs/tags/${POCO_VERSION} version.json
+ADD https://api.github.com/repos/Telecominfraproject/wlan-cloud-lib-poco/git/refs/tags/${POCO_VERSION} version.json
-RUN git clone https://github.com/AriliaWireless/poco --branch ${POCO_VERSION} /poco
+RUN git clone https://github.com/Telecominfraproject/wlan-cloud-lib-poco --branch ${POCO_VERSION} /poco
 WORKDIR /poco
 RUN mkdir cmake-build
@@ -31,8 +31,8 @@ FROM build-base AS cppkafka-build
 ARG CPPKAFKA_VERSION
-ADD https://api.github.com/repos/AriliaWireless/cppkafka/git/refs/tags/${CPPKAFKA_VERSION} version.json
+ADD https://api.github.com/repos/Telecominfraproject/wlan-cloud-lib-cppkafka/git/refs/tags/${CPPKAFKA_VERSION} version.json
-RUN git clone https://github.com/AriliaWireless/cppkafka --branch ${CPPKAFKA_VERSION} /cppkafka
+RUN git clone https://github.com/Telecominfraproject/wlan-cloud-lib-cppkafka --branch ${CPPKAFKA_VERSION} /cppkafka
 WORKDIR /cppkafka
 RUN mkdir cmake-build
@@ -45,8 +45,8 @@ FROM build-base AS valijson-build
 ARG VALIJASON_VERSION
-ADD https://api.github.com/repos/AriliaWireless/valijson/git/refs/tags/${VALIJASON_VERSION} version.json
+ADD https://api.github.com/repos/Telecominfraproject/wlan-cloud-lib-valijson/git/refs/tags/${VALIJASON_VERSION} version.json
-RUN git clone https://github.com/AriliaWireless/valijson --branch ${VALIJASON_VERSION} /valijson
+RUN git clone https://github.com/Telecominfraproject/wlan-cloud-lib-valijson --branch ${VALIJASON_VERSION} /valijson
 WORKDIR /valijson
 RUN mkdir cmake-build
@@ -87,6 +87,11 @@ ENV APP_NAME=$APP_NAME \
    APP_CONFIG=/$APP_NAME-data \
    APP_HOME_DIR=$APP_HOME_DIR
 # This is for legacy
 ENV OWGW_USER=$APP_USER \
    OWGW_ROOT=$APP_ROOT \
    OWGW_CONFIG=$APP_CONFIG
 RUN useradd $APP_USER
 RUN mkdir $APP_HOME_DIR
--- a/PROTOCOL.md
+++ b/PROTOCOL.md
@@ -355,6 +355,39 @@ The device should answer:
 - 1 : the device is busy but will reboot soon. `text` may indicate why.
 - 2 : the device will not reboot. `text` contains information as to why.
 #### Controller wants to power-cycle PoE port(s)
 Controller sends this command to power-cycle 1 or more PoE ports
 ```json
 {    "jsonrpc" : "2.0" , 
     "method" : "powercycle" , 
     "params" : {
 	        "serial" : <serial number> ,
            "ports" : [ { "name" :  "Ethernet1", "cycle" : 5000}, { "name" :  "Ethernet8", "cycle" : 10000 } ],
 	        "when" : Optional - <UTC time when to reboot, 0 mean immediately, this is a suggestion>
     },
     "id" : <some number>
 }
 ```
 The device should answer:
 ```json
 {     "jsonrpc" : "2.0" , 
      "result" : {
      "serial" : <serial number> ,
      "status" : {
 	    "error" : 0 or an error number,
 	    "text" : [ "Error 1" , "Error 2" ],
 	    "when" : <time when this will be performed as UTC seconds>,
  	},
  "id" : <same id from request>
 }
 ```
 ###### Error codes
 - 0 : is rebooting at `when` seconds.
 - 1 : the device is busy but will reboot soon. `text` may indicate why.
 - 2 : the device will not reboot. `text` contains information as to why.
 #### Controller wants the device to upgrade its firmware
 Controller sends this command when it believes the device should upgrade its firmware.
 ```json
@@ -775,6 +808,146 @@ The device should answer:
 }
 ```
 #### Controller wants the device to replace its certificates
 Controller sends this command to run a predefined script. Extreme care must be taken.
 ```json
 {    "jsonrpc" : "2.0" , 
     "method" : "certupdate" , 
     "params" : {
        "serial" : <serial number>,
        "certificates" : <BASE64 encoded tar file of the cert package from the certificate portal>
     },
     "id" : <some number>
 }
 ```
 The device should answer:
 ```json
 {     "jsonrpc" : "2.0" , 
      "result" : {
          "serial" : <serial number> ,
          "status" : {
            "error" : <0 or the value of $? from the shell running the command, 255 signifies a timeout>,
            "txt" : <text describing the error or success>
      },
  "id" : <same number as request>
 }
 ```
 #### Controller wants the device to switch to another controller
 Controller sends this when the device should change the controller it connects to without looking up a new redirector.
 ```json
 {    "jsonrpc" : "2.0" , 
     "method" : "transfer" , 
     "params" : {
        "serial" : <serial number>,
        "server" : <controller hostname>,
        "port" : <controller port number (integer)>,
     },
     "id" : <some number>
 }
 ```
 The device should answer:
 ```json
 {     "jsonrpc" : "2.0" , 
      "result" : {
          "serial" : <serial number> ,
          "status" : {
            "error" : <0 or the value of $? from the shell running the command, 255 signifies a timeout>,
            "txt" : <text describing the error or success>
      },
  "id" : <same number as request>
 }
 ```
 ### RRM AP device commands
 The following command is used to send RRM commands to an AP. RRM commands are send to an AP, however the 
 controller will not or cannot verify if they have been sent or the action was performed.
 ```json
 {    "jsonrpc" : "2.0" , 
     "method" : "rrm" , 
     "params" : {
        "serial" : <serial number>,
        "actions" : [ array of actions. Each possible action is defined next]
     },
     "id" : <some number>
 }
 ```
 The device should answer:
 ```json
 {     "jsonrpc" : "2.0" , 
      "result" : {
          "serial" : <serial number> ,
          "status" : {
            "error" : <0 or the value of $? from the shell running the command, 255 signifies a timeout>,
            "txt" : <text describing the error or success>
      },
  "id" : <same number as request>
 }
 ```
 #### RRM Roam action
 ##### Kick
 ```json
 {     
      "action" : "kick" ,
      "addr" : <mac if the client that shall be kicked> ,
      "reason": <number>, (default: 5, https://www.cisco.com/assets/sol/sb/WAP371_Emulators/WAP371_Emulator_v1-0-1-5/help/Apx_ReasonCodes2.html)
      "ban_time": <number> (seconds, optional)
 }
 ```
 ##### Channel Switch Announcement
 ```json
 {   
    "action" : "channel_switch" ,
    "bssid" : <mac of the SSID> , (all other SSIDs on the same radio will perform the same action)
    "channel" : <number> (HT/HW mode will be retained upon issuing the CSA)
 }
 ```
 ##### Change TX-Power
 ```json
 {   
    "action" : "tx_power" ,
    "bssid" : <mac of the SSID> , (all other SSIDs on the same radio will perform the same action)
    "level" : <number> (DBm inside the positive number space)
 }
 ```
 ##### Beacon Scan
 ```json
 {   
    "action" : "beacon_request" ,
    "addr" : <mac if the client that shall perform the scan> ,
    "ssid": <string>, (the SSID the client shall scan for on all frequencies),
    "channel": <number> (the channel that shall be scanned)
 }
 ```
 ##### BSS Transition
 ```json
 {   
    "action" : "bss_transition" ,
    "addr" : <mac if the client that shall perform the roam> ,
    "neighbors": [ <string> ], (an array of BSSIDs the client shall consider as roamin candidates)
 }
 ```
 ##### Update neighbours
 ```json
 {   
    "action" : "neighbors" ,
    "bssid" : <mac of the SSID> , (the SSID of the specific VAP)
    "neighbors": [ [ <BSS>, <ssid>, <neighbor report> ] ]
 }
 ```
 ### `rtty server`
 More information about the [rtty server](https://github.com/zhaojh329/rtty) can be found here.
--- a/2
+++ b/2
@@ -1 +1 @@
-29
+95
--- a/21
+++ b/21
@@ -0,0 +1,21 @@
 #!/bin/bash
 set -e
 [ -z "$AWS_PROFILE" ] && echo "Please set AWS_PROFILE" && exit 1
 registry="471112855615.dkr.ecr.us-east-1.amazonaws.com"
 repo="owgw"
 aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin "$registry"
 img="$registry/$repo"
 if [ -n "$1" ] ; then
    version="$1"
 else
    version="latest"
 fi
 #date > about.txt
 #id=$(git rev-parse HEAD)
 #br=$(git branch --show-current)
 #echo "$br" >> about.txt
 #echo "$id" >> about.txt
 #echo "Built manually via $0" >> about.txt
 #docker build --no-cache -t $img:$version .
 docker build -t $img:$version .
 docker push $img:$version
--- a/20
+++ b/20
@@ -0,0 +1,20 @@
 #!/bin/bash
 set -e
 repo="owgw"
 [ -z "$REMOTE_DOCKER_HOST" ] && echo "Please set DOCKER_HOST" && exit 1
 [ -z "$REMOTE_DOCKER_PASSWORD" ] && echo "Please set DOCKER_PASSWORD" && exit 1
 img="$REMOTE_DOCKER_HOST/kinara/$repo"
 if [ -n "$1" ] ; then
    version="$1"
 else
    version="latest"
 fi
 #date > about.txt
 #id=$(git rev-parse HEAD)
 #br=$(git branch --show-current)
 #echo "$br" >> about.txt
 #echo "$id" >> about.txt
 #echo "Built manually via $0" >> about.txt
 #docker build --no-cache -t $img:$version .
 docker build -t $img:$version .
 docker push $img:$version
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -1,18 +1,18 @@
 apiVersion: v2
-appVersion: "1.0"
+appVersion: "3.0.3"
 description: A Helm chart for Kubernetes
 name: owgw
 version: 0.1.0
 dependencies:
- name: postgresql
+  - name: postgresql
    repository: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
    version: 10.9.2
    condition: postgresql.enabled
- name: mysql
+  - name: mysql
    repository: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
    version: 8.8.3
    condition: mysql.enabled
- name: mariadb
+  - name: mariadb
    repository: https://tip.jfrog.io/artifactory/tip-wlan-cloud-ucentral-helm/
    version: 9.4.2
    condition: mariadb.enabled
--- a/helm/values.yaml
+++ b/helm/values.yaml
@@ -2,24 +2,21 @@
 replicaCount: 1
 strategyType: Recreate
 revisionHistoryLimit: 2
 nameOverride: ""
 fullnameOverride: ""
 images:
  owgw:
-    repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
+    repository: 471112855615.dkr.ecr.us-east-1.amazonaws.com/owgw
-    tag: master
+    tag: kv3.0.3
    pullPolicy: Always
-#    regcred:
+    #    regcred:
-#      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
+    #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
-#      username: username
+    #      username: username
-#      password: password
+    #      password: password
  dockerize:
-    repository: tip-tip-wlan-cloud-ucentral.jfrog.io/dockerize
+    repository: 471112855615.dkr.ecr.us-east-1.amazonaws.com/wait-ready
-    tag: 0.16.0
+    tag: latest
    pullPolicy: IfNotPresent
 services:
  owgw:
    type: ClusterIP
@@ -62,7 +59,6 @@ services:
        servicePort: 3799
        targetPort: 3799
        protocol: UDP
 checks:
  owgw:
    liveness:
@@ -73,7 +69,6 @@ checks:
      exec:
        command:
          - /readiness_check
 ingresses:
  restapi:
    enabled: false
@@ -99,7 +94,6 @@ ingresses:
        pathType: ImplementationSpecific
        serviceName: owgw
        servicePort: fileuploader
 volumes:
  owgw:
    - name: config
@@ -125,18 +119,17 @@ volumes:
      volumeDefinition: |
        persistentVolumeClaim:
          claimName: {{ template "owgw.fullname" . }}-pvc
 resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
+# We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
+# choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+# resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # requests:
+# requests:
-  #  cpu: 100m
+#  cpu: 100m
-  #  memory: 128Mi
+#  memory: 128Mi
-  # limits:
+# limits:
-  #  cpu: 100m
+#  cpu: 100m
-  #  memory: 128Mi
+#  memory: 128Mi
 securityContext:
  fsGroup: 1000
@@ -151,18 +144,12 @@ securityContext:
  #  value: "2"
  #- name: net.ipv4.tcp_keepalive_time
  #  value: "45"
 nodeSelector: {}
 tolerations: []
 affinity: {}
 podAnnotations: {}
 podSecurityPolicy:
  enabled: false
 persistence:
  enabled: true
  # storageClassName: "-"
@@ -170,7 +157,6 @@ persistence:
    - ReadWriteOnce
  size: 10Gi
  annotations: {}
 # Application
 public_env_variables:
  OWGW_ROOT: /owgw-data
@@ -180,12 +166,10 @@ public_env_variables:
  # NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint
  #READINESS_METHOD: systeminfo
  #OWSEC: gw-qa01.cicd.lab.wlan.tip.build:16001
 secret_env_variables:
  # NOTE in order for readiness check to use system info method you need to override these values to the real OWSEC credentials
  OWSEC_USERNAME: tip@ucentral.com
  OWSEC_PASSWORD: openwifi
 configProperties:
  # -> Public part
  # Websocket
@@ -310,7 +294,6 @@ configProperties:
  archiver.db.2.keep: 7
  archiver.db.3.name: commandlist
  archiver.db.3.keep: 7
  # -> Secret part
  # Websocket
  ucentral.websocket.host.0.key.password: mypassword
@@ -332,10 +315,8 @@ configProperties:
  ## MySQL
  storage.type.mysql.username: stephb
  storage.type.mysql.password: snoopy99
 # NOTE: List of required certificates may be found in "certs" key. Alternative way to pass required certificates is to create external secret with all required certificates and set secret name in "existingCertsSecret" key. Details may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/main/chart#tldr
 existingCertsSecret: ""
 certs:
  clientcas.pem: ""
  issuer.pem: ""
@@ -345,66 +326,53 @@ certs:
  root.pem: ""
  websocket-cert.pem: ""
  websocket-key.pem: ""
 certsCAs:
  issuer.pem: ""
  root.pem: ""
 # PostgreSQL (https://github.com/bitnami/charts/tree/master/bitnami/postgresql)
 postgresql:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/postgresql
    tag: 11.13.0-debian-10-r0
  postgresqlPostgresPassword: "rootPassword"
  postgresqlUsername: stephb
  postgresqlPassword: snoopy99
  postgresqlDatabase: owgw
  persistence:
    enabled: true
    storageClass: ""
    size: 8Gi
 # MySQL (https://github.com/bitnami/charts/tree/master/bitnami/mysql)
 mysql:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/mysql
    tag: 8.0.26-debian-10-r10
  auth:
    rootPassword: rootPassword
    database: owgw
    username: stephb
    password: snoopy99
  primary:
    persistence:
      enabled: true
      storageClass: ""
      size: 8Gi
 # MariaDB (https://github.com/bitnami/charts/tree/master/bitnami/mariadb)
 mariadb:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/mariadb
    tag: 10.5.12-debian-10-r0
  auth:
    rootPassword: rootPassword
    database: owgw
    username: stephb
    password: snoopy99
  primary:
    persistence:
      enabled: true
--- a/ols_samples/sample1.json
+++ b/ols_samples/sample1.json
@@ -0,0 +1,85 @@
 {
    "ethernet": [
        {
            "select-ports": [
                "Ethernet0",
                "Ethernet1",
                "Ethernet2",
                "Ethernet3",
                "Ethernet4",
                "Ethernet5",
                "Ethernet6",
                "Ethernet7"
            ],
            "speed": 2500,
            "duplex": "full",
            "enabled": true,
            "poe": {
                "admin-mode": true,
                "power-limit": 60000
            }
        },
        {
            "select-ports": [
                "Ethernet8",
                "Ethernet9"
            ],
            "speed": 10000,
            "duplex": "full",
            "media": "sfp-forced-1000sfp"
        }
    ],
    "interfaces": [
        {
            "name": "VLAN1",
            "vlan": {
                "id": 1
            },
            "ipv4": {
                "addressing": "dynamic"
            },
            "ethernet": [
                {
                    "select-ports": [
                        "Ethernet0",
                        "Ethernet1",
                        "Ethernet2",
                        "Ethernet3",
                        "Ethernet4",
                        "Ethernet5",
                        "Ethernet6",
                        "Ethernet7",
                        "Ethernet8",
                        "Ethernet9"
                    ],
                    "vlan-tag": "un-tagged"
                }
            ]
        }
    ],
    "metrics": {
        "dhcp-snooping": {
            "filters": [
                "ack",
                "discover",
                "offer",
                "request",
                "solicit",
                "reply",
                "renew"
            ]
        },
        "health": {
            "interval": 60
        },
        "statistics": {
            "interval": 120,
            "types": []
        }
    },
    "unit": {
        "leds-active": true,
        "usage-threshold": 95
    },
    "uuid": 1678263900
 }
--- a/openapi/owgw.yaml
+++ b/openapi/owgw.yaml
@@ -42,12 +42,10 @@ components:
  schemas:
    DeviceType:
      type: string
-      default: AP
+      default: ap
      enum:
-        - AP
+        - ap
-        - SWITCH
+        - switch
        - IOT
        - MESH
    DeviceRestrictionsKeyInfo:
      type: object
@@ -157,6 +155,9 @@ components:
        lastRecordedContact:
          type: integer
          format: int64
        blackListed:
          type: boolean
          readOnly: true
    DeviceWithStatus:
      type: object
@@ -281,6 +282,9 @@ components:
          format: float
        connectReason:
          type: string
        blackListed:
          type: boolean
          readOnly: true
    DeviceList:
      type: object
@@ -545,6 +549,12 @@ components:
        lastModified:
          type: integer
          format: int64
        platform:
          type: string
          enum:
            - ap
            - switch
          default: ap
    DefaultConfigurationList:
      properties:
@@ -903,6 +913,114 @@ components:
            kafkaClients:
              type: integer
    RRM_Kick:
      type: object
      properties:
        action:
          type: string
          enum:
            - kick
        addr:
          type: string
          format: mac
        reason:
          type: integer
          default: 5
        ban_time:
          type: integer
          format: int64
    RRM_channel_switch:
      type: object
      properties:
        action:
          type: string
          enum:
            - channel_switch
        bssid:
          type: string
          format: mac
        channel:
          type: integer
    RRM_tx_power:
      type: object
      properties:
        action:
          type: string
          enum:
            - tx_power
        bssid:
          type: string
          format: mac
        level:
          type: integer
    RRM_beacon_request:
      type: object
      properties:
        action:
          type: string
          enum:
            - beacon_request
        addr:
          type: string
          format: mac
        ssid:
          type: string
        channel:
          type: integer
    RRM_bss_transition:
      type: object
      properties:
        action:
          type: string
          enum:
            - bss_transition
        addr:
          type: string
          format: mac
        neighbors:
          type: array
          items:
            type: string
            format: mac
    RRM_neighbors:
      type: object
      properties:
        action:
          type: string
          enum:
            - neighbors
        bssid:
          type: string
          format: mac
        neighbors:
          type: array
          items:
            type: string
            format: mac
    RRM_action:
      type: object
      oneOf:
        - $ref: '#/components/schemas/RRM_Kick'
        - $ref: '#/components/schemas/RRM_channel_switch'
        - $ref: '#/components/schemas/RRM_tx_power'
        - $ref: '#/components/schemas/RRM_beacon_request'
        - $ref: '#/components/schemas/RRM_bss_transition'
        - $ref: '#/components/schemas/RRM_neighbors'
    RRM_actions:
      type: object
      properties:
        actions:
          type: array
          items:
            $ref: '#/components/schemas/RRM_action'
    #########################################################################################
    ##
    ## These are endpoints that all services in the uCentral stack must provide
@@ -1345,6 +1463,7 @@ components:
            - generic
            - orion
            - globalreach
            - radsec
          default:
            generic
        poolProxyIp:
@@ -1434,6 +1553,52 @@ components:
        userName:
          type: string
    DeviceTransferRequest:
      type: object
      properties:
        serialNumber:
          type: string
          format: uuid
        server:
          type: string
          format: hostname
        port:
          type: integer
          format: int32
    DeviceCertificateUpdateRequest:
      type: object
      properties:
        serialNumber:
          type: string
        encodedCertificate:
          type: string
          format: base64
          description: This is a base64 encoded string of the certificate bundle (the current bundle .tar.gz file from the PKI portal)
    PowerCycleRequest:
      type: object
      properties:
        serial:
          type: string
        when:
          type: integer
          format: int64
        ports:
          type: array
          items:
            type: object
            properties:
              name:
                type: string
                example:
                  - Ethernet0
              cycle:
                type: integer
                default: 10000
                minimum: 1
                maximum: 60000
                description: off time in milliseconds
 paths:
  /devices:
@@ -1526,6 +1691,22 @@ paths:
            type: integer
            default: 70
          required: false
        - in: query
          description: return only devices matching a certain platform of AP or SWITCH
          name: platform
          schema:
            type: string
            default: ALL
            enum:
              - all
              - ap
              - switch
          required: false
        - in: query
          description: only devices which are not provisioned
          name: includeProvisioned
          schema:
            type: boolean
      responses:
        200:
          description: List devices
@@ -1581,8 +1762,12 @@ paths:
            type: integer
            format: int64
          required: false
-
+        - in: query
-
+          description: Filter the results
          name: simulatedDevices
          schema:
            type: boolean
          required: false
      responses:
        200:
          $ref: '#/components/responses/Success'
@@ -2575,7 +2760,7 @@ paths:
        404:
          $ref: '#/components/responses/NotFound'
-  /device/{serialNumber}/:
+  /device/{serialNumber}/script:
    post:
      tags:
        - Commands
@@ -2789,6 +2974,116 @@ paths:
        404:
          $ref: '#/components/responses/NotFound'
  /device/{serialNumber}/rrm:
    post:
      tags:
        - Commands
      summary: Send RRM commands to a device.
      operationId: sendRRMcommandsForADevice
      parameters:
        - in: path
          name: serialNumber
          schema:
            type: string
          required: true
      requestBody:
        description: Commands to send
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/RRM_actions'
      responses:
        200:
          $ref: '#/components/responses/Success'
        403:
          $ref: '#/components/responses/Unauthorized'
        404:
          $ref: '#/components/responses/NotFound'
  /device/{serialNumber}/transfer:
    post:
      tags:
        - Commands
      summary: Transfer a device to a new redirector.
      operationId: transferDevice
      parameters:
        - in: path
          name: serialNumber
          schema:
            type: string
          required: true
      requestBody:
        description: Transfer details
        content:
          application/json:
            schema:
              type: array
              items:
                $ref: '#/components/schemas/DeviceTransferRequest'
      responses:
        200:
          $ref: '#/components/responses/Success'
        403:
          $ref: '#/components/responses/Unauthorized'
        404:
          $ref: '#/components/responses/NotFound'
  /device/{serialNumber}/certupdate:
    post:
      tags:
        - Commands
      summary: Update the certificates for a device.
      operationId: updateCertificates
      parameters:
        - in: path
          name: serialNumber
          schema:
            type: string
          required: true
      requestBody:
        description: Certificate update details
        content:
          application/json:
            schema:
              type: array
              items:
                $ref: '#/components/schemas/DeviceCertificateUpdateRequest'
      responses:
        200:
          $ref: '#/components/responses/Success'
        403:
          $ref: '#/components/responses/Unauthorized'
        404:
          $ref: '#/components/responses/NotFound'
  /device/{serialNumber}/powercycle:
    post:
      tags:
        - Commands
      summary: Perform PoE power cycle for some PoE ports.
      operationId: performPowerCycle
      parameters:
        - in: path
          name: serialNumber
          schema:
            type: string
          required: true
      requestBody:
        description: Certificate update details
        content:
          application/json:
            schema:
              type: array
              items:
                $ref: '#/components/schemas/PowerCycleRequest'
      responses:
        200:
          $ref: '#/components/responses/Success'
        403:
          $ref: '#/components/responses/Unauthorized'
        404:
          $ref: '#/components/responses/NotFound'
  /ouis:
    get:
      tags:
@@ -3295,8 +3590,6 @@ paths:
        404:
          $ref: '#/components/responses/NotFound'
  /deviceDashboard:
    get:
      tags:
--- a/owgw.properties.tmpl
+++ b/owgw.properties.tmpl
@@ -145,7 +145,7 @@ storage.type.sqlite.db = devices.db
 storage.type.sqlite.idletime = 120
 storage.type.sqlite.maxsessions = 128
-storage.type.postgresql.maxsessions = 64
+storage.type.postgresql.maxsessions = 250
 storage.type.postgresql.idletime = 60
 storage.type.postgresql.host = ${STORAGE_TYPE_POSTGRESQL_HOST}
 storage.type.postgresql.username = ${STORAGE_TYPE_POSTGRESQL_USERNAME}
--- a/package.json
+++ b/package.json
@@ -0,0 +1,15 @@
 {
  "name": "owgw",
  "version": "3.0.3",
  "description": "This is the Kinara version of OpenWifi OWGW",
  "author": "Kinara Systems",
  "homepage": "https://kinarasystems.com",
  "repository": {
    "type": "git",
    "url": "https://github.com/kinarasystems/wlan-cloud-ucentralgw"
  },
  "keywords": [
    "owgw",
    "gateway"
  ]
 }
--- a/src/AP_WS_ConfigAutoUpgrader.cpp
+++ b/src/AP_WS_ConfigAutoUpgrader.cpp
@@ -9,14 +9,14 @@
 namespace OpenWifi {
-	int AP_WS_ConfigAutoUpgrader::Start() {
+	int AP_WS_ConfigAutoUpgradeAgent::Start() {
 		poco_notice(Logger(), "Starting...");
 		QueueManager_.start(*this);
 		return 0;
 	}
-	void AP_WS_ConfigAutoUpgrader::Stop() {
+	void AP_WS_ConfigAutoUpgradeAgent::Stop() {
 		poco_notice(Logger(), "Stopping...");
 		Running_ = false;
 		Queue_.wakeUpAll();
@@ -24,7 +24,7 @@ namespace OpenWifi {
 		poco_notice(Logger(), "Stopped...");
 	}
-	void AP_WS_ConfigAutoUpgrader::run() {
+	void AP_WS_ConfigAutoUpgradeAgent::run() {
 		Utils::SetThreadName("auto:cfgmgr");
 		Running_ = true;
--- a/src/AP_WS_ConfigAutoUpgrader.h
+++ b/src/AP_WS_ConfigAutoUpgrader.h
@@ -28,14 +28,14 @@ namespace OpenWifi {
 		std::uint64_t pending_config_=0;
 	};
-	class AP_WS_ConfigAutoUpgrader : public SubSystemServer, Poco::Runnable {
+	class AP_WS_ConfigAutoUpgradeAgent : public SubSystemServer, Poco::Runnable {
 	  public:
 		int Start() final;
 		void Stop() final;
 		void run() final;
 		static auto instance() {
-			static auto instance = new AP_WS_ConfigAutoUpgrader;
+			static auto instance = new AP_WS_ConfigAutoUpgradeAgent;
 			return instance;
 		}
@@ -126,12 +126,12 @@ namespace OpenWifi {
 		mutable std::mutex			CacheMutex_;
 		std::map<std::uint64_t, ConfigurationCacheEntry> Cache_;
-		AP_WS_ConfigAutoUpgrader() noexcept
+		AP_WS_ConfigAutoUpgradeAgent() noexcept
 			: SubSystemServer("AutoConfigUpgrade", "AUTO-CFG-MGR", "auto.config.updater") {
 		}
 	};
-	inline auto AP_WS_ConfigAutoUpgrader() { return AP_WS_ConfigAutoUpgrader::instance(); }
+	inline auto AP_WS_ConfigAutoUpgradeAgent() { return AP_WS_ConfigAutoUpgradeAgent::instance(); }
 } // namespace OpenWifi
--- a/src/AP_WS_Connection.cpp
+++ b/src/AP_WS_Connection.cpp
@@ -2,56 +2,49 @@
 // Created by stephane bourque on 2022-02-03.
 //
 #include "AP_WS_Connection.h"
-#include "Poco/Base64Decoder.h"
+#include <Poco/Base64Decoder.h>
-#include "Poco/Net/Context.h"
+#include <Poco/Net/Context.h>
-#include "Poco/Net/HTTPServerRequestImpl.h"
+#include <Poco/Net/HTTPServerRequestImpl.h>
-#include "Poco/Net/HTTPServerResponseImpl.h"
+#include <Poco/Net/HTTPServerResponseImpl.h>
-#include "Poco/Net/NetException.h"
+#include <Poco/Net/NetException.h>
-#include "Poco/Net/SSLException.h"
+#include <Poco/Net/SSLException.h>
-#include "Poco/Net/SecureStreamSocketImpl.h"
+#include <Poco/Net/SecureStreamSocketImpl.h>
-#include "Poco/Net/WebSocketImpl.h"
+#include <Poco/Net/WebSocketImpl.h>
 #include "Poco/zlib.h"
-#include "AP_WS_Server.h"
+#include <framework/KafkaManager.h>
-#include "CentralConfig.h"
+#include <framework/MicroServiceFuncs.h>
-#include "CommandManager.h"
+#include <framework/utils.h>
-#include "ConfigurationCache.h"
+#include <framework/ow_constants.h>
 #include "StorageService.h"
 #include "TelemetryStream.h"
-#include "GWKafkaEvents.h"
+#include <fmt/format.h>
 #include "UI_GW_WebSocketNotifications.h"
 #include "framework/KafkaManager.h"
 #include "framework/MicroServiceFuncs.h"
 #include "framework/utils.h"
-#include "fmt/format.h"
+#include <AP_WS_Connection.h>
-
+#include <AP_WS_Server.h>
-#include "framework/ow_constants.h"
+#include <CentralConfig.h>
-
+#include <CommandManager.h>
-#include "RADIUSSessionTracker.h"
+#include <StorageService.h>
-#include "RADIUS_proxy_server.h"
+#include <RADIUSSessionTracker.h>
 #include <RADIUS_proxy_server.h>
 #include <GWKafkaEvents.h>
 #include <UI_GW_WebSocketNotifications.h>
 namespace OpenWifi {
 #define DBL                                                                                        \
 	{                                                                                              \
 		std::cout << __LINE__ << "  ID: " << ConnectionId_ << "  Ser: " << SerialNumber_           \
 				  << std::endl;                                                                    \
 	}
 	void AP_WS_Connection::LogException(const Poco::Exception &E) {
 		poco_information(Logger_, fmt::format("EXCEPTION({}): {}", CId_, E.displayText()));
 	}
 	AP_WS_Connection::AP_WS_Connection(Poco::Net::HTTPServerRequest &request,
 									   Poco::Net::HTTPServerResponse &response,
-									   uint64_t connection_id, Poco::Logger &L,
+									   uint64_t session_id, Poco::Logger &L,
-									   Poco::Net::SocketReactor &R)
+									   std::pair<std::shared_ptr<Poco::Net::SocketReactor>, std::shared_ptr<LockedDbSession>> R)
-		: Logger_(L), Reactor_(R) {
+		: Logger_(L) {
-		State_.sessionId = connection_id;
+
 		Reactor_ = R.first;
 		DbSession_ = R.second;
 		State_.sessionId = session_id;
 		WS_ = std::make_unique<Poco::Net::WebSocket>(request, response);
 		auto TS = Poco::Timespan(360, 0);
@@ -61,29 +54,86 @@ namespace OpenWifi {
 		WS_->setNoDelay(false);
 		WS_->setKeepAlive(true);
 		WS_->setBlocking(false);
 		uuid_ = MicroServiceRandom(std::numeric_limits<std::uint64_t>::max()-1);
-		Reactor_.addEventHandler(*WS_,
+		AP_WS_Server()->IncrementConnectionCount();
 	}
 	void AP_WS_Connection::Start() {
 		Registered_ = true;
 		LastContact_ = Utils::Now();
 		Reactor_->addEventHandler(*WS_,
 								  Poco::NObserver<AP_WS_Connection, Poco::Net::ReadableNotification>(
 									  *this, &AP_WS_Connection::OnSocketReadable));
-		Reactor_.addEventHandler(*WS_,
+		Reactor_->addEventHandler(*WS_,
 								  Poco::NObserver<AP_WS_Connection, Poco::Net::ShutdownNotification>(
 									  *this, &AP_WS_Connection::OnSocketShutdown));
-		Reactor_.addEventHandler(*WS_,
+		Reactor_->addEventHandler(*WS_,
 								  Poco::NObserver<AP_WS_Connection, Poco::Net::ErrorNotification>(
 									  *this, &AP_WS_Connection::OnSocketError));
-		Registered_ = true;
+
-		Valid_ = true;
+	}
-		uuid_ = MicroServiceRandom(std::numeric_limits<std::uint64_t>::max()-1);
+
 	AP_WS_Connection::~AP_WS_Connection() {
 		std::lock_guard G(ConnectionMutex_);
 		AP_WS_Server()->DecrementConnectionCount();
 		EndConnection();
 		poco_debug(Logger_, fmt::format("TERMINATION({}): Session={}, Connection removed.", SerialNumber_,
 										State_.sessionId));
 	}
 	static void NotifyKafkaDisconnect(const std::string &SerialNumber, std::uint64_t uuid) {
 		try {
 			Poco::JSON::Object Disconnect;
 			Poco::JSON::Object Details;
 			Details.set(uCentralProtocol::SERIALNUMBER, SerialNumber);
 			Details.set(uCentralProtocol::TIMESTAMP, Utils::Now());
 			Details.set(uCentralProtocol::UUID,uuid);
 			Disconnect.set(uCentralProtocol::DISCONNECTION, Details);
 			KafkaManager()->PostMessage(KafkaTopics::CONNECTION, SerialNumber, Disconnect);
 		} catch (...) {
 		}
 	}
 	void AP_WS_Connection::EndConnection() {
 		bool expectedValue=false;
 		if (Dead_.compare_exchange_strong(expectedValue,true,std::memory_order_release,std::memory_order_relaxed)) {
 			if(!SerialNumber_.empty() && State_.LastContact!=0) {
 				StorageService()->SetDeviceLastRecordedContact(SerialNumber_, State_.LastContact);
 			}
 			if (Registered_) {
 				Registered_ = false;
 				Reactor_->removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ReadableNotification>(
 							  *this, &AP_WS_Connection::OnSocketReadable));
 				Reactor_->removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ShutdownNotification>(
 							  *this, &AP_WS_Connection::OnSocketShutdown));
 				Reactor_->removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ErrorNotification>(
 							  *this, &AP_WS_Connection::OnSocketError));
 				Registered_=false;
 			}
 			WS_->close();
 			if(!SerialNumber_.empty()) {
 				DeviceDisconnectionCleanup(SerialNumber_, uuid_);
 			}
 			AP_WS_Server()->AddCleanupSession(State_.sessionId, SerialNumberInt_);
 		}
 	}
 	bool AP_WS_Connection::ValidatedDevice() {
 		if(Dead_)
 			return false;
 		if (DeviceValidated_)
 			return true;
 		if (!Valid_)
 			return false;
 		std::lock_guard Lock(ConnectionMutex_);
 		try {
 			auto SockImpl = dynamic_cast<Poco::Net::WebSocketImpl *>(WS_->impl());
 			auto SS =
@@ -98,7 +148,6 @@ namespace OpenWifi {
 				poco_warning(Logger_, fmt::format("TLS-CONNECTION({}): Session={} Connection is "
 												  "NOT secure. Device is not allowed.",
 												  CId_, State_.sessionId));
 				EndConnection();
 				return false;
 			}
@@ -111,7 +160,6 @@ namespace OpenWifi {
 					Logger_,
 					fmt::format("TLS-CONNECTION({}): Session={} No certificates available..", CId_,
 								State_.sessionId));
 				EndConnection();
 				return false;
 			}
@@ -122,11 +170,19 @@ namespace OpenWifi {
 							 fmt::format("TLS-CONNECTION({}): Session={} Device certificate is not "
 										 "valid. Device is not allowed.",
 										 CId_, State_.sessionId));
 				EndConnection();
 				return false;
 			}
 			CN_ = Poco::trim(Poco::toLower(PeerCert.commonName()));
 			if(!Utils::ValidSerialNumber(CN_)) {
 				poco_trace(Logger_,
 						   fmt::format("TLS-CONNECTION({}): Session={} Invalid serial number: CN={}", CId_,
 									   State_.sessionId, CN_));
 				return false;
 			}
 			SerialNumber_ = CN_;
 			SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 			State_.VerifiedCertificate = GWObjects::VALID_CERTIFICATE;
 			poco_trace(Logger_,
 					   fmt::format("TLS-CONNECTION({}): Session={} Valid certificate: CN={}", CId_,
@@ -136,30 +192,27 @@ namespace OpenWifi {
 				poco_warning(Logger_, fmt::format("TLS-CONNECTION({}): Session={} Sim Device {} is "
 												  "not allowed. Disconnecting.",
 												  CId_, State_.sessionId, CN_));
 				EndConnection();
 				return false;
 			}
-			if(AP_WS_Server::IsSim(CN_)) {
+			if(AP_WS_Server::IsSim(SerialNumber_)) {
 				State_.VerifiedCertificate = GWObjects::SIMULATED;
 				Simulated_ = true;
 			}
 			std::string reason, author;
 			std::uint64_t created;
-			if (!CN_.empty() && StorageService()->IsBlackListed(CN_, reason, author, created)) {
+			if (!CN_.empty() && StorageService()->IsBlackListed(SerialNumberInt_, reason, author, created)) {
 				DeviceBlacklistedKafkaEvent KE(Utils::SerialNumberToInt(CN_), Utils::Now(), reason, author, created, CId_);
 				poco_warning(
 					Logger_,
 					fmt::format(
 						"TLS-CONNECTION({}): Session={} Device {} is black listed. Disconnecting.",
 						CId_, State_.sessionId, CN_));
 				EndConnection();
 				return false;
 			}
 			State_.certificateExpiryDate = PeerCert.expiresOn().timestamp().epochTime();
 			SerialNumber_ = CN_;
 			SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 			poco_trace(Logger_,
 					   fmt::format("TLS-CONNECTION({}): Session={} CN={} Completed. (t={})", CId_,
@@ -223,150 +276,15 @@ namespace OpenWifi {
 		return false;
 	}
-	static void NotifyKafkaDisconnect(const std::string &SerialNumber, std::uint64_t uuid) {
+	void AP_WS_Connection::DeviceDisconnectionCleanup(const std::string &SerialNumber, std::uint64_t uuid) {
 		try {
 			Poco::JSON::Object Disconnect;
 			Poco::JSON::Object Details;
 			Details.set(uCentralProtocol::SERIALNUMBER, SerialNumber);
 			Details.set(uCentralProtocol::TIMESTAMP, Utils::Now());
 			Details.set(uCentralProtocol::UUID,uuid);
 			Disconnect.set(uCentralProtocol::DISCONNECTION, Details);
 			KafkaManager()->PostMessage(KafkaTopics::CONNECTION, SerialNumber, Disconnect);
 		} catch (...) {
 		}
 	}
 	AP_WS_Connection::~AP_WS_Connection() {
 		Valid_ = false;
 		EndConnection();
 	}
 	void DeviceDisconnectionCleanup(const std::string &SerialNumber, std::uint64_t uuid) {
 		if (KafkaManager()->Enabled()) {
 			NotifyKafkaDisconnect(SerialNumber, uuid);
 		}
 		RADIUSSessionTracker()->DeviceDisconnect(SerialNumber);
 	}
 	void AP_WS_Connection::EndConnection(bool DeleteSession) {
    	Valid_ = false;
 		if (!Dead_.test_and_set()) {
 			if(!SerialNumber_.empty() && State_.LastContact!=0) {
 				StorageService()->SetDeviceLastRecordedContact(SerialNumber_, State_.LastContact);
 			}
 			if (Registered_) {
 				Registered_ = false;
 				Reactor_.removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ReadableNotification>(
 							  *this, &AP_WS_Connection::OnSocketReadable));
 				Reactor_.removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ShutdownNotification>(
 							  *this, &AP_WS_Connection::OnSocketShutdown));
 				Reactor_.removeEventHandler(
 					*WS_, Poco::NObserver<AP_WS_Connection, Poco::Net::ErrorNotification>(
 							  *this, &AP_WS_Connection::OnSocketError));
 			}
 			WS_->close();
 			if(!SerialNumber_.empty()) {
 				std::thread	Cleanup(DeviceDisconnectionCleanup,SerialNumber_, uuid_);
 				Cleanup.detach();
 			}
 			bool SessionDeleted = false;
 			if(DeleteSession)
 				SessionDeleted = AP_WS_Server()->EndSession(State_.sessionId, SerialNumberInt_);
 			if (SessionDeleted || !DeleteSession) {
 		GWWebSocketNotifications::SingleDevice_t N;
-				N.content.serialNumber = SerialNumber_;
+		N.content.serialNumber = SerialNumber;
 		GWWebSocketNotifications::DeviceDisconnected(N);
 	}
 		}
 	}
 	bool AP_WS_Connection::LookForUpgrade(const uint64_t UUID, uint64_t &UpgradedUUID) {
 		//	A UUID of zero means ignore updates for that connection.
 		if (UUID == 0)
 			return false;
 		uint64_t GoodConfig = ConfigurationCache().CurrentConfig(SerialNumberInt_);
 		if (GoodConfig && (GoodConfig == UUID || GoodConfig == State_.PendingUUID)) {
 			UpgradedUUID = UUID;
 			return false;
 		}
 		GWObjects::Device D;
 		if (StorageService()->GetDevice(SerialNumber_, D)) {
 			if(D.pendingUUID!=0 && UUID==D.pendingUUID) {
 				//	so we sent an upgrade to a device, and now it is completing now...
 				UpgradedUUID = D.pendingUUID;
 				StorageService()->CompleteDeviceConfigurationChange(SerialNumber_);
 				return true;
 			}
 			//	This is the case where the cache is empty after a restart. So GoodConfig will 0. If
 			// the device already 	has the right UUID, we just return.
 			if (D.UUID == UUID) {
 				UpgradedUUID = UUID;
 				ConfigurationCache().Add(SerialNumberInt_, UUID);
 				return false;
 			}
 			Config::Config Cfg(D.Configuration);
 			if (UUID > D.UUID) {
 				//	so we have a problem, the device has a newer config than we have. So we need to
 				// make sure our config 	is newer.
 				D.UUID = UUID + 2;
 				UpgradedUUID = D.UUID;
 			}
 			Cfg.SetUUID(D.UUID);
 			D.Configuration = Cfg.get();
 			State_.PendingUUID = UpgradedUUID = D.UUID;
 			GWObjects::CommandDetails Cmd;
 			Cmd.SerialNumber = SerialNumber_;
 			Cmd.UUID = MicroServiceCreateUUID();
 			Cmd.SubmittedBy = uCentralProtocol::SUBMITTED_BY_SYSTEM;
 			Cmd.Status = uCentralProtocol::PENDING;
 			Cmd.Command = uCentralProtocol::CONFIGURE;
 			Poco::JSON::Parser P;
 			auto ParsedConfig = P.parse(D.Configuration).extract<Poco::JSON::Object::Ptr>();
 			Poco::JSON::Object Params;
 			Params.set(uCentralProtocol::SERIAL, SerialNumber_);
 			Params.set(uCentralProtocol::UUID, D.UUID);
 			Params.set(uCentralProtocol::WHEN, 0);
 			Params.set(uCentralProtocol::CONFIG, ParsedConfig);
 			std::ostringstream O;
 			Poco::JSON::Stringifier::stringify(Params, O);
 			Cmd.Details = O.str();
 			poco_information(Logger_,
 							 fmt::format("CFG-UPGRADE({}): Current ID: {}, newer configuration {}.",
 										 CId_, UUID, D.UUID));
 			bool Sent;
 			StorageService()->AddCommand(SerialNumber_, Cmd,
 										 Storage::CommandExecutionType::COMMAND_EXECUTED);
 			CommandManager()->PostCommand(
 				CommandManager()->Next_RPC_ID(), APCommands::to_apcommand(Cmd.Command.c_str()),
 				SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent, false, false);
 			GWWebSocketNotifications::SingleDeviceConfigurationChange_t Notification;
 			Notification.content.serialNumber = D.SerialNumber;
 			Notification.content.oldUUID = UUID;
 			Notification.content.newUUID = UpgradedUUID;
 			GWWebSocketNotifications::DeviceConfigurationChange(Notification);
 			return true;
 		}
 		return false;
 	}
 	void AP_WS_Connection::ProcessJSONRPCResult(Poco::JSON::Object::Ptr Doc) {
 		poco_trace(Logger_, fmt::format("RECEIVED-RPC({}): {}.", CId_,
@@ -446,7 +364,7 @@ namespace OpenWifi {
 		std::string reason, author;
 		std::uint64_t created;
-		if (StorageService()->IsBlackListed(Serial, reason, author, created)) {
+		if (StorageService()->IsBlackListed(SerialNumberInt_, reason, author, created)) {
 			DeviceBlacklistedKafkaEvent KE(Utils::SerialNumberToInt(CN_), Utils::Now(), reason, author, created, CId_);
 			Poco::Exception E(
 				fmt::format("BLACKLIST({}): device is blacklisted and not allowed to connect.",
@@ -577,17 +495,17 @@ namespace OpenWifi {
 	}
 	bool AP_WS_Connection::SetWebSocketTelemetryReporting(
-		uint64_t RPCID, uint64_t Interval, uint64_t LifeTime,
+		std::uint64_t RPCID, std::uint64_t Interval, std::uint64_t LifeTime,
 		const std::vector<std::string> &TelemetryTypes) {
 		std::unique_lock Lock(TelemetryMutex_);
 		TelemetryWebSocketRefCount_++;
 		TelemetryInterval_ = TelemetryInterval_
-								 ? (Interval < TelemetryInterval_ ? Interval : TelemetryInterval_)
+								 ? (Interval < (std::uint64_t)TelemetryInterval_ ? Interval : (std::uint64_t )TelemetryInterval_)
 								 : Interval;
 		auto TelemetryWebSocketTimer = LifeTime + Utils::Now();
-		TelemetryWebSocketTimer_ = TelemetryWebSocketTimer > TelemetryWebSocketTimer_
+		TelemetryWebSocketTimer_ = TelemetryWebSocketTimer > (std::uint64_t)TelemetryWebSocketTimer_
-									   ? TelemetryWebSocketTimer
+									   ? (std::uint64_t)TelemetryWebSocketTimer
-									   : TelemetryWebSocketTimer_;
+									   : (std::uint64_t)TelemetryWebSocketTimer_;
 		UpdateCounts();
 		if (!TelemetryReporting_) {
 			TelemetryReporting_ = true;
@@ -603,11 +521,11 @@ namespace OpenWifi {
 		std::unique_lock Lock(TelemetryMutex_);
 		TelemetryKafkaRefCount_++;
 		TelemetryInterval_ = TelemetryInterval_
-								 ? (Interval < TelemetryInterval_ ? Interval : TelemetryInterval_)
+								 ? (Interval < (std::uint64_t)TelemetryInterval_ ? (std::uint64_t)Interval : (std::uint64_t)TelemetryInterval_)
 								 : Interval;
 		auto TelemetryKafkaTimer = LifeTime + Utils::Now();
 		TelemetryKafkaTimer_ =
-			TelemetryKafkaTimer > TelemetryKafkaTimer_ ? TelemetryKafkaTimer : TelemetryKafkaTimer_;
+			TelemetryKafkaTimer > (std::uint64_t)TelemetryKafkaTimer_ ? (std::uint64_t)TelemetryKafkaTimer : (std::uint64_t)TelemetryKafkaTimer_;
 		UpdateCounts();
 		if (!TelemetryReporting_) {
 			TelemetryReporting_ = true;
@@ -643,47 +561,48 @@ namespace OpenWifi {
 	void AP_WS_Connection::OnSocketShutdown(
 		[[maybe_unused]] const Poco::AutoPtr<Poco::Net::ShutdownNotification> &pNf) {
 		poco_trace(Logger_, fmt::format("SOCKET-SHUTDOWN({}): Closing.", CId_));
 //		std::lock_guard	G(ConnectionMutex_);
 		return EndConnection();
 	}
 	void AP_WS_Connection::OnSocketError(
 		[[maybe_unused]] const Poco::AutoPtr<Poco::Net::ErrorNotification> &pNf) {
 		poco_trace(Logger_, fmt::format("SOCKET-ERROR({}): Closing.", CId_));
 //		std::lock_guard	G(ConnectionMutex_);
 		return EndConnection();
 	}
 	void AP_WS_Connection::OnSocketReadable(
 		[[maybe_unused]] const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
-		if (!Valid_)
+		if (Dead_) //	we are dead, so we do not process anything.
 			return;
-		if (!AP_WS_Server()->Running())
+		std::lock_guard	G(ConnectionMutex_);
 			return EndConnection();
 		if (!ValidatedDevice())
 			return;
 		State_.LastContact = LastContact_ = Utils::Now();
 		if (AP_WS_Server()->Running() && (DeviceValidated_ || ValidatedDevice())) {
 			try {
 				return ProcessIncomingFrame();
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 			return EndConnection();
 			} catch (const std::exception &E) {
 				std::string W = E.what();
 				poco_information(
-				Logger_,
+					Logger_, fmt::format("std::exception caught: {}. Connection terminated with {}",
-				fmt::format("std::exception caught: {}. Connection terminated with {}", W, CId_));
+										 W, CId_));
 			return EndConnection();
 			} catch (...) {
-			poco_information(Logger_,
+				poco_information(
-							 fmt::format("Unknown exception for {}. Connection terminated.", CId_));
+					Logger_, fmt::format("Unknown exception for {}. Connection terminated.", CId_));
 			return EndConnection();
 			}
 		}
 		EndConnection();
 	}
 	void AP_WS_Connection::ProcessIncomingFrame() {
 		Poco::Buffer<char> IncomingFrame(0);
 		bool	KillConnection=false;
 		try {
 			int 	Op, flags;
 			auto IncomingSize = WS_->receiveFrame(IncomingFrame, flags);
@@ -725,12 +644,10 @@ namespace OpenWifi {
 						poco_trace(Logger_,fmt::format("Sending PING for {}", SerialNumber_));
 						KafkaManager()->PostMessage(KafkaTopics::CONNECTION, SerialNumber_,PingObject);
 					}
 				return;
 				} break;
 				case Poco::Net::WebSocket::FRAME_OP_PONG: {
 					poco_trace(Logger_, fmt::format("PONG({}): received and ignored.", CId_));
 				return;
 				} break;
 				case Poco::Net::WebSocket::FRAME_OP_TEXT: {
@@ -762,26 +679,26 @@ namespace OpenWifi {
 					} else {
 						std::ostringstream iS;
 						IncomingJSON->stringify(iS);
 					std::cout << iS.str() << std::endl;
 						poco_warning(
 							Logger_,
-						fmt::format("FRAME({}): illegal transaction header, missing 'jsonrpc'",
+							fmt::format("FRAME({}): illegal transaction header, missing 'jsonrpc': {}",
-									CId_));
+										CId_, iS.str()));
 						Errors_++;
 					}
 				return;
 				} break;
 				case Poco::Net::WebSocket::FRAME_OP_CLOSE: {
 					poco_information(Logger_,
 									 fmt::format("CLOSE({}): Device is closing its connection.", CId_));
-				return EndConnection();
+					KillConnection=true;
 				} break;
 				default: {
 					poco_warning(Logger_, fmt::format("UNKNOWN({}): unknown WS Frame operation: {}",
 													  CId_, std::to_string(Op)));
-			} break;
+					Errors_++;
 					return;
 				}
 			}
 		} catch (const Poco::Net::ConnectionResetException &E) {
 			poco_warning(Logger_,
@@ -789,21 +706,21 @@ namespace OpenWifi {
 									 CId_, E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::JSON::JSONException &E) {
 			poco_warning(Logger_,
 						 fmt::format("JSONException({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::Net::WebSocketException &E) {
 			poco_warning(Logger_,
 						 fmt::format("WebSocketException({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::Net::SSLConnectionUnexpectedlyClosedException &E) {
 			poco_warning(
 				Logger_,
@@ -812,54 +729,54 @@ namespace OpenWifi {
 					CId_, E.displayText(),
 					IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 					State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::Net::SSLException &E) {
 			poco_warning(Logger_,
 						 fmt::format("SSLException({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::Net::NetException &E) {
 			poco_warning(Logger_,
 						 fmt::format("NetException({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::IOException &E) {
 			poco_warning(Logger_,
 						 fmt::format("IOException({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const Poco::Exception &E) {
 			poco_warning(Logger_,
 						 fmt::format("Exception({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.displayText(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (const std::exception &E) {
 			poco_warning(Logger_,
 						 fmt::format("std::exception({}): Text:{} Payload:{} Session:{}", CId_,
 									 E.what(),
 									 IncomingFrame.begin() == nullptr ? "" : IncomingFrame.begin(),
 									 State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		} catch (...) {
 			poco_error(Logger_, fmt::format("UnknownException({}): Device must be disconnected. "
 											"Unknown exception.  Session:{}",
 											CId_, State_.sessionId));
-			return EndConnection();
+			KillConnection=true;
 		}
-		if (Errors_ < 10)
+		if (!KillConnection && Errors_ < 10)
 			return;
-		poco_warning(Logger_, fmt::format("DISCONNECTING({}): Too many errors", CId_));
+		poco_warning(Logger_, fmt::format("DISCONNECTING({}): ConnectionException: {} Errors: {}", CId_, KillConnection, Errors_ ));
-		return EndConnection();
+		EndConnection();
 	}
 	bool AP_WS_Connection::Send(const std::string &Payload) {
@@ -952,24 +869,55 @@ namespace OpenWifi {
 	void AP_WS_Connection::ProcessIncomingRadiusData(const Poco::JSON::Object::Ptr &Doc) {
 		if (Doc->has(uCentralProtocol::RADIUSDATA)) {
 			std::string secret;
 			auto Type = Doc->get(uCentralProtocol::RADIUS).toString();
 			if (Type == uCentralProtocol::RADIUSACCT) {
 				auto Data = Doc->get(uCentralProtocol::RADIUSDATA).toString();
 				auto DecodedData = Base64Decode(Data);
 				RADIUS_proxy_server()->SendAccountingData(SerialNumber_, DecodedData.c_str(),
-														  DecodedData.size(),secret);
+														  DecodedData.size());
 			} else if (Type == uCentralProtocol::RADIUSAUTH) {
 				auto Data = Doc->get(uCentralProtocol::RADIUSDATA).toString();
 				auto DecodedData = Base64Decode(Data);
 				RADIUS_proxy_server()->SendAuthenticationData(SerialNumber_, DecodedData.c_str(),
-															  DecodedData.size(), secret);
+															  DecodedData.size());
 			} else if (Type == uCentralProtocol::RADIUSCOA) {
 				auto Data = Doc->get(uCentralProtocol::RADIUSDATA).toString();
 				auto DecodedData = Base64Decode(Data);
 				RADIUS_proxy_server()->SendCoAData(SerialNumber_, DecodedData.c_str(),
-												   DecodedData.size(), secret);
+												   DecodedData.size());
 			}
 		}
 	}
 	void AP_WS_Connection::SetLastStats(const std::string &LastStats) {
 		RawLastStats_ = LastStats;
 		try {
 			Poco::JSON::Parser P;
 			auto Stats = P.parse(LastStats).extract<Poco::JSON::Object::Ptr>();
 			State_.hasGPS = Stats->isObject("gps");
 			auto Unit = Stats->getObject("unit");
 			auto Memory = Unit->getObject("memory");
 			std::uint64_t TotalMemory = Memory->get("total");
 			std::uint64_t FreeMemory = Memory->get("free");
 			if (TotalMemory > 0) {
 				State_.memoryUsed =
 					(100.0 * ((double)TotalMemory - (double)FreeMemory)) / (double)TotalMemory;
 			}
 			if (Unit->isArray("load")) {
 				Poco::JSON::Array::Ptr Load = Unit->getArray("load");
 				if (Load->size() > 1) {
 					State_.load = Load->get(1);
 				}
 			}
 			if (Unit->isArray("temperature")) {
 				Poco::JSON::Array::Ptr Temperature = Unit->getArray("temperature");
 				if (Temperature->size() > 1) {
 					State_.temperature = Temperature->get(0);
 				}
 			}
 		} catch (const Poco::Exception &E) {
 			poco_error(Logger_, "Failed to parse last stats: " + E.displayText());
 		}
 	}
 } // namespace OpenWifi
--- a/src/AP_WS_Connection.h
+++ b/src/AP_WS_Connection.h
@@ -4,7 +4,7 @@
 #pragma once
-#include <shared_mutex>
+#include <mutex>
 #include <string>
 #include "Poco/JSON/Object.h"
@@ -14,8 +14,10 @@
 #include "Poco/Net/SocketReactor.h"
 #include "Poco/Net/StreamSocket.h"
 #include "Poco/Net/WebSocket.h"
 #include <Poco/Data/Session.h>
 #include "RESTObjects/RESTAPI_GWobjects.h"
 #include <AP_WS_Reactor_Pool.h>
 namespace OpenWifi {
@@ -25,16 +27,17 @@ namespace OpenWifi {
 	  public:
 		explicit AP_WS_Connection(Poco::Net::HTTPServerRequest &request,
 								  Poco::Net::HTTPServerResponse &response, uint64_t connection_id,
-								  Poco::Logger &L, Poco::Net::SocketReactor &R);
+								  Poco::Logger &L, std::pair<std::shared_ptr<Poco::Net::SocketReactor>, std::shared_ptr<LockedDbSession>> R);
 		~AP_WS_Connection();
-		void EndConnection(bool DeleteSession=true);
+		void EndConnection();
 		void ProcessJSONRPCEvent(Poco::JSON::Object::Ptr &Doc);
 		void ProcessJSONRPCResult(Poco::JSON::Object::Ptr Doc);
 		void ProcessIncomingFrame();
 		void ProcessIncomingRadiusData(const Poco::JSON::Object::Ptr &Doc);
 		[[nodiscard]] bool Send(const std::string &Payload);
 		[[nodiscard]] inline bool MustBeSecureRTTY() const { return RTTYMustBeSecure_; }
 		bool SendRadiusAuthenticationData(const unsigned char *buffer, std::size_t size);
 		bool SendRadiusAccountingData(const unsigned char *buffer, std::size_t size);
@@ -43,10 +46,7 @@ namespace OpenWifi {
 		void OnSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf);
 		void OnSocketShutdown(const Poco::AutoPtr<Poco::Net::ShutdownNotification> &pNf);
 		void OnSocketError(const Poco::AutoPtr<Poco::Net::ErrorNotification> &pNf);
-		bool LookForUpgrade(uint64_t UUID, uint64_t &UpgradedUUID);
+		bool LookForUpgrade(Poco::Data::Session &Session, uint64_t UUID, uint64_t &UpgradedUUID);
 		static bool ExtractBase64CompressedData(const std::string &CompressedData,
 												std::string &UnCompressedData,
 												uint64_t compress_sz);
 		void LogException(const Poco::Exception &E);
 		inline Poco::Logger &Logger() { return Logger_; }
 		bool SetWebSocketTelemetryReporting(uint64_t RPCID, uint64_t interval,
@@ -59,81 +59,33 @@ namespace OpenWifi {
 		bool StopKafkaTelemetry(uint64_t RPCID);
 		inline void GetLastStats(std::string &LastStats) {
-			std::shared_lock G(ConnectionMutex_);
+			if(!Dead_) {
 				std::lock_guard G(ConnectionMutex_);
 				LastStats = RawLastStats_;
 			}
 		inline void SetLastStats(const std::string &LastStats) {
 			std::unique_lock G(ConnectionMutex_);
 			RawLastStats_ = LastStats;
 			try {
 				Poco::JSON::Parser P;
 				auto Stats = P.parse(LastStats).extract<Poco::JSON::Object::Ptr>();
 				hasGPS = Stats->isObject("gps");
 				auto Unit = Stats->getObject("unit");
 				auto Memory = Unit->getObject("memory");
 				std::uint64_t TotalMemory = Memory->get("total");
 				std::uint64_t FreeMemory = Memory->get("free");
 				if(TotalMemory>0) {
 					memory_used_ =
 						(100.0 * ((double)TotalMemory - (double)FreeMemory)) / (double)TotalMemory;
 				}
 				if(Unit->isArray("load")) {
 					Poco::JSON::Array::Ptr Load = Unit->getArray("load");
 					if(Load->size()>1) {
 						cpu_load_ = Load->get(1);
 					}
 				}
 				if(Unit->isArray("temperature")) {
 					Poco::JSON::Array::Ptr Temperature = Unit->getArray("temperature");
 					if(Temperature->size()>1) {
 						temperature_ = Temperature->get(0);
 					}
 				}
 			} catch (...) {
 			}
 		}
 		inline void SetLastHealthCheck(const GWObjects::HealthCheck &H) {
 			std::unique_lock G(ConnectionMutex_);
 			RawLastHealthcheck_ = H;
 		}
 		inline void GetLastHealthCheck(GWObjects::HealthCheck &H) {
-			std::shared_lock G(ConnectionMutex_);
+			if(!Dead_) {
 				std::lock_guard G(ConnectionMutex_);
 				H = RawLastHealthcheck_;
 			}
 		}
-		inline void GetState(GWObjects::ConnectionState &State) const {
+		inline void GetState(GWObjects::ConnectionState &State) {
-			std::shared_lock G(ConnectionMutex_);
+			if(!Dead_) {
 				std::lock_guard G(ConnectionMutex_);
 				State = State_;
 			}
 		inline bool HasGPS() { return hasGPS; }
 		inline void GetRestrictions(GWObjects::DeviceRestrictions &R) const {
 			std::shared_lock G(ConnectionMutex_);
 			R = Restrictions_;
 		}
-		void Process_connect(Poco::JSON::Object::Ptr ParamsObj, const std::string &Serial);
+		inline GWObjects::DeviceRestrictions GetRestrictions() {
-		void Process_state(Poco::JSON::Object::Ptr ParamsObj);
+			std::lock_guard G(ConnectionMutex_);
-		void Process_healthcheck(Poco::JSON::Object::Ptr ParamsObj);
+			return Restrictions_;
-		void Process_log(Poco::JSON::Object::Ptr ParamsObj);
+		}
 		void Process_crashlog(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_ping(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_cfgpending(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_recovery(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_deviceupdate(Poco::JSON::Object::Ptr ParamsObj, std::string &Serial);
 		void Process_telemetry(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_venuebroadcast(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_event(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_wifiscan(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_alarm(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_rebootLog(Poco::JSON::Object::Ptr ParamsObj);
-		bool ValidatedDevice();
+		[[nodiscard]] inline bool HasGPS() const { return hasGPS_; }
 		[[nodiscard]] bool ValidatedDevice();
 		inline bool GetTelemetryParameters(bool &Reporting, uint64_t &Interval,
 										   uint64_t &WebSocketTimer, uint64_t &KafkaTimer,
@@ -153,18 +105,14 @@ namespace OpenWifi {
 		friend class AP_WS_Server;
-		inline GWObjects::DeviceRestrictions Restrictions() const {
+		void Start();
 			std::shared_lock G(ConnectionMutex_);
 			return Restrictions_;
 		}
 		inline bool MustBeSecureRtty() const { return RttyMustBeSecure_; }
 	  private:
-		mutable std::shared_mutex ConnectionMutex_;
+		mutable std::recursive_mutex ConnectionMutex_;
-		std::shared_mutex TelemetryMutex_;
+		std::mutex TelemetryMutex_;
 		Poco::Logger &Logger_;
-		Poco::Net::SocketReactor &Reactor_;
+		std::shared_ptr<Poco::Net::SocketReactor> 	Reactor_;
 		std::shared_ptr<LockedDbSession> 	DbSession_;
 		std::unique_ptr<Poco::Net::WebSocket> WS_;
 		std::string SerialNumber_;
 		uint64_t SerialNumberInt_ = 0;
@@ -175,33 +123,56 @@ namespace OpenWifi {
 		uint64_t Errors_ = 0;
 		Poco::Net::IPAddress PeerAddress_;
 		volatile bool TelemetryReporting_ = false;
-		volatile uint64_t TelemetryWebSocketRefCount_ = 0;
+		std::atomic_uint64_t TelemetryWebSocketRefCount_ = 0;
-		volatile uint64_t TelemetryKafkaRefCount_ = 0;
+		std::atomic_uint64_t TelemetryKafkaRefCount_ = 0;
-		volatile uint64_t TelemetryWebSocketTimer_ = 0;
+		std::atomic_uint64_t TelemetryWebSocketTimer_ = 0;
-		volatile uint64_t TelemetryKafkaTimer_ = 0;
+		std::atomic_uint64_t TelemetryKafkaTimer_ = 0;
-		volatile uint64_t TelemetryInterval_ = 0;
+		std::atomic_uint64_t TelemetryInterval_ = 0;
-		volatile uint64_t TelemetryWebSocketPackets_ = 0;
+		std::atomic_uint64_t TelemetryWebSocketPackets_ = 0;
-		volatile uint64_t TelemetryKafkaPackets_ = 0;
+		std::atomic_uint64_t TelemetryKafkaPackets_ = 0;
 		GWObjects::ConnectionState State_;
-		std::string RawLastStats_;
+		Utils::CompressedString RawLastStats_;
 		GWObjects::HealthCheck RawLastHealthcheck_;
 		std::chrono::time_point<std::chrono::high_resolution_clock> ConnectionStart_ =
 			std::chrono::high_resolution_clock::now();
 		std::chrono::duration<double, std::milli> ConnectionCompletionTime_{0.0};
-		std::atomic_flag Dead_ = false;
+		std::atomic<bool> 	Dead_ = false;
 		std::atomic_bool DeviceValidated_ = false;
 		std::atomic_bool Valid_ = false;
 		OpenWifi::GWObjects::DeviceRestrictions Restrictions_;
-		bool 			RttyMustBeSecure_ = false;
+		bool 			RTTYMustBeSecure_ = false;
 		bool hasGPS_=false;
 		std::double_t 	memory_used_=0.0, cpu_load_ = 0.0, temperature_ = 0.0;
 		std::uint64_t 	uuid_=0;
 		bool	Simulated_=false;
 		std::atomic_uint64_t 	LastContact_=0;
 		static inline std::atomic_uint64_t ConcurrentStartingDevices_ = 0;
 		bool StartTelemetry(uint64_t RPCID, const std::vector<std::string> &TelemetryTypes);
 		bool StopTelemetry(uint64_t RPCID);
 		void UpdateCounts();
-		bool hasGPS=false;
+		static void DeviceDisconnectionCleanup(const std::string &SerialNumber, std::uint64_t uuid);
-		std::double_t 	memory_used_=0.0, cpu_load_ = 0.0, temperature_ = 0.0;
+		void SetLastStats(const std::string &LastStats);
-		std::uint64_t 	uuid_=0;
+		void Process_connect(Poco::JSON::Object::Ptr ParamsObj, const std::string &Serial);
 		void Process_state(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_healthcheck(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_log(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_crashlog(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_ping(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_cfgpending(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_recovery(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_deviceupdate(Poco::JSON::Object::Ptr ParamsObj, std::string &Serial);
 		void Process_telemetry(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_venuebroadcast(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_event(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_wifiscan(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_alarm(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_rebootLog(Poco::JSON::Object::Ptr ParamsObj);
 		inline void SetLastHealthCheck(const GWObjects::HealthCheck &H) {
 			RawLastHealthcheck_ = H;
 		}
 	};
 } // namespace OpenWifi
--- a/src/AP_WS_LookForUpgrade.cpp
+++ b/src/AP_WS_LookForUpgrade.cpp
@@ -0,0 +1,111 @@
 #include <AP_WS_Connection.h>
 #include "ConfigurationCache.h"
 #include "UI_GW_WebSocketNotifications.h"
 #include "CommandManager.h"
 namespace OpenWifi {
 	bool AP_WS_Connection::LookForUpgrade(Poco::Data::Session &Session, const uint64_t UUID, uint64_t &UpgradedUUID) {
 		//	A UUID of zero means ignore updates for that connection.
 		if (UUID == 0)
 			return false;
 		uint64_t GoodConfig = GetCurrentConfigurationID(SerialNumberInt_);
 		if (GoodConfig && (GoodConfig == UUID || GoodConfig == State_.PendingUUID)) {
 			UpgradedUUID = UUID;
 			State_.PendingUUID = 0;
 			return false;
 		}
 		GWObjects::Device D;
 		if (!StorageService()->GetDevice(Session,SerialNumber_, D)) {
 			return false;
 		}
 		if(State_.PendingUUID!=0 && UUID==State_.PendingUUID) {
 			//	so we sent an upgrade to a device, and now it is completing now...
 			UpgradedUUID = UUID;
 			StorageService()->CompleteDeviceConfigurationChange(Session, SerialNumber_);
 			State_.PendingUUID = 0;
 			return true;
 		}
 		// dont upgrade a switch if it does not have a real config. Config will always be more than 20 characters
 		if (D.DeviceType==Platforms::SWITCH && D.Configuration.size()<20) {
 			return false;
 		}
 		Config::Config Cfg(D.Configuration);
 		//	if this is a broken device (UUID==0) just fix it
 		auto StoredConfigurationUUID = Cfg.UUID();
 		if(D.UUID==0) {
 			D.UUID = StoredConfigurationUUID;
 		}
 		if (D.UUID == UUID) {
 			D.UUID = UpgradedUUID = UUID;
 			State_.PendingUUID = D.pendingUUID = 0;
 			D.pendingConfiguration.clear();
 			D.pendingConfigurationCmd.clear();
 			StorageService()->UpdateDevice(Session, D);
 			SetCurrentConfigurationID(SerialNumberInt_, UUID);
 //			std::cout << __LINE__ << ": " << SerialNumber_ << "  GoodConfig: " << GoodConfig << "   UUID:" << UUID << "  Pending:" << State_.PendingUUID << std::endl;
 			return false;
 		}
 		if (UUID > D.UUID) {
 			//	so we have a problem, the device has a newer config than we have. So we need to
 			// 	make sure our config 	is newer.
 			D.UUID = UUID + 2;
 			UpgradedUUID = D.UUID;
 //			std::cout << __LINE__ << ": " << SerialNumber_  << "  GoodConfig: " << GoodConfig << "   UUID:" << UUID << "  Pending:" << State_.PendingUUID << std::endl;
 		}
 		Cfg.SetUUID(D.UUID);
 		D.Configuration = Cfg.get();
 		D.pendingUUID = State_.PendingUUID = UpgradedUUID = D.UUID;
 		StorageService()->UpdateDevice(Session, D);
 		GWObjects::CommandDetails Cmd;
 		Cmd.SerialNumber = SerialNumber_;
 		Cmd.UUID = MicroServiceCreateUUID();
 		Cmd.SubmittedBy = uCentralProtocol::SUBMITTED_BY_SYSTEM;
 		Cmd.Status = uCentralProtocol::PENDING;
 		Cmd.Command = uCentralProtocol::CONFIGURE;
 		Poco::JSON::Parser P;
 		auto ParsedConfig = P.parse(D.Configuration).extract<Poco::JSON::Object::Ptr>();
 		Poco::JSON::Object Params;
 		Params.set(uCentralProtocol::SERIAL, SerialNumber_);
 		Params.set(uCentralProtocol::UUID, D.UUID);
 		Params.set(uCentralProtocol::WHEN, 0);
 		Params.set(uCentralProtocol::CONFIG, ParsedConfig);
 		std::ostringstream O;
 		Poco::JSON::Stringifier::stringify(Params, O);
 		Cmd.Details = O.str();
 		poco_information(Logger_,
 						 fmt::format("CFG-UPGRADE({}): Current ID: {}, newer configuration {}.",
 									 CId_, UUID, D.UUID));
 		bool Sent;
 		StorageService()->AddCommand(SerialNumber_, Cmd,
 									 Storage::CommandExecutionType::COMMAND_EXECUTED);
 		CommandManager()->PostCommand(
 			CommandManager()->Next_RPC_ID(), APCommands::to_apcommand(Cmd.Command.c_str()),
 			SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent, false, false);
 		GWWebSocketNotifications::SingleDeviceConfigurationChange_t Notification;
 		Notification.content.serialNumber = D.SerialNumber;
 		Notification.content.oldUUID = UUID;
 		Notification.content.newUUID = UpgradedUUID;
 		GWWebSocketNotifications::DeviceConfigurationChange(Notification);
 //		std::cout << __LINE__ << ": " << SerialNumber_ << "  GoodConfig: " << GoodConfig << "   UUID:" << UUID <<
 //			"  Pending:" << State_.PendingUUID << "  Upgraded:" << UpgradedUUID << std::endl;
 		return true;
 	}
 }
--- a/src/AP_WS_Process_connect.cpp
+++ b/src/AP_WS_Process_connect.cpp
@@ -71,9 +71,8 @@ namespace OpenWifi {
 			CommandManager()->ClearQueue(SerialNumberInt_);
-			AP_WS_Server()->SetSessionDetails(State_.sessionId, SerialNumberInt_);
+			AP_WS_Server()->StartSession(State_.sessionId, SerialNumberInt_);
 			std::lock_guard Lock(ConnectionMutex_);
 			Config::Capabilities Caps(Capabilities);
 			Compatible_ = Caps.Compatible();
@@ -84,6 +83,8 @@ namespace OpenWifi {
 			State_.Address = Utils::FormatIPv6(WS_->peerAddress().toString());
 			CId_ = SerialNumber_ + "@" + CId_;
 			auto &Platform = Caps.Platform();
 			if(ParamsObj->has("reason")) {
 				State_.connectReason = ParamsObj->get("reason").toString();
 			}
@@ -100,36 +101,24 @@ namespace OpenWifi {
 				Restrictions_.from_json(RestrictionObject);
 			}
-			if (Capabilities->has("developer")) {
+			if (Capabilities->has("developer") && !Capabilities->isNull("developer")) {
 				Restrictions_.developer = Capabilities->getValue<bool>("developer");
 			}
 			if(Capabilities->has("secure-rtty")) {
-				RttyMustBeSecure_ = Capabilities->getValue<bool>("secure-rtty");
+				RTTYMustBeSecure_ = Capabilities->getValue<bool>("secure-rtty");
 			}
 			State_.locale = FindCountryFromIP()->Get(IP);
 			GWObjects::Device DeviceInfo;
-			auto DeviceExists = StorageService()->GetDevice(SerialNumber_, DeviceInfo);
+			std::lock_guard DbSessionLock(DbSession_->Mutex());
 			auto DeviceExists = StorageService()->GetDevice(DbSession_->Session(), SerialNumber_, DeviceInfo);
 			if (Daemon()->AutoProvisioning() && !DeviceExists) {
 				//	check the firmware version. if this is too old, we cannot let that device connect yet, we must
 				//	force a firmware upgrade
 				GWObjects::DefaultFirmware	MinimumFirmware;
 				if(FirmwareRevisionCache()->DeviceMustUpgrade(Compatible_, Firmware, MinimumFirmware)) {
 /*
 					{    "jsonrpc" : "2.0" ,
 						 "method" : "upgrade" ,
 						 "params" : {
 								"serial" : <serial number> ,
 								"when"  : Optional - <UTC time when to upgrade the firmware, 0 mean immediate, this is a suggestion>,
 								"uri"   : <URI to download the firmware>,
 								"FWsignature" : <string representation of the signature for the FW> (optional)
 						 },
 						 "id" : <some number>
 					}
 */
 					Poco::JSON::Object	UpgradeCommand, Params;
 					UpgradeCommand.set(uCentralProtocol::JSONRPC,uCentralProtocol::JSONRPC_VERSION);
 					UpgradeCommand.set(uCentralProtocol::METHOD,uCentralProtocol::UPGRADE);
@@ -157,7 +146,7 @@ namespace OpenWifi {
 					}
 					return;
 				} else {
-					StorageService()->CreateDefaultDevice(
+					StorageService()->CreateDefaultDevice( DbSession_->Session(),
 						SerialNumber_, Caps, Firmware, PeerAddress_,
 						State_.VerifiedCertificate == GWObjects::SIMULATED);
 				}
@@ -166,7 +155,7 @@ namespace OpenWifi {
 				poco_warning(Logger(),fmt::format("Device {} is a {} from {} and cannot be provisioned.",SerialNumber_,Compatible_, CId_));
 				return EndConnection();
 			} else if (DeviceExists) {
-				StorageService()->UpdateDeviceCapabilities(SerialNumber_, Caps);
+				StorageService()->UpdateDeviceCapabilities(DbSession_->Session(), SerialNumber_, Caps);
 				int Updated{0};
 				if (!Firmware.empty()) {
 					if (Firmware != DeviceInfo.Firmware) {
@@ -186,6 +175,12 @@ namespace OpenWifi {
 					}
 				}
 				if(ParamsObj->has("reason")) {
 					State_.connectReason = ParamsObj->get("reason").toString();
 					DeviceInfo.connectReason = State_.connectReason;
 					++Updated;
 				}
 				if(DeviceInfo.DevicePassword!=DevicePassword) {
 					DeviceInfo.DevicePassword = DevicePassword.empty() ? "openwifi" : DevicePassword ;
 					++Updated;
@@ -211,8 +206,13 @@ namespace OpenWifi {
 					++Updated;
 				}
-				if (Compatible_ != DeviceInfo.DeviceType) {
+				if (Compatible_ != DeviceInfo.Compatible) {
-					DeviceInfo.DeviceType = Compatible_;
+					DeviceInfo.Compatible = Compatible_;
 					++Updated;
 				}
 				if (Platform != DeviceInfo.DeviceType) {
 					DeviceInfo.DeviceType = Platform;
 					++Updated;
 				}
@@ -226,14 +226,22 @@ namespace OpenWifi {
 					++Updated;
 				}
-				if (Updated) {
+				if(DeviceInfo.certificateExpiryDate!=State_.certificateExpiryDate) {
-					StorageService()->UpdateDevice(DeviceInfo);
+					DeviceInfo.certificateExpiryDate = State_.certificateExpiryDate;
 					++Updated;
 				}
 				if (Updated) {
 					StorageService()->UpdateDevice(DbSession_->Session(), DeviceInfo);
 				}
 			}
 			if(!Simulated_) {
 				uint64_t UpgradedUUID = 0;
-				LookForUpgrade(UUID, UpgradedUUID);
+				if (LookForUpgrade(DbSession_->Session(), UUID, UpgradedUUID)) {
 					State_.UUID = UpgradedUUID;
 				}
 			}
 			State_.Compatible = Compatible_;
 			State_.Connected = true;
--- a/src/AP_WS_Process_crashlog.cpp
+++ b/src/AP_WS_Process_crashlog.cpp
@@ -29,7 +29,7 @@ namespace OpenWifi {
 										   .Recorded = Utils::Now(),
 										   .LogType = 1,
 										   .UUID = ParamsObj->get(uCentralProtocol::UUID)};
-			StorageService()->AddLog(DeviceLog);
+			StorageService()->AddLog(*DbSession_, DeviceLog);
 			DeviceLogKafkaEvent	E(DeviceLog);
 		} else {
 			poco_warning(Logger_, fmt::format("LOG({}): Missing parameters.", CId_));
--- a/src/AP_WS_Process_deviceupdate.cpp
+++ b/src/AP_WS_Process_deviceupdate.cpp
@@ -21,7 +21,7 @@ namespace OpenWifi {
 		if (ParamsObj->has("currentPassword")) {
 			auto Password = ParamsObj->get("currentPassword").toString();
-			StorageService()->SetDevicePassword(Serial, Password);
+			StorageService()->SetDevicePassword(*DbSession_,Serial, Password);
 			poco_trace(
 				Logger_,
 				fmt::format("DEVICE-UPDATE({}): Device is updating its login password.", Serial));
--- a/src/AP_WS_Process_event.cpp
+++ b/src/AP_WS_Process_event.cpp
@@ -34,10 +34,15 @@ namespace OpenWifi {
 					FullEvent.set("type", EventType);
 					FullEvent.set("timestamp", EventTimeStamp);
 					FullEvent.set("payload", EventPayload);
 					if(strncmp(EventType.c_str(),"rrm.",4) == 0 ) {
 						KafkaManager()->PostMessage(KafkaTopics::RRM, SerialNumber_,
 													FullEvent);
 					} else {
 						KafkaManager()->PostMessage(KafkaTopics::DEVICE_EVENT_QUEUE, SerialNumber_,
 													FullEvent);
 					}
 				}
 			}
 		} catch (const Poco::Exception &E) {
 			Logger_.log(E);
 		} catch (...) {
--- a/src/AP_WS_Process_healthcheck.cpp
+++ b/src/AP_WS_Process_healthcheck.cpp
@@ -3,6 +3,7 @@
 //
 #include "AP_WS_Connection.h"
 #include "AP_WS_Server.h"
 #include "StorageService.h"
 #include "fmt/format.h"
@@ -25,6 +26,7 @@ namespace OpenWifi {
 			uint64_t UUID = ParamsObj->get(uCentralProtocol::UUID);
 			auto Sanity = ParamsObj->get(uCentralProtocol::SANITY);
 			State_.sanity = Sanity;
 			auto CheckData = ParamsObj->get(uCentralProtocol::DATA).toString();
 			if (CheckData.empty())
 				CheckData = uCentralProtocol::EMPTY_JSON_DOC;
@@ -40,10 +42,6 @@ namespace OpenWifi {
 												CId_, UUID, request_uuid));
 			}
 			uint64_t UpgradedUUID;
 			LookForUpgrade(UUID, UpgradedUUID);
 			State_.UUID = UpgradedUUID;
 			GWObjects::HealthCheck Check;
 			Check.SerialNumber = SerialNumber_;
@@ -52,14 +50,14 @@ namespace OpenWifi {
 			Check.Data = CheckData;
 			Check.Sanity = Sanity;
-			StorageService()->AddHealthCheckData(Check);
+			StorageService()->AddHealthCheckData(*DbSession_, Check);
 			if (!request_uuid.empty()) {
 				StorageService()->SetCommandResult(request_uuid, CheckData);
 			}
 			SetLastHealthCheck(Check);
-			if (KafkaManager()->Enabled()) {
+			if (KafkaManager()->Enabled() && !AP_WS_Server()->KafkaDisableHealthChecks()) {
 				KafkaManager()->PostMessage(KafkaTopics::HEALTHCHECK, SerialNumber_, *ParamsObj);
 			}
 		} else {
--- a/src/AP_WS_Process_log.cpp
+++ b/src/AP_WS_Process_log.cpp
@@ -36,7 +36,7 @@ namespace OpenWifi {
 										   .Recorded = (uint64_t)time(nullptr),
 										   .LogType = 0,
 										   .UUID = State_.UUID};
-			StorageService()->AddLog(DeviceLog);
+			StorageService()->AddLog(*DbSession_, DeviceLog);
 			DeviceLogKafkaEvent	E(DeviceLog);
 		} else {
 			poco_warning(Logger_, fmt::format("LOG({}): Missing parameters.", CId_));
--- a/src/AP_WS_Process_rebootLog.cpp
+++ b/src/AP_WS_Process_rebootLog.cpp
@@ -35,7 +35,7 @@ namespace OpenWifi {
 										   .Recorded = ParamsObj->get(uCentralProtocol::DATE),
 										   .LogType = 2,
 										   .UUID = ParamsObj->get(uCentralProtocol::UUID)};
-			StorageService()->AddLog(DeviceLog);
+			StorageService()->AddLog(*DbSession_, DeviceLog);
 			DeviceLogKafkaEvent	E(DeviceLog);
 		} else {
 			poco_warning(Logger_, fmt::format("REBOOT-LOG({}): Missing parameters.", CId_));
--- a/src/AP_WS_Process_recovery.cpp
+++ b/src/AP_WS_Process_recovery.cpp
@@ -35,7 +35,7 @@ namespace OpenWifi {
 										   .LogType = 1,
 										   .UUID = 0};
-			StorageService()->AddLog(DeviceLog);
+			StorageService()->AddLog(*DbSession_, DeviceLog);
 			if (ParamsObj->get(uCentralProtocol::REBOOT).toString() == "true") {
 				GWObjects::CommandDetails Cmd;
--- a/src/AP_WS_Process_state.cpp
+++ b/src/AP_WS_Process_state.cpp
@@ -3,6 +3,7 @@
 //
 #include "AP_WS_Connection.h"
 #include "AP_WS_Server.h"
 #include "StateUtils.h"
 #include "StorageService.h"
@@ -39,23 +40,27 @@ namespace OpenWifi {
 												UUID, request_uuid));
 			}
 			std::lock_guard	Guard(DbSession_->Mutex());
 			if(!Simulated_) {
 				uint64_t UpgradedUUID;
-			LookForUpgrade(UUID, UpgradedUUID);
+				LookForUpgrade(DbSession_->Session(), UUID, UpgradedUUID);
 				State_.UUID = UpgradedUUID;
 			}
 			SetLastStats(StateStr);
 			GWObjects::Statistics Stats{
 				.SerialNumber = SerialNumber_, .UUID = UUID, .Data = StateStr};
 			Stats.Recorded = Utils::Now();
-			StorageService()->AddStatisticsData(Stats);
+			StorageService()->AddStatisticsData(DbSession_->Session(),Stats);
 			if (!request_uuid.empty()) {
 				StorageService()->SetCommandResult(request_uuid, StateStr);
 			}
 			StateUtils::ComputeAssociations(StateObj, State_.Associations_2G,
-											State_.Associations_5G, State_.Associations_6G);
+											State_.Associations_5G, State_.Associations_6G, State_.uptime);
-			if (KafkaManager()->Enabled()) {
+			if (KafkaManager()->Enabled() && !AP_WS_Server()->KafkaDisableState()) {
 				KafkaManager()->PostMessage(KafkaTopics::STATE, SerialNumber_, *ParamsObj);
 			}
--- a/src/AP_WS_Process_telemetry.cpp
+++ b/src/AP_WS_Process_telemetry.cpp
@@ -35,8 +35,7 @@ namespace OpenWifi {
 				}
 				if (TelemetryWebSocketRefCount_) {
 					if (now < TelemetryWebSocketTimer_) {
-						// std::cout << SerialNumber_ << ": Updating WebSocket telemetry" <<
+
 						// std::endl;
 						TelemetryWebSocketPackets_++;
 						State_.websocketPackets = TelemetryWebSocketPackets_;
 						TelemetryStream()->NotifyEndPoint(SerialNumberInt_, KafkaPayload);
@@ -46,7 +45,6 @@ namespace OpenWifi {
 				}
 				if (TelemetryKafkaRefCount_) {
 					if (KafkaManager()->Enabled() && now < TelemetryKafkaTimer_) {
 						// std::cout << SerialNumber_ << ": Updating Kafka telemetry" << std::endl;
 						TelemetryKafkaPackets_++;
 						State_.kafkaPackets = TelemetryKafkaPackets_;
 						KafkaManager()->PostMessage(KafkaTopics::DEVICE_TELEMETRY, SerialNumber_,
--- a/src/AP_WS_ReactorPool.h
+++ b/src/AP_WS_ReactorPool.h
@@ -1,62 +0,0 @@
 //
 // Created by stephane bourque on 2022-02-03.
 //
 #pragma once
 #include <shared_mutex>
 #include <string>
 #include "Poco/Environment.h"
 #include "Poco/Net/SocketAcceptor.h"
 #include "framework/utils.h"
 namespace OpenWifi {
 	class AP_WS_ReactorThreadPool {
 	  public:
 		explicit AP_WS_ReactorThreadPool() {
 			NumberOfThreads_ = Poco::Environment::processorCount() * 2;
 			if (NumberOfThreads_ == 0)
 				NumberOfThreads_ = 4;
 		}
 		~AP_WS_ReactorThreadPool() { Stop(); }
 		void Start() {
 			for (uint64_t i = 0; i < NumberOfThreads_; ++i) {
 				auto NewReactor = std::make_unique<Poco::Net::SocketReactor>();
 				auto NewThread = std::make_unique<Poco::Thread>();
 				NewThread->start(*NewReactor);
 				std::string ThreadName{"ap:react:" + std::to_string(i)};
 				Utils::SetThreadName(*NewThread, ThreadName.c_str());
 				Reactors_.emplace_back(std::move(NewReactor));
 				Threads_.emplace_back(std::move(NewThread));
 			}
 		}
 		void Stop() {
 			for (auto &i : Reactors_)
 				i->stop();
 			for (auto &i : Threads_) {
 				i->join();
 			}
 			Reactors_.clear();
 			Threads_.clear();
 		}
 		Poco::Net::SocketReactor &NextReactor() {
 			std::shared_lock Lock(Mutex_);
 			NextReactor_++;
 			NextReactor_ %= NumberOfThreads_;
 			return *Reactors_[NextReactor_];
 		}
 	  private:
 		std::shared_mutex Mutex_;
 		uint64_t NumberOfThreads_;
 		uint64_t NextReactor_ = 0;
 		std::vector<std::unique_ptr<Poco::Net::SocketReactor>> Reactors_;
 		std::vector<std::unique_ptr<Poco::Thread>> Threads_;
 	};
 } // namespace OpenWifi
--- a/src/AP_WS_Reactor_Pool.h
+++ b/src/AP_WS_Reactor_Pool.h
@@ -0,0 +1,77 @@
 //
 // Created by stephane bourque on 2022-02-03.
 //
 #pragma once
 #include <mutex>
 #include <string>
 #include <framework/utils.h>
 #include <Poco/Environment.h>
 #include <Poco/Net/SocketAcceptor.h>
 #include <Poco/Data/SessionPool.h>
 #include <StorageService.h>
 namespace OpenWifi {
 	class AP_WS_ReactorThreadPool {
 	  public:
 		explicit AP_WS_ReactorThreadPool(Poco::Logger &Logger) : Logger_(Logger) {
 			NumberOfThreads_ = Poco::Environment::processorCount() * 4;
 			if (NumberOfThreads_ == 0)
 				NumberOfThreads_ = 8;
 			NumberOfThreads_ = std::min(NumberOfThreads_, (std::uint64_t) 128);
 		}
 		~AP_WS_ReactorThreadPool() { Stop(); }
 		void Start() {
 			Reactors_.reserve(NumberOfThreads_);
 			DbSessions_.reserve(NumberOfThreads_);
 			Threads_.reserve(NumberOfThreads_);
 			Logger_.information(fmt::format("WebSocket Processor: starting {} threads.", NumberOfThreads_));
 			for (uint64_t i = 0; i < NumberOfThreads_; ++i) {
 				auto NewReactor = std::make_shared<Poco::Net::SocketReactor>();
 				auto NewThread = std::make_unique<Poco::Thread>();
 				NewThread->start(*NewReactor);
 				std::string ThreadName{"ap:react:" + std::to_string(i)};
 				Utils::SetThreadName(*NewThread, ThreadName.c_str());
 				Reactors_.emplace_back(std::move(NewReactor));
 				Threads_.emplace_back(std::move(NewThread));
 				DbSessions_.emplace_back(std::make_shared<LockedDbSession>());
 			}
 			Logger_.information(fmt::format("WebSocket Processor: {} threads started.", NumberOfThreads_));
 		}
 		void Stop() {
 			for (auto &i : Reactors_)
 				i->stop();
 			for (auto &i : Threads_) {
 				i->join();
 			}
 			Reactors_.clear();
 			Threads_.clear();
 			DbSessions_.clear();
 		}
 		auto NextReactor() {
 			std::lock_guard Lock(Mutex_);
 			NextReactor_++;
 			NextReactor_ %= NumberOfThreads_;
 			return std::make_pair(Reactors_[NextReactor_], DbSessions_[NextReactor_]);
 		}
 	  private:
 		std::mutex Mutex_;
 		uint64_t NumberOfThreads_;
 		uint64_t NextReactor_ = 0;
 		std::vector<std::shared_ptr<Poco::Net::SocketReactor>> 	Reactors_;
 		std::vector<std::unique_ptr<Poco::Thread>> 				Threads_;
 		std::vector<std::shared_ptr<LockedDbSession>>			DbSessions_;
 		Poco::Logger &Logger_;
 	};
 } // namespace OpenWifi
--- a/src/AP_WS_Server.cpp
+++ b/src/AP_WS_Server.cpp
@@ -6,34 +6,68 @@
 //	Arilia Wireless Inc.
 //
-#include "Poco/Net/Context.h"
+#include <Poco/Net/Context.h>
-#include "Poco/Net/HTTPHeaderStream.h"
+#include <Poco/Net/HTTPHeaderStream.h>
-#include "Poco/Net/HTTPServerRequest.h"
+#include <Poco/Net/HTTPServerRequest.h>
-#include "AP_WS_Connection.h"
+#include <AP_WS_Connection.h>
-#include "AP_WS_Server.h"
+#include <AP_WS_Server.h>
-#include "ConfigurationCache.h"
+#include <ConfigurationCache.h>
-#include "TelemetryStream.h"
+#include <TelemetryStream.h>
-#include "UI_GW_WebSocketNotifications.h"
+#include <fmt/format.h>
-#include "fmt/format.h"
+
-#include "framework/MicroServiceFuncs.h"
+#include <framework/MicroServiceFuncs.h>
-#include "framework/utils.h"
+#include <framework/utils.h>
 #include <framework/KafkaManager.h>
 #include <UI_GW_WebSocketNotifications.h>
 namespace OpenWifi {
-	void AP_WS_RequestHandler::handleRequest(Poco::Net::HTTPServerRequest &request,
+	class AP_WS_RequestHandler : public Poco::Net::HTTPRequestHandler {
-											 Poco::Net::HTTPServerResponse &response) {
+	  public:
 		explicit AP_WS_RequestHandler(Poco::Logger &L, std::uint64_t session_id) : Logger_(L),
 								   		session_id_(session_id) {
 		 };
 		void handleRequest(	Poco::Net::HTTPServerRequest &request,
 						 	Poco::Net::HTTPServerResponse &response) override {
 			try {
-			AP_WS_Server()->AddConnection(
+				auto NewConnection = std::make_shared<AP_WS_Connection>(request, response, session_id_, Logger_,
-				id_, std::make_shared<AP_WS_Connection>(request, response, id_, Logger_,
+																		AP_WS_Server()->NextReactor());
-														AP_WS_Server()->NextReactor()));
+				AP_WS_Server()->AddConnection(NewConnection);
 				NewConnection->Start();
 			} catch (...) {
 				poco_warning(Logger_, "Exception during WS creation");
 			}
 		};
 	  private:
 		Poco::Logger &Logger_;
 		std::uint64_t session_id_;
 	};
 	class AP_WS_RequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
 	  public:
 		inline explicit AP_WS_RequestHandlerFactory(Poco::Logger &L) : Logger_(L) {}
 		inline Poco::Net::HTTPRequestHandler *
 		createRequestHandler(const Poco::Net::HTTPServerRequest &request) override {
 			if (request.find("Upgrade") != request.end() &&
 				Poco::icompare(request["Upgrade"], "websocket") == 0) {
 				Utils::SetThreadName("ws:conn-init");
 				session_id_++;
 				return new AP_WS_RequestHandler(Logger_, session_id_);
 			} else {
 				return nullptr;
 			}
 		}
 	  private:
 		Poco::Logger &Logger_;
 		inline static std::atomic_uint64_t session_id_ = 0;
 	};
 	bool AP_WS_Server::ValidateCertificate(const std::string &ConnectionId,
 										   const Poco::Crypto::X509Certificate &Certificate) {
 		if (IsCertOk()) {
@@ -57,7 +91,7 @@ namespace OpenWifi {
 		SessionTimeOut_ = MicroServiceConfigGetInt("openwifi.session.timeout", 10*60);
-		Reactor_pool_ = std::make_unique<AP_WS_ReactorThreadPool>();
+		Reactor_pool_ = std::make_unique<AP_WS_ReactorThreadPool>(Logger());
 		Reactor_pool_->Start();
 		for (const auto &Svr : ConfigServersList_) {
@@ -107,7 +141,6 @@ namespace OpenWifi {
 			Context->flushSessionCache();
 			Context->enableSessionCache(true);
 			Context->enableExtendedCertificateVerification(false);
 			// Context->disableStatelessSessionResumption();
 			Context->disableProtocols(Poco::Net::Context::PROTO_TLSV1 |
 									  Poco::Net::Context::PROTO_TLSV1_1);
@@ -136,6 +169,9 @@ namespace OpenWifi {
 					WebServerHttpParams);
 				WebServers_.push_back(std::move(NewWebServer));
 			}
 			KafkaDisableState_ = MicroServiceConfigGetBool("openwifi.kafka.disablestate", false);
 			KafkaDisableHealthChecks_ = MicroServiceConfigGetBool("openwifi.kafka.disablehealthchecks", false);
 		}
 		for (auto &server : WebServers_) {
@@ -157,72 +193,190 @@ namespace OpenWifi {
 			UseDefaultConfig_ = true;
 		}
-		SimulatorId_ = MicroServiceConfigGetString("simulatorid", "");
+		SimulatorId_ = Poco::toLower(MicroServiceConfigGetString("simulatorid", ""));
 		SimulatorEnabled_ = !SimulatorId_.empty();
 		Utils::SetThreadName(ReactorThread_, "dev:react:head");
 		GarbageCollectorCallback_ = std::make_unique<Poco::TimerCallback<AP_WS_Server>>(
 			*this, &AP_WS_Server::onGarbageCollecting);
 		Timer_.setStartInterval(10 * 1000);
 		Timer_.setPeriodicInterval(10 * 1000); // every minute
 		Timer_.start(*GarbageCollectorCallback_, MicroServiceTimerPool());
 		Running_ = true;
 		GarbageCollector_.setName("ws:garbage");
 		GarbageCollector_.start(*this);
 		std::thread CleanupThread([this](){ CleanupSessions(); });
 		CleanupThread.detach();
 		return 0;
 	}
-	void AP_WS_Server::onGarbageCollecting([[maybe_unused]] Poco::Timer &timer) {
+	void AP_WS_Server::CleanupSessions() {
 		static uint64_t last_log = Utils::Now();
 		auto now = Utils::Now();
 		while(Running_) {
 			std::this_thread::sleep_for(std::chrono::seconds(10));
 			while(Running_ && !CleanupSessions_.empty()) {
 				std::pair<uint64_t, uint64_t> Session;
 				{
-			std::lock_guard Lock(WSServerMutex_);
+					std::lock_guard G(CleanupMutex_);
-			if (!Garbage_.empty()) {
+					Session = CleanupSessions_.front();
-				Garbage_.clear();
+					CleanupSessions_.pop_front();
 				}
 				poco_trace(this->Logger(),fmt::format("Cleaning up session: {} for device: {}", Session.first, Utils::IntToSerialNumber(Session.second)));
 				EndSession(Session.first, Session.second);
 			}
 		}
 	}
-			NumberOfConnectedDevices_ = 0;
+	void AP_WS_Server::run() {
 		uint64_t last_log = Utils::Now(),
 				 last_zombie_run = 0,
 				 last_garbage_run = 0;
 		Poco::Logger &LocalLogger = Poco::Logger::create(
 			"WS-Session-Janitor", Poco::Logger::root().getChannel(), Poco::Logger::root().getLevel());
 		while(Running_) {
 			if(!Poco::Thread::trySleep(30000)) {
 				break;
 			}
 			LocalLogger.information(fmt::format("Garbage collecting starting run."	));
 			uint64_t total_connected_time = 0, now = Utils::Now();
 			if(now-last_zombie_run > 60) {
 				try {
 					poco_information(LocalLogger,
 									 fmt::format("Garbage collecting zombies... (step 1)"));
 					NumberOfConnectingDevices_ = 0;
 					AverageDeviceConnectionTime_ = 0;
-			uint64_t total_connected_time = 0;
+					int waits = 0;
-
+					for (int hashIndex = 0; hashIndex < MACHash::HashMax(); hashIndex++) {
-			auto hint = SerialNumbers_.begin();
+						last_zombie_run = now;
-			while (hint != end(SerialNumbers_)) {
+						waits = 0;
-				if (hint->second.second == nullptr) {
+						while (true) {
-					hint = SerialNumbers_.erase(hint);
+							if (SerialNumbersMutex_[hashIndex].try_lock()) {
-				} else if ((now - hint->second.second->State_.LastContact) > SessionTimeOut_) {
+								waits = 0;
-					hint->second.second->EndConnection(false);
+								auto hint = SerialNumbers_[hashIndex].begin();
-					poco_information(Logger(),fmt::format("{}: Session seems idle. Controller disconnecting device.", hint->second.second->SerialNumber_));
+								while (hint != end(SerialNumbers_[hashIndex])) {
-					Sessions_.erase(hint->second.second->State_.sessionId);
+									if (hint->second == nullptr) {
-					Garbage_.push_back(hint->second.second);
+										poco_information(
-					hint = SerialNumbers_.erase(hint);
+											LocalLogger,
-				} else if (hint->second.second->State_.Connected) {
+											fmt::format("Dead device found in hash index {}", hashIndex));
-					NumberOfConnectedDevices_++;
+										hint = SerialNumbers_[hashIndex].erase(hint);
 					total_connected_time += (now - hint->second.second->State_.started);
 					hint++;
 									} else {
-					NumberOfConnectingDevices_++;
+										auto Device = hint->second;
-					hint++;
+										auto RightNow = Utils::Now();
 										if (Device->Dead_) {
 											AddCleanupSession(Device->State_.sessionId, Device->SerialNumberInt_);
 											++hint;
 											// hint = SerialNumbers_[hashIndex].erase(hint);
 										} else if (RightNow > Device->LastContact_ &&
 												   (RightNow - Device->LastContact_) > SessionTimeOut_) {
 											poco_information(
 												LocalLogger,
 												fmt::format(
 													"{}: Session seems idle. Controller disconnecting device.",
 													Device->SerialNumber_));
 											// hint = SerialNumbers_[hashIndex].erase(hint);
 											AddCleanupSession(Device->State_.sessionId, Device->SerialNumberInt_);
 											++hint;
 										} else {
 											if (Device->State_.Connected) {
 												total_connected_time +=
 													(RightNow - Device->State_.started);
 											}
 											++hint;
 										}
 									}
 								}
 								SerialNumbersMutex_[hashIndex].unlock();
 								break;
 							} else if (waits < 5) {
 								waits++;
 								Poco::Thread::trySleep(10);
 							} else {
 								break;
 							}
 						}
 					}
 					poco_information(LocalLogger, fmt::format("Garbage collecting zombies... (step 2)"));
 					LeftOverSessions_ = 0;
 					for (int i = 0; i < SessionHash::HashMax(); i++) {
 						waits = 0;
 						while (true) {
 							if (SessionMutex_[i].try_lock()) {
 								waits = 0;
 								auto hint = Sessions_[i].begin();
 								auto RightNow = Utils::Now();
 								while (hint != end(Sessions_[i])) {
 									if (hint->second == nullptr) {
 										hint = Sessions_[i].erase(hint);
 									} else if (hint->second->Dead_) {
 										// hint = Sessions_[i].erase(hint);
 										AddCleanupSession(hint->second->State_.sessionId, hint->second->SerialNumberInt_);
 										++hint;
 									} else if (RightNow > hint->second->LastContact_ &&
 											   (RightNow - hint->second->LastContact_) >
 												   SessionTimeOut_) {
 										poco_information(
 											LocalLogger,
 											fmt::format("{}: Session seems idle. Controller disconnecting device.",
 														hint->second->SerialNumber_));
 										AddCleanupSession(hint->second->State_.sessionId, hint->second->SerialNumberInt_);
 										++hint;
 										// hint = Sessions_[i].erase(hint);
 									} else {
 										++LeftOverSessions_;
 										++hint;
 									}
 								}
 								SessionMutex_[i].unlock();
 								break;
 							} else if (waits < 5) {
 								Poco::Thread::trySleep(10);
 								waits++;
 							} else {
 								break;
 							}
 						}
 					}
 					AverageDeviceConnectionTime_ = NumberOfConnectedDevices_ > 0
 													   ? total_connected_time / NumberOfConnectedDevices_
 													   : 0;
-			if ((now - last_log) > 120) {
+					poco_information(LocalLogger, fmt::format("Garbage collecting zombies done..."));
-				last_log = now;
+				} catch (const Poco::Exception &E) {
-				poco_information(Logger(),
+					poco_error(LocalLogger, fmt::format("Poco::Exception: Garbage collecting zombies failed: {}", E.displayText()));
-								 fmt::format("Active AP connections: {} Connecting: {} Average connection time: {} seconds",
+				} catch (const std::exception &E) {
-											 NumberOfConnectedDevices_, NumberOfConnectingDevices_,
+					poco_error(LocalLogger, fmt::format("std::exception: Garbage collecting zombies failed: {}", E.what()));
-											 AverageDeviceConnectionTime_));
+				} catch (...) {
 					poco_error(LocalLogger, fmt::format("exception:Garbage collecting zombies failed: {}", "unknown"));
 				}
 			}
 			if(NumberOfConnectedDevices_) {
 				if (last_garbage_run > 0) {
 					AverageDeviceConnectionTime_ += (now - last_garbage_run);
 				}
 			}
 			try {
 				if ((now - last_log) > 60) {
 					last_log = now;
 					poco_information(
 						LocalLogger,
 						fmt::format("Active AP connections: {} Connecting: {} Average connection time: {} seconds. Left Over Sessions: {}",
 									NumberOfConnectedDevices_, NumberOfConnectingDevices_,
 									AverageDeviceConnectionTime_, LeftOverSessions_));
 				}
 				GWWebSocketNotifications::NumberOfConnection_t Notification;
 				Notification.content.numberOfConnectingDevices = NumberOfConnectingDevices_;
 				Notification.content.numberOfDevices = NumberOfConnectedDevices_;
 				Notification.content.averageConnectedTime = AverageDeviceConnectionTime_;
-		GetTotalDataStatistics(Notification.content.tx,Notification.content.rx);
+				GetTotalDataStatistics(Notification.content.tx, Notification.content.rx);
 				GWWebSocketNotifications::NumberOfConnections(Notification);
 				Poco::JSON::Object KafkaNotification;
@@ -234,172 +388,203 @@ namespace OpenWifi {
 				FullEvent.set("payload", KafkaNotification);
 				KafkaManager()->PostMessage(KafkaTopics::DEVICE_EVENT_QUEUE, "system", FullEvent);
 				LocalLogger.information(fmt::format("Garbage collection finished run."));
 				last_garbage_run = now;
 			} catch (const Poco::Exception &E) {
 				LocalLogger.error(fmt::format("Poco::Exception: Garbage collecting failed: {}", E.displayText()));
 			} catch (const std::exception &E) {
 				LocalLogger.error(fmt::format("std::exception: Garbage collecting failed: {}", E.what()));
 			} catch (...) {
 				LocalLogger.error(fmt::format("exception:Garbage collecting failed: {}", "unknown"));
 			}
 		}
 		LocalLogger.information(fmt::format("Garbage collector done for the day."	));
 	}
 	void AP_WS_Server::Stop() {
 		poco_information(Logger(), "Stopping...");
 		Running_ = false;
-		Timer_.stop();
+		GarbageCollector_.wakeUp();
 		GarbageCollector_.join();
 		for (auto &server : WebServers_) {
 			server->stopAll();
 		}
 		Reactor_pool_->Stop();
 		Reactor_.stop();
 		ReactorThread_.join();
 		poco_information(Logger(), "Stopped...");
 	}
 	bool AP_WS_Server::GetHealthDevices(std::uint64_t lowLimit, std::uint64_t  highLimit, std::vector<std::string> & SerialNumbers) {
 		SerialNumbers.clear();
 		for(int i=0;i<SessionHash::HashMax();i++) {
 			std::lock_guard Lock(SessionMutex_[i]);
 			for (const auto &connection : Sessions_[i]) {
 				if (connection.second->RawLastHealthcheck_.Sanity >= lowLimit &&
 					connection.second->RawLastHealthcheck_.Sanity <= highLimit) {
 					SerialNumbers.push_back(connection.second->SerialNumber_);
 				}
 			}
 		}
 		return true;
 	}
 	bool AP_WS_Server::GetStatistics(uint64_t SerialNumber, std::string &Statistics) const {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == SerialNumbers_[hashIndex].end() || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->GetLastStats(Statistics);
+		Connection->GetLastStats(Statistics);
 		return true;
 	}
 	bool AP_WS_Server::GetState(uint64_t SerialNumber, GWObjects::ConnectionState &State) const {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == SerialNumbers_[hashIndex].end() ||
 				DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->GetState(State);
+		Connection->GetState(State);
 		return true;
 	}
 	bool AP_WS_Server::GetHealthcheck(uint64_t SerialNumber,
 									  GWObjects::HealthCheck &CheckData) const {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			auto Device = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (Device == SerialNumbers_[hashIndex].end() || Device->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = Device->second;
 		}
-		DevicePtr->GetLastHealthCheck(CheckData);
+		Connection->GetLastHealthCheck(CheckData);
 		return true;
 	}
-	void AP_WS_Server::SetSessionDetails(uint64_t connection_id, uint64_t SerialNumber) {
+	void AP_WS_Server::StartSession(uint64_t session_id, uint64_t SerialNumber) {
-		std::lock_guard Lock(WSServerMutex_);
+		auto sessionHash = SessionHash::Hash(session_id);
-
+		std::shared_ptr<AP_WS_Connection> Connection;
-		auto Conn = Sessions_.find(connection_id);
+		{
-		if (Conn == end(Sessions_))
+			std::lock_guard SessionLock(SessionMutex_[sessionHash]);
-			return;
+			auto SessionHint = Sessions_[sessionHash].find(session_id);
-
+			if (SessionHint == end(Sessions_[sessionHash])) {
 		auto CurrentSerialNumber = SerialNumbers_.find(SerialNumber);
 		if ((CurrentSerialNumber == SerialNumbers_.end()) ||
 			(CurrentSerialNumber->second.first < connection_id)) {
 			SerialNumbers_[SerialNumber] = std::make_pair(connection_id, Conn->second);
 				return;
 			}
 			Connection = SessionHint->second;
 			Sessions_[sessionHash].erase(SessionHint);
 		}
-	bool AP_WS_Server::EndSession(uint64_t session_id, uint64_t serial_number) {
+		auto deviceHash = MACHash::Hash(SerialNumber);
-		std::lock_guard G(WSServerMutex_);
+		std::lock_guard DeviceLock(SerialNumbersMutex_[deviceHash]);
-
+		SerialNumbers_[deviceHash][SerialNumber] = Connection;
 		auto Session = Sessions_.find(session_id);
 		if (Session == end(Sessions_))
 			return false;
 		Garbage_.push_back(Session->second);
 		auto Device = SerialNumbers_.find(serial_number);
 		if (Device == end(SerialNumbers_)) {
 			Sessions_.erase(Session);
 			return false;
 	}
-		if (Device->second.first == session_id) {
+	bool AP_WS_Server::EndSession(uint64_t session_id, uint64_t SerialNumber) {
-			Sessions_.erase(Session);
+		{
-			SerialNumbers_.erase(Device);
+			poco_trace(Logger(), fmt::format("Ending session 1: {} for device: {}", session_id, Utils::IntToSerialNumber(SerialNumber)));
 			auto sessionHash = SessionHash::Hash(session_id);
 			std::lock_guard SessionLock(SessionMutex_[sessionHash]);
 			Sessions_[sessionHash].erase(session_id);
 			poco_trace(Logger(), fmt::format("Ended session 1: {} for device: {}", session_id, Utils::IntToSerialNumber(SerialNumber)));
 		}
 		{
 			auto hashIndex = MACHash::Hash(SerialNumber);
 			poco_trace(Logger(), fmt::format("Ending session 2.0: {} for device: {} hi:{}", session_id, Utils::IntToSerialNumber(SerialNumber), hashIndex));
 			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
 			poco_trace(Logger(), fmt::format("Ending session 2.1: {} for device: {} hi:{}", session_id, Utils::IntToSerialNumber(SerialNumber), hashIndex));
 			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			poco_trace(Logger(), fmt::format("Ending session 2.2: {} for device: {} hi:{}", session_id, Utils::IntToSerialNumber(SerialNumber), hashIndex));
 			if (DeviceHint == SerialNumbers_[hashIndex].end()
 				|| DeviceHint->second == nullptr
 				|| DeviceHint->second->State_.sessionId != session_id) {
 				poco_trace(Logger(), fmt::format("Did not end session 2: {} for device: {}", session_id, Utils::IntToSerialNumber(SerialNumber)));
 				return false;
 			}
 			SerialNumbers_[hashIndex].erase(DeviceHint);
 			poco_trace(Logger(), fmt::format("Ended session 2: {} for device: {}", session_id, Utils::IntToSerialNumber(SerialNumber)));
 		}
 		return true;
 	}
 		Sessions_.erase(Session);
 		return false;
 	}
 	bool AP_WS_Server::EndSessionUnSafe(uint64_t session_id, uint64_t serial_number) {
 		auto Session = Sessions_.find(session_id);
 		if (Session == end(Sessions_))
 			return false;
 		Garbage_.push_back(Session->second);
 		auto Device = SerialNumbers_.find(serial_number);
 		if (Device == end(SerialNumbers_)) {
 			Sessions_.erase(Session);
 			return false;
 		}
 		if (Device->second.first == session_id) {
 			Sessions_.erase(Session);
 			SerialNumbers_.erase(Device);
 			return true;
 		}
 		Sessions_.erase(Session);
 		return false;
 	}
 	bool AP_WS_Server::Connected(uint64_t SerialNumber,
 								 GWObjects::DeviceRestrictions &Restrictions) const {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
 		DevicePtr->GetRestrictions(Restrictions);
 		return DevicePtr->State_.Connected;
 		}
-	bool AP_WS_Server::Connected(uint64_t SerialNumber) const {
+		if(Connection->Dead_) {
 		std::shared_ptr<AP_WS_Connection> DevicePtr;
 		{
 			std::lock_guard Lock(WSServerMutex_);
 			auto Device = SerialNumbers_.find(SerialNumber);
 			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
 			return false;
 		}
-			DevicePtr = Device->second.second;
+		Restrictions = Connection->GetRestrictions();
 		return Connection->State_.Connected;
 	}
-		return DevicePtr->State_.Connected;
+
 	bool AP_WS_Server::Connected(uint64_t SerialNumber) const {
 		std::shared_ptr<AP_WS_Connection> Connection;
 		{
 			auto hashIndex = MACHash::Hash(SerialNumber);
 			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
 			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
 			Connection = DeviceHint->second;
 		}
 		if(Connection->Dead_) {
 			return false;
 		}
 		return Connection->State_.Connected;
 	}
 	bool AP_WS_Server::SendFrame(uint64_t SerialNumber, const std::string &Payload) const {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		auto hashIndex = MACHash::Hash(SerialNumber);
 		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
 		if(Connection->Dead_) {
 			return false;
 		}
 		try {
-			return DevicePtr->Send(Payload);
+			return Connection->Send(Payload);
 		} catch (...) {
 			poco_debug(Logger(), fmt::format(": SendFrame: Could not send data to device '{}'",
 											 Utils::IntToSerialNumber(SerialNumber)));
@@ -408,61 +593,64 @@ namespace OpenWifi {
 	}
 	void AP_WS_Server::StopWebSocketTelemetry(uint64_t RPCID, uint64_t SerialNumber) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			auto Device = SerialNumbers_[hashIndex].find(SerialNumber);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			if (Device == end(SerialNumbers_[hashIndex]) || Device->second == nullptr) {
 				return;
 			}
-			DevicePtr = Device->second.second;
+			Connection = Device->second;
 		}
-		DevicePtr->StopWebSocketTelemetry(RPCID);
+		Connection->StopWebSocketTelemetry(RPCID);
 	}
 	void
 	AP_WS_Server::SetWebSocketTelemetryReporting(uint64_t RPCID, uint64_t SerialNumber,
 												 uint64_t Interval, uint64_t Lifetime,
 												 const std::vector<std::string> &TelemetryTypes) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->SetWebSocketTelemetryReporting(RPCID, Interval, Lifetime, TelemetryTypes);
+		Connection->SetWebSocketTelemetryReporting(RPCID, Interval, Lifetime, TelemetryTypes);
 	}
 	void AP_WS_Server::SetKafkaTelemetryReporting(uint64_t RPCID, uint64_t SerialNumber,
 												  uint64_t Interval, uint64_t Lifetime,
 												  const std::vector<std::string> &TelemetryTypes) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->SetKafkaTelemetryReporting(RPCID, Interval, Lifetime, TelemetryTypes);
+		Connection->SetKafkaTelemetryReporting(RPCID, Interval, Lifetime, TelemetryTypes);
 	}
 	void AP_WS_Server::StopKafkaTelemetry(uint64_t RPCID, uint64_t SerialNumber) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DevicesLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->StopKafkaTelemetry(RPCID);
+		Connection->StopKafkaTelemetry(RPCID);
 	}
 	void AP_WS_Server::GetTelemetryParameters(
@@ -470,16 +658,19 @@ namespace OpenWifi {
 		uint64_t &TelemetryWebSocketTimer, uint64_t &TelemetryKafkaTimer,
 		uint64_t &TelemetryWebSocketCount, uint64_t &TelemetryKafkaCount,
 		uint64_t &TelemetryWebSocketPackets, uint64_t &TelemetryKafkaPackets) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+
 		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto hashIndex = MACHash::Hash(SerialNumber);
-			auto Device = SerialNumbers_.find(SerialNumber);
+			std::lock_guard DevicesLock(SerialNumbersMutex_[hashIndex]);
-			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+			auto DeviceHint = SerialNumbers_[hashIndex].find(SerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
-		DevicePtr->GetTelemetryParameters(TelemetryRunning, TelemetryInterval,
+
 		Connection->GetTelemetryParameters(TelemetryRunning, TelemetryInterval,
 										  TelemetryWebSocketTimer, TelemetryKafkaTimer,
 										  TelemetryWebSocketCount, TelemetryKafkaCount,
 										  TelemetryWebSocketPackets, TelemetryKafkaPackets);
@@ -487,18 +678,25 @@ namespace OpenWifi {
 	bool AP_WS_Server::SendRadiusAccountingData(const std::string &SerialNumber,
 												const unsigned char *buffer, std::size_t size) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+
 		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto IntSerialNumber = Utils::SerialNumberToInt(SerialNumber);
-			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			auto hashIndex = MACHash::Hash(IntSerialNumber);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			std::lock_guard DevicesLock(SerialNumbersMutex_[hashIndex]);
 			auto DeviceHint = SerialNumbers_[hashIndex].find(IntSerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
 		if(Connection->Dead_) {
 			return false;
 		}
 		try {
-			return DevicePtr->SendRadiusAccountingData(buffer, size);
+			return Connection->SendRadiusAccountingData(buffer, size);
 		} catch (...) {
 			poco_debug(
 				Logger(),
@@ -510,18 +708,24 @@ namespace OpenWifi {
 	bool AP_WS_Server::SendRadiusAuthenticationData(const std::string &SerialNumber,
 													const unsigned char *buffer, std::size_t size) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto IntSerialNumber = Utils::SerialNumberToInt(SerialNumber);
-			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			auto hashIndex = MACHash::Hash(IntSerialNumber);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			std::lock_guard DevicesLock(SerialNumbersMutex_[hashIndex]);
 			auto DeviceHint = SerialNumbers_[hashIndex].find(IntSerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
 		if(Connection->Dead_) {
 			return false;
 		}
 		try {
-			return DevicePtr->SendRadiusAuthenticationData(buffer, size);
+			return Connection->SendRadiusAuthenticationData(buffer, size);
 		} catch (...) {
 			poco_debug(
 				Logger(),
@@ -533,18 +737,23 @@ namespace OpenWifi {
 	bool AP_WS_Server::SendRadiusCoAData(const std::string &SerialNumber,
 										 const unsigned char *buffer, std::size_t size) {
-		std::shared_ptr<AP_WS_Connection> DevicePtr;
+		std::shared_ptr<AP_WS_Connection> Connection;
 		{
-			std::lock_guard Lock(WSServerMutex_);
+			auto IntSerialNumber = Utils::SerialNumberToInt(SerialNumber);
-			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			auto hashIndex = MACHash::Hash(IntSerialNumber);
-			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+			std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
 			auto DeviceHint = SerialNumbers_[hashIndex].find(IntSerialNumber);
 			if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr) {
 				return false;
 			}
-			DevicePtr = Device->second.second;
+			Connection = DeviceHint->second;
 		}
 		if(Connection->Dead_) {
 			return false;
 		}
 		try {
-			return DevicePtr->SendRadiusCoAData(buffer, size);
+			return Connection->SendRadiusCoAData(buffer, size);
 		} catch (...) {
 			poco_debug(Logger(),
 					   fmt::format(": SendRadiusCoAData: Could not send data to device '{}'",
--- a/src/AP_WS_Server.h
+++ b/src/AP_WS_Server.h
@@ -24,46 +24,51 @@
 #include "Poco/Timer.h"
 #include "AP_WS_Connection.h"
-#include "AP_WS_ReactorPool.h"
+#include "AP_WS_Reactor_Pool.h"
 #include "framework/SubSystemServer.h"
 #include "framework/utils.h"
 namespace OpenWifi {
-	class AP_WS_RequestHandler : public Poco::Net::HTTPRequestHandler {
+	constexpr uint MACHashMax = 256;
 	constexpr uint MACHashMask = MACHashMax-1;
 	class MACHash {
 	  public:
-		explicit AP_WS_RequestHandler(Poco::Logger &L, uint64_t id) : Logger_(L), id_(id){};
+		[[nodiscard]] static inline uint16_t Hash(std::uint64_t value) {
-
+			uint8_t hash = 0, i=6;
-		void handleRequest(Poco::Net::HTTPServerRequest &request,
+			while(i) {
-						   Poco::Net::HTTPServerResponse &response) override;
+				hash ^= (value & MACHashMask) + 1;
-
+				value >>= 8;
-	  private:
+				--i;
 		Poco::Logger &Logger_;
 		uint64_t id_ = 0;
 	};
 	class AP_WS_RequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
 	  public:
 		inline explicit AP_WS_RequestHandlerFactory(Poco::Logger &L) : Logger_(L) {}
 		inline Poco::Net::HTTPRequestHandler *
 		createRequestHandler(const Poco::Net::HTTPServerRequest &request) override {
 			if (request.find("Upgrade") != request.end() &&
 				Poco::icompare(request["Upgrade"], "websocket") == 0) {
 				Utils::SetThreadName("ws:conn-init");
 				return new AP_WS_RequestHandler(Logger_, id_++);
 			} else {
 				return nullptr;
 			}
 			return hash;
 		}
-	  private:
+		[[nodiscard]] static inline uint16_t Hash(const std::string & value) {
-		Poco::Logger &Logger_;
+			return Hash(Utils::MACToInt(value));
-		inline static uint64_t id_ = 1;
+		}
 		[[nodiscard]] static inline uint16_t HashMax() {
 			return MACHashMax;
 		}
 	};
-	class AP_WS_Server : public SubSystemServer {
+	constexpr uint SessionHashMax = 256;
 	constexpr uint SessionHashMask = SessionHashMax-1;
 	class SessionHash {
 	  public:
 		[[nodiscard]] static inline uint16_t Hash(std::uint64_t value) {
 			return (value & SessionHashMask);
 		}
 		[[nodiscard]] static inline uint16_t HashMax() {
 			return SessionHashMax;
 		}
 	};
 	class AP_WS_Server : public SubSystemServer, public Poco::Runnable {
 	  public:
 		static auto instance() {
 			static auto instance_ = new AP_WS_Server;
@@ -75,59 +80,52 @@ namespace OpenWifi {
 		bool IsCertOk() { return IssuerCert_ != nullptr; }
 		bool ValidateCertificate(const std::string &ConnectionId,
 								 const Poco::Crypto::X509Certificate &Certificate);
 		// Poco::Net::SocketReactor & GetNextReactor() { return ReactorPool_.NextReactor(); }
 		inline bool IsSimSerialNumber(const std::string &SerialNumber) const {
-			return IsSim(Poco::toLower(SerialNumber)) &&
+			return IsSim(SerialNumber) &&
-				   Poco::toLower(SerialNumber) == Poco::toLower(SimulatorId_);
+				   SerialNumber == SimulatorId_;
 		}
 		inline static bool IsSim(const std::string &SerialNumber) {
 			return SerialNumber.substr(0, 6) == "53494d";
 		}
-		inline bool IsSimEnabled() const { return SimulatorEnabled_; }
+		void run() override;		//	Garbage collector thread.
-
+		[[nodiscard]] inline bool IsSimEnabled() const { return SimulatorEnabled_; }
-		inline bool AllowSerialNumberMismatch() const { return AllowSerialNumberMismatch_; }
+		[[nodiscard]] inline bool AllowSerialNumberMismatch() const { return AllowSerialNumberMismatch_; }
-
+		[[nodiscard]] inline uint64_t MismatchDepth() const { return MismatchDepth_; }
-		inline uint64_t MismatchDepth() const { return MismatchDepth_; }
+		[[nodiscard]] inline bool UseProvisioning() const { return LookAtProvisioning_; }
-
+		[[nodiscard]] inline bool UseDefaults() const { return UseDefaultConfig_; }
-		inline bool UseProvisioning() const { return LookAtProvisioning_; }
+		[[nodiscard]] inline bool Running() const { return Running_; }
-		inline bool UseDefaults() const { return UseDefaultConfig_; }
+		[[nodiscard]] inline std::pair<std::shared_ptr<Poco::Net::SocketReactor>, std::shared_ptr<LockedDbSession>> NextReactor() {
 		[[nodiscard]] inline Poco::Net::SocketReactor &NextReactor() {
 			return Reactor_pool_->NextReactor();
 		}
 		[[nodiscard]] inline bool Running() const { return Running_; }
-		inline void AddConnection(uint64_t session_id,
+		inline void AddConnection(std::shared_ptr<AP_WS_Connection> Connection) {
-								  std::shared_ptr<AP_WS_Connection> Connection) {
+			std::uint64_t sessionHash = SessionHash::Hash(Connection->State_.sessionId);
-			std::lock_guard Lock(WSServerMutex_);
+			std::lock_guard SessionLock(SessionMutex_[sessionHash]);
-			Sessions_[session_id] = std::move(Connection);
+			if(Sessions_[sessionHash].find(Connection->State_.sessionId)==end(Sessions_[sessionHash])) {
 				Sessions_[sessionHash][Connection->State_.sessionId] = std::move(Connection);
 			}
 		}
-		inline std::shared_ptr<AP_WS_Connection> FindConnection(uint64_t session_id) const {
+		[[nodiscard]] inline bool DeviceRequiresSecureRTTY(uint64_t serialNumber) const {
-			std::lock_guard Lock(WSServerMutex_);
+			std::shared_ptr<AP_WS_Connection> Connection;
-
+			{
-			auto Connection = Sessions_.find(session_id);
+				auto hashIndex = MACHash::Hash(serialNumber);
-			if (Connection != end(Sessions_))
+				std::lock_guard DeviceLock(SerialNumbersMutex_[hashIndex]);
-				return Connection->second;
+				auto DeviceHint = SerialNumbers_[hashIndex].find(serialNumber);
-			return nullptr;
+				if (DeviceHint == end(SerialNumbers_[hashIndex]) || DeviceHint->second == nullptr)
 		}
 		inline bool DeviceRequiresSecureRtty(uint64_t serialNumber) const {
 			std::lock_guard Lock(WSServerMutex_);
 			auto Connection = SerialNumbers_.find(serialNumber);
 			if (Connection==end(SerialNumbers_) || Connection->second.second==nullptr)
 					return false;
-			return Connection->second.second->RttyMustBeSecure_;
+				Connection = DeviceHint->second;
 			}
 			return Connection->RTTYMustBeSecure_;
 		}
 		inline bool GetStatistics(const std::string &SerialNumber, std::string &Statistics) const {
 			return GetStatistics(Utils::SerialNumberToInt(SerialNumber), Statistics);
 		}
-		bool GetStatistics(uint64_t SerialNumber, std::string &Statistics) const;
+		[[nodiscard]] bool GetStatistics(uint64_t SerialNumber, std::string &Statistics) const;
 		inline bool GetState(const std::string &SerialNumber,
 							 GWObjects::ConnectionState &State) const {
@@ -143,13 +141,7 @@ namespace OpenWifi {
 		bool Connected(uint64_t SerialNumber, GWObjects::DeviceRestrictions &Restrictions) const;
 		bool Connected(uint64_t SerialNumber) const;
 		inline bool SendFrame(const std::string &SerialNumber, const std::string &Payload) const {
 			return SendFrame(Utils::SerialNumberToInt(SerialNumber), Payload);
 		}
 		bool SendFrame(uint64_t SerialNumber, const std::string &Payload) const;
 		bool SendRadiusAuthenticationData(const std::string &SerialNumber,
 										  const unsigned char *buffer, std::size_t size);
 		bool SendRadiusAccountingData(const std::string &SerialNumber, const unsigned char *buffer,
@@ -157,9 +149,8 @@ namespace OpenWifi {
 		bool SendRadiusCoAData(const std::string &SerialNumber, const unsigned char *buffer,
 							   std::size_t size);
-		void SetSessionDetails(uint64_t connection_id, uint64_t SerialNumber);
+		void StartSession(uint64_t session_id, uint64_t SerialNumber);
-		bool EndSession(uint64_t connection_id, uint64_t serial_number);
+		bool EndSession(uint64_t session_id, uint64_t SerialNumber);
 		bool EndSessionUnSafe(uint64_t session_id, uint64_t serial_number);
 		void SetWebSocketTelemetryReporting(uint64_t RPCID, uint64_t SerialNumber,
 											uint64_t Interval, uint64_t Lifetime,
 											const std::vector<std::string> &TelemetryTypes);
@@ -176,7 +167,9 @@ namespace OpenWifi {
 									uint64_t &TelemetryWebSocketPackets,
 									uint64_t &TelemetryKafkaPackets);
-		void onGarbageCollecting(Poco::Timer &timer);
+		bool GetHealthDevices(std::uint64_t lowLimit, std::uint64_t  highLimit, std::vector<std::string> & SerialNumbers);
 //		bool ExtendedAttributes(const std::string &serialNumber, bool & hasGPS, std::uint64_t &Sanity,
 //								std::double_t &MemoryUsed, std::double_t &Load, std::double_t &Temperature);
 		inline void AverageDeviceStatistics(uint64_t &Connections, uint64_t &AverageConnectionTime,
 											uint64_t &NumberOfConnectingDevices) const {
@@ -185,83 +178,79 @@ namespace OpenWifi {
 			NumberOfConnectingDevices = NumberOfConnectingDevices_;
 		}
 		inline bool SendFrame(const std::string &SerialNumber, const std::string &Payload) const {
 			return SendFrame(Utils::SerialNumberToInt(SerialNumber), Payload);
 		}
 		inline void AddRX(std::uint64_t bytes) {
 			std::lock_guard		G(StatsMutex_);
 			RX_ += bytes;
 		}
 		inline void AddTX(std::uint64_t bytes) {
 			std::lock_guard		G(StatsMutex_);
 			TX_ += bytes;
 		}
 		inline void GetTotalDataStatistics(std::uint64_t &TX, std::uint64_t &RX) const {
 			std::lock_guard		G(StatsMutex_);
 			TX = TX_;
 			RX = RX_;
 		}
-		inline bool GetHealthDevices(std::uint64_t lowLimit, std::uint64_t  highLimit, std::vector<std::string> & SerialNumbers) {
+		bool KafkaDisableState() const { return KafkaDisableState_; }
-			std::lock_guard		G(WSServerMutex_);
+		bool KafkaDisableHealthChecks() const { return KafkaDisableHealthChecks_; }
-			for(const auto &connection:Sessions_) {
+		inline void IncrementConnectionCount() {
-				if(	connection.second->RawLastHealthcheck_.Sanity>=lowLimit 	&&
+			++NumberOfConnectedDevices_;
 					connection.second->RawLastHealthcheck_.Sanity<=highLimit) {
 					SerialNumbers.push_back(connection.second->SerialNumber_);
 				}
 			}
 			return true;
 		}
-		inline bool ExtendedAttributes(const std::string &serialNumber,
+		inline void DecrementConnectionCount() {
-			bool & hasGPS,
+			--NumberOfConnectedDevices_;
 			std::uint64_t &Sanity,
 			std::double_t &MemoryUsed,
 			std::double_t &Load,
 			std::double_t &Temperature
 			) {
 			std::lock_guard	G(WSServerMutex_);
 			auto session_hint = SerialNumbers_.find(Utils::SerialNumberToInt(serialNumber));
 			if(session_hint==end(SerialNumbers_)) {
 				return false;
 		}
-			hasGPS = session_hint->second.second->hasGPS;
+
-			Sanity = session_hint->second.second->RawLastHealthcheck_.Sanity;
+		inline void AddCleanupSession(uint64_t session_id, uint64_t SerialNumber) {
-			MemoryUsed = session_hint->second.second->memory_used_;
+			std::lock_guard G(CleanupMutex_);
-			Load = session_hint->second.second->cpu_load_;
+			CleanupSessions_.emplace_back(session_id, SerialNumber);
 			Temperature = session_hint->second.second->temperature_;
 			return true;
 		}
 		void CleanupSessions();
 	  private:
-		mutable std::recursive_mutex WSServerMutex_;
+		std::array<std::mutex,SessionHashMax> 			SessionMutex_;
 		std::array<std::map<std::uint64_t, std::shared_ptr<AP_WS_Connection>>,SessionHashMax> Sessions_;
 		using SerialNumberMap = std::map<uint64_t /* serial number */,
 										 std::shared_ptr<AP_WS_Connection>>;
 		std::array<SerialNumberMap,MACHashMax>			SerialNumbers_;
 		mutable std::array<std::mutex,MACHashMax>		SerialNumbersMutex_;
 		std::unique_ptr<Poco::Crypto::X509Certificate> IssuerCert_;
 		std::list<std::unique_ptr<Poco::Net::HTTPServer>> WebServers_;
 		Poco::ThreadPool DeviceConnectionPool_{"ws:dev-pool", 4, 256};
 		Poco::Net::SocketReactor Reactor_;
 		Poco::Thread ReactorThread_;
 		std::string SimulatorId_;
 		Poco::ThreadPool DeviceConnectionPool_{"ws:dev-pool", 2, 64};
 		bool LookAtProvisioning_ = false;
 		bool UseDefaultConfig_ = true;
 		bool SimulatorEnabled_ = false;
 		bool AllowSerialNumberMismatch_ = true;
 		Poco::Thread            CleanupThread_;
 		std::mutex              CleanupMutex_;
 		std::deque<std::pair<uint64_t, uint64_t>> CleanupSessions_;
 		std::unique_ptr<AP_WS_ReactorThreadPool> Reactor_pool_;
 		std::atomic_bool Running_ = false;
 		std::map<std::uint64_t, std::shared_ptr<AP_WS_Connection>> Sessions_;
 		std::map<uint64_t, std::pair<uint64_t, std::shared_ptr<AP_WS_Connection>>> SerialNumbers_;
 		std::atomic_bool AllowSerialNumberMismatch_ = true;
 		std::atomic_uint64_t MismatchDepth_ = 2;
-		std::uint64_t 			NumberOfConnectedDevices_ = 0;
+		std::uint64_t 			MismatchDepth_ = 2;
-		std::uint64_t 			AverageDeviceConnectionTime_ = 0;
+
 		std::atomic_uint64_t 	NumberOfConnectedDevices_ = 0;
 		std::atomic_uint64_t 	AverageDeviceConnectionTime_ = 0;
 		std::uint64_t 			NumberOfConnectingDevices_ = 0;
 		std::uint64_t 			SessionTimeOut_ = 10*60;
-		mutable std::mutex		StatsMutex_;
+		std::uint64_t 			LeftOverSessions_ = 0;
 		std::atomic_uint64_t 	TX_=0,RX_=0;
-		std::vector<std::shared_ptr<AP_WS_Connection>> Garbage_;
+		std::atomic_bool 		KafkaDisableState_=false,
 						 		KafkaDisableHealthChecks_=false;
 		std::unique_ptr<Poco::TimerCallback<AP_WS_Server>> GarbageCollectorCallback_;
 		Poco::Timer Timer_;
 		Poco::Thread 			GarbageCollector_;
 		AP_WS_Server() noexcept
--- a/src/CapabilitiesCache.h
+++ b/src/CapabilitiesCache.h
@@ -10,6 +10,7 @@
 #include <string>
 #include "framework/MicroServiceFuncs.h"
 #include "framework/ow_constants.h"
 #include "CentralConfig.h"
 #include "nlohmann/json.hpp"
@@ -34,7 +35,7 @@ namespace OpenWifi {
 			std::lock_guard G(Mutex_);
 			if (!PlatformsLoaded_)
 				LoadPlatforms();
-			auto P = Poco::toUpper(Caps.Platform());
+			auto P = Poco::toLower(Caps.Platform());
 			auto Hint = Platforms_.find(Caps.Compatible());
 			if (Hint == Platforms_.end()) {
 				Platforms_.insert(std::make_pair(Caps.Compatible(), P));
@@ -68,7 +69,7 @@ namespace OpenWifi {
 			auto Hint = Platforms_.find(DeviceType);
 			if (Hint == Platforms_.end())
-				return "AP";
+				return Platforms::AP;
 			return Hint->second;
 		}
@@ -110,7 +111,7 @@ namespace OpenWifi {
 				i >> cache;
 				for (const auto &[Type, Platform] : cache.items()) {
-					Platforms_[Type] = Platform;
+					Platforms_[Type] = Poco::toLower(to_string(Platform));
 				}
 			} catch (...) {
 			}
--- a/src/CentralConfig.cpp
+++ b/src/CentralConfig.cpp
@@ -204,6 +204,17 @@ namespace OpenWifi::Config {
 		return false;
 	}
 	std::uint64_t Config::UUID() {
 		try {
 			Poco::JSON::Parser Parser;
 			auto object = Parser.parse(Config_).extract<Poco::JSON::Object::Ptr>();
 			if (object->has("uuid"))
 				return object->get("uuid");
 		} catch (...) {
 		}
 		return 0;
 	}
 	bool Config::Valid() {
 		try {
 			Poco::JSON::Parser Parser;
--- a/src/CentralConfig.h
+++ b/src/CentralConfig.h
@@ -23,6 +23,7 @@ namespace OpenWifi::Config {
 		[[nodiscard]] std::string get() { return Config_; };
 		[[nodiscard]] std::string Default();
 		[[nodiscard]] Poco::JSON::Object::Ptr to_json();
 		[[nodiscard]] std::uint64_t UUID();
 	  private:
 		void Init();
--- a/src/CommandManager.cpp
+++ b/src/CommandManager.cpp
@@ -45,11 +45,9 @@ namespace OpenWifi {
 							std::lock_guard Lock(LocalMutex_);
 							auto RPC = OutStandingRequests_.find(ID);
 							if (RPC == OutStandingRequests_.end()) {
 								//								std::cout << __LINE__ << std::endl;
 								poco_debug(Logger(), fmt::format("({}): RPC {} cannot be found.",
 																 SerialNumberStr, ID));
 							} else if (RPC->second.SerialNumber != Resp->SerialNumber_) {
 								//								std::cout << __LINE__ << std::endl;
 								poco_debug(
 									Logger(),
 									fmt::format("({}): RPC {} serial number mismatch {}!={}.",
@@ -60,7 +58,6 @@ namespace OpenWifi {
 								std::chrono::duration<double, std::milli> rpc_execution_time =
 									std::chrono::high_resolution_clock::now() -
 									RPC->second.submitted;
 								//								std::cout << __LINE__ << std::endl;
 								poco_debug(Logger(),
 										   fmt::format("({}): Received RPC answer {}. Command={}",
 													   SerialNumberStr, ID,
@@ -140,7 +137,6 @@ namespace OpenWifi {
 				}
 			}
 		} else {
 			//				std::cout << __LINE__ << std::endl;
 		}
 		Command.State = 0;
@@ -163,7 +159,6 @@ namespace OpenWifi {
 		if (Command.rpc_entry) {
 			TmpRpcEntry = Command.rpc_entry;
 		}
 		//		std::cout << __LINE__ << "  State=" << Command.State << std::endl;
 		if (Command.State == 2) {
 			//	 look at the payload to see if we should continue or not...
 			if (Payload->has("result")) {
@@ -173,12 +168,10 @@ namespace OpenWifi {
 					std::uint64_t Error = Status->get("error");
 					if (Error == 0) {
 						//						std::cout << __LINE__ << std::endl;
 						StorageService()->CommandCompleted(Command.UUID, Payload,
 														   rpc_execution_time, true);
 						Command.State = 1;
 					} else {
 						//						std::cout << __LINE__ << std::endl;
 						StorageService()->CommandCompleted(Command.UUID, Payload,
 														   rpc_execution_time, true);
 						std::string ErrorTxt = Status->get("result");
@@ -186,14 +179,11 @@ namespace OpenWifi {
 						Command.State = 0;
 					}
 				} else {
 					//					std::cout << __LINE__ << std::endl;
 				}
 			} else {
 				//				std::cout << __LINE__ << std::endl;
 				Command.State = 0;
 			}
 		} else if (Command.State == 1) {
 			//			std::cout << "Completing script 2 phase commit." << std::endl;
 			StorageService()->CommandCompleted(Command.UUID, Payload, rpc_execution_time, true);
 			if (Command.Deferred) {
 				Reply = false;
@@ -202,7 +192,6 @@ namespace OpenWifi {
 		}
 		if (Command.State == 0) {
 			//			std::cout << __LINE__ << "  State=" << Command.State << std::endl;
 			OutStandingRequests_.erase(Command.Id);
 		}
 		if (Reply && TmpRpcEntry != nullptr)
@@ -262,8 +251,6 @@ namespace OpenWifi {
 		for (auto request = OutStandingRequests_.begin(); request != OutStandingRequests_.end();) {
 			std::chrono::duration<double, std::milli> delta = now - request->second.submitted;
 			if (delta > 10min) {
 				//				std::cout << __LINE__ << "  -->> " << request->second.Id <<
 				// std::endl;
 				MyLogger.debug(fmt::format("{}: Command={} for {} Timed out.", request->second.UUID,
 										   APCommands::to_string(request->second.Command),
 										   Utils::IntToSerialNumber(request->second.SerialNumber)));
@@ -275,8 +262,6 @@ namespace OpenWifi {
 				StorageService()->SetCommandTimedOut(request->second.UUID);
 				request = OutStandingRequests_.erase(request);
 			} else {
 				//				std::cout << __LINE__ << "  -->> " << request->second.Id <<
 				// std::endl;
 				++request;
 			}
 		}
@@ -467,4 +452,16 @@ namespace OpenWifi {
 		poco_warning(Logger(), fmt::format("{}: Failed to send command. ID: {}", UUID, RPC_ID));
 		return nullptr;
 	}
 	bool CommandManager::FireAndForget(const std::string &SerialNumber, const std::string &Method, const Poco::JSON::Object &Params) {
 		Poco::JSON::Object CompleteRPC;
 		CompleteRPC.set(uCentralProtocol::JSONRPC, uCentralProtocol::JSONRPC_VERSION);
 		CompleteRPC.set(uCentralProtocol::ID, 0);
 		CompleteRPC.set(uCentralProtocol::METHOD, Method);
 		CompleteRPC.set(uCentralProtocol::PARAMS, Params);
 		std::stringstream ToSend;
 		CompleteRPC.stringify(ToSend);
 		poco_debug(Logger(), fmt::format("{}: Fire and forget command {}.", SerialNumber, Method));
 		return AP_WS_Server()->SendFrame(SerialNumber, ToSend.str())>0;
 	}
 } // namespace OpenWifi
--- a/src/CommandManager.h
+++ b/src/CommandManager.h
@@ -12,7 +12,7 @@
 #include <functional>
 #include <future>
 #include <map>
-#include <shared_mutex>
+#include <mutex>
 #include <utility>
 #include "Poco/JSON/Object.h"
@@ -162,8 +162,10 @@ namespace OpenWifi {
 		inline auto CommandTimeout() const { return commandTimeOut_; }
 		inline auto CommandRetry() const { return commandRetry_; }
 		bool FireAndForget(const std::string &SerialNumber, const std::string &Method,
 						   const Poco::JSON::Object &Params);
 	  private:
-		mutable std::recursive_mutex LocalMutex_;
+		mutable std::mutex LocalMutex_;
 		std::atomic_bool Running_ = false;
 		Poco::Thread ManagerThread;
 		std::atomic_uint64_t Id_ = 3; //	do not start @1. We ignore ID=1 & 0 is illegal..
--- a/src/ConfigurationCache.h
+++ b/src/ConfigurationCache.h
@@ -11,12 +11,12 @@
 namespace OpenWifi {
 	class ConfigurationCache {
 	  public:
-		static ConfigurationCache &instance() {
+		static auto instance() {
-			static ConfigurationCache instance;
+			static auto instance = new ConfigurationCache;
 			return instance;
 		}
-		inline uint64_t CurrentConfig(uint64_t SerialNumber) {
+		inline uint64_t GetCurrentConfig(std::uint64_t SerialNumber) {
 			std::lock_guard G(Mutex_);
 			const auto Hint = Cache_.find(SerialNumber);
 			if (Hint == end(Cache_))
@@ -24,25 +24,25 @@ namespace OpenWifi {
 			return Hint->second;
 		}
-		inline void Add(uint64_t SerialNumber, uint64_t Id) {
+		inline void SetCurrentConfig(std::uint64_t SerialNumber, uint64_t Id) {
 			std::lock_guard G(Mutex_);
 			Cache_[SerialNumber] = Id;
 		}
 	  private:
-		std::recursive_mutex Mutex_;
+		std::mutex Mutex_;
 		std::map<uint64_t, uint64_t> Cache_;
 	};
-	inline uint64_t GetCurrentConfigurationID(uint64_t SerialNumber) {
+	inline auto GetCurrentConfigurationID(std::uint64_t SerialNumber) {
-		return ConfigurationCache::instance().CurrentConfig(SerialNumber);
+		return ConfigurationCache::instance()->GetCurrentConfig(SerialNumber);
 	}
-	inline void SetCurrentConfigurationID(const std::string &SerialNumber, uint64_t ID) {
+	inline void SetCurrentConfigurationID(const std::string &SerialNumber, std::uint64_t ID) {
-		return ConfigurationCache::instance().Add(Utils::SerialNumberToInt(SerialNumber), ID);
+		return ConfigurationCache::instance()->SetCurrentConfig(Utils::SerialNumberToInt(SerialNumber), ID);
 	}
-	inline void SetCurrentConfigurationID(uint64_t SerialNumber, uint64_t ID) {
+	inline void SetCurrentConfigurationID(uint64_t SerialNumber, std::uint64_t ID) {
-		return ConfigurationCache::instance().Add(SerialNumber, ID);
+		return ConfigurationCache::instance()->SetCurrentConfig(SerialNumber, ID);
 	}
 } // namespace OpenWifi
--- a/src/Daemon.cpp
+++ b/src/Daemon.cpp
@@ -49,7 +49,7 @@ namespace OpenWifi {
 				SignatureManager(), AP_WS_Server(),
 				RegulatoryInfo(),
 				RADIUSSessionTracker(),
-				AP_WS_ConfigAutoUpgrader(),
+			 	AP_WS_ConfigAutoUpgradeAgent(),
 				FirmwareRevisionCache()
 			});
 		return &instance;
@@ -78,7 +78,7 @@ namespace OpenWifi {
 			if (Id == DeviceType)
 				return Type;
 		}
-		return "AP";
+		return Platforms::AP;
 	}
 	void DaemonPostInitialization(Poco::Util::Application &self) {
--- a/src/Dashboard.cpp
+++ b/src/Dashboard.cpp
@@ -21,7 +21,6 @@ namespace OpenWifi {
 	void DeviceDashboard::Generate(GWObjects::Dashboard &D, Poco::Logger &Logger) {
 		if (GeneratingDashboard_.load()) {
 			// std::cout << "Trying to generate dashboard but already being generated" << std::endl;
 			while (GeneratingDashboard_.load()) {
 				Poco::Thread::trySleep(100);
 			}
@@ -31,7 +30,6 @@ namespace OpenWifi {
 			GeneratingDashboard_ = true;
 			ValidDashboard_ = false;
 			try {
 				// std::cout << "Generating dashboard." << std::endl;
 				poco_information(Logger, "DASHBOARD: Generating a new dashboard.");
 				GWObjects::Dashboard NewData;
 				StorageService()->AnalyzeCommands(NewData.commands);
--- a/src/FileUploader.h
+++ b/src/FileUploader.h
@@ -8,12 +8,12 @@
 #pragma once
-#include "Poco/Net/HTTPRequestHandler.h"
+#include <Poco/Net/HTTPRequestHandler.h>
-#include "Poco/Net/HTTPRequestHandlerFactory.h"
+#include <Poco/Net/HTTPRequestHandlerFactory.h>
-#include "Poco/Net/HTTPServer.h"
+#include <Poco/Net/HTTPServer.h>
-#include "Poco/Net/HTTPServerRequest.h"
+#include <Poco/Net/HTTPServerRequest.h>
-#include "framework/SubSystemServer.h"
+#include <framework/SubSystemServer.h>
 namespace OpenWifi {
--- a/src/GWKafkaEvents.h
+++ b/src/GWKafkaEvents.h
@@ -50,17 +50,27 @@ namespace OpenWifi {
 	class DeviceConfigurationChangeKafkaEvent : public GWKafkaEvents {
 	  public:
 		DeviceConfigurationChangeKafkaEvent(std::uint64_t serialNumber,
-											std::uint64_t timestamp, const std::string config)
+											std::uint64_t timestamp,
 											const Poco::JSON::Object::Ptr config)
 			: GWKafkaEvents(serialNumber, "unit.configuration_change", timestamp), config_(config) {
 		}
 		~DeviceConfigurationChangeKafkaEvent() {
-			payload_->set("configuration", config_);
+			if(config_!= nullptr) {
 				std::ostringstream os;
 				config_->stringify(os);
 				if(os.str().size()> KafkaManager()->KafkaManagerMaximumPayloadSize()) {
 					payload_->set("configuration", "{}");
 					payload_->set("configurationTooBig", true);
 				} else {
 					payload_->set("configuration", *config_);
 				}
 			}
 			Send();
 		}
 	  private:
-		std::string config_;
+		Poco::JSON::Object::Ptr config_;
 	};
 	class DeviceBlacklistedKafkaEvent : public GWKafkaEvents {
--- a/src/OUIServer.cpp
+++ b/src/OUIServer.cpp
@@ -28,7 +28,7 @@ namespace OpenWifi {
 		bool Recovered = false;
 		Poco::File OuiFile(CurrentOUIFileName_);
 		if (OuiFile.exists()) {
-			std::unique_lock Lock(LocalMutex_);
+			std::lock_guard Lock(LocalMutex_);
 			Recovered = ProcessFile(CurrentOUIFileName_, OUIs_);
 			if (Recovered) {
 				poco_notice(Logger(),
@@ -150,7 +150,7 @@ namespace OpenWifi {
 		OUIMap TmpOUIs;
 		if (GetFile(LatestOUIFileName_) && ProcessFile(LatestOUIFileName_, TmpOUIs)) {
-			std::unique_lock G(LocalMutex_);
+			std::lock_guard G(LocalMutex_);
 			OUIs_ = std::move(TmpOUIs);
 			LastUpdate_ = Utils::Now();
 			Poco::File F1(CurrentOUIFileName_);
@@ -163,7 +163,7 @@ namespace OpenWifi {
 		} else if (OUIs_.empty()) {
 			if (ProcessFile(CurrentOUIFileName_, TmpOUIs)) {
 				LastUpdate_ = Utils::Now();
-				std::unique_lock G(LocalMutex_);
+				std::lock_guard G(LocalMutex_);
 				OUIs_ = std::move(TmpOUIs);
 			}
 		}
@@ -173,7 +173,7 @@ namespace OpenWifi {
 	}
 	std::string OUIServer::GetManufacturer(const std::string &MAC) {
-		std::shared_lock Lock(LocalMutex_);
+		std::lock_guard Lock(LocalMutex_);
 		auto Manufacturer = OUIs_.find(Utils::SerialNumberToOUI(MAC));
 		if (Manufacturer != OUIs_.end())
--- a/src/OUIServer.h
+++ b/src/OUIServer.h
@@ -4,7 +4,7 @@
 #pragma once
-#include <shared_mutex>
+#include <mutex>
 #include "framework/SubSystemServer.h"
@@ -32,7 +32,7 @@ namespace OpenWifi {
 		[[nodiscard]] bool ProcessFile(const std::string &FileName, OUIMap &Map);
 	  private:
-		std::shared_mutex LocalMutex_;
+		std::mutex LocalMutex_;
 		uint64_t LastUpdate_ = 0;
 		bool Initialized_ = false;
 		OUIMap OUIs_;
--- a/src/ParseWifiScan.h
+++ b/src/ParseWifiScan.h
@@ -1753,7 +1753,6 @@ namespace OpenWifi {
 		nlohmann::json new_ie;
 		nlohmann::json content;
 		// std::cout << BufferToHex(&data[0],data.size()) << std::endl;
 		uint offset = 0;
 		auto sub_ie = data[offset++];
 		switch (sub_ie) {
@@ -1788,7 +1787,6 @@ namespace OpenWifi {
 		try {
 			nlohmann::json D = nlohmann::json::parse(ofs.str());
 			// std::cout << "Start of parsing wifi" << std::endl;
 			if (D.contains("status")) {
 				auto Status = D["status"];
 				if (Status.contains("scan") && Status["scan"].is_array()) {
@@ -1803,8 +1801,6 @@ namespace OpenWifi {
 									if (ie.contains("type") && ie.contains("data")) {
 										uint64_t ie_type = ie["type"];
 										std::string ie_data = ie["data"];
 										// std::cout << "TYPE:" << ie_type << "  DATA:" << ie_data
 										// << std::endl;
 										auto data = Base64Decode2Vec(ie_data);
 										if (ie_type == ieee80211_eid::WLAN_EID_COUNTRY) {
 											new_ies.push_back(WFS_WLAN_EID_COUNTRY(data));
@@ -1858,18 +1854,12 @@ namespace OpenWifi {
 										} else if (ie_type == ieee80211_eid::WLAN_EID_EXTENSION) {
 											new_ies.push_back(WFS_WLAN_EID_EXTENSION(data));
 										} else {
 											// std::cout
 											//	<< "Skipping IE: no parsing available: " << ie_type
 											//	<< std::endl;
 											new_ies.push_back(ie);
 										}
 									} else {
 										// std::cout << "Skipping IE: no data and type" <<
 										// std::endl;
 										new_ies.push_back(ie);
 									}
 								} catch (...) {
 									// std::cout << "Skipping IE: exception" << std::endl;
 									Logger.information(fmt::format("Error parsing IEs"));
 									new_ies.push_back(ie);
 								}
@@ -1877,7 +1867,6 @@ namespace OpenWifi {
 							scan_entry["ies"] = new_ies;
 							ParsedScan.push_back(scan_entry);
 						} else {
 							// std::cout << "Skipping scan" << std::endl;
 							ParsedScan.push_back(scan_entry);
 						}
 					}
@@ -1886,7 +1875,6 @@ namespace OpenWifi {
 				}
 			}
 			Result << to_string(D);
 			// std::cout << "End of parsing wifi" << std::endl;
 			return true;
 		} catch (const Poco::Exception &E) {
 			Logger.log(E);
--- a/src/RADIUSSessionTracker.cpp
+++ b/src/RADIUSSessionTracker.cpp
@@ -177,15 +177,6 @@ namespace OpenWifi {
 		} else {
 			session_hint->second->lastTransaction = Utils::Now();
 		}
 /*
 		if(ap_hint!=AccountingSessions_.end()) {
 			std::cout << "Auth table:" << std::endl;
 			for(const auto &session:ap_hint->second) {
 				std::cout << Notification.SerialNumber_ << ":  Index: " << session.first << ": ID: " << session.second->accountingSessionId << "  MID:" << session.second->accountingMultiSessionId << std::endl;
 			}
 		}
 */
 	}
 	std::uint32_t GetUiInt32(const std::uint8_t *buf) {
@@ -423,15 +414,15 @@ namespace OpenWifi {
 	}
 	void RADIUSSessionTracker::DisconnectSession(const std::string &SerialNumber) {
 		poco_information(Logger(),fmt::format("{}: Disconnecting.", SerialNumber));
 		std::lock_guard		Guard(Mutex_);
 		auto hint = AccountingSessions_.find(SerialNumber);
 		if(hint==end(AccountingSessions_)) {
 			return;
 		}
 		poco_information(Logger(),fmt::format("{}: Disconnecting.", SerialNumber));
 		//	we need to go through all sessions and send an accounting stop
 		for(const auto &session:hint->second) {
 			poco_debug(Logger(), fmt::format("Stopping accounting for {}:{}", SerialNumber, session.first ));
--- a/src/RADIUS_Destination.h
+++ b/src/RADIUS_Destination.h
@@ -0,0 +1,747 @@
 //
 // Created by stephane bourque on 2022-08-15.
 //
 #pragma once
 #include <fstream>
 #include <iostream>
 #include "RESTObjects/RESTAPI_GWobjects.h"
 #include "Poco/Crypto/X509Certificate.h"
 #include "Poco/Crypto/RSAKey.h"
 #include "Poco/Net/Context.h"
 #include "Poco/Net/NetException.h"
 #include "Poco/Net/SecureStreamSocket.h"
 #include "Poco/Net/SocketReactor.h"
 #include "Poco/TemporaryFile.h"
 #include "framework/MicroServiceFuncs.h"
 #include "fmt/format.h"
 #include "AP_WS_Server.h"
 #include "RADIUS_helpers.h"
 #include <RESTObjects/RESTAPI_GWobjects.h>
 namespace OpenWifi {
 	class RADIUS_Destination : public Poco::Runnable {
 	  public:
 		RADIUS_Destination(Poco::Net::SocketReactor &R, const GWObjects::RadiusProxyPool &P)
 			: Reactor_(R),
 			  Logger_(Poco::Logger::get(
 				  fmt::format("RADSEC: {}", P.name))),
 			  Pool_(P)
 		{
 			Type_ = GWObjects::RadiusEndpointType(P.radsecPoolType);
 			Start();
 		}
 		~RADIUS_Destination() override { Stop(); }
 		const int SMALLEST_RADIUS_PACKET = 20 + 19 + 4;
 		const int DEFAULT_RADIUS_AUTHENTICATION_PORT = 1812;
 		const int DEFAULT_RADIUS_ACCOUNTING_PORT = 1813;
 		const int DEFAULT_RADIUS_CoA_PORT = 3799;
 		inline int Start() {
 			ReconnectThread_.start(*this);
 			return 0;
 		}
 		inline void Stop() {
 			TryAgain_ = false;
 			Disconnect();
 			ReconnectThread_.wakeUp();
 			ReconnectThread_.join();
 		}
 		inline void run() final {
 			Poco::Thread::trySleep(5000);
 			std::uint64_t CurrentDelay = 10, maxDelay=300, LastTry=0, LastKeepAlive=0;
 			while (TryAgain_) {
 				if (!Connected_) {
 					if(!LastTry || (Utils::Now()-LastTry)>CurrentDelay) {
 						LastTry = Utils::Now();
 						if (!Connect()) {
 							CurrentDelay *= 2;
 							if(CurrentDelay>maxDelay) CurrentDelay=10;
 						} else {
 							CurrentDelay = 10;
 						}
 					}
 				} else if ((Utils::Now() - LastKeepAlive) > Pool_.radsecKeepAlive) {
 					RADIUS::RadiusOutputPacket P(Pool_.authConfig.servers[ServerIndex_].radsecSecret);
 					P.MakeStatusMessage(Pool_.authConfig.servers[ServerIndex_].name);
 					if(Type_!=GWObjects::RadiusEndpointType::generic) {
 						poco_trace(Logger_, fmt::format("{}: Keep-Alive message.", Pool_.authConfig.servers[ServerIndex_].name));
 						Socket_->sendBytes(P.Data(), P.Len());
 					}
 					LastKeepAlive = Utils::Now();
 				}
 				Poco::Thread::trySleep(2000);
 			}
 		}
 		inline bool SendData(const std::string &serial_number, const unsigned char *buffer,
 							 int length) {
 			try {
 				if (Connected_) {
 					RADIUS::RadiusPacket P(buffer, length);
 					int sent_bytes;
 					if (P.VerifyMessageAuthenticator(Pool_.authConfig.servers[ServerIndex_].radsecSecret)) {
 						poco_trace(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
 														P.PacketType(), length));
 						sent_bytes = Socket_->sendBytes(buffer, length);
 					} else {
 						poco_trace(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
 														P.PacketType(), length));
 						P.ComputeMessageAuthenticator(Pool_.authConfig.servers[ServerIndex_].radsecSecret);
 						sent_bytes = Socket_->sendBytes(P.Buffer(), length);
 					}
 					return (sent_bytes == length);
 				}
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 			} catch (...) {
 				poco_warning(Logger_, "Exception occurred: while sending data.");
 			}
 			return false;
 		}
 		inline void
 		onData([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 			unsigned char Buffer[4096];
 			try {
 				auto NumberOfReceivedBytes = Socket_->receiveBytes(Buffer, sizeof(Buffer));
 				std::string ReplySource;
 				if (NumberOfReceivedBytes >= 20) {
 					RADIUS::RadiusPacket P(Buffer, NumberOfReceivedBytes);
 					if (P.IsAuthentication()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 						if (!SerialNumber.empty()) {
 							poco_debug(Logger_,
 									   fmt::format("{}: {}:{} Received {} bytes.", SerialNumber,
 												   P.PacketType(),
 												   P.PacketTypeToString(),
 												   NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, Buffer,
 																		 NumberOfReceivedBytes);
 						} else if(P.IsStatusMessageReply(ReplySource)) {
 							poco_debug(Logger_,
 									   fmt::format("{}: Keepalive message received.", ReplySource));
 						} else {
 							poco_debug(Logger_, "AUTH packet dropped.");
 						}
 					} else if (P.IsAccounting()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 						if (!SerialNumber.empty()) {
 							poco_debug(Logger_,
 									   fmt::format("{}: {}:{} Received {} bytes.", SerialNumber,
 												   P.PacketType(),
 												   P.PacketTypeToString(), NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusAccountingData(SerialNumber, Buffer,
 																	 NumberOfReceivedBytes);
 						} else {
 							poco_debug(Logger_, "ACCT packet dropped.");
 						}
 					} else if (P.IsAuthority()) {
 						auto SerialNumber = P.ExtractSerialNumberTIP();
 						if (!SerialNumber.empty()) {
 							poco_debug(Logger_,
 									   fmt::format("{}: {}:{} Received {} bytes.", SerialNumber,
 												   P.PacketType(),
 												   P.PacketTypeToString(), NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusCoAData(SerialNumber, Buffer,
 															  NumberOfReceivedBytes);
 						} else {
 							poco_debug(Logger_, "CoA/DM packet dropped.");
 						}
 					} else {
 						poco_warning(Logger_,
 									 fmt::format("Unknown packet: Type: {} (type={}) Length={}",
 												 P.PacketType(), P.PacketTypeInt(), P.BufferLen()));
 					}
 					return;
 				} else {
 					poco_warning(Logger_, "Invalid packet received. Resetting the connection.");
 				}
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 			} catch (...) {
 				poco_warning(Logger_, "Exception occurred. Resetting the connection.");
 			}
 			Disconnect();
 		}
 		inline void
 		onError([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ErrorNotification> &pNf) {
 			poco_warning(Logger_, "Socker error. Terminating connection.");
 			Disconnect();
 		}
 		inline void
 		onShutdown([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ShutdownNotification> &pNf) {
 			poco_warning(Logger_, "Socker socket shutdown. Terminating connection.");
 			Disconnect();
 		}
 		inline void OnAccountingSocketReadable(
 			const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 			Poco::Net::SocketAddress Sender;
 			RADIUS::RadiusPacket P;
 			auto ReceiveSize = pNf->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 			if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 				poco_warning(Logger_, "Accounting: bad packet received.");
 				return;
 			}
 			P.Evaluate(ReceiveSize);
 			auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 			if (SerialNumber.empty()) {
 				poco_warning(Logger_, "Accounting: missing serial number. Dropping request.");
 				return;
 			}
 			poco_debug(
 				Logger_,
 				fmt::format(
 					"Accounting Packet Response received for {}", SerialNumber ));
 			AP_WS_Server()->SendRadiusAccountingData(SerialNumber, P.Buffer(), P.Size());
 		}
 		inline void OnAuthenticationSocketReadable(
 			const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 			Poco::Net::SocketAddress Sender;
 			RADIUS::RadiusPacket P;
 			auto ReceiveSize = pNf->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 			if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 				poco_warning(Logger_, "Authentication: bad packet received.");
 				return;
 			}
 			P.Evaluate(ReceiveSize);
 			if(Logger_.trace()) {
 				P.Log(std::cout);
 			}
 			auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 			if (SerialNumber.empty()) {
 				poco_warning(Logger_, "Authentication: missing serial number. Dropping request.");
 				return;
 			}
 			auto CallingStationID = P.ExtractCallingStationID();
 			auto CalledStationID = P.ExtractCalledStationID();
 			poco_debug(
 				Logger_,
 				fmt::format(
 					"Authentication Packet received for {}, CalledStationID: {}, CallingStationID:{}",
 					SerialNumber, CalledStationID, CallingStationID));
 			AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, P.Buffer(), P.Size());
 		}
 		inline void OnCoASocketReadable(
 			const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 			Poco::Net::SocketAddress Sender;
 			RADIUS::RadiusPacket P;
 			auto ReceiveSize = pNf.get()->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 			if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 				poco_warning(Logger_, "CoA/DM: bad packet received.");
 				return;
 			}
 			P.Evaluate(ReceiveSize);
 			auto SerialNumber = P.ExtractSerialNumberTIP();
 			if (SerialNumber.empty()) {
 				poco_warning(Logger_, "CoA/DM: missing serial number. Dropping request.");
 				return;
 			}
 			auto CallingStationID = P.ExtractCallingStationID();
 			auto CalledStationID = P.ExtractCalledStationID();
 			poco_debug(
 				Logger_,
 				fmt::format("CoA Packet received for {}, CalledStationID: {}, CallingStationID:{}",
 							SerialNumber, CalledStationID, CallingStationID));
 			AP_WS_Server()->SendRadiusCoAData(SerialNumber, P.Buffer(), P.Size());
 		}
 		static inline bool IsExpired(const Poco::Crypto::X509Certificate &C) {
 			return C.expiresOn().timestamp().epochTime() < (std::time_t)Utils::Now();
 		}
 		static inline void Cat(const std::string &F1, const std::string & F2, const std::string &F) {
 			std::ofstream of(F.c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary);
 			std::ifstream if1(F1.c_str(),std::ios_base::binary|std::ios_base::in);
 			Poco::StreamCopier::copyStream(if1,of);
 			of << std::endl;
 			std::ifstream if2(F2.c_str(),std::ios_base::binary|std::ios_base::in);
 			Poco::StreamCopier::copyStream(if2,of);
 			of << std::endl;
 			of.close();
 		}
 		inline bool Connect_GlobalReach() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 				Poco::TemporaryFile CertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile KeyFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile OpenRoamingRootCertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile Intermediate0(MicroServiceDataDirectory());
 				Poco::TemporaryFile Intermediate1(MicroServiceDataDirectory());
 				DecodeFile(KeyFile_.path(), Pool_.acctConfig.servers[ServerIndex_].radsecKey);
 				DecodeFile(CertFile_.path(), Pool_.acctConfig.servers[ServerIndex_].radsecCert);
 				DecodeFile(Intermediate0.path(), Pool_.acctConfig.servers[ServerIndex_].radsecCacerts[0]);
 				DecodeFile(Intermediate1.path(), Pool_.acctConfig.servers[ServerIndex_].radsecCacerts[1]);
 				const static std::string OpenRoamingRootCert{
 					"-----BEGIN CERTIFICATE-----\n"
 					"MIIClDCCAhugAwIBAgIUF1f+h+uJNHyr+ZqTpwew8LYRAW0wCgYIKoZIzj0EAwMw\n"
 					"gYkxCzAJBgNVBAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRv\n"
 					"bjEsMCoGA1UEChMjR2xvYmFsUmVhY2ggVGVjaG5vbG9neSBFTUVBIExpbWl0ZWQx\n"
 					"KjAoBgNVBAMTIUdsb2JhbFJlYWNoIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0y\n"
 					"MzA3MTQwOTMyMDBaFw00MzA3MDkwOTMyMDBaMIGJMQswCQYDVQQGEwJHQjEPMA0G\n"
 					"A1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xLDAqBgNVBAoTI0dsb2JhbFJl\n"
 					"YWNoIFRlY2hub2xvZ3kgRU1FQSBMaW1pdGVkMSowKAYDVQQDEyFHbG9iYWxSZWFj\n"
 					"aCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARy\n"
 					"f02umFNy5W/TtM5nfMaLhRF61vLxhT8iNQHR1mXiRmNdME3ArForBcAm2eolHPcJ\n"
 					"RH9DcXs59d2zzoPEaBjXADTCjUts3F7G6fjqvfki2e/txx/xfUopQO8G54XcFWqj\n"
 					"QjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRS\n"
 					"tNe7MgAFwTaMZKUtS1/8pVoBqjAKBggqhkjOPQQDAwNnADBkAjA7VKHTybtSMBcN\n"
 					"717jGYvkWlcj4c9/LzPtkHO053wGsPigaq+1SjY7tDhS/g9oUQACMA6UqH2e8cfn\n"
 					"cZqmBNVNN3DBjIb4anug7F+FnYOQF36ua6MLBeGn3aKxvu1aO+hjPg==\n"
 					"-----END CERTIFICATE-----\n"};
 				std::ofstream ofs{OpenRoamingRootCertFile_.path().c_str(),
 								  std::ios_base::trunc | std::ios_base::out |
 									  std::ios_base::binary};
 				ofs << OpenRoamingRootCert;
 				ofs.close();
 				auto SecureContext = Poco::AutoPtr<Poco::Net::Context>(
 					new Poco::Net::Context(Poco::Net::Context::TLS_CLIENT_USE, ""));
 				if (Pool_.acctConfig.servers[ServerIndex_].allowSelfSigned) {
 					SecureContext->setSecurityLevel(Poco::Net::Context::SECURITY_LEVEL_NONE);
 					SecureContext->enableExtendedCertificateVerification(false);
 				}
 				SecureContext->usePrivateKey(Poco::Crypto::RSAKey("", KeyFile_.path(), ""));
 				Poco::Crypto::X509Certificate Cert(CertFile_.path());
 				if (!IsExpired(Cert)) {
 					SecureContext->useCertificate(Poco::Crypto::X509Certificate(CertFile_.path()));
 				} else {
 					poco_error(
 						Logger_,
 						fmt::format(
 							"Certificate for {} has expired. We cannot connect to this server.",
 							Pool_.acctConfig.servers[ServerIndex_].name));
 					return false;
 				}
 				SecureContext->addCertificateAuthority(
 					Poco::Crypto::X509Certificate(OpenRoamingRootCertFile_.path()));
 				SecureContext->addChainCertificate(
 					Poco::Crypto::X509Certificate(Intermediate0.path()));
 				SecureContext->addChainCertificate(
 					Poco::Crypto::X509Certificate(Intermediate1.path()));
 				SecureContext->enableExtendedCertificateVerification(false);
 				Socket_ = std::make_unique<Poco::Net::SecureStreamSocket>(SecureContext);
 				ServerIndex_ = 0 ;
 				for (const auto &PoolEntryServer : Pool_.acctConfig.servers) {
 					Poco::Net::SocketAddress Destination(PoolEntryServer.ip, PoolEntryServer.port);
 					try {
 						poco_information(Logger_, fmt::format("Attempting to connect to {}", CommonName()));
 						Socket_->connect(Destination, Poco::Timespan(20, 0));
 						Socket_->completeHandshake();
 						if (!Pool_.authConfig.servers[ServerIndex_].allowSelfSigned) {
 							Socket_->verifyPeerCertificate();
 						}
 						if (Socket_->havePeerCertificate()) {
 							Peer_Cert_ = std::make_unique<Poco::Crypto::X509Certificate>(
 								Socket_->peerCertificate());
 						}
 						Socket_->setBlocking(false);
 						Socket_->setNoDelay(true);
 						Socket_->setKeepAlive(true);
 						Socket_->setReceiveTimeout(Poco::Timespan(1 * 60 * 60, 0));
 						Reactor_.addEventHandler(
 							*Socket_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::onData));
 						Reactor_.addEventHandler(
 							*Socket_, Poco::NObserver<RADIUS_Destination, Poco::Net::ErrorNotification>(
 										  *this, &RADIUS_Destination::onError));
 						Reactor_.addEventHandler(
 							*Socket_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ShutdownNotification>(
 								*this, &RADIUS_Destination::onShutdown));
 						Connected_ = true;
 						poco_information(Logger_, fmt::format("Connected. CN={}", CommonName()));
 						return true;
 					} catch (const Poco::Net::NetException &E) {
 						poco_warning(Logger_, "NetException: Could not connect.");
 						Logger_.log(E);
 					} catch (const Poco::Exception &E) {
 						poco_warning(Logger_, "Exception: Could not connect.");
 						Logger_.log(E);
 					} catch (...) {
 						poco_warning(Logger_, "Could not connect.");
 					}
 					ServerIndex_++;
 				}
 			}
 			ServerIndex_=0;
 			return false;
 		}
 		inline bool Connect_Orion() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 				Poco::TemporaryFile CertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile KeyFile_(MicroServiceDataDirectory());
 				std::vector<std::unique_ptr<Poco::TemporaryFile>> CaCertFiles_;
 				DecodeFile(CertFile_.path(), Pool_.acctConfig.servers[ServerIndex_].radsecCert);
 				DecodeFile(KeyFile_.path(), Pool_.acctConfig.servers[ServerIndex_].radsecKey);
 				Poco::Crypto::X509Certificate	Cert(CertFile_.path());
 				if(IsExpired(Cert)) {
 					poco_error(Logger_, fmt::format("Certificate for {} has expired. We cannot connect to this server.", Pool_.acctConfig.servers[ServerIndex_].name));
 					return false;
 				}
 				for (auto &cert : Pool_.acctConfig.servers[ServerIndex_].radsecCacerts) {
 					CaCertFiles_.emplace_back(
 						std::make_unique<Poco::TemporaryFile>(MicroServiceDataDirectory()));
 					DecodeFile(CaCertFiles_[CaCertFiles_.size() - 1]->path(), cert);
 				}
 				auto SecureContext =
 					Poco::AutoPtr<Poco::Net::Context>(new Poco::Net::Context(
 						Poco::Net::Context::TLS_CLIENT_USE, KeyFile_.path(), CertFile_.path(), ""));
 				if (Pool_.acctConfig.servers[ServerIndex_].allowSelfSigned) {
 					SecureContext->setSecurityLevel(Poco::Net::Context::SECURITY_LEVEL_NONE);
 					SecureContext->enableExtendedCertificateVerification(false);
 				}
 				for (const auto &ca : CaCertFiles_) {
 					Poco::Crypto::X509Certificate cert(ca->path());
 					SecureContext->addCertificateAuthority(cert);
 				}
 				Socket_ = std::make_unique<Poco::Net::SecureStreamSocket>(SecureContext);
 				ServerIndex_ = 0 ;
 				for (const auto &PoolEntryServer : Pool_.acctConfig.servers) {
 					Poco::Net::SocketAddress Destination(PoolEntryServer.ip, PoolEntryServer.port);
 					try {
 						poco_information(Logger_, "Attempting to connect");
 						Socket_->connect(Destination, Poco::Timespan(100, 0));
 						Socket_->completeHandshake();
 						if (!Pool_.authConfig.servers[ServerIndex_].allowSelfSigned) {
 							Socket_->verifyPeerCertificate();
 						}
 						if (Socket_->havePeerCertificate()) {
 							Peer_Cert_ = std::make_unique<Poco::Crypto::X509Certificate>(
 								Socket_->peerCertificate());
 						}
 						Socket_->setBlocking(false);
 						Socket_->setNoDelay(true);
 						Socket_->setKeepAlive(true);
 						Socket_->setReceiveTimeout(Poco::Timespan(1 * 60 * 60, 0));
 						Reactor_.addEventHandler(
 							*Socket_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::onData));
 						Reactor_.addEventHandler(
 							*Socket_, Poco::NObserver<RADIUS_Destination, Poco::Net::ErrorNotification>(
 										  *this, &RADIUS_Destination::onError));
 						Reactor_.addEventHandler(
 							*Socket_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ShutdownNotification>(
 								*this, &RADIUS_Destination::onShutdown));
 						Connected_ = true;
 						poco_information(Logger_, fmt::format("Connected. CN={}", CommonName()));
 						return true;
 					} catch (const Poco::Net::NetException &E) {
 						poco_information(Logger_, "Could not connect.");
 						Logger_.log(E);
 					} catch (const Poco::Exception &E) {
 						poco_information(Logger_, "Could not connect.");
 						Logger_.log(E);
 					} catch (...) {
 						poco_information(Logger_, "Could not connect.");
 					}
 					ServerIndex_++;
 				}
 			}
 			ServerIndex_=0;
 			return false;
 		}
 		inline bool Connect_Generic() {
 			poco_information(Logger_, fmt::format("Connecting {}", Pool_.name));
 			if (TryAgain_ && !Connected_) {
 				std::lock_guard G(LocalMutex_);
 				Poco::Net::SocketAddress AuthSockAddrV4(
 					Poco::Net::AddressFamily::IPv4,
 					MicroServiceConfigGetInt("radius.proxy.authentication.port",
 											 DEFAULT_RADIUS_AUTHENTICATION_PORT));
 				AuthenticationSocketV4_ =
 					std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV4, true, true);
 				Poco::Net::SocketAddress AcctSockAddrV4(
 					Poco::Net::AddressFamily::IPv4,
 					MicroServiceConfigGetInt("radius.proxy.accounting.port",
 											 DEFAULT_RADIUS_ACCOUNTING_PORT));
 				AccountingSocketV4_ =
 					std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV4, true, true);
 				Poco::Net::SocketAddress CoASockAddrV4(
 					Poco::Net::AddressFamily::IPv4,
 					MicroServiceConfigGetInt("radius.proxy.coa.port", DEFAULT_RADIUS_CoA_PORT));
 				CoASocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV4, true, true);
 				Reactor_.addEventHandler(
 					*AuthenticationSocketV4_,
 					Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 						*this, &RADIUS_Destination::OnAuthenticationSocketReadable));
 				Reactor_.addEventHandler(
 					*AccountingSocketV4_,
 					Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 						*this, &RADIUS_Destination::OnAccountingSocketReadable));
 				Reactor_.addEventHandler(
 					*CoASocketV4_, Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 									   *this, &RADIUS_Destination::OnCoASocketReadable));
 /*
 				Poco::Net::SocketAddress AuthSockAddrV6(
 					Poco::Net::AddressFamily::IPv6,
 					MicroServiceConfigGetInt("radius.proxy.authentication.port",
 											 DEFAULT_RADIUS_AUTHENTICATION_PORT));
 				AuthenticationSocketV6_ =
 					std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV6, true, true);
 				Poco::Net::SocketAddress AcctSockAddrV6(
 					Poco::Net::AddressFamily::IPv6,
 					MicroServiceConfigGetInt("radius.proxy.accounting.port",
 											 DEFAULT_RADIUS_AUTHENTICATION_PORT));
 				AccountingSocketV6_ =
 					std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV6, true, true);
 				Poco::Net::SocketAddress CoASockAddrV6(
 					Poco::Net::AddressFamily::IPv6,
 					MicroServiceConfigGetInt("radius.proxy.coa.port", DEFAULT_RADIUS_CoA_PORT));
 				CoASocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV6, true, true);
 				Reactor_.addEventHandler(
 					*AuthenticationSocketV6_,
 					Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 						*this, &RADIUS_Destination::OnAuthenticationSocketReadable));
 				Reactor_.addEventHandler(
 					*AccountingSocketV6_,
 					Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 						*this, &RADIUS_Destination::OnAccountingSocketReadable));
 				Reactor_.addEventHandler(
 					*CoASocketV6_, Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 									   *this, &RADIUS_Destination::OnCoASocketReadable));
 */
 				Connected_ = true;
 			}
 			return true;
 		}
 		inline bool Connect_Radsec() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 			}
 			return true;
 		}
 		inline bool Connect() {
 			switch(Type_) {
 			case GWObjects::RadiusEndpointType::orion: return Connect_Orion();
 			case GWObjects::RadiusEndpointType::globalreach: return Connect_GlobalReach();
 			case GWObjects::RadiusEndpointType::radsec: return Connect_Radsec();
 			default:
 				return Connect_Generic();
 			}
 		}
 		inline void Disconnect() {
 			if (Connected_) {
 				std::lock_guard G(LocalMutex_);
 				if(Type_==GWObjects::RadiusEndpointType::generic) {
 					poco_information(Logger_, fmt::format("Disconnecting {} generic server. Releasing all UDP resources.", Pool_.name));
 					if(AuthenticationSocketV4_) {
 						Reactor_.removeEventHandler(
 							*AuthenticationSocketV4_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnAuthenticationSocketReadable));
 						AuthenticationSocketV4_->close();
 						AuthenticationSocketV4_.reset();
 					}
 					if(AccountingSocketV4_) {
 						Reactor_.removeEventHandler(
 							*AccountingSocketV4_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnAccountingSocketReadable));
 						AccountingSocketV4_->close();
 						AccountingSocketV4_.reset();
 					}
 					if(CoASocketV4_) {
 						Reactor_.removeEventHandler(
 							*CoASocketV4_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnCoASocketReadable));
 						CoASocketV4_->close();
 						CoASocketV4_.reset();
 					}
 /*
 					if(AuthenticationSocketV6_) {
 						Reactor_.removeEventHandler(
 							*AuthenticationSocketV6_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnAuthenticationSocketReadable));
 						AuthenticationSocketV6_->close();
 						AuthenticationSocketV6_.reset();
 					}
 					if(AccountingSocketV6_) {
 						Reactor_.removeEventHandler(
 							*AccountingSocketV6_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnAccountingSocketReadable));
 						AccountingSocketV6_->close();
 						AccountingSocketV6_.reset();
 					}
 					if(CoASocketV6_) {
 						Reactor_.removeEventHandler(
 							*CoASocketV6_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 								*this, &RADIUS_Destination::OnCoASocketReadable));
 						CoASocketV6_->close();
 						CoASocketV6_.reset();
 					}
 */
 				} else {
 					if(Socket_!=nullptr) {
 						Reactor_.removeEventHandler(
 							*Socket_, Poco::NObserver<RADIUS_Destination, Poco::Net::ReadableNotification>(
 										  *this, &RADIUS_Destination::onData));
 						Reactor_.removeEventHandler(
 							*Socket_, Poco::NObserver<RADIUS_Destination, Poco::Net::ErrorNotification>(
 										  *this, &RADIUS_Destination::onError));
 						Reactor_.removeEventHandler(
 							*Socket_,
 							Poco::NObserver<RADIUS_Destination, Poco::Net::ShutdownNotification>(
 								*this, &RADIUS_Destination::onShutdown));
 						Socket_->close();
 					}
 				}
 				Connected_ = false;
 			}
 			poco_information(Logger_, fmt::format("Disconnecting {}", Pool_.name));
 		}
 		static void DecodeFile(const std::string &filename, const std::string &s) {
 			std::ofstream sec_file(filename, std::ios_base::out | std::ios_base::trunc |
 												 std::ios_base::binary);
 			std::stringstream is(s);
 			Poco::Base64Decoder ds(is);
 			Poco::StreamCopier::copyStream(ds, sec_file);
 			sec_file.close();
 		}
 		[[nodiscard]] inline std::string CommonName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->commonName();
 			return "";
 		}
 		[[nodiscard]] inline std::string IssuerName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->issuerName();
 			return "";
 		}
 		[[nodiscard]] inline std::string SubjectName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->subjectName();
 			return "";
 		}
 		const auto &Pool() const { return Pool_; }
 		auto ServerType() const { return Type_; }
 		inline bool SendRadiusDataAuthData(const std::string &serialNumber, const unsigned char *buffer, std::size_t  size) {
 			poco_trace(Logger_, fmt::format("{}: Sending RADIUS Auth {} bytes.", serialNumber, size));
 			AuthenticationSocketV4_->sendTo(buffer, size, Poco::Net::SocketAddress(Pool_.authConfig.servers[0].ip, Pool_.authConfig.servers[0].port));
 			return true;
 		}
 		inline bool SendRadiusDataAcctData(const std::string &serialNumber, const unsigned char *buffer, std::size_t  size) {
 			poco_trace(Logger_, fmt::format("{}: Sending RADIUS Acct {} bytes.", serialNumber, size));
 			AccountingSocketV4_->sendTo(buffer, size, Poco::Net::SocketAddress(Pool_.acctConfig.servers[0].ip, Pool_.acctConfig.servers[0].port));
 			return true;
 		}
 		inline bool SendRadiusDataCoAData(const std::string &serialNumber, const unsigned char *buffer, std::size_t  size) {
 			poco_trace(Logger_, fmt::format("{}: Sending RADIUS CoA {} bytes.", serialNumber, size));
 			CoASocketV4_->sendTo(buffer, size, Poco::Net::SocketAddress(Pool_.coaConfig.servers[0].ip, Pool_.coaConfig.servers[0].port));
 			return true;
 		}
 	  private:
 		std::recursive_mutex 							LocalMutex_;
 		Poco::Net::SocketReactor 						&Reactor_;
 		Poco::Logger 									&Logger_;
 		std::unique_ptr<Poco::Net::SecureStreamSocket> 	Socket_;
 		std::unique_ptr<Poco::Net::DatagramSocket> 		AccountingSocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket> 		AuthenticationSocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket> 		CoASocketV4_;
 /*
 		std::unique_ptr<Poco::Net::DatagramSocket> 		CoASocketV6_;
 		std::unique_ptr<Poco::Net::DatagramSocket> 		AccountingSocketV6_;
 		std::unique_ptr<Poco::Net::DatagramSocket> 		AuthenticationSocketV6_;
 */
 		Poco::Thread 									ReconnectThread_;
 		std::unique_ptr<Poco::Crypto::X509Certificate> 	Peer_Cert_;
 		volatile bool 									Connected_ = false;
 		volatile bool 									TryAgain_ = true;
 		enum GWObjects::RadiusEndpointType				Type_{GWObjects::RadiusEndpointType::unknown};
 		GWObjects::RadiusProxyPool						Pool_;
 		uint64_t 										ServerIndex_=0;
 	};
 } // namespace OpenWifi
--- a/src/RADIUS_helpers.h
+++ b/src/RADIUS_helpers.h
@@ -14,6 +14,8 @@
 #include "Poco/Net/SocketAddress.h"
 #include "Poco/StringTokenizer.h"
 #include <framework/utils.h>
 namespace OpenWifi::RADIUS {
 	//	Packet types
@@ -407,6 +409,15 @@ namespace OpenWifi::RADIUS {
 		friend std::ostream &operator<<(std::ostream &os, RadiusPacket const &P);
 		[[nodiscard]] inline std::string PacketTypeToString() const {
 			for(auto const &Name:radius_command_values) {
 				if(Name.cmd == P_.code)
 					return Name.name;
 			}
 			return "Unknown";
 		}
 		inline bool IsAuthentication() {
 			return (P_.code == RADIUS::Access_Request || P_.code == RADIUS::Access_Accept ||
 					P_.code == RADIUS::Access_Challenge || P_.code == RADIUS::Access_Reject ||
@@ -427,6 +438,25 @@ namespace OpenWifi::RADIUS {
 					P_.code == RADIUS::CoA_ACK || P_.code == RADIUS::CoA_NAK);
 		}
 		inline bool IsStatusMessageReply(std::string &ReplySource) {
 			std::string Result;
 			for (const auto &attribute : Attrs_) {
 				if (attribute.type == RADIUS::Attributes::PROXY_STATE) {
 					std::string Attr33;
 					// format is statis:server name
 					Attr33.assign((const char *)(const char *)&P_.attributes[attribute.pos],
 								  attribute.len);
 					auto Parts = Poco::StringTokenizer(Attr33, ":");
 					if(Parts.count() == 2 && Parts[0] == "status") {
 						ReplySource = Parts[1];
 						return true;
 					}
 					return false;
 				}
 			}
 			DBGLINE
 			return false;
 		}
 		void Log(std::ostream &os) {
 			uint16_t p = 0;
@@ -663,6 +693,29 @@ namespace OpenWifi::RADIUS {
 			return Result;
 		}
 		std::uint32_t ExtractProxyStateDestinationIPint() const {
 			std::string Result;
 			for (const auto &attribute : Attrs_) {
 				if (attribute.type == RADIUS::Attributes::PROXY_STATE && attribute.len > 2) {
 					std::string Attr33;
 					// format is
 					Attr33.assign((const char *)(const char *)&P_.attributes[attribute.pos],
 								  attribute.len);
 					auto Parts = Poco::StringTokenizer(Attr33, "|");
 					if (Parts.count() == 4) {
 						return Utils::IPtoInt(Parts[1]);
 					}
 					Parts = Poco::StringTokenizer(Attr33, ":");
 					if (Parts.count() == 4) {
 						return Utils::IPtoInt(Parts[1]);
 					}
 					return 0;
 				}
 			}
 			return 0;
 		}
 		std::string ExtractCallingStationID() const {
 			std::string Result;
 			for (const auto &attribute : Attrs_) {
@@ -962,22 +1015,25 @@ namespace OpenWifi::RADIUS {
 	  public:
 		explicit RadiusOutputPacket(const std::string &Secret) : Secret_(Secret) {}
-		inline void MakeStatusMessage() {
+		inline void MakeStatusMessage(const std::string &Source) {
 			P_.code = RADIUS::Status_Server;
 			P_.identifier = std::rand() & 0x00ff;
 			MakeRadiusAuthenticator(P_.authenticator);
 			unsigned char MessageAuthenticator[16]{0};
 			std::string FullSource = "status:" + Source;
 			AddAttribute(RADIUS::Attributes::PROXY_STATE, FullSource.size(), (const unsigned char *)FullSource.c_str());
 			AddAttribute(RADIUS::Attributes::MESSAGE_AUTHENTICATOR, sizeof(MessageAuthenticator),
 						 MessageAuthenticator);
-            int PktLen = 1 + 1 + 2 + 16 + 1 + 1 + 16;
+            // int PktLen = 1 + 1 + 2 + 16 + 1 + 1 + 16 ;
 			int PktLen = 1 + 1 + 2 + 16 + AttributesLen_;
 			P_.rawlen = htons(PktLen);
 			Poco::HMACEngine<Poco::MD5Engine> H(Secret_);
 			H.update((const unsigned char *)&P_, PktLen);
 			auto digest = H.digest();
-			int p = 0;
+			int p = 0, offset = (int)FullSource.size() + 2 ;
 			for (const auto &i : digest)
-				P_.attributes[1 + 1 + p++] = i;
+				P_.attributes[offset + 1 + 1 + p++] = i;
 		}
 		inline void AddAttribute(unsigned char attr, uint8_t len, const unsigned char *data) {
--- a/src/RADIUS_proxy_server.cpp
+++ b/src/RADIUS_proxy_server.cpp
@@ -13,10 +13,12 @@
 namespace OpenWifi {
 /*
 	const int SMALLEST_RADIUS_PACKET = 20 + 19 + 4;
 	const int DEFAULT_RADIUS_AUTHENTICATION_PORT = 1812;
 	const int DEFAULT_RADIUS_ACCOUNTING_PORT = 1813;
 	const int DEFAULT_RADIUS_CoA_PORT = 3799;
 */
 	int RADIUS_proxy_server::Start() {
@@ -25,7 +27,7 @@ namespace OpenWifi {
 		Enabled_ = MicroServiceConfigGetBool("radius.proxy.enable", false);
 		if (!Enabled_ && !Config.exists()) {
-			StopRADSECServers();
+			StopRADIUSDestinations();
 			return 0;
 		}
@@ -33,279 +35,81 @@ namespace OpenWifi {
 		Enabled_ = true;
 		Poco::Net::SocketAddress AuthSockAddrV4(
 			Poco::Net::AddressFamily::IPv4,
 			MicroServiceConfigGetInt("radius.proxy.authentication.port",
 									 DEFAULT_RADIUS_AUTHENTICATION_PORT));
 		AuthenticationSocketV4_ =
 			std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV4, true, true);
 		Poco::Net::SocketAddress AuthSockAddrV6(
 			Poco::Net::AddressFamily::IPv6,
 			MicroServiceConfigGetInt("radius.proxy.authentication.port",
 									 DEFAULT_RADIUS_AUTHENTICATION_PORT));
 		AuthenticationSocketV6_ =
 			std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV6, true, true);
 		Poco::Net::SocketAddress AcctSockAddrV4(
 			Poco::Net::AddressFamily::IPv4,
 			MicroServiceConfigGetInt("radius.proxy.accounting.port",
 									 DEFAULT_RADIUS_ACCOUNTING_PORT));
 		AccountingSocketV4_ =
 			std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV4, true, true);
 		Poco::Net::SocketAddress AcctSockAddrV6(
 			Poco::Net::AddressFamily::IPv6,
 			MicroServiceConfigGetInt("radius.proxy.accounting.port",
 									 DEFAULT_RADIUS_ACCOUNTING_PORT));
 		AccountingSocketV6_ =
 			std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV6, true, true);
 		Poco::Net::SocketAddress CoASockAddrV4(
 			Poco::Net::AddressFamily::IPv4,
 			MicroServiceConfigGetInt("radius.proxy.coa.port", DEFAULT_RADIUS_CoA_PORT));
 		CoASocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV4, true, true);
 		Poco::Net::SocketAddress CoASockAddrV6(
 			Poco::Net::AddressFamily::IPv6,
 			MicroServiceConfigGetInt("radius.proxy.coa.port", DEFAULT_RADIUS_CoA_PORT));
 		CoASocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV6, true, true);
 		RadiusReactor_.reset();
 		RadiusReactor_ = std::make_unique<Poco::Net::SocketReactor>();
 		RadiusReactor_->addEventHandler(
 			*AuthenticationSocketV4_,
 			Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 				*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
 		RadiusReactor_->addEventHandler(
 			*AuthenticationSocketV6_,
 			Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 				*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
 		RadiusReactor_->addEventHandler(
 			*AccountingSocketV4_,
 			Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 				*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 		RadiusReactor_->addEventHandler(
 			*AccountingSocketV6_,
 			Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 				*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 		RadiusReactor_->addEventHandler(
 			*CoASocketV4_, Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 							   *this, &RADIUS_proxy_server::OnCoASocketReadable));
 		RadiusReactor_->addEventHandler(
 			*CoASocketV6_, Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 							   *this, &RADIUS_proxy_server::OnCoASocketReadable));
 		ParseConfig();
-		StartRADSECServers();
+		StartRADIUSDestinations();
-		RadiusReactorThread_.start(*RadiusReactor_);
+		RadiusReactorThread_.start(RadiusReactor_);
 		Utils::SetThreadName(RadiusReactorThread_, "rad:reactor");
 		Running_ = true;
 		return 0;
 	}
 	void RADIUS_proxy_server::Stop() {
 		if (Enabled_ && Running_) {
 			poco_information(Logger(), "Stopping...");
 			RadiusReactor_->removeEventHandler(
 				*AuthenticationSocketV4_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
 			RadiusReactor_->removeEventHandler(
 				*AuthenticationSocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
-			RadiusReactor_->removeEventHandler(
+			StopRADIUSDestinations();
-				*AccountingSocketV4_,
+			RadiusReactor_.stop();
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 			RadiusReactor_->removeEventHandler(
 				*AccountingSocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 			RadiusReactor_->removeEventHandler(
 				*CoASocketV4_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnCoASocketReadable));
 			RadiusReactor_->removeEventHandler(
 				*CoASocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnCoASocketReadable));
 			AuthenticationSocketV4_->close();
 			AuthenticationSocketV6_->close();
 			AccountingSocketV4_->close();
 			AccountingSocketV6_->close();
 			CoASocketV4_->close();
 			CoASocketV6_->close();
 			AuthenticationSocketV4_.reset();
 			AuthenticationSocketV6_.reset();
 			AccountingSocketV4_.reset();
 			AccountingSocketV6_.reset();
 			CoASocketV4_.reset();
 			CoASocketV6_.reset();
 			StopRADSECServers();
 			RadiusReactor_->stop();
 			RadiusReactorThread_.join();
 			Running_ = false;
 			poco_information(Logger(), "Stopped...");
 		}
 	}
-	void RADIUS_proxy_server::StartRADSECServers() {
+/*	inline static bool isRadsec(const GWObjects::RadiusProxyPool &Cfg) {
 		return Cfg.radsecPoolType=="orion" || Cfg.radsecPoolType=="globalreach" || Cfg.radsecPoolType=="radsec";
 	}
 */
 	void RADIUS_proxy_server::StartRADIUSDestinations() {
 		std::lock_guard G(Mutex_);
 		for (const auto &pool : PoolList_.pools) {
 			if(pool.enabled) {
-				for (const auto &entry : pool.authConfig.servers) {
+				RADIUS_Destinations_[Utils::IPtoInt(pool.poolProxyIp)] =
-					if (entry.radsec) {
+						std::make_unique<RADIUS_Destination>(RadiusReactor_, pool);
 						RADSECservers_[Poco::Net::SocketAddress(entry.ip, 0)] =
 							std::make_unique<RADSEC_server>(*RadiusReactor_, entry, pool);
 					}
 				}
 			} else {
 				poco_information(Logger(),fmt::format("Pool {} is not enabled.", pool.name));
 			}
 		}
 	}
-	void RADIUS_proxy_server::StopRADSECServers() {
+	void RADIUS_proxy_server::StopRADIUSDestinations() {
 		std::lock_guard G(Mutex_);
-		RADSECservers_.clear();
+		RADIUS_Destinations_.clear();
 	}
-	void RADIUS_proxy_server::OnAccountingSocketReadable(
+	void RADIUS_proxy_server::RouteAndSendAccountingPacket(const std::string &Destination,const std::string &serialNumber, RADIUS::RadiusPacket &P, bool RecomputeAuthenticator, std::string &Secret) {
 		const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 		Poco::Net::SocketAddress Sender;
 		RADIUS::RadiusPacket P;
 		auto ReceiveSize = pNf->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 		if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 			poco_warning(Logger(), "Accounting: bad packet received.");
 			return;
 		}
 		P.Evaluate(ReceiveSize);
 		auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 		if (SerialNumber.empty()) {
 			poco_warning(Logger(), "Accounting: missing serial number. Dropping request.");
 			return;
 		}
 		poco_debug(
 			Logger(),
 			fmt::format(
 				"Accounting Packet Response received for {}", SerialNumber ));
 		AP_WS_Server()->SendRadiusAccountingData(SerialNumber, P.Buffer(), P.Size());
 	}
 	void RADIUS_proxy_server::OnAuthenticationSocketReadable(
 		const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 		Poco::Net::SocketAddress Sender;
 		RADIUS::RadiusPacket P;
 		auto ReceiveSize = pNf->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 		if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 			poco_warning(Logger(), "Authentication: bad packet received.");
 			return;
 		}
 		P.Evaluate(ReceiveSize);
 		if(Logger().trace()) {
 			P.Log(std::cout);
 		}
 		auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 		if (SerialNumber.empty()) {
 			poco_warning(Logger(), "Authentication: missing serial number. Dropping request.");
 			return;
 		}
 		auto CallingStationID = P.ExtractCallingStationID();
 		auto CalledStationID = P.ExtractCalledStationID();
 		poco_debug(
 			Logger(),
 			fmt::format(
 				"Authentication Packet received for {}, CalledStationID: {}, CallingStationID:{}",
 				SerialNumber, CalledStationID, CallingStationID));
 		AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, P.Buffer(), P.Size());
 	}
 	void RADIUS_proxy_server::OnCoASocketReadable(
 		const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 		Poco::Net::SocketAddress Sender;
 		RADIUS::RadiusPacket P;
 		auto ReceiveSize = pNf.get()->socket().impl()->receiveBytes(P.Buffer(), P.BufferLen());
 		if (ReceiveSize < SMALLEST_RADIUS_PACKET) {
 			poco_warning(Logger(), "CoA/DM: bad packet received.");
 			return;
 		}
 		P.Evaluate(ReceiveSize);
 		auto SerialNumber = P.ExtractSerialNumberTIP();
 		if (SerialNumber.empty()) {
 			poco_warning(Logger(), "CoA/DM: missing serial number. Dropping request.");
 			return;
 		}
 		auto CallingStationID = P.ExtractCallingStationID();
 		auto CalledStationID = P.ExtractCalledStationID();
 		poco_debug(
 			Logger(),
 			fmt::format("CoA Packet received for {}, CalledStationID: {}, CallingStationID:{}",
 						SerialNumber, CalledStationID, CallingStationID));
 		AP_WS_Server()->SendRadiusCoAData(SerialNumber, P.Buffer(), P.Size());
 	}
 	void RADIUS_proxy_server::RouteAndSendAccountingPacket(const std::string &Destination, const std::string &serialNumber, RADIUS::RadiusPacket &P, bool RecomputeAuthenticator, std::string & secret) {
 		try{
-			auto CallingStationID = P.ExtractCallingStationID();
+
-			auto CalledStationID = P.ExtractCalledStationID();
+			//	are we sending this to a pool?
-			Poco::Net::SocketAddress Dst(Destination);
+			auto DstParts = Utils::Split(Destination, ':');
 			std::uint32_t DtsIp = Utils::IPtoInt(DstParts[0]);
 			std::lock_guard G(Mutex_);
-			bool UseRADSEC = false;
+
-			auto FinalDestination = Route(radius_type::acct, Dst, P, UseRADSEC, secret);
+			auto DestinationServer = RADIUS_Destinations_.find(DtsIp);
-			if (UseRADSEC) {
+			if (DestinationServer != end(RADIUS_Destinations_)) {
-				Poco::Net::SocketAddress RSP(FinalDestination.host(), 0);
+				if(Logger().trace()) {
-				auto DestinationServer = RADSECservers_.find(RSP);
+					auto CallingStationID = P.ExtractCallingStationID();
-				if (DestinationServer != end(RADSECservers_)) {
+					auto CalledStationID = P.ExtractCalledStationID();
 					auto SessionID = P.ExtractAccountingSessionID();
 					auto MultiSessionID = P.ExtractAccountingMultiSessionID();
 					Logger().trace(
 						fmt::format("{}: Sending Accounting {} bytes to {}. CalledStationID={} CallingStationID={} SessionID={}:{}",
 									serialNumber, P.Size(),
 									DestinationServer->second->Pool().authConfig.servers[0].ip,
 									CalledStationID, CallingStationID, SessionID, MultiSessionID));
 				}
 				if(DestinationServer->second->ServerType()!=GWObjects::RadiusEndpointType::generic) {
 					Secret = DestinationServer->second->Pool().acctConfig.servers[0].secret;
 					if(RecomputeAuthenticator) {
-						P.RecomputeAuthenticator("radsec");
+						P.RecomputeAuthenticator(Secret);
 					}
 					DestinationServer->second->SendData(serialNumber, P.Buffer(), P.Size());
 					}
 					DestinationServer->second->SendData(serialNumber, (const unsigned char *)P.Buffer(),
 														P.Size());
 				} else {
-				if ((Dst.family() == Poco::Net::SocketAddress::IPv4 &&
+					DestinationServer->second->SendRadiusDataAcctData(
-					 AccountingSocketV4_ == nullptr) ||
+						serialNumber, (const unsigned char *)P.Buffer(), P.Size());
 					(Dst.family() == Poco::Net::SocketAddress::IPv6 &&
 					 AccountingSocketV6_ == nullptr)) {
 					poco_debug(
 						Logger(),
 						fmt::format(
 							"ACCT: Trying to use RADIUS GW PROXY but not configured. Device={}",
 							serialNumber));
 					return;
 				}
 				if(RecomputeAuthenticator) {
 					P.RecomputeAuthenticator(secret);
 				}
 				auto AllSent =
 					SendData(Dst.family() == Poco::Net::SocketAddress::IPv4 ? *AccountingSocketV4_
 																			: *AccountingSocketV6_
 							 , P.Buffer(), P.Size(), FinalDestination);
 				if (!AllSent)
 					poco_error(Logger(),
 							   fmt::format("{}: Could not send Accounting packet packet to {}.",
 										   serialNumber, Destination));
 				else
 					poco_debug(Logger(), fmt::format("{}: Sending Accounting Packet to {}, "
 													 "CalledStationID: {}, CallingStationID:{}",
 													 serialNumber, FinalDestination.toString(),
 													 CalledStationID, CallingStationID));
 			}
 		} catch (const Poco::Exception &E) {
 			Logger().log(E);
@@ -325,8 +129,8 @@ namespace OpenWifi {
 		ofs.close();
 	}
-	void RADIUS_proxy_server::SendAccountingData(const std::string &serialNumber,
+	void RADIUS_proxy_server::SendAccountingData( const std::string &serialNumber,
-												 const char *buffer, std::size_t size, std::string & secret) {
+												 const char *buffer, std::size_t size) {
 		if (!Continue())
 			return;
@@ -334,9 +138,9 @@ namespace OpenWifi {
 		try {
 			RADIUS::RadiusPacket P((unsigned char *)buffer, size);
 			auto Destination = P.ExtractProxyStateDestination();
-			RouteAndSendAccountingPacket(Destination, serialNumber, P, false, secret);
+			std::string Secret;
-			RADIUSSessionTracker()->AddAccountingSession(Destination, serialNumber, P, secret);
+			RouteAndSendAccountingPacket(Destination, serialNumber, P, false, Secret);
-
+			RADIUSSessionTracker()->AddAccountingSession(Destination, serialNumber, P, Secret);
 		} catch (const Poco::Exception &E) {
 			Logger().log(E);
 		} catch (...) {
@@ -351,55 +155,38 @@ namespace OpenWifi {
 	}
 	void RADIUS_proxy_server::SendAuthenticationData(const std::string &serialNumber,
-													 const char *buffer, std::size_t size, std::string & secret) {
+													 const char *buffer, std::size_t size) {
 		if (!Continue())
 			return;
 		try {
 			RADIUS::RadiusPacket P((unsigned char *)buffer, size);
 			auto Destination = P.ExtractProxyStateDestination();
 			auto CallingStationID = P.ExtractCallingStationID();
 			auto CalledStationID = P.ExtractCalledStationID();
 			Poco::Net::SocketAddress Dst(Destination);
 			std::lock_guard G(Mutex_);
 			bool UseRADSEC = false;
 			auto FinalDestination = Route(radius_type::auth, Dst, P, UseRADSEC, secret);
 			RADIUSSessionTracker()->AddAuthenticationSession(Destination, serialNumber, P, secret);
-			if (UseRADSEC) {
+			std::uint32_t 	DstIp = P.ExtractProxyStateDestinationIPint();
-				Poco::Net::SocketAddress RSP(FinalDestination.host(), 0);
+			auto DestinationServer = RADIUS_Destinations_.find(DstIp);
-				auto DestinationServer = RADSECservers_.find(RSP);
+			if (DestinationServer != end(RADIUS_Destinations_)) {
-				if (DestinationServer != end(RADSECservers_)) {
+				if(Logger().trace()) {
-					DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer,
+					auto CallingStationID = P.ExtractCallingStationID();
-														size);
+					auto CalledStationID = P.ExtractCalledStationID();
 					auto SessionID = P.ExtractAccountingSessionID();
 					auto MultiSessionID = P.ExtractAccountingMultiSessionID();
 					Logger().trace(
 						fmt::format("{}: Sending Authentication {} bytes to {}. CalledStationID={} CallingStationID={} SessionID={}:{}",
 									serialNumber, P.Size(),
 									DestinationServer->second->Pool().authConfig.servers[0].ip,
 									CalledStationID, CallingStationID, SessionID, MultiSessionID));
 				}
-			} else {
+				if(DestinationServer->second->ServerType()!=GWObjects::RadiusEndpointType::generic) {
-				if ((Dst.family() == Poco::Net::SocketAddress::IPv4 &&
+						DestinationServer->second->SendData(serialNumber,
-					 AuthenticationSocketV4_ == nullptr) ||
+															(const unsigned char *)buffer, size);
-					(Dst.family() == Poco::Net::SocketAddress::IPv6 &&
+				}
-					 AuthenticationSocketV6_ == nullptr)) {
+				else {
-					poco_debug(
+					DestinationServer->second->SendRadiusDataAuthData(
-						Logger(),
+						serialNumber, (const unsigned char *)buffer, size);
 						fmt::format(
 							"AUTH: Trying to use RADIUS GW PROXY but not configured. Device={}",
 							serialNumber));
 					return;
 				}
 				auto AllSent = SendData(Dst.family() == Poco::Net::SocketAddress::IPv4
 											? *AuthenticationSocketV4_
 											: *AuthenticationSocketV6_,
 										(const unsigned char *)buffer, size, FinalDestination);
 				if (!AllSent)
 					poco_error(Logger(),
 							   fmt::format("{}: Could not send Authentication packet packet to {}.",
 										   serialNumber, Destination));
 				else
 					poco_debug(Logger(), fmt::format("{}: Sending Authentication Packet to {}, "
 													 "CalledStationID: {}, CallingStationID:{}",
 													 serialNumber, FinalDestination.toString(),
 													 CalledStationID, CallingStationID));
 			}
 		} catch (const Poco::Exception &E) {
 			Logger().log(E);
@@ -410,65 +197,35 @@ namespace OpenWifi {
 	}
 	void RADIUS_proxy_server::SendCoAData(const std::string &serialNumber, const char *buffer,
-										  std::size_t size, std::string & secret) {
+										  std::size_t size) {
 		if (!Continue())
 			return;
 		try {
 			RADIUS::RadiusPacket P((unsigned char *)buffer, size);
-			auto Destination = P.ExtractProxyStateDestination();
+			auto CallingStationID = P.ExtractCallingStationID();
-
+			auto CalledStationID = P.ExtractCalledStationID();
 			if (Destination.empty()) {
 				Destination = "0.0.0.0:0";
 			}
 			if(Logger().trace()) {
 				P.Log(std::cout);
 			}
 			if(Destination.empty()) {
 				poco_warning(Logger(),fmt::format("{}: CoA packet does not have a valid destination.", serialNumber));
 				return;
 			}
 			Poco::Net::SocketAddress Dst(Destination);
 			std::lock_guard G(Mutex_);
-			bool UseRADSEC = false;
+			std::uint32_t 	DstIp = P.ExtractProxyStateDestinationIPint();
-			auto FinalDestination = Route(radius_type::coa, Dst, P, UseRADSEC, secret);
+			auto DestinationServer = RADIUS_Destinations_.find(DstIp);
-			if (UseRADSEC) {
+			if (DestinationServer != end(RADIUS_Destinations_)) {
-				Poco::Net::SocketAddress RSP(FinalDestination.host(), 0);
+				poco_trace(Logger(),fmt::format("{}: Sending CoA {} bytes to {}", serialNumber, P.Size(), DestinationServer->second->Pool().coaConfig.servers[0].ip));
-				auto DestinationServer = RADSECservers_.find(RSP);
+				if(DestinationServer->second->ServerType()!=GWObjects::RadiusEndpointType::generic) {
 				if (DestinationServer != end(RADSECservers_)) {
 					DestinationServer->second->SendData(serialNumber, (const unsigned char *)buffer,
 														size);
 				}
 				} else {
-				if ((Dst.family() == Poco::Net::SocketAddress::IPv4 && CoASocketV4_ == nullptr) ||
+					DestinationServer->second->SendRadiusDataCoAData(
-					(Dst.family() == Poco::Net::SocketAddress::IPv6 && CoASocketV6_ == nullptr)) {
+						serialNumber, (const unsigned char *)buffer, size);
 					poco_debug(
 						Logger(),
 						fmt::format(
 							"CoA: Trying to use RADIUS GW PROXY but not configured. Device={}",
 							serialNumber));
 					return;
 				}
 				auto AllSent = SendData(
 					Dst.family() == Poco::Net::SocketAddress::IPv4 ? *CoASocketV4_ : *CoASocketV6_,
 					(const unsigned char *)buffer, size, FinalDestination);
 				if (!AllSent) {
 					poco_error(Logger(), fmt::format("{}: Could not send CoA packet packet to {}.",
 													 serialNumber, Destination));
 				}
 				else
 					poco_debug(Logger(), fmt::format("{}: Sending CoA Packet to {}", serialNumber,
 													 FinalDestination.toString()));
 			}
 		} catch (const Poco::Exception &E) {
 			Logger().log(E);
 		} catch (...) {
 			poco_warning(Logger(),
-						 fmt::format("Bad RADIUS CoA/DM Packet from {}. Dropped.", serialNumber));
+						 fmt::format("Bad RADIUS AUTH Packet from {}. Dropped.", serialNumber));
 		}
 	}
@@ -572,6 +329,7 @@ namespace OpenWifi {
 		}
 	}
 /*
 	static bool RealmMatch(const std::string &user_realm, const std::string &realm) {
 		if (realm.find_first_of('*') == std::string::npos)
 			return user_realm == realm;
@@ -766,7 +524,7 @@ namespace OpenWifi {
 		}
 		return OriginalAddress;
 	}
-
+*/
 	void RADIUS_proxy_server::SetConfig(const GWObjects::RadiusProxyPoolList &C) {
 		std::lock_guard G(Mutex_);
--- a/src/RADIUS_proxy_server.h
+++ b/src/RADIUS_proxy_server.h
@@ -11,7 +11,7 @@
 #include "framework/SubSystemServer.h"
-#include "RADSEC_server.h"
+#include "RADIUS_Destination.h"
 namespace OpenWifi {
@@ -28,25 +28,19 @@ namespace OpenWifi {
 		void Stop() final;
 		inline bool Enabled() const { return Enabled_; }
-		void OnAccountingSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf);
+		void SendAccountingData(const std::string &serialNumber, const char *buffer, std::size_t size);
 		void
 		OnAuthenticationSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf);
 		void OnCoASocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf);
 		void SendAccountingData(const std::string &serialNumber, const char *buffer,
 								std::size_t size, std::string & secret);
 		void SendAuthenticationData(const std::string &serialNumber, const char *buffer,
-									std::size_t size, std::string & secret);
+									std::size_t size);
-		void SendCoAData(const std::string &serialNumber, const char *buffer, std::size_t size, std::string & secret);
+		void SendCoAData(const std::string &serialNumber, const char *buffer, std::size_t size);
-		void RouteAndSendAccountingPacket(const std::string &Destination, const std::string &serialNumber, RADIUS::RadiusPacket &P, bool reComputeAuthenticator, std::string & secret);
+		void RouteAndSendAccountingPacket(const std::string &Destination, const std::string &serialNumber, RADIUS::RadiusPacket &P, bool reComputeAuthenticator, std::string &Secret);
 		void SetConfig(const GWObjects::RadiusProxyPoolList &C);
 		void DeleteConfig();
 		void GetConfig(GWObjects::RadiusProxyPoolList &C);
-		void StartRADSECServers();
+		void StartRADIUSDestinations();
-		void StopRADSECServers();
+		void StopRADIUSDestinations();
 		struct Destination {
 			Poco::Net::SocketAddress Addr;
@@ -68,19 +62,13 @@ namespace OpenWifi {
 		inline bool Continue() const { return Running_ && Enabled_ && !Pools_.empty(); }
 	  private:
-		std::unique_ptr<Poco::Net::DatagramSocket> AccountingSocketV4_;
+		Poco::Net::SocketReactor 	RadiusReactor_;
 		std::unique_ptr<Poco::Net::DatagramSocket> AccountingSocketV6_;
 		std::unique_ptr<Poco::Net::DatagramSocket> AuthenticationSocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket> AuthenticationSocketV6_;
 		std::unique_ptr<Poco::Net::DatagramSocket> CoASocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket> CoASocketV6_;
 		std::unique_ptr<Poco::Net::SocketReactor> RadiusReactor_;
 		Poco::Thread 				RadiusReactorThread_;
 		GWObjects::RadiusProxyPoolList PoolList_;
 		std::string ConfigFilename_;
-		std::map<Poco::Net::SocketAddress, std::unique_ptr<RADSEC_server>> RADSECservers_;
+		std::map<std::uint32_t, std::unique_ptr<RADIUS_Destination>> RADIUS_Destinations_;
 		struct RadiusPool {
 			std::vector<Destination> AuthV4;
@@ -105,20 +93,21 @@ namespace OpenWifi {
 		void ParseConfig();
 		void ResetConfig();
-		Poco::Net::SocketAddress Route(radius_type rtype, const Poco::Net::SocketAddress &A,
+//		Poco::Net::SocketAddress Route(radius_type rtype, const Poco::Net::SocketAddress &A,
-									   const RADIUS::RadiusPacket &P, bool &UseRADSEC, std::string &secret);
+//									   const RADIUS::RadiusPacket &P, bool &UseRADSEC, std::string &secret);
 		void ParseServerList(const GWObjects::RadiusProxyServerConfig &Config,
 							 std::vector<Destination> &V4,
 							 std::vector<Destination> &V6, bool setAsDefault,
 							 const std::string &poolProxyIp);
-		static Poco::Net::SocketAddress
+/*		static Poco::Net::SocketAddress
 		ChooseAddress(std::vector<Destination> &Pool,
 					  const Poco::Net::SocketAddress &OriginalAddress, std::string &Secret);
 		Poco::Net::SocketAddress DefaultRoute([[maybe_unused]] radius_type rtype,
 											  const Poco::Net::SocketAddress &RequestedAddress,
 											  const RADIUS::RadiusPacket &P, bool &UseRADSEC,
 											  std::string &Secret);
-	};
+*/	};
 	inline auto RADIUS_proxy_server() { return RADIUS_proxy_server::instance(); }
--- a/src/RADSEC_server.h
+++ b/src/RADSEC_server.h
@@ -1,452 +0,0 @@
 //
 // Created by stephane bourque on 2022-08-15.
 //
 #pragma once
 #include <fstream>
 #include <iostream>
 #include "RESTObjects/RESTAPI_GWobjects.h"
 #include "Poco/Crypto/X509Certificate.h"
 #include "Poco/Crypto/RSAKey.h"
 #include "Poco/Net/Context.h"
 #include "Poco/Net/NetException.h"
 #include "Poco/Net/SecureStreamSocket.h"
 #include "Poco/Net/SocketReactor.h"
 #include "Poco/TemporaryFile.h"
 #include "framework/MicroServiceFuncs.h"
 #include "fmt/format.h"
 #include "AP_WS_Server.h"
 #include "RADIUS_helpers.h"
 namespace OpenWifi {
 	class RADSEC_server : public Poco::Runnable {
 	  public:
 		RADSEC_server(Poco::Net::SocketReactor &R, GWObjects::RadiusProxyServerEntry E, const GWObjects::RadiusProxyPool &P)
 			: Reactor_(R), Server_(std::move(E)),
 			  Logger_(Poco::Logger::get(
 				  fmt::format("RADSEC: {}@{}:{}", Server_.name, Server_.ip, Server_.port))) {
 			KeepAlive_ = P.radsecKeepAlive;
 			Type_ = P.radsecPoolType;
 			Start();
 		}
 		~RADSEC_server() { Stop(); }
 		inline int Start() {
 			ReconnectThread_.start(*this);
 			return 0;
 		}
 		inline void Stop() {
 			TryAgain_ = false;
 			Disconnect();
 			ReconnectThread_.wakeUp();
 			ReconnectThread_.join();
 		}
 		inline void run() final {
 			Poco::Thread::trySleep(5000);
 			std::uint64_t CurrentDelay = 10, maxDelay=300, LastTry=0, LastKeepAlive=0;
 			while (TryAgain_) {
 				if (!Connected_) {
 					if(!LastTry || (Utils::Now()-LastTry)>CurrentDelay) {
 						LastTry = Utils::Now();
 						if (!Connect()) {
 							CurrentDelay *= 2;
 							if(CurrentDelay>maxDelay) CurrentDelay=10;
 						} else {
 							CurrentDelay = 10;
 						}
 					}
 				} else if ((Utils::Now() - LastKeepAlive) > KeepAlive_) {
 					RADIUS::RadiusOutputPacket P(Server_.radsecSecret);
 					P.MakeStatusMessage();
 					poco_trace(Logger_, fmt::format("{}: Keep-Alive message.", Server_.name));
 					Socket_->sendBytes(P.Data(), P.Len());
 					LastKeepAlive = Utils::Now();
 				}
 				Poco::Thread::trySleep(2000);
 			}
 		}
 		inline bool SendData(const std::string &serial_number, const unsigned char *buffer,
 							 int length) {
 			try {
 				if (Connected_) {
 					RADIUS::RadiusPacket P(buffer, length);
 					int sent_bytes;
 					if (P.VerifyMessageAuthenticator(Server_.radsecSecret)) {
 						poco_trace(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
 														P.PacketType(), length));
 						sent_bytes = Socket_->sendBytes(buffer, length);
 					} else {
 						poco_trace(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
 														P.PacketType(), length));
 						P.ComputeMessageAuthenticator(Server_.radsecSecret);
 						sent_bytes = Socket_->sendBytes(P.Buffer(), length);
 					}
 					return (sent_bytes == length);
 				}
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 			} catch (...) {
 				poco_warning(Logger_, "Exception occurred: while sending data.");
 			}
 			return false;
 		}
 		inline void
 		onData([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ReadableNotification> &pNf) {
 			unsigned char Buffer[4096];
 			try {
 				auto NumberOfReceivedBytes = Socket_->receiveBytes(Buffer, sizeof(Buffer));
 				if (NumberOfReceivedBytes >= 20) {
 					RADIUS::RadiusPacket P(Buffer, NumberOfReceivedBytes);
 					if (P.IsAuthentication()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 						if (!SerialNumber.empty()) {
 							poco_trace(Logger_,
 									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
 												   P.PacketType(), NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, Buffer,
 																		 NumberOfReceivedBytes);
 						} else {
 							poco_trace(Logger_, "AUTH packet dropped.");
 						}
 					} else if (P.IsAccounting()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
 						if (!SerialNumber.empty()) {
 							poco_trace(Logger_,
 									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
 												   P.PacketType(), NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusAccountingData(SerialNumber, Buffer,
 																	 NumberOfReceivedBytes);
 						} else {
 							poco_trace(Logger_, "ACCT packet dropped.");
 						}
 					} else if (P.IsAuthority()) {
 						auto SerialNumber = P.ExtractSerialNumberTIP();
 						if (!SerialNumber.empty()) {
 							poco_trace(Logger_,
 									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
 												   P.PacketType(), NumberOfReceivedBytes));
 							AP_WS_Server()->SendRadiusCoAData(SerialNumber, Buffer,
 															  NumberOfReceivedBytes);
 						} else {
 							poco_trace(Logger_, "CoA/DM packet dropped.");
 						}
 					} else {
 						poco_warning(Logger_,
 									 fmt::format("Unknown packet: Type: {} (type={}) Length={}",
 												 P.PacketType(), P.PacketTypeInt(), P.BufferLen()));
 					}
 				} else {
 					poco_warning(Logger_, "Invalid packet received. Resetting the connection.");
 					Disconnect();
 				}
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 				Disconnect();
 			} catch (...) {
 				Disconnect();
 				poco_warning(Logger_, "Exception occurred. Resetting the connection.");
 			}
 		}
 		inline void
 		onError([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ErrorNotification> &pNf) {
 			poco_warning(Logger_, "Socker error. Terminating connection.");
 			Disconnect();
 		}
 		inline void
 		onShutdown([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ShutdownNotification> &pNf) {
 			poco_warning(Logger_, "Socker socket shutdown. Terminating connection.");
 			Disconnect();
 		}
 		static inline bool IsExpired(const Poco::Crypto::X509Certificate &C) {
 			return C.expiresOn().timestamp().epochTime() < (std::time_t)Utils::Now();
 		}
 		inline bool Connect_GlobalReach() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 				Poco::TemporaryFile CertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile KeyFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile OpenRoamingRootCertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile Intermediate0(MicroServiceDataDirectory());
 				Poco::TemporaryFile Intermediate1(MicroServiceDataDirectory());
 				Poco::TemporaryFile Combined(MicroServiceDataDirectory());
 				std::vector<std::unique_ptr<Poco::TemporaryFile>> CaCertFiles_;
 				DecodeFile(KeyFile_.path(), Server_.radsecKey);
 				DecodeFile(CertFile_.path(), Server_.radsecCert);
 				DecodeFile(Intermediate0.path(), Server_.radsecCacerts[0]);
 				DecodeFile(Intermediate1.path(), Server_.radsecCacerts[1]);
 				for (auto &cert : Server_.radsecCacerts) {
 					CaCertFiles_.emplace_back(
 						std::make_unique<Poco::TemporaryFile>(MicroServiceDataDirectory()));
 					DecodeFile(CaCertFiles_[CaCertFiles_.size() - 1]->path(), cert);
 				}
 				std::string OpenRoamingRootCert{"-----BEGIN CERTIFICATE-----\n"
 												"MIIClDCCAhugAwIBAgIUF1f+h+uJNHyr+ZqTpwew8LYRAW0wCgYIKoZIzj0EAwMw\n"
 												"gYkxCzAJBgNVBAYTAkdCMQ8wDQYDVQQIEwZMb25kb24xDzANBgNVBAcTBkxvbmRv\n"
 												"bjEsMCoGA1UEChMjR2xvYmFsUmVhY2ggVGVjaG5vbG9neSBFTUVBIExpbWl0ZWQx\n"
 												"KjAoBgNVBAMTIUdsb2JhbFJlYWNoIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0y\n"
 												"MzA3MTQwOTMyMDBaFw00MzA3MDkwOTMyMDBaMIGJMQswCQYDVQQGEwJHQjEPMA0G\n"
 												"A1UECBMGTG9uZG9uMQ8wDQYDVQQHEwZMb25kb24xLDAqBgNVBAoTI0dsb2JhbFJl\n"
 												"YWNoIFRlY2hub2xvZ3kgRU1FQSBMaW1pdGVkMSowKAYDVQQDEyFHbG9iYWxSZWFj\n"
 												"aCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARy\n"
 												"f02umFNy5W/TtM5nfMaLhRF61vLxhT8iNQHR1mXiRmNdME3ArForBcAm2eolHPcJ\n"
 												"RH9DcXs59d2zzoPEaBjXADTCjUts3F7G6fjqvfki2e/txx/xfUopQO8G54XcFWqj\n"
 												"QjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRS\n"
 												"tNe7MgAFwTaMZKUtS1/8pVoBqjAKBggqhkjOPQQDAwNnADBkAjA7VKHTybtSMBcN\n"
 												"717jGYvkWlcj4c9/LzPtkHO053wGsPigaq+1SjY7tDhS/g9oUQACMA6UqH2e8cfn\n"
 												"cZqmBNVNN3DBjIb4anug7F+FnYOQF36ua6MLBeGn3aKxvu1aO+hjPg==\n"
 												"-----END CERTIFICATE-----\n"};
 				std::ofstream ofs{OpenRoamingRootCertFile_.path().c_str(),std::ios_base::trunc|std::ios_base::out|std::ios_base::binary};
 				ofs << OpenRoamingRootCert;
 				ofs.close();
 				Poco::Net::Context::Ptr SecureContext =
 					Poco::AutoPtr<Poco::Net::Context>(new Poco::Net::Context(
 						Poco::Net::Context::TLS_CLIENT_USE, ""));
 				if (Server_.allowSelfSigned) {
 					SecureContext->setSecurityLevel(Poco::Net::Context::SECURITY_LEVEL_NONE);
 					SecureContext->enableExtendedCertificateVerification(false);
 				}
 				SecureContext->usePrivateKey(Poco::Crypto::RSAKey("",KeyFile_.path(),""));
 				Poco::Crypto::X509Certificate	Cert(CertFile_.path());
 				if(!IsExpired(Cert)) {
 					SecureContext->useCertificate(Poco::Crypto::X509Certificate(CertFile_.path()));
 				} else {
 					poco_error(Logger_, fmt::format("Certificate for {} has expired. We cannot connect to this server.", Server_.name));
 					return false;
 				}
 				SecureContext->addCertificateAuthority(Poco::Crypto::X509Certificate(OpenRoamingRootCertFile_.path()));
 				SecureContext->addChainCertificate(Poco::Crypto::X509Certificate(Intermediate0.path()));
 				SecureContext->addChainCertificate(Poco::Crypto::X509Certificate(Intermediate1.path()));
 				SecureContext->enableExtendedCertificateVerification(false);
 				Socket_ = std::make_unique<Poco::Net::SecureStreamSocket>(SecureContext);
 				Poco::Net::SocketAddress Destination(Server_.ip, Server_.port);
 				try {
 					poco_information(Logger_, "Attempting to connect");
 					Socket_->connect(Destination, Poco::Timespan(20, 0));
 					Socket_->completeHandshake();
 					if (!Server_.allowSelfSigned) {
 						Socket_->verifyPeerCertificate();
 					}
 					if (Socket_->havePeerCertificate()) {
 						Peer_Cert_ = std::make_unique<Poco::Crypto::X509Certificate>(
 							Socket_->peerCertificate());
 					}
 					Socket_->setBlocking(false);
 					Socket_->setNoDelay(true);
 					Socket_->setKeepAlive(true);
 					Socket_->setReceiveTimeout(Poco::Timespan(1 * 60 * 60, 0));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ReadableNotification>(
 									  *this, &RADSEC_server::onData));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ErrorNotification>(
 									  *this, &RADSEC_server::onError));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ShutdownNotification>(
 									  *this, &RADSEC_server::onShutdown));
 					Connected_ = true;
 					poco_information(Logger_, fmt::format("Connected. CN={}", CommonName()));
 					return true;
 				} catch (const Poco::Net::NetException &E) {
 					poco_warning(Logger_, "NetException: Could not connect.");
 					Logger_.log(E);
 				} catch (const Poco::Exception &E) {
 					poco_warning(Logger_, "Exception: Could not connect.");
 					Logger_.log(E);
 				} catch (...) {
 					poco_warning(Logger_, "Could not connect.");
 				}
 			}
 			return false;
 		}
 		inline bool Connect_Orion() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 				Poco::TemporaryFile CertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile KeyFile_(MicroServiceDataDirectory());
 				std::vector<std::unique_ptr<Poco::TemporaryFile>> CaCertFiles_;
 				DecodeFile(CertFile_.path(), Server_.radsecCert);
 				DecodeFile(KeyFile_.path(), Server_.radsecKey);
 				Poco::Crypto::X509Certificate	Cert(CertFile_.path());
 				if(IsExpired(Cert)) {
 					poco_error(Logger_, fmt::format("Certificate for {} has expired. We cannot connect to this server.", Server_.name));
 					return false;
 				}
 				for (auto &cert : Server_.radsecCacerts) {
 					CaCertFiles_.emplace_back(
 						std::make_unique<Poco::TemporaryFile>(MicroServiceDataDirectory()));
 					DecodeFile(CaCertFiles_[CaCertFiles_.size() - 1]->path(), cert);
 				}
 				Poco::Net::Context::Ptr SecureContext =
 					Poco::AutoPtr<Poco::Net::Context>(new Poco::Net::Context(
 						Poco::Net::Context::TLS_CLIENT_USE, KeyFile_.path(), CertFile_.path(), ""));
 				if (Server_.allowSelfSigned) {
 					SecureContext->setSecurityLevel(Poco::Net::Context::SECURITY_LEVEL_NONE);
 					SecureContext->enableExtendedCertificateVerification(false);
 				}
 				for (const auto &ca : CaCertFiles_) {
 					Poco::Crypto::X509Certificate cert(ca->path());
 					SecureContext->addCertificateAuthority(cert);
 				}
 				Socket_ = std::make_unique<Poco::Net::SecureStreamSocket>(SecureContext);
 				Poco::Net::SocketAddress Destination(Server_.ip, Server_.port);
 				try {
 					poco_information(Logger_, "Attempting to connect");
 					Socket_->connect(Destination, Poco::Timespan(100, 0));
 					Socket_->completeHandshake();
 					if (!Server_.allowSelfSigned) {
 						Socket_->verifyPeerCertificate();
 					}
 					if (Socket_->havePeerCertificate()) {
 						Peer_Cert_ = std::make_unique<Poco::Crypto::X509Certificate>(
 							Socket_->peerCertificate());
 					}
 					Socket_->setBlocking(false);
 					Socket_->setNoDelay(true);
 					Socket_->setKeepAlive(true);
 					Socket_->setReceiveTimeout(Poco::Timespan(1 * 60 * 60, 0));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ReadableNotification>(
 									  *this, &RADSEC_server::onData));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ErrorNotification>(
 									  *this, &RADSEC_server::onError));
 					Reactor_.addEventHandler(
 						*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ShutdownNotification>(
 									  *this, &RADSEC_server::onShutdown));
 					Connected_ = true;
 					poco_information(Logger_, fmt::format("Connected. CN={}", CommonName()));
 					return true;
 				} catch (const Poco::Net::NetException &E) {
 					poco_information(Logger_, "Could not connect.");
 					Logger_.log(E);
 				} catch (const Poco::Exception &E) {
 					poco_information(Logger_, "Could not connect.");
 					Logger_.log(E);
 				} catch (...) {
 					poco_information(Logger_, "Could not connect.");
 				}
 			}
 			return false;
 		}
 		inline bool Connect_Generic() {
 			if (TryAgain_) {
 				std::lock_guard G(LocalMutex_);
 			}
 			return true;
 		}
 		inline bool Connect() {
 			if(Type_=="orion") return Connect_Orion();
 			if(Type_=="globalreach") return Connect_GlobalReach();
 			return Connect_Generic();
 		}
 		inline void Disconnect() {
 			if (Connected_) {
 				std::lock_guard G(LocalMutex_);
 				Reactor_.removeEventHandler(
 					*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ReadableNotification>(
 								  *this, &RADSEC_server::onData));
 				Reactor_.removeEventHandler(
 					*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ErrorNotification>(
 								  *this, &RADSEC_server::onError));
 				Reactor_.removeEventHandler(
 					*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ShutdownNotification>(
 								  *this, &RADSEC_server::onShutdown));
 				Socket_->close();
 				Connected_ = false;
 			}
 			poco_information(Logger_, "Disconnecting.");
 		}
 		static void DecodeFile(const std::string &filename, const std::string &s) {
 			std::ofstream sec_file(filename, std::ios_base::out | std::ios_base::trunc |
 												 std::ios_base::binary);
 			std::stringstream is(s);
 			Poco::Base64Decoder ds(is);
 			Poco::StreamCopier::copyStream(ds, sec_file);
 			sec_file.close();
 		}
 		[[nodiscard]] inline std::string CommonName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->commonName();
 			return "";
 		}
 		[[nodiscard]] inline std::string IssuerName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->issuerName();
 			return "";
 		}
 		[[nodiscard]] inline std::string SubjectName() {
 			if (Peer_Cert_)
 				return Peer_Cert_->subjectName();
 			return "";
 		}
 	  private:
 		std::recursive_mutex LocalMutex_;
 		Poco::Net::SocketReactor &Reactor_;
 		GWObjects::RadiusProxyServerEntry Server_;
 		Poco::Logger &Logger_;
 		std::unique_ptr<Poco::Net::SecureStreamSocket> Socket_;
 		Poco::Thread ReconnectThread_;
 		std::unique_ptr<Poco::Crypto::X509Certificate> Peer_Cert_;
 		volatile bool Connected_ = false;
 		volatile bool TryAgain_ = true;
 		std::uint64_t 	KeepAlive_;
 		std::string 	Type_;
 	};
 } // namespace OpenWifi
--- a/src/RESTAPI/RESTAPI_RPC.cpp
+++ b/src/RESTAPI/RESTAPI_RPC.cpp
@@ -169,10 +169,12 @@ namespace OpenWifi::RESTAPI_RPC {
 			if (Cmd.ErrorCode == 0 && Cmd.Command == uCentralProtocol::CONFIGURE) {
 				//	we need to post a kafka event for this.
-				if (Params.has(uCentralProtocol::CONFIG)) {
+				if (Params.has(uCentralProtocol::CONFIG) && Params.isObject(uCentralProtocol::CONFIG)) {
 					auto Config = Params.get(uCentralProtocol::CONFIG)
 									  .extract<Poco::JSON::Object::Ptr>();
 					DeviceConfigurationChangeKafkaEvent KEvent(
 						Utils::SerialNumberToInt(Cmd.SerialNumber), Utils::Now(),
-						Params.get(uCentralProtocol::CONFIG).toString());
+						Config);
 				}
 			}
--- a/src/RESTAPI/RESTAPI_blacklist.cpp
+++ b/src/RESTAPI/RESTAPI_blacklist.cpp
@@ -63,7 +63,7 @@ namespace OpenWifi {
 		poco_debug(Logger(), fmt::format("BLACKLIST-POST: {}", D.serialNumber));
 		Poco::toLowerInPlace(D.serialNumber);
-		if (StorageService()->IsBlackListed(D.serialNumber)) {
+		if (StorageService()->IsBlackListed(Utils::MACToInt(D.serialNumber))) {
 			return BadRequest(RESTAPI::Errors::SerialNumberExists);
 		}
--- a/src/RESTAPI/RESTAPI_default_configuration.cpp
+++ b/src/RESTAPI/RESTAPI_default_configuration.cpp
@@ -56,17 +56,27 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
 		}
-		if (DefConfig.Models.empty()) {
+		if (DefConfig.models.empty()) {
 			return BadRequest(RESTAPI::Errors::ModelIDListCannotBeEmpty);
 		}
-		std::vector<std::string> Error;
+		DefConfig.platform = DefConfig.platform.empty() ? Platforms::AP : DefConfig.platform;
-		if (!ValidateUCentralConfiguration(DefConfig.Configuration, Error,
+		if(DefConfig.platform != Platforms::AP && DefConfig.platform != Platforms::SWITCH) {
-										   GetBoolParameter("strict", false))) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 			return BadRequest(RESTAPI::Errors::ConfigBlockInvalid);
 		}
-		DefConfig.Created = DefConfig.LastModified = Utils::Now();
+		if(DefConfig.configuration.empty()) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		std::string Error;
 		if (!ValidateUCentralConfiguration(ConfigurationValidator::GetType(DefConfig.platform),
 										   DefConfig.configuration, Error,
 										   GetBoolParameter("strict", false))) {
 			return BadRequest(RESTAPI::Errors::ConfigBlockInvalid, Error);
 		}
 		DefConfig.created = DefConfig.lastModified = Utils::Now();
 		if (StorageService()->CreateDefaultConfiguration(Name, DefConfig)) {
 			return OK();
 		}
@@ -88,19 +98,31 @@ namespace OpenWifi {
 			return NotFound();
 		}
-		if (!NewConfig.Configuration.empty()) {
+		if(Existing.platform.empty()) {
-			std::vector<std::string> Error;
+			Existing.platform = Platforms::AP;
 			if (!ValidateUCentralConfiguration(NewConfig.Configuration, Error,
 											   GetBoolParameter("strict", false))) {
 				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid);
 			}
 			Existing.Configuration = NewConfig.Configuration;
 		}
-		Existing.LastModified = Utils::Now();
+		if(ParsedBody_->has("platform")) {
-		AssignIfPresent(Obj, "description", Existing.Description);
+			if(NewConfig.platform.empty() || (NewConfig.platform != Platforms::AP && NewConfig.platform != Platforms::SWITCH)) {
 				return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 			}
 			Existing.platform = NewConfig.platform;
 		}
 		if (!NewConfig.configuration.empty()) {
 			std::string Error;
 			if (!ValidateUCentralConfiguration(ConfigurationValidator::GetType(Existing.platform),
 											   NewConfig.configuration, Error,
 											   GetBoolParameter("strict", false))) {
 				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid, Error);
 			}
 			Existing.configuration = NewConfig.configuration;
 		}
 		Existing.lastModified = Utils::Now();
 		AssignIfPresent(Obj, "description", Existing.description);
 		if (Obj->has("modelIds"))
-			Existing.Models = NewConfig.Models;
+			Existing.models = NewConfig.models;
 		if (StorageService()->UpdateDefaultConfiguration(Name, Existing)) {
 			GWObjects::DefaultConfiguration ModifiedConfig;
--- a/src/RESTAPI/RESTAPI_device_commandHandler.cpp
+++ b/src/RESTAPI/RESTAPI_device_commandHandler.cpp
@@ -87,7 +87,7 @@ namespace OpenWifi {
 			poco_debug(
 				Logger_,
 				fmt::format(
-					"Command rtty TID={} can proceed. Identified as {} and RPCID as {}. thr_id={}",
+					"Command RTTY TID={} can proceed. Identified as {} and RPCID as {}. thr_id={}",
 					TransactionId_, UUID, RPC, Poco::Thread::current()->id()));
 			return Rtty(UUID, RPC, 60000ms, Restrictions);
 		};
@@ -163,8 +163,12 @@ namespace OpenWifi {
 		{APCommands::Commands::telemetry, false, true, &RESTAPI_device_commandHandler::Telemetry,
 		 30000ms},
 		{APCommands::Commands::ping, false, true, &RESTAPI_device_commandHandler::Ping, 60000ms},
-		{APCommands::Commands::script, false, true, &RESTAPI_device_commandHandler::Script,
+		{APCommands::Commands::rrm, false, true, &RESTAPI_device_commandHandler::RRM, 60000ms},
-		 300000ms}};
+		{APCommands::Commands::certupdate, false, true, &RESTAPI_device_commandHandler::CertUpdate, 60000ms},
 		{APCommands::Commands::transfer, false, true, &RESTAPI_device_commandHandler::Transfer, 60000ms},
 		{APCommands::Commands::script, false, true, &RESTAPI_device_commandHandler::Script, 60000ms},
 		{APCommands::Commands::powercycle, false, true, &RESTAPI_device_commandHandler::PowerCycle, 60000ms}
 	};
 	void RESTAPI_device_commandHandler::DoPost() {
 		if (!ValidateParameters()) {
@@ -650,13 +654,18 @@ namespace OpenWifi {
 				return BadRequest(RESTAPI::Errors::SerialNumberMismatch);
 			}
 			GWObjects::Device DeviceInfo;
 			if (!StorageService()->GetDevice(SerialNumber_, DeviceInfo)) {
 				return NotFound();
 			}
 			auto Configuration =
 				GetS(RESTAPI::Protocol::CONFIGURATION, Obj, uCentralProtocol::EMPTY_JSON_DOC);
-			std::vector<std::string> Error;
+			std::string Error;
-			if (!ValidateUCentralConfiguration(Configuration, Error,
+			if (!ValidateUCentralConfiguration(ConfigurationValidator::GetType(DeviceInfo.DeviceType),
 											   Configuration, Error,
 											   GetBoolParameter("strict", false))) {
 				CallCanceled("CONFIGURE", CMD_UUID, CMD_RPC, RESTAPI::Errors::ConfigBlockInvalid);
-				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid);
+				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid, Error);
 			}
 			auto When = GetWhen(Obj);
@@ -1166,7 +1175,7 @@ namespace OpenWifi {
 				if (RTTYS_server()->UseInternal()) {
 					std::uint64_t SN = Utils::SerialNumberToInt(SerialNumber_);
-					bool mTLS = AP_WS_Server()->DeviceRequiresSecureRtty(SN);
+					bool mTLS = AP_WS_Server()->DeviceRequiresSecureRTTY(SN);
 					auto Hash =  Utils::ComputeHash(UserInfo_.webtoken.refresh_token_, Utils::Now());
 					Rtty.Token = Hash.substr(0, RTTY_DEVICE_TOKEN_LENGTH);
 					if (!RTTYS_server()->CreateEndPoint(Rtty.ConnectionId, Rtty.Token, Requester(),
@@ -1339,4 +1348,204 @@ namespace OpenWifi {
 		}
 		return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 	void RESTAPI_device_commandHandler::RRM(
 		const std::string &CMD_UUID, uint64_t CMD_RPC,
 		[[maybe_unused]] std::chrono::milliseconds timeout,
 		[[maybe_unused]] const GWObjects::DeviceRestrictions &Restrictions) {
 		poco_debug(Logger_, fmt::format("RRM({},{}): TID={} user={} serial={}", CMD_UUID,
 										CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		if(IsDeviceSimulated(SerialNumber_)) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::SimulatedDeviceNotSupported);
 			return BadRequest(RESTAPI::Errors::SimulatedDeviceNotSupported);
 		}
 		if(UserInfo_.userinfo.userRole != SecurityObjects::ROOT &&
 			UserInfo_.userinfo.userRole != SecurityObjects::ADMIN) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::ACCESS_DENIED);
 			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if(!ParsedBody_->has("actions") || !ParsedBody_->isArray("actions")) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		const auto &Actions = *ParsedBody_->getArray("actions");
 		//	perform some validation on the commands.
 		for(const auto &action:Actions) {
 			auto ActionDetails = action.extract<Poco::JSON::Object::Ptr>();
 			if(!ActionDetails->has("action")) {
 				return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 			}
 			auto ActionStr = ActionDetails->get("action").toString();
 			if(	ActionStr != "kick"
 				&& ActionStr != "channel_switch"
 				&& ActionStr != "tx_power"
 				&& ActionStr != "beacon_request"
 				&& ActionStr != "bss_transition"
 				&& ActionStr != "neighbors" ) {
 				return BadRequest(RESTAPI::Errors::InvalidRRMAction);
 			}
 		}
 		Poco::JSON::Object Params;
 		Params.set(uCentralProtocol::SERIAL, SerialNumber_);
 		Params.set(uCentralProtocol::ACTIONS, Actions);
 		GWObjects::CommandDetails Cmd;
 		Cmd.SerialNumber = SerialNumber_;
 		Cmd.SubmittedBy = Requester();
 		Cmd.UUID = CMD_UUID;
 		Cmd.Command = uCentralProtocol::RRM;
 		std::ostringstream os;
 		Params.stringify(os);
 		Cmd.Details = os.str();
 		Cmd.RunAt = 0;
 		Cmd.ErrorCode = 0;
 		Cmd.WaitingForFile = 0;
 		Cmd.Status= "completed";
 		if(CommandManager()->FireAndForget(SerialNumber_, uCentralProtocol::RRM, Params)) {
 			Cmd.Status= "completed";
 			StorageService()->AddCommand(SerialNumber_, Cmd,
 										 Storage::CommandExecutionType::COMMAND_COMPLETED);
 			return OK();
 		}
 		Cmd.Status= "failed";	//	should never happen
 		StorageService()->AddCommand(SerialNumber_, Cmd,
 									 Storage::CommandExecutionType::COMMAND_COMPLETED);
 		return BadRequest(RESTAPI::Errors::CouldNotPerformCommand);
 	}
 	void RESTAPI_device_commandHandler::Transfer(
 		const std::string &CMD_UUID, uint64_t CMD_RPC,
 		[[maybe_unused]] std::chrono::milliseconds timeout,
 		[[maybe_unused]] const GWObjects::DeviceRestrictions &Restrictions) {
 		if(UserInfo_.userinfo.userRole != SecurityObjects::ROOT &&
 			UserInfo_.userinfo.userRole != SecurityObjects::ADMIN) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::ACCESS_DENIED);
 			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		poco_debug(Logger_, fmt::format("TRANSFER({},{}): TID={} user={} serial={}", CMD_UUID,
 										CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		if(IsDeviceSimulated(SerialNumber_)) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::SimulatedDeviceNotSupported);
 			return BadRequest(RESTAPI::Errors::SimulatedDeviceNotSupported);
 		}
 		GWObjects::DeviceTransferRequest	TR;
 		if(!TR.from_json(ParsedBody_)) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		GWObjects::CommandDetails Cmd;
 		Cmd.SerialNumber = SerialNumber_;
 		Cmd.SubmittedBy = Requester();
 		Cmd.UUID = CMD_UUID;
 		Cmd.Command = uCentralProtocol::TRANSFER;
 		std::ostringstream os;
 		ParsedBody_->stringify(os);
 		Cmd.Details = os.str();
 		Cmd.RunAt = 0;
 		Cmd.ErrorCode = 0;
 		Cmd.WaitingForFile = 0;
 		return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::transfer, false, Cmd,
 										   *ParsedBody_, *Request, *Response, timeout, nullptr, this,
 										   Logger_);
 	}
 	void RESTAPI_device_commandHandler::CertUpdate(
 		const std::string &CMD_UUID, uint64_t CMD_RPC,
 		[[maybe_unused]] std::chrono::milliseconds timeout,
 		[[maybe_unused]] const GWObjects::DeviceRestrictions &Restrictions) {
 		poco_debug(Logger_, fmt::format("CERTUPDATE({},{}): TID={} user={} serial={}", CMD_UUID,
 										CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		if(UserInfo_.userinfo.userRole != SecurityObjects::ROOT &&
 			UserInfo_.userinfo.userRole != SecurityObjects::ADMIN) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::ACCESS_DENIED);
 			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if(IsDeviceSimulated(SerialNumber_)) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::SimulatedDeviceNotSupported);
 			return BadRequest(RESTAPI::Errors::SimulatedDeviceNotSupported);
 		}
 		GWObjects::DeviceCertificateUpdateRequest	CR;
 		if(!CR.from_json(ParsedBody_)) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		GWObjects::DeviceTransferRequest	TR;
 		if(!TR.from_json(ParsedBody_)) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		GWObjects::CommandDetails Cmd;
 		Cmd.SerialNumber = SerialNumber_;
 		Cmd.SubmittedBy = Requester();
 		Cmd.UUID = CMD_UUID;
 		Cmd.Command = uCentralProtocol::CERTUPDATE;
 		std::ostringstream os;
 		ParsedBody_->stringify(os);
 		Cmd.Details = os.str();
 		Cmd.RunAt = 0;
 		Cmd.ErrorCode = 0;
 		Cmd.WaitingForFile = 0;
 		return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::certupdate, false, Cmd,
 										   *ParsedBody_, *Request, *Response, timeout, nullptr, this,
 										   Logger_);
 	}
 	void RESTAPI_device_commandHandler::PowerCycle(
 		const std::string &CMD_UUID, uint64_t CMD_RPC,
 		[[maybe_unused]] std::chrono::milliseconds timeout,
 		[[maybe_unused]] const GWObjects::DeviceRestrictions &Restrictions) {
 		if(UserInfo_.userinfo.userRole != SecurityObjects::ROOT &&
 			UserInfo_.userinfo.userRole != SecurityObjects::ADMIN) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::ACCESS_DENIED);
 			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		poco_debug(Logger_, fmt::format("POWERCYCLE({},{}): TID={} user={} serial={}", CMD_UUID,
 										CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		if(IsDeviceSimulated(SerialNumber_)) {
 			CallCanceled("RRM", CMD_UUID, CMD_RPC, RESTAPI::Errors::SimulatedDeviceNotSupported);
 			return BadRequest(RESTAPI::Errors::SimulatedDeviceNotSupported);
 		}
 		GWObjects::PowerCycleRequest	PR;
 		if(!PR.from_json(ParsedBody_)) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		GWObjects::CommandDetails Cmd;
 		Cmd.SerialNumber = SerialNumber_;
 		Cmd.SubmittedBy = Requester();
 		Cmd.UUID = CMD_UUID;
 		Cmd.Command = uCentralProtocol::POWERCYCLE;
 		std::ostringstream os;
 		ParsedBody_->stringify(os);
 		Cmd.Details = os.str();
 		Cmd.RunAt = PR.when;
 		Cmd.ErrorCode = 0;
 		Cmd.WaitingForFile = 0;
 		return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::powercycle, false, Cmd,
 										   *ParsedBody_, *Request, *Response, timeout, nullptr, this,
 										   Logger_);
 	}
 } // namespace OpenWifi
--- a/src/RESTAPI/RESTAPI_device_commandHandler.h
+++ b/src/RESTAPI/RESTAPI_device_commandHandler.h
@@ -62,6 +62,14 @@ namespace OpenWifi {
 				  const GWObjects::DeviceRestrictions &R);
 		void Script(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout,
 					const GWObjects::DeviceRestrictions &R);
 		void RRM(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout,
 					const GWObjects::DeviceRestrictions &R);
 		void CertUpdate(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout,
 					const GWObjects::DeviceRestrictions &R);
 		void Transfer(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout,
 					const GWObjects::DeviceRestrictions &R);
 		void PowerCycle(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout,
 					  const GWObjects::DeviceRestrictions &R);
 		static auto PathName() {
 			return std::list<std::string>{"/api/v1/device/{serialNumber}/{command}"};
--- a/src/RESTAPI/RESTAPI_device_handler.cpp
+++ b/src/RESTAPI/RESTAPI_device_handler.cpp
@@ -101,9 +101,10 @@ namespace OpenWifi {
 			}
 			auto Config = Obj->get("configuration").toString();
 			Poco::JSON::Object Answer;
-			std::vector<std::string> Error;
+			std::string Error;
 			auto DeviceType = Poco::toLower(GetParameter("deviceType", Platforms::AP));
 			auto Res =
-				ValidateUCentralConfiguration(Config, Error, GetBoolParameter("strict", false));
+				ValidateUCentralConfiguration(ConfigurationValidator::GetType(DeviceType),Config, Error, GetBoolParameter("strict", false));
 			Answer.set("valid", Res);
 			if (!Error.empty())
 				Answer.set("error", Error);
@@ -123,12 +124,13 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::SerialNumberMismatch);
 		}
-		std::vector<std::string> Error;
+		std::string Error;
 		if (Device.Configuration.empty() ||
 			(!Device.Configuration.empty() &&
-			 !ValidateUCentralConfiguration(Device.Configuration, Error,
+			 !ValidateUCentralConfiguration(ConfigurationValidator::GetType(Device.DeviceType),
 											Device.Configuration, Error,
 											GetBoolParameter("strict", false)))) {
-			return BadRequest(RESTAPI::Errors::ConfigBlockInvalid);
+			return BadRequest(RESTAPI::Errors::ConfigBlockInvalid, Error);
 		}
 		for (auto &i : Device.Notes) {
@@ -169,10 +171,11 @@ namespace OpenWifi {
 		}
 		if (!NewDevice.Configuration.empty()) {
-			std::vector<std::string> Error;
+			std::string Error;
-			if (!ValidateUCentralConfiguration(NewDevice.Configuration, Error,
+			if (!ValidateUCentralConfiguration(ConfigurationValidator::GetType(Existing.DeviceType),
 											   NewDevice.Configuration, Error,
 											   GetBoolParameter("strict", false))) {
-				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid);
+				return BadRequest(RESTAPI::Errors::ConfigBlockInvalid, Error);
 			}
 			Config::Config NewConfig(NewDevice.Configuration);
 			uint64_t NewConfigUUID = Utils::Now();
--- a/src/RESTAPI/RESTAPI_devices_handler.cpp
+++ b/src/RESTAPI/RESTAPI_devices_handler.cpp
@@ -82,15 +82,24 @@ namespace OpenWifi {
 			}
 		}
 		auto platform = Poco::toLower(GetParameter("platform", ""));
 		auto serialOnly = GetBoolParameter(RESTAPI::Protocol::SERIALONLY, false);
 		auto deviceWithStatus = GetBoolParameter(RESTAPI::Protocol::DEVICEWITHSTATUS, false);
 		auto completeInfo = GetBoolParameter("completeInfo", false);
 		auto includeProvisioned = GetBoolParameter("includeProvisioned", true);
 		if(!platform.empty() && (platform!=Platforms::AP && platform!=Platforms::SWITCH && platform!="all")) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
 		if(platform=="all")
 			platform="";
 		Poco::JSON::Object RetObj;
 		if (!QB_.Select.empty()) {
 			Poco::JSON::Array Objects;
 			for (auto &i : SelectedRecords()) {
-				auto SerialNumber = i;
+				auto &SerialNumber = i;
 				if (!Utils::ValidSerialNumber(i))
 					continue;
 				GWObjects::Device D;
@@ -116,14 +125,14 @@ namespace OpenWifi {
 			else
 				RetObj.set(RESTAPI::Protocol::DEVICES, Objects);
-		} else if (QB_.CountOnly == true) {
+		} else if (QB_.CountOnly) {
 			uint64_t Count = 0;
-			if (StorageService()->GetDeviceCount(Count)) {
+			if (StorageService()->GetDeviceCount(Count, platform, includeProvisioned)) {
 				return ReturnCountOnly(Count);
 			}
 		} else if (serialOnly) {
 			std::vector<std::string> SerialNumbers;
-			StorageService()->GetDeviceSerialNumbers(QB_.Offset, QB_.Limit, SerialNumbers, OrderBy);
+			StorageService()->GetDeviceSerialNumbers(QB_.Offset, QB_.Limit, SerialNumbers, OrderBy, platform, includeProvisioned);
 			Poco::JSON::Array Objects;
 			for (const auto &i : SerialNumbers) {
 				Objects.add(i);
@@ -141,7 +150,7 @@ namespace OpenWifi {
 			RetObj.set("serialNumbers", Objects);
 		} else {
 			std::vector<GWObjects::Device> Devices;
-			StorageService()->GetDevices(QB_.Offset, QB_.Limit, Devices, OrderBy);
+			StorageService()->GetDevices(QB_.Offset, QB_.Limit, Devices, OrderBy, platform, includeProvisioned);
 			Poco::JSON::Array Objects;
 			for (const auto &i : Devices) {
 				Poco::JSON::Object Obj;
@@ -174,6 +183,15 @@ namespace OpenWifi {
 			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if(GetBoolParameter("simulatedDevices",false)) {
 			auto F = []() ->void {
 				StorageService()->DeleteSimulatedDevice("");
 			};
 			std::thread T(F);
 			T.detach();
 			return OK();
 		}
 		if(!QB_.Select.empty() && !Utils::ValidSerialNumbers(QB_.Select)) {
 			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 		}
--- a/src/RESTAPI/RESTAPI_file.h
+++ b/src/RESTAPI/RESTAPI_file.h
@@ -8,7 +8,7 @@
 #pragma once
-#include "framework/RESTAPI_Handler.h"
+#include <framework/RESTAPI_Handler.h>
 namespace OpenWifi {
 	class RESTAPI_file : public RESTAPIHandler {
--- a/src/RESTAPI/RESTAPI_radiusProxyConfig_handler.cpp
+++ b/src/RESTAPI/RESTAPI_radiusProxyConfig_handler.cpp
@@ -9,7 +9,7 @@
 namespace OpenWifi {
 	static bool ValidRadiusPoolServerType(const std::string &T) {
-		static std::set<std::string> Types{ "generic", "orion", "globalreach"};
+		static std::set<std::string> Types{ "radsec", "generic", "orion", "globalreach"};
 		return Types.find(T)!=Types.end();
 	}
--- a/src/RESTAPI/RESTAPI_script_handler.cpp
+++ b/src/RESTAPI/RESTAPI_script_handler.cpp
@@ -23,8 +23,8 @@ namespace OpenWifi {
 	void RESTAPI_script_handler::DoDelete() {
 		std::string UUID = GetBinding("uuid", "");
-		if (UserInfo_.userinfo.userRole != SecurityObjects::ROOT) {
+		if (!UserInfo_.userinfo.userPermissions[SecurityObjects::PM_SCRIPTS_GW][SecurityObjects::PT_DELETE]) {
-			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if (UUID.empty()) {
@@ -40,8 +40,8 @@ namespace OpenWifi {
 	void RESTAPI_script_handler::DoPost() {
 		std::string UUID = GetBinding("uuid", "");
-		if (UserInfo_.userinfo.userRole != SecurityObjects::ROOT) {
+		if (!UserInfo_.userinfo.userPermissions[SecurityObjects::PM_SCRIPTS_GW][SecurityObjects::PT_CREATE]) {
-			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if (UUID.empty()) {
@@ -86,8 +86,8 @@ namespace OpenWifi {
 	void RESTAPI_script_handler::DoPut() {
 		std::string UUID = GetBinding("uuid", "");
-		if (UserInfo_.userinfo.userRole != SecurityObjects::ROOT) {
+		if (!UserInfo_.userinfo.userPermissions[SecurityObjects::PM_SCRIPTS_GW][SecurityObjects::PT_UPDATE]) {
-			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
 		}
 		if (UUID.empty()) {
--- a/src/RESTObjects/RESTAPI_AnalyticsObjects.h
+++ b/src/RESTObjects/RESTAPI_AnalyticsObjects.h
@@ -7,6 +7,7 @@
 #include "RESTAPI_ProvObjects.h"
 #include "framework/utils.h"
 #include <vector>
 #include "framework/ow_constants.h"
 namespace OpenWifi {
--- a/src/RESTObjects/RESTAPI_GWobjects.cpp
+++ b/src/RESTObjects/RESTAPI_GWobjects.cpp
@@ -12,6 +12,7 @@
 #include "Daemon.h"
 #ifdef TIP_GATEWAY_SERVICE
 #include "AP_WS_Server.h"
 #include "StorageService.h"
 #include "CapabilitiesCache.h"
 #include "RADIUSSessionTracker.h"
 #endif
@@ -30,7 +31,7 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj, "serialNumber", SerialNumber);
 #ifdef TIP_GATEWAY_SERVICE
 		field_to_json(Obj, "deviceType", CapabilitiesCache::instance()->GetPlatform(Compatible));
-		field_to_json(Obj, "hasRADIUSSessions", RADIUSSessionTracker()->HasSessions(SerialNumber));
+		field_to_json(Obj, "blackListed", StorageService()->IsBlackListed(Utils::MACToInt(SerialNumber)));
 #endif
 		field_to_json(Obj, "macAddress", MACAddress);
 		field_to_json(Obj, "manufacturer", Manufacturer);
@@ -59,6 +60,8 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj, "pendingUUID", pendingUUID);
 		field_to_json(Obj, "simulated", simulated);
 		field_to_json(Obj, "lastRecordedContact", lastRecordedContact);
 		field_to_json(Obj, "certificateExpiryDate", certificateExpiryDate);
 		field_to_json(Obj, "connectReason", connectReason);
 	}
 	void Device::to_json_with_status(Poco::JSON::Object &Obj) const {
@@ -66,9 +69,14 @@ namespace OpenWifi::GWObjects {
 #ifdef TIP_GATEWAY_SERVICE
 		ConnectionState ConState;
-
+#ifdef USE_MEDUSA_CLIENT
        auto Res = GS()->GetState(SerialNumber);
        if (Res.has_value()) {
            Res.value().to_json(SerialNumber,Obj);
 #else
        if (AP_WS_Server()->GetState(SerialNumber, ConState)) {
 			ConState.to_json(SerialNumber,Obj);
 #endif
 		} else {
 			field_to_json(Obj, "ipAddress", "");
 			field_to_json(Obj, "txBytes", (uint64_t)0);
@@ -122,6 +130,8 @@ namespace OpenWifi::GWObjects {
 			field_from_json(Obj, "pendingUUID", pendingUUID);
 			field_from_json(Obj, "simulated", simulated);
 			field_from_json(Obj, "lastRecordedContact", lastRecordedContact);
 			field_from_json(Obj, "certificateExpiryDate", certificateExpiryDate);
 			field_from_json(Obj, "connectReason", connectReason);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
@@ -162,13 +172,16 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj, "recorded", Recorded);
 	}
-	void DefaultConfiguration::to_json(Poco::JSON::Object &Obj) const {
+    bool HealthCheck::from_json(const Poco::JSON::Object::Ptr &Obj) {
-		EmbedDocument("configuration", Obj, Configuration);
+        try {
-		field_to_json(Obj, "name", Name);
+            field_from_json(Obj, "UUID", UUID);
-		field_to_json(Obj, "modelIds", Models);
+            field_from_json(Obj, "sanity", Sanity);
-		field_to_json(Obj, "description", Description);
+            field_from_json(Obj, "recorded", Recorded);
-		field_to_json(Obj, "created", Created);
+            return true;
-		field_to_json(Obj, "lastModified", LastModified);
+        } catch(...) {
        }
        return false;
    }
 	void DefaultFirmware::to_json(Poco::JSON::Object &Obj) const {
@@ -218,12 +231,25 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj, "deferred", deferred);
 	}
 	void DefaultConfiguration::to_json(Poco::JSON::Object &Obj) const {
 		EmbedDocument("configuration", Obj, configuration);
 		field_to_json(Obj, "name", name);
 		field_to_json(Obj, "modelIds", models);
 		field_to_json(Obj, "description", description);
 		field_to_json(Obj, "created", created);
 		field_to_json(Obj, "lastModified", lastModified);
 		field_to_json(Obj, "platform", platform);
 	}
 	bool DefaultConfiguration::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
-			field_from_json(Obj, "name", Name);
+			field_from_json(Obj, "configuration", configuration);
-			field_from_json(Obj, "configuration", Configuration);
+			field_from_json(Obj, "name", name);
-			field_from_json(Obj, "modelIds", Models);
+			field_from_json(Obj, "modelIds", models);
-			field_from_json(Obj, "description", Description);
+			field_from_json(Obj, "description", description);
 			field_from_json(Obj, "created", created);
 			field_from_json(Obj, "lastModified", lastModified);
 			field_from_json(Obj, "platform", platform);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
@@ -272,13 +298,11 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj, "totalConnectionTime", Utils::Now() - started);
 		field_to_json(Obj, "certificateExpiryDate", certificateExpiryDate);
 		field_to_json(Obj, "connectReason", connectReason);
 		field_to_json(Obj, "uptime", uptime);
        field_to_json(Obj, "compatible", Compatible);
 #ifdef TIP_GATEWAY_SERVICE
 		hasRADIUSSessions = RADIUSSessionTracker()->HasSessions(SerialNumber);
 		AP_WS_Server()->ExtendedAttributes(SerialNumber, hasGPS, sanity,
 										   memoryUsed,
 										   load,
 										   temperature);
 #endif
 		field_to_json(Obj, "hasRADIUSSessions", hasRADIUSSessions );
 		field_to_json(Obj, "hasGPS", hasGPS);
@@ -310,6 +334,45 @@ namespace OpenWifi::GWObjects {
 		}
 	}
    bool ConnectionState::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "compatible", Compatible);
            field_from_json(Obj, "ipAddress", Address);
            field_from_json(Obj, "txBytes", TX);
            field_from_json(Obj, "rxBytes", RX);
            field_from_json(Obj, "messageCount", MessageCount);
            field_from_json(Obj, "UUID", UUID);
            field_from_json(Obj, "connected", Connected);
            field_from_json(Obj, "firmware", Firmware);
            field_from_json(Obj, "lastContact", LastContact);
            field_from_json(Obj, "associations_2G", Associations_2G);
            field_from_json(Obj, "associations_5G", Associations_5G);
            field_from_json(Obj, "associations_6G", Associations_6G);
            field_from_json(Obj, "webSocketClients", webSocketClients);
            field_from_json(Obj, "websocketPackets", websocketPackets);
            field_from_json(Obj, "kafkaClients", kafkaClients);
            field_from_json(Obj, "kafkaPackets", kafkaPackets);
            field_from_json(Obj, "locale", locale);
            field_from_json(Obj, "started", started);
            field_from_json(Obj, "sessionId", sessionId);
            field_from_json(Obj, "connectionCompletionTime", connectionCompletionTime);
            field_from_json(Obj, "totalConnectionTime", totalConnectionTime);
            field_from_json(Obj, "certificateExpiryDate", certificateExpiryDate);
            field_from_json(Obj, "connectReason", connectReason);
            field_from_json(Obj, "uptime", uptime);
            field_from_json(Obj, "hasRADIUSSessions", hasRADIUSSessions );
            field_from_json(Obj, "hasGPS", hasGPS);
            field_from_json(Obj, "sanity", sanity);
            field_from_json(Obj, "memoryUsed", memoryUsed);
            field_from_json(Obj, "sanity", sanity);
            field_from_json(Obj, "load", load);
            field_from_json(Obj, "temperature", temperature);
            return true;
        } catch(const Poco::Exception &E) {
        }
        return false;
    }
 	void DeviceConnectionStatistics::to_json(Poco::JSON::Object &Obj) const {
 		field_to_json(Obj, "averageConnectionTime", averageConnectionTime);
 		field_to_json(Obj, "connectedDevices", connectedDevices);
@@ -694,4 +757,46 @@ namespace OpenWifi::GWObjects {
 		return false;
 	}
 	bool DeviceTransferRequest::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			field_from_json(Obj, "serialNumber", serialNumber);
 			field_from_json(Obj, "server", server);
 			field_from_json(Obj, "port", port);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
 		return false;
 	}
 	bool DeviceCertificateUpdateRequest::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			field_from_json(Obj, "serial", serialNumber);
 			field_from_json(Obj, "encodedCertificate", encodedCertificate);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
 		return false;
 	}
 	bool PowerCyclePort::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			field_from_json(Obj, "name", name);
 			field_from_json(Obj, "cycle", cycle);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
 		return false;
 	}
 	bool PowerCycleRequest::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			field_from_json(Obj, "serial", serialNumber);
 			field_from_json(Obj, "when", when);
 			field_from_json(Obj, "ports", ports);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
 		return false;
 	}
 } // namespace OpenWifi::GWObjects
--- a/src/RESTObjects/RESTAPI_GWobjects.h
+++ b/src/RESTObjects/RESTAPI_GWobjects.h
@@ -49,8 +49,11 @@ namespace OpenWifi::GWObjects {
 		std::double_t load=0.0;
 		std::double_t temperature=0.0;
 		std::string 	connectReason;
 		std::uint64_t 	uptime=0;
        std::uint64_t 	totalConnectionTime=0;
 		void to_json(const std::string &SerialNumber, Poco::JSON::Object &Obj) ;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 	struct DeviceRestrictionsKeyInfo {
@@ -110,6 +113,9 @@ namespace OpenWifi::GWObjects {
 		std::uint64_t pendingUUID = 0;
 		bool simulated=false;
 		std::uint64_t 	lastRecordedContact=0;
 		std::uint64_t 	certificateExpiryDate = 0;
 		std::string 	connectReason;
 		bool			blackListed=false;
 		void to_json(Poco::JSON::Object &Obj) const;
 		void to_json_with_status(Poco::JSON::Object &Obj) const;
@@ -140,7 +146,9 @@ namespace OpenWifi::GWObjects {
        std::string Data;
        uint64_t Recorded = 0;
        uint64_t Sanity = 0;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
 	struct Capabilities {
@@ -172,12 +180,13 @@ namespace OpenWifi::GWObjects {
 	};
 	struct DefaultConfiguration {
-		std::string Name;
+		std::string name;
-		std::string Configuration;
+		std::string configuration;
-		Types::StringVec Models;
+		Types::StringVec models;
-		std::string Description;
+		std::string description;
-		uint64_t Created;
+		uint64_t created;
-		uint64_t LastModified;
+		uint64_t lastModified;
 		std::string platform;
 		void to_json(Poco::JSON::Object &Obj) const;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
@@ -452,4 +461,77 @@ namespace OpenWifi::GWObjects {
 		void to_json(Poco::JSON::Object &Obj) const;
 	};
 	enum class RadiusPoolStrategy {
 		round_robin, random, weighted, unknown
 	};
 	enum class RadiusEndpointType {
 		generic, radsec, globalreach, orion, unknown
 	};
 	static inline RadiusEndpointType RadiusEndpointType(const std::string &T) {
 		if(T=="generic") return RadiusEndpointType::generic;
 		if(T=="radsec") return RadiusEndpointType::radsec;
 		if(T=="globalreach") return RadiusEndpointType::globalreach;
 		if(T=="orion") return RadiusEndpointType::orion;
 		return RadiusEndpointType::unknown;
 	}
 	static inline RadiusPoolStrategy RadiusPoolStrategy(const std::string &T) {
 		if(T=="round_robin") return RadiusPoolStrategy::round_robin;
 		if(T=="random") return RadiusPoolStrategy::random;
 		if(T=="weighted") return RadiusPoolStrategy::weighted;
 		return RadiusPoolStrategy::unknown;
 	}
 	static inline std::string to_string(enum RadiusEndpointType T) {
 		switch(T) {
 		case RadiusEndpointType::generic: return "generic";
 		case RadiusEndpointType::radsec: return "radsec";
 		case RadiusEndpointType::globalreach: return "globalreach";
 		case RadiusEndpointType::orion: return "orion";
 		default:
 			return "unknown";
 		}
 	}
 	static inline std::string to_string(enum RadiusPoolStrategy T) {
 		switch(T) {
 		case RadiusPoolStrategy::round_robin: return "round_robin";
 		case RadiusPoolStrategy::random: return "random";
 		case RadiusPoolStrategy::weighted: return "weighted";
 		default:
 			return "unknown";
 		}
 	}
 	struct DeviceTransferRequest {
 		std::string 	serialNumber;
 		std::string 	server;
 		std::uint64_t 	port;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 	struct DeviceCertificateUpdateRequest {
 		std::string 	serialNumber;
 		std::string 	encodedCertificate;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 	struct PowerCyclePort {
 		std::string 	name;
 		std::uint64_t 	cycle=10000;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 	struct PowerCycleRequest {
 		std::string 	serialNumber;
 		std::uint64_t 	when;
 		std::vector<PowerCyclePort> ports;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 } // namespace OpenWifi::GWObjects
--- a/src/RESTObjects/RESTAPI_OWLSobjects.cpp
+++ b/src/RESTObjects/RESTAPI_OWLSobjects.cpp
@@ -92,6 +92,7 @@ namespace OpenWifi::OWLSObjects {
        field_to_json(Obj, "endTime", endTime);
        field_to_json(Obj, "errorDevices", errorDevices);
        field_to_json(Obj, "owner", owner);
        field_to_json(Obj, "expectedDevices", expectedDevices);
    }
 	void Dashboard::to_json([[maybe_unused]] Poco::JSON::Object &Obj) const {}
--- a/src/RESTObjects/RESTAPI_OWLSobjects.h
+++ b/src/RESTObjects/RESTAPI_OWLSobjects.h
@@ -57,6 +57,7 @@ namespace OpenWifi::OWLSObjects {
        uint64_t endTime;
        uint64_t errorDevices;
        std::string owner;
        uint64_t expectedDevices;
        void to_json(Poco::JSON::Object &Obj) const;
    };
--- a/src/RESTObjects/RESTAPI_ProvObjects.cpp
+++ b/src/RESTObjects/RESTAPI_ProvObjects.cpp
@@ -587,6 +587,9 @@ namespace OpenWifi::ProvObjects {
 		field_to_json(Obj, "locale", locale);
 		field_to_json(Obj, "realMacAddress", realMacAddress);
 		field_to_json(Obj, "doNotAllowOverrides", doNotAllowOverrides);
        field_to_json(Obj, "imported", imported);
        field_to_json(Obj, "connected", connected);
        field_to_json(Obj, "platform", platform);
 	}
 	bool InventoryTag::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -609,6 +612,9 @@ namespace OpenWifi::ProvObjects {
 			field_from_json(Obj, "locale", locale);
 			field_from_json(Obj, "realMacAddress", realMacAddress);
 			field_from_json(Obj, "doNotAllowOverrides", doNotAllowOverrides);
            field_from_json(Obj, "imported", imported);
            field_from_json(Obj, "connected", connected);
            field_from_json(Obj, "platform", platform);
 			return true;
 		} catch (...) {
 		}
@@ -1194,4 +1200,243 @@ namespace OpenWifi::ProvObjects {
 		return false;
 	}
    void GLBLRAccountInfo::to_json(Poco::JSON::Object &Obj) const {
        info.to_json(Obj);
        field_to_json(Obj, "privateKey", privateKey);
        field_to_json(Obj, "country", country);
        field_to_json(Obj, "province", province);
        field_to_json(Obj, "city", city);
        field_to_json(Obj, "organization", organization);
        field_to_json(Obj, "commonName", commonName);
        field_to_json(Obj, "CSR", CSR);
        field_to_json(Obj, "CSRPrivateKey", CSRPrivateKey);
        field_to_json(Obj, "CSRPublicKey", CSRPublicKey);
        field_to_json(Obj, "GlobalReachAcctId", GlobalReachAcctId);
    }
    bool GLBLRAccountInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            info.from_json(Obj);
            field_from_json(Obj, "privateKey", privateKey);
            field_from_json(Obj, "country", country);
            field_from_json(Obj, "province", province);
            field_from_json(Obj, "city", city);
            field_from_json(Obj, "organization", organization);
            field_from_json(Obj, "commonName", commonName);
            field_from_json(Obj, "CSR", CSR);
            field_from_json(Obj, "CSRPrivateKey", CSRPrivateKey);
            field_from_json(Obj, "CSRPublicKey", CSRPublicKey);
            field_from_json(Obj, "GlobalReachAcctId", GlobalReachAcctId);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void GLBLRCertificateInfo::to_json(Poco::JSON::Object &Obj) const {
        field_to_json(Obj, "id", id);
        field_to_json(Obj, "name", name);
        field_to_json(Obj, "accountId", accountId);
        field_to_json(Obj, "csr", csr);
        field_to_json(Obj, "certificate", certificate);
        field_to_json(Obj, "certificateChain", certificateChain);
        field_to_json(Obj, "certificateId", certificateId);
        field_to_json(Obj, "expiresAt", expiresAt);
        field_to_json(Obj, "created", created);
    }
    bool GLBLRCertificateInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "id", id);
            field_from_json(Obj, "name", name);
            field_from_json(Obj, "accountId", accountId);
            field_from_json(Obj, "csr", csr);
            field_from_json(Obj, "certificate", certificate);
            field_from_json(Obj, "certificateChain", certificateChain);
            field_from_json(Obj, "certificateId", certificateId);
            field_from_json(Obj, "expiresAt", expiresAt);
            field_from_json(Obj, "created", created);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void GooglOrionAccountInfo::to_json(Poco::JSON::Object &Obj) const {
        info.to_json(Obj);
        field_to_json(Obj, "privateKey", privateKey);
        field_to_json(Obj, "certificate", certificate);
        field_to_json(Obj, "cacerts", cacerts);
    }
    bool GooglOrionAccountInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            info.from_json(Obj);
            field_from_json(Obj, "privateKey", privateKey);
            field_from_json(Obj, "certificate", certificate);
            field_from_json(Obj, "cacerts", cacerts);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void RADIUSServer::to_json(Poco::JSON::Object &Obj) const {
        field_to_json(Obj, "Hostname", Hostname);
        field_to_json(Obj, "IP", IP);
        field_to_json(Obj, "Port", Port);
        field_to_json(Obj, "Secret", Secret);
    }
    bool RADIUSServer::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "Hostname", Hostname);
            field_from_json(Obj, "IP", IP);
            field_from_json(Obj, "Port", Port);
            field_from_json(Obj, "Secret", Secret);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void RADIUSEndPointRadiusType::to_json(Poco::JSON::Object &Obj) const {
        field_to_json(Obj, "Authentication", Authentication);
        field_to_json(Obj, "Accounting", Accounting);
        field_to_json(Obj, "CoA", CoA);
        field_to_json(Obj, "AccountingInterval", AccountingInterval);
    }
    bool RADIUSEndPointRadiusType::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "Authentication", Authentication);
            field_from_json(Obj, "Accounting", Accounting);
            field_from_json(Obj, "CoA", CoA);
            field_from_json(Obj, "AccountingInterval", AccountingInterval);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void RADIUSEndPointRadsecType::to_json(Poco::JSON::Object &Obj) const {
        field_to_json(Obj, "Hostname", Hostname);
        field_to_json(Obj, "IP", IP);
        field_to_json(Obj, "Port", Port);
        field_to_json(Obj, "Secret", Secret);
        field_to_json(Obj, "OpenRoamingType", OpenRoamingType);
        field_to_json(Obj, "UseOpenRoamingAccount", UseOpenRoamingAccount);
        field_to_json(Obj, "Weight", Weight);
        field_to_json(Obj, "Certificate", Certificate);
        field_to_json(Obj, "PrivateKey", PrivateKey);
        field_to_json(Obj, "CaCerts", CaCerts);
        field_to_json(Obj, "AllowSelfSigned", AllowSelfSigned);
    }
    bool RADIUSEndPointRadsecType::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "Hostname", Hostname);
            field_from_json(Obj, "IP", IP);
            field_from_json(Obj, "Port", Port);
            field_from_json(Obj, "Secret", Secret);
            field_from_json(Obj, "OpenRoamingType", OpenRoamingType);
            field_from_json(Obj, "UseOpenRoamingAccount", UseOpenRoamingAccount);
            field_from_json(Obj, "Weight", Weight);
            field_from_json(Obj, "Certificate", Certificate);
            field_from_json(Obj, "PrivateKey", PrivateKey);
            field_from_json(Obj, "CaCerts", CaCerts);
            field_from_json(Obj, "AllowSelfSigned", AllowSelfSigned);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void RADIUSEndPoint::to_json(Poco::JSON::Object &Obj) const {
        info.to_json(Obj);
        field_to_json(Obj, "Type", Type);
        field_to_json(Obj, "RadsecServers", RadsecServers);
        field_to_json(Obj, "RadiusServers", RadiusServers);
        field_to_json(Obj, "PoolStrategy", PoolStrategy);
        field_to_json(Obj, "Index", Index);
        field_to_json(Obj, "UsedBy", UsedBy);
        field_to_json(Obj, "UseGWProxy", UseGWProxy);
        field_to_json(Obj, "NasIdentifier", NasIdentifier);
        field_to_json(Obj, "AccountingInterval", AccountingInterval);
    }
    bool RADIUSEndPoint::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            info.from_json(Obj);
            field_from_json(Obj, "Type", Type);
            field_from_json(Obj, "RadsecServers", RadsecServers);
            field_from_json(Obj, "RadiusServers", RadiusServers);
            field_from_json(Obj, "PoolStrategy", PoolStrategy);
            field_from_json(Obj, "Index", Index);
            field_from_json(Obj, "UsedBy", UsedBy);
            field_from_json(Obj, "UseGWProxy", UseGWProxy);
            field_from_json(Obj, "NasIdentifier", NasIdentifier);
            field_from_json(Obj, "AccountingInterval", AccountingInterval);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    void RADIUSEndpointUpdateStatus::to_json(Poco::JSON::Object &Obj) const {
        field_to_json(Obj, "lastUpdate", lastUpdate);
        field_to_json(Obj, "lastConfigurationChange", lastConfigurationChange);
    }
    bool RADIUSEndpointUpdateStatus::from_json(const Poco::JSON::Object::Ptr &Obj) {
        try {
            field_from_json(Obj, "lastUpdate", lastUpdate);
            field_from_json(Obj, "lastConfigurationChange", lastConfigurationChange);
            return true;
        } catch (const Poco::Exception &E) {
        }
        return false;
    }
    bool RADIUSEndpointUpdateStatus::Read() {
        Poco::File  F(OpenWifi::MicroServiceDataDirectory()+"/RADIUSEndpointUpdateStatus.json");
        try {
            if (F.exists()) {
                Poco::JSON::Parser P;
                std::ifstream ifs(F.path(), std::ios_base::in | std::ios_base::binary);
                auto Obj = P.parse(ifs);
                return from_json(Obj.extract<Poco::JSON::Object::Ptr>());
            }
        } catch (...) {
        }
        return false;
    }
    bool RADIUSEndpointUpdateStatus::Save() {
        Poco::File  F(OpenWifi::MicroServiceDataDirectory()+"/RADIUSEndpointUpdateStatus.json");
        try {
            Poco::JSON::Object Obj;
            to_json(Obj);
            std::ofstream O(F.path(), std::ios_base::out | std::ios_base::trunc | std::ios_base::binary);
            Poco::JSON::Stringifier::stringify(Obj, O);
            return true;
        } catch (...) {
        }
        return false;
    }
    bool RADIUSEndpointUpdateStatus::ChangeConfiguration() {
        Read();
        lastConfigurationChange = Utils::Now();
        return Save();
    }
 } // namespace OpenWifi::ProvObjects
--- a/src/RESTObjects/RESTAPI_ProvObjects.h
+++ b/src/RESTObjects/RESTAPI_ProvObjects.h
@@ -29,6 +29,7 @@ namespace OpenWifi::ProvObjects {
        Types::TagList tags;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -36,6 +37,7 @@ namespace OpenWifi::ProvObjects {
        Types::UUIDvec_t serialNumbers;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -46,6 +48,7 @@ namespace OpenWifi::ProvObjects {
        std::string policy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -57,14 +60,18 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t venue;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<ManagementPolicy> ManagementPolicyVec;
    struct RRMAlgorithmDetails {
        std::string name;
        std::string parameters;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -72,7 +79,9 @@ namespace OpenWifi::ProvObjects {
        std::string vendor;
        std::string schedule;
        std::vector<RRMAlgorithmDetails> algorithms;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -82,6 +91,7 @@ namespace OpenWifi::ProvObjects {
        std::string firmwareUpgrade{"inherit"};
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -104,8 +114,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUIDvec_t configurations;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<Entity> EntityVec;
    struct DiGraphEntry {
@@ -113,6 +125,7 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t child;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -140,8 +153,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUIDvec_t boards;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<Venue> VenueVec;
    struct UserInfoDigest {
@@ -150,6 +165,7 @@ namespace OpenWifi::ProvObjects {
        std::string userType;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -162,8 +178,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t venue;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<ManagementRole> ManagementRoleVec;
    enum LocationType {
@@ -232,8 +250,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t managementPolicy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<Location> LocationVec;
    struct OperatorLocation {
@@ -253,8 +273,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t managementPolicy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<Location> LocationVec;
    struct SubLocation {
@@ -270,6 +292,7 @@ namespace OpenWifi::ProvObjects {
        std::string geoCode;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -277,6 +300,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<OperatorLocation> locations;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -356,8 +380,10 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t managementPolicy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<Contact> ContactVec;
    struct OperatorContact {
@@ -379,6 +405,7 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t managementPolicy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -397,6 +424,7 @@ namespace OpenWifi::ProvObjects {
        std::string accessPIN;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -404,6 +432,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<OperatorContact> contacts;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -416,8 +445,10 @@ namespace OpenWifi::ProvObjects {
        std::string configuration;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<DeviceConfigurationElement> DeviceConfigurationElementVec;
    struct DeviceConfiguration {
@@ -434,8 +465,10 @@ namespace OpenWifi::ProvObjects {
        std::string subscriber;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    typedef std::vector<DeviceConfiguration> DeviceConfigurationVec;
    struct InventoryTag {
@@ -457,6 +490,9 @@ namespace OpenWifi::ProvObjects {
        std::string locale;
        std::string realMacAddress;
        bool doNotAllowOverrides = false;
        std::uint64_t imported=0;
        std::uint64_t connected=0;
        std::string platform{Platforms::AP};
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -468,6 +504,7 @@ namespace OpenWifi::ProvObjects {
        InventoryTagVec taglist;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -478,6 +515,7 @@ namespace OpenWifi::ProvObjects {
        uint64_t errorCode;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -486,6 +524,7 @@ namespace OpenWifi::ProvObjects {
        Types::CountedMap tenants;
        void reset();
        void to_json(Poco::JSON::Object &Obj) const;
    };
@@ -495,6 +534,7 @@ namespace OpenWifi::ProvObjects {
        std::string description;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -503,6 +543,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<ExpandedUseEntry> entries;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -510,6 +551,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<ExpandedUseEntryList> entries;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -517,17 +559,21 @@ namespace OpenWifi::ProvObjects {
        Types::UUIDvec_t list;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
-	enum ACLACCESS { NONE = 0, READ = 1, MODIFY = 2, CREATE = 3, DELETE = 4 };
+    enum ACLACCESS {
        NONE = 0, READ = 1, MODIFY = 2, CREATE = 3, DELETE = 4
    };
    struct ObjectACL {
        UuidList users;
        UuidList roles;
-		uint64_t access = (uint64_t)NONE;
+        uint64_t access = (uint64_t) NONE;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -535,6 +581,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<ObjectACL> list;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -549,6 +596,7 @@ namespace OpenWifi::ProvObjects {
        std::string venue;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -556,6 +604,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<Map> list;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -585,6 +634,7 @@ namespace OpenWifi::ProvObjects {
        std::string operatorId;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -595,6 +645,7 @@ namespace OpenWifi::ProvObjects {
        std::string value;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -602,6 +653,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<Variable> variables;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -616,6 +668,7 @@ namespace OpenWifi::ProvObjects {
        Types::UUID_t managementPolicy;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -623,6 +676,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<VariableBlock> variableBlocks;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -637,6 +691,7 @@ namespace OpenWifi::ProvObjects {
        std::string registrationId;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -644,6 +699,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<Operator> operators;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -654,6 +710,7 @@ namespace OpenWifi::ProvObjects {
        Types::UUIDvec_t devices;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -669,6 +726,7 @@ namespace OpenWifi::ProvObjects {
        bool defaultService = false;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -676,6 +734,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<ServiceClass> serviceClasses;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -686,6 +745,7 @@ namespace OpenWifi::ProvObjects {
        std::string firmwareRCOnly{"inherit"};
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -710,6 +770,7 @@ namespace OpenWifi::ProvObjects {
        std::string realMacAddress;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -717,6 +778,7 @@ namespace OpenWifi::ProvObjects {
        std::vector<SubscriberDevice> subscriberDevices;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -729,6 +791,7 @@ namespace OpenWifi::ProvObjects {
        std::uint64_t modified;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
@@ -738,12 +801,119 @@ namespace OpenWifi::ProvObjects {
        std::vector<ConfigurationOverride> overrides;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
                          ObjectInfo &I);
    bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
                          ObjectInfo &I);
    bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);
    struct GLBLRAccountInfo {
        ObjectInfo info;
        std::string privateKey;
        std::string country, province, city, organization, commonName;
        std::string CSR, CSRPrivateKey, CSRPublicKey;
        std::string GlobalReachAcctId;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct GLBLRCertificateInfo {
        std::string id;
        std::string name;
        std::string accountId;
        std::string csr;
        std::string certificate;
        std::string certificateChain;
        std::string certificateId;
        std::uint64_t expiresAt = 0;
        std::uint64_t created = 0;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct GooglOrionAccountInfo {
        ObjectInfo info;
        std::string privateKey;
        std::string certificate;
        std::vector<std::string> cacerts;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct RADIUSServer {
        std::string     Hostname;
        std::string     IP;
        std::uint64_t   Port=0;
        std::string     Secret;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct RADIUSEndPointRadiusType {
        std::vector<RADIUSServer>    Authentication;
        std::vector<RADIUSServer>    Accounting;
        std::vector<RADIUSServer>    CoA;
        std::uint64_t AccountingInterval = 60;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct RADIUSEndPointRadsecType {
        std::string     Hostname;
        std::string     IP;
        std::uint64_t   Port=2083;
        std::string     Secret{"radsec"};
        std::string     OpenRoamingType;
        std::string     UseOpenRoamingAccount;
        std::uint64_t   Weight=0;
        std::string     Certificate;
        std::string     PrivateKey;
        std::vector<std::string>    CaCerts;
        bool AllowSelfSigned=false;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct RADIUSEndPoint {
        ObjectInfo                  info;
        std::string                 Type{"radius"};
        std::string                 PoolStrategy{"none"};
        bool                        UseGWProxy=true;
        std::string                 Index;
        std::vector<std::string>    UsedBy;
        std::vector<RADIUSEndPointRadiusType>   RadiusServers;
        std::vector<RADIUSEndPointRadsecType>   RadsecServers;
        std::string                 NasIdentifier;
        std::uint64_t               AccountingInterval=600;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
    };
    struct RADIUSEndpointUpdateStatus {
        std::uint64_t   lastUpdate=0;
        std::uint64_t   lastConfigurationChange=0;
        void to_json(Poco::JSON::Object &Obj) const;
        bool from_json(const Poco::JSON::Object::Ptr &Obj);
        bool Read();
        bool Save();
        bool ChangeConfiguration();
    };
 }; // namespace OpenWifi::ProvObjects
--- a/src/RESTObjects/RESTAPI_SecurityObjects.cpp
+++ b/src/RESTObjects/RESTAPI_SecurityObjects.cpp
@@ -12,6 +12,8 @@
 #include "RESTAPI_SecurityObjects.h"
 #include "framework/RESTAPI_utils.h"
 #include <stdlib.h>
 using OpenWifi::RESTAPI_utils::field_from_json;
 using OpenWifi::RESTAPI_utils::field_to_json;
@@ -282,6 +284,7 @@ namespace OpenWifi::SecurityObjects {
 		field_to_json(Obj, "oauthUserInfo", oauthUserInfo);
 		field_to_json(Obj, "modified", modified);
 		field_to_json(Obj, "signingUp", signingUp);
 		Obj.set("userPermissions", permissions_to_json(userPermissions));
 	};
 	bool UserInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -318,6 +321,7 @@ namespace OpenWifi::SecurityObjects {
 			field_from_json(Obj, "oauthUserInfo", oauthUserInfo);
 			field_from_json(Obj, "modified", modified);
 			field_from_json(Obj, "signingUp", signingUp);
 			userPermissions = permissions_from_json(Obj->getObject("userPermissions"));
 			return true;
 		} catch (const Poco::Exception &E) {
 			std::cout << "Cannot parse: UserInfo" << std::endl;
@@ -737,4 +741,218 @@ namespace OpenWifi::SecurityObjects {
        return false;
    }
 	PERMISSION_TYPE PermTypeFromString(const std::string &U) {
 		if (!Poco::icompare(U, "create"))
 			return PT_CREATE;
 		else if (!Poco::icompare(U, "update"))
 			return PT_UPDATE;
 		else if (!Poco::icompare(U, "delete"))
 			return PT_DELETE;
 		else if (!Poco::icompare(U, "readonly"))
 			return PT_READ_ONLY;
 		return PT_UNKNOWN;
 	}
 	std::string PermTypeToString(PERMISSION_TYPE U) {
 		switch (U) {
 		case PT_CREATE:
 			return "create";
 		case PT_UPDATE:
 			return "update";
 		case PT_DELETE:
 			return "delete";
 		case PT_READ_ONLY:
 			return "readonly";
 		case PT_UNKNOWN:
 		default:
 			return "unknown";
 		}
 	}
 	PERMISSION_MODEL PermModelFromString(const std::string &U) {
 		if (!Poco::icompare(U, "permissions"))
 			return PM_PERMISSIONS;
 		else if (!Poco::icompare(U, "venues"))
 			return PM_VENUES_PROV;
 		else if (!Poco::icompare(U, "venues_list"))
 			return PM_VENUES_LIST_PROV;
 		else if (!Poco::icompare(U, "entities"))
 			return PM_ENTITIES_PROV;
 		else if (!Poco::icompare(U, "entities_list"))
 			return PM_ENTITIES_LIST_PROV;
 		else if (!Poco::icompare(U, "inventory"))
 			return PM_INVENTORY_PROV;			
 		else if (!Poco::icompare(U, "inventory_list"))
 			return PM_INVENTORY_LIST_PROV;	
 		else if (!Poco::icompare(U, "managementpolicy"))
 			return PM_MANAGEMENTPOLICY_PROV;			
 		else if (!Poco::icompare(U, "managementpolicy_list"))
 			return PM_MANAGEMENTPOLICY_LIST_PROV;	
 		else if (!Poco::icompare(U, "managementrole"))
 			return PM_MANAGEMENTROLE_PROV;			
 		else if (!Poco::icompare(U, "managementrole_list"))
 			return PM_MANAGEMENTROLE_LIST_PROV;
 		//GW
 		else if (!Poco::icompare(U, "scripts"))
 			return PM_SCRIPTS_GW;
 		else if (!Poco::icompare(U, "configure"))
 			return PM_DEVICE_CONFIGURE_GW;
 		else if (!Poco::icompare(U, "upgrade"))
 			return PM_DEVICE_UPGRADE_GW;
 		else if (!Poco::icompare(U, "factoryreset"))
 			return PM_DEVICE_FACTORY_GW;
 		else if (!Poco::icompare(U, "leds"))
 			return PM_DEVICE_LEDS_GW;
 		else if (!Poco::icompare(U, "trace"))
 			return PM_DEVICE_TRACE_GW;
 		else if (!Poco::icompare(U, "request"))
 			return PM_DEVICE_REQUEST_GW;
 		else if (!Poco::icompare(U, "wifiscan"))
 			return PM_DEVICE_WIFISCAN_GW;
 		else if (!Poco::icompare(U, "eventqueue"))
 			return PM_DEVICE_EVENTQUEUE_GW;
 		else if (!Poco::icompare(U, "telemetry"))
 			return PM_DEVICE_TELEMETRY_GW;
 		else if (!Poco::icompare(U, "ping"))
 			return PM_DEVICE_PING_GW;
 		else if (!Poco::icompare(U, "ap_script"))
 			return PM_DEVICE_SCRIPT_GW;
 		else if (!Poco::icompare(U, "rrm"))
 			return PM_DEVICE_RRM_GW;
 		else if (!Poco::icompare(U, "transfer"))
 			return PM_DEVICE_TRANSFER_GW;
 		else if (!Poco::icompare(U, "certupdate"))
 			return PM_DEVICE_CERTUPDATE_GW;
 		else if (!Poco::icompare(U, "powercycle"))
 			return PM_DEVICE_POWERCYCLE_GW;
 		else if (!Poco::icompare(U, "ap_logs"))
 			return PM_DEVICE_LOGS_GW;
 		else if (!Poco::icompare(U, "healthchecks"))
 			return PM_DEVICE_HEALTHCHECKS_GW;
 		else if (!Poco::icompare(U, "ap_capabilities"))
 			return PM_DEVICE_CAPABILITIES_GW;
 		else if (!Poco::icompare(U, "ap_statistics"))
 			return PM_DEVICE_STATISTICS_GW;
 		else if (!Poco::icompare(U, "ap_status"))
 			return PM_DEVICE_STATUS_GW;
 		else if (!Poco::icompare(U, "ap_rtty"))
 			return PM_DEVICE_RTTY_GW;
 		return PM_UNKNOWN;
 	}
 	std::string PermModelToString(PERMISSION_MODEL U) {
 		switch (U) {
 		case PM_PERMISSIONS:
 			return "permissions";
 		case PM_VENUES_PROV:
 			return "venues";
 		case PM_VENUES_LIST_PROV:
 			return "venues_list";
 		case PM_ENTITIES_PROV:
 			return "entities";
 		case PM_ENTITIES_LIST_PROV:
 			return "entities_list";
 		case PM_INVENTORY_PROV:
 			return "inventory";
 		case PM_INVENTORY_LIST_PROV:
 			return "inventory_list";
 		case PM_MANAGEMENTPOLICY_PROV:
 			return "managementpolicy";
 		case PM_MANAGEMENTPOLICY_LIST_PROV:
 			return "managementpolicy_list";
 		case PM_MANAGEMENTROLE_PROV:
 			return "managementrole";
 		case PM_MANAGEMENTROLE_LIST_PROV:
 			return "managementrole_list";
 		//Gateway
 		case PM_SCRIPTS_GW:
 			return "scripts";
 		case PM_DEVICE_CONFIGURE_GW:
 			return "configure";
 		case PM_DEVICE_UPGRADE_GW:
 			return "upgrade";
 		case PM_DEVICE_FACTORY_GW:
 			return "factoryreset";
 		case PM_DEVICE_LEDS_GW:
 			return "leds";
 		case PM_DEVICE_TRACE_GW:
 			return "trace";
 		case PM_DEVICE_REQUEST_GW:
 			return "request";
 		case PM_DEVICE_WIFISCAN_GW:
 			return "wifiscan";
 		case PM_DEVICE_EVENTQUEUE_GW:
 			return "eventqueue";
 		case PM_DEVICE_TELEMETRY_GW:
 			return "telemetry";
 		case PM_DEVICE_PING_GW:
 			return "ping";
 		case PM_DEVICE_SCRIPT_GW:
 			return "ap_script";
 		case PM_DEVICE_RRM_GW:
 			return "rrm";
 		case PM_DEVICE_TRANSFER_GW:
 			return "transfer";
 		case PM_DEVICE_CERTUPDATE_GW:
 			return "certupdate";
 		case PM_DEVICE_POWERCYCLE_GW:
 			return "powercycle";
 		case PM_DEVICE_LOGS_GW:
 			return "ap_logs";
 		case PM_DEVICE_HEALTHCHECKS_GW:
 			return "healthchecks";
 		case PM_DEVICE_CAPABILITIES_GW:
 			return "ap_capabilities";
 		case PM_DEVICE_STATISTICS_GW:
 			return "ap_statistics";
 		case PM_DEVICE_STATUS_GW:
 			return "ap_status";
 		case PM_DEVICE_RTTY_GW:
 			return "ap_rtty";
 		case PM_UNKNOWN:
 		default:
 			return "unknown";
 		}
 	}
 	/**
 	 * Convert PermissionMap into a JSON object and return it
 	*/
 	Poco::JSON::Object permissions_to_json(const PermissionMap &Map) {
 		Poco::JSON::Object MapObj;
 		for (auto &[Model, Permissions] : Map) {
 			Poco::JSON::Object ModelObject;
 			for (auto &[Permission, Allowed] : Permissions) {
 				ModelObject.set(PermTypeToString(Permission), Allowed);
 			}
 			MapObj.set(PermModelToString(Model), ModelObject);
 		}
 		return MapObj;
 	}
 	/**
 	 * Convert JSON object into a PermissionMap and return it
 	*/
 	PermissionMap permissions_from_json(const Poco::JSON::Object::Ptr &Obj) {
 		PermissionMap permissions;
 		if (Obj == nullptr) {
 			return permissions;
 		}
 		Poco::JSON::Object::ConstIterator it1;
 		for(it1 = Obj->begin(); it1 != Obj->end(); it1++) {
 			std::string model = it1->first;
 			Poco::JSON::Object::Ptr modelObj = it1->second.extract<Poco::JSON::Object::Ptr>();
 			Poco::JSON::Object::ConstIterator it2;
 			for(it2 = modelObj->begin(); it2 != modelObj->end(); it2++) {
 				std::string permission = it2->first;
 				bool allowed = it2->second;
 				permissions[PermModelFromString(model)]
 				           [PermTypeFromString(permission)] = allowed;
 			}
 		}
 		return permissions;
 	}
 } // namespace OpenWifi::SecurityObjects
--- a/src/RESTObjects/RESTAPI_SecurityObjects.h
+++ b/src/RESTObjects/RESTAPI_SecurityObjects.h
@@ -11,10 +11,15 @@
 #include "Poco/Data/LOB.h"
 #include "Poco/Data/LOBStream.h"
 #include "Poco/JSON/Object.h"
 #include "Poco/Net/HTTPRequest.h"
 #include "framework/OpenWifiTypes.h"
 #include "framework/utils.h"
 #include <string>
 #include <type_traits>
 #include <iostream>
 #include <fstream>
 #include <map>
 #include <set>
 namespace OpenWifi {
 	uint64_t Now();
@@ -55,6 +60,10 @@ namespace OpenWifi {
 			bool from_json(const Poco::JSON::Object::Ptr &Obj);
 		};
 		// example entry {"/api/v1/device", {Poco::Net::HTTPRequest::HTTP_POST, Poco::Net::HTTPRequest::HTTP_PUT, Poco::Net::HTTPRequest::HTTP_DELETE}}
 		const std::map<std::string, std::set<std::string>> API_WHITELIST = {
 		};
 		enum USER_ROLE {
 			UNKNOWN,
 			ROOT,
@@ -125,6 +134,72 @@ namespace OpenWifi {
 			bool from_json(const Poco::JSON::Object::Ptr &Obj);
 		};
 		// Represents particular permissions, i.e. what are you doing do the model
 		enum PERMISSION_TYPE {
 			PT_CREATE,
 			PT_DELETE,
 			PT_UPDATE,
 			PT_READ_ONLY,
 			PT_UNKNOWN
 		};
 		PERMISSION_TYPE PermTypeFromString(const std::string &U);
 		std::string PermTypeToString(PERMISSION_TYPE U);
 		// Represents a model that can be operated on
 		enum PERMISSION_MODEL {
 			//Security
 			PM_PERMISSIONS,
 			//Provisioning
 			PM_VENUES_PROV,
 			PM_VENUES_LIST_PROV,
 			PM_ENTITIES_PROV,
 			PM_ENTITIES_LIST_PROV,
 			PM_INVENTORY_PROV,
 			PM_INVENTORY_LIST_PROV,
 			PM_MANAGEMENTPOLICY_PROV,
 			PM_MANAGEMENTPOLICY_LIST_PROV,
 			PM_MANAGEMENTROLE_PROV,
 			PM_MANAGEMENTROLE_LIST_PROV,
 			//Gateway
 			PM_DEVICE_CONFIGURE_GW,
 			PM_DEVICE_UPGRADE_GW,
 			PM_DEVICE_REBOOT_GW,
 			PM_DEVICE_FACTORY_GW,
 			PM_DEVICE_LEDS_GW,
 			PM_DEVICE_TRACE_GW,
 			PM_DEVICE_REQUEST_GW,
 			PM_DEVICE_WIFISCAN_GW,
 			PM_DEVICE_EVENTQUEUE_GW,
 			PM_DEVICE_TELEMETRY_GW,
 			PM_DEVICE_PING_GW,
 			PM_DEVICE_SCRIPT_GW,
 			PM_DEVICE_RRM_GW,
 			PM_DEVICE_TRANSFER_GW,
 			PM_DEVICE_CERTUPDATE_GW,
 			PM_DEVICE_POWERCYCLE_GW,
 			PM_DEVICE_LOGS_GW,
 			PM_DEVICE_HEALTHCHECKS_GW,
 			PM_DEVICE_CAPABILITIES_GW,
 			PM_DEVICE_STATISTICS_GW,
 			PM_DEVICE_STATUS_GW,
 			PM_DEVICE_RTTY_GW,
 			PM_SCRIPTS_GW,
 			PM_UNKNOWN
 		};
 		PERMISSION_MODEL PermModelFromString(const std::string &U);
 		std::string PermModelToString(PERMISSION_MODEL U);
 		// Map a permission (e.g. create, delete) to true/false
 		typedef std::map<PERMISSION_TYPE, bool> ModelPermissionMap;
 		// Map a model (e.g. venues, devices) to permissions
 		typedef std::map<PERMISSION_MODEL, ModelPermissionMap> PermissionMap;
 		Poco::JSON::Object permissions_to_json(const SecurityObjects::PermissionMap &Map);
 		PermissionMap permissions_from_json(const Poco::JSON::Object::Ptr &Obj);
 		struct UserInfo {
 			std::string id;
 			std::string name;
@@ -149,6 +224,7 @@ namespace OpenWifi {
 			bool suspended = false;
 			bool blackListed = false;
 			USER_ROLE userRole;
 			PermissionMap userPermissions;
 			UserLoginLoginExtensions userTypeProprietaryInfo;
 			std::string securityPolicy;
 			uint64_t securityPolicyChange = 0;
--- a/src/SignatureMgr.h
+++ b/src/SignatureMgr.h
@@ -5,7 +5,7 @@
 #pragma once
 #include <fstream>
-#include <shared_mutex>
+#include <mutex>
 #include "framework/MicroServiceFuncs.h"
 #include "framework/SubSystemServer.h"
@@ -38,7 +38,7 @@ namespace OpenWifi {
 		inline int Start() final {
 			poco_notice(Logger(), "Starting...");
-			std::shared_lock L(KeyMutex_);
+			std::lock_guard L(KeyMutex_);
 			CacheFilename_ = MicroServiceDataDirectory() + "/signature_cache";
 			Poco::File CacheFile(CacheFilename_);
@@ -91,7 +91,7 @@ namespace OpenWifi {
 		inline std::string Sign(const GWObjects::DeviceRestrictions &Restrictions,
 								const std::string &Data) const {
-			std::shared_lock L(KeyMutex_);
+			std::lock_guard L(KeyMutex_);
 			try {
 				if (Restrictions.key_info.algo == "static") {
 					return "aaaaaaaaaa";
@@ -120,7 +120,7 @@ namespace OpenWifi {
 		inline std::string Sign(const GWObjects::DeviceRestrictions &Restrictions,
 								const Poco::URI &uri) {
-			std::shared_lock L(KeyMutex_);
+			std::lock_guard L(KeyMutex_);
 			try {
 				if (Restrictions.key_info.algo == "static") {
 					return "aaaaaaaaaa";
@@ -172,7 +172,7 @@ namespace OpenWifi {
 		}
 	  private:
-		mutable std::shared_mutex KeyMutex_;
+		mutable std::mutex KeyMutex_;
 		std::map<std::string, Poco::SharedPtr<Poco::Crypto::RSAKey>> Keys_;
 		std::map<std::string, std::string> SignatureCache_;
 		std::string CacheFilename_;
--- a/src/StateUtils.cpp
+++ b/src/StateUtils.cpp
@@ -24,7 +24,7 @@ namespace OpenWifi::StateUtils {
 	}
 	bool ComputeAssociations(const Poco::JSON::Object::Ptr RawObject, uint64_t &Radios_2G,
-							 uint64_t &Radios_5G, uint64_t &Radios_6G) {
+							 uint64_t &Radios_5G, uint64_t &Radios_6G, uint64_t &UpTime	) {
 		Radios_2G = 0;
 		Radios_5G = 0;
 		Radios_6G = 0;
@@ -90,9 +90,15 @@ namespace OpenWifi::StateUtils {
 					}
 				}
 			}
 			//			std::cout << Radios_2G << " " << Radios_5G << " " << Radios_6G << std::endl;
 			return true;
 		}
 		if(RawObject->has("unit") && !RawObject->isNull("unit") && RawObject->isObject("unit")) {
 			auto unit = RawObject->getObject("unit");
 			if(unit->has("uptime")) {
 				UpTime = unit->get("uptime");
 			}
 		}
 		return false;
 	}
 } // namespace OpenWifi::StateUtils
--- a/src/StateUtils.h
+++ b/src/StateUtils.h
@@ -8,5 +8,5 @@
 namespace OpenWifi::StateUtils {
 	bool ComputeAssociations(const Poco::JSON::Object::Ptr RawObject, uint64_t &Radios_2G,
-							 uint64_t &Radios_5G, uint64_t &Radio_6G);
+							 uint64_t &Radios_5G, uint64_t &Radio_6G, uint64_t &UpTime);
 }
--- a/src/StorageService.cpp
+++ b/src/StorageService.cpp
@@ -22,6 +22,8 @@ namespace OpenWifi {
 		ScriptDB_->Create();
 		ScriptDB_->Initialize();
 		FixDeviceTypeBug();
 		return 0;
 	}
--- a/src/StorageService.h
+++ b/src/StorageService.h
@@ -16,6 +16,22 @@
 namespace OpenWifi {
 	class LockedDbSession {
 	  public:
 		explicit LockedDbSession();
 		~LockedDbSession() = default;
 		inline std::mutex &Mutex() { return *Mutex_; };
 		inline Poco::Data::Session &Session() {
 			if(!Session_->isConnected()) {
 				Session_->reconnect();
 			}
 			return *Session_;
 		};
 	  private:
 		std::shared_ptr<Poco::Data::Session> 	Session_;
 		std::shared_ptr<std::mutex> 			Mutex_;
 	};
 	class Storage : public StorageClass {
 	  public:
@@ -90,7 +106,8 @@ namespace OpenWifi {
 		// typedef std::map<std::string,std::string>	DeviceCapabilitiesCache;
-		bool AddLog(const GWObjects::DeviceLog &Log);
+		bool AddLog(LockedDbSession &Session, const GWObjects::DeviceLog &Log);
 		bool AddStatisticsData(Poco::Data::Session &Session, const GWObjects::Statistics &Stats);
 		bool AddStatisticsData(const GWObjects::Statistics &Stats);
 		bool GetStatisticsData(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate,
 							   uint64_t Offset, uint64_t HowMany,
@@ -102,6 +119,7 @@ namespace OpenWifi {
 									 std::vector<GWObjects::Statistics> &Stats);
 		bool AddHealthCheckData(const GWObjects::HealthCheck &Check);
 		bool AddHealthCheckData(LockedDbSession &Session, const GWObjects::HealthCheck &Check);
 		bool GetHealthCheckData(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate,
 								uint64_t Offset, uint64_t HowMany,
 								std::vector<GWObjects::HealthCheck> &Checks);
@@ -115,16 +133,23 @@ namespace OpenWifi {
 									   uint64_t &NewUUID);
 		bool RollbackDeviceConfigurationChange(std::string & SerialNumber);
 		bool CompleteDeviceConfigurationChange(Poco::Data::Session &Session, std::string & SerialNumber);
 		bool CompleteDeviceConfigurationChange(std::string & SerialNumber);
-
+		bool CreateDevice(LockedDbSession &Session, GWObjects::Device &);
 		bool CreateDevice(GWObjects::Device &);
-		bool CreateDefaultDevice(std::string &SerialNumber, const Config::Capabilities &Caps,
+		bool CreateDefaultDevice(Poco::Data::Session &Session,std::string &SerialNumber,
 								 const Config::Capabilities &Caps,
 								 std::string &Firmware, const Poco::Net::IPAddress &IPAddress,
 								 bool simulated);
 		bool CreateDevice(Poco::Data::Session &Sess, GWObjects::Device &DeviceDetails);
-		bool GetDevice(std::string &SerialNumber, GWObjects::Device &);
+		bool GetDevice(LockedDbSession &Session, const std::string &SerialNumber, GWObjects::Device &);
 		bool GetDevice(Poco::Data::Session &Session, const std::string &SerialNumber, GWObjects::Device &DeviceDetails);
 		bool GetDevice(const std::string &SerialNumber, GWObjects::Device &);
 		bool GetDevices(uint64_t From, uint64_t HowMany, std::vector<GWObjects::Device> &Devices,
-						const std::string &orderBy = "");
+						const std::string &orderBy = "",
 						const std::string &platform = "",
 						bool includeProvisioned = true);
 		//		bool GetDevices(uint64_t From, uint64_t HowMany, const std::string & Select,
 		// std::vector<GWObjects::Device> &Devices, const std::string & orderBy="");
 		bool DeleteDevice(std::string &SerialNumber);
@@ -132,14 +157,18 @@ namespace OpenWifi {
 		bool DeleteDevices(std::uint64_t OlderContact, bool SimulatedOnly);
 		bool UpdateDevice(GWObjects::Device &);
 		bool UpdateDevice(LockedDbSession &Session, GWObjects::Device &);
 		bool UpdateDevice(Poco::Data::Session &Sess, GWObjects::Device &NewDeviceDetails);
 		bool DeviceExists(std::string &SerialNumber);
 		bool SetConnectInfo(std::string &SerialNumber, std::string &Firmware);
-		bool GetDeviceCount(uint64_t &Count);
+		bool GetDeviceCount(uint64_t &Count, const std::string &platform = "", bool includeProvisioned = true);
 		bool GetDeviceSerialNumbers(uint64_t From, uint64_t HowMany,
 									std::vector<std::string> &SerialNumbers,
-									const std::string &orderBy = "");
+									const std::string &orderBy = "",
 									const std::string &platform = "",
 									bool includeProvisioned = true);									
 		bool GetDeviceFWUpdatePolicy(std::string &SerialNumber, std::string &Policy);
-		bool SetDevicePassword(std::string &SerialNumber, std::string &Password);
+		bool SetDevicePassword(LockedDbSession &Session, std::string &SerialNumber, std::string &Password);
 		bool UpdateSerialNumberCache();
 		static void GetDeviceDbFieldList(Types::StringVec &Fields);
@@ -148,9 +177,11 @@ namespace OpenWifi {
 		bool UpdateDeviceCapabilities(std::string &SerialNumber,
 									  const Config::Capabilities &Capabilities);
 		bool UpdateDeviceCapabilities(Poco::Data::Session &Session, std::string &SerialNumber,
 									  const Config::Capabilities &Capabilities);
 		bool GetDeviceCapabilities(std::string &SerialNumber, GWObjects::Capabilities &);
 		bool DeleteDeviceCapabilities(std::string &SerialNumber);
-		bool CreateDeviceCapabilities(std::string &SerialNumber,
+		bool CreateDeviceCapabilities(Poco::Data::Session &Session, std::string &SerialNumber,
 									  const Config::Capabilities &Capabilities);
 		bool InitCapabilitiesCache();
@@ -171,6 +202,7 @@ namespace OpenWifi {
 		bool GetDefaultConfigurations(uint64_t From, uint64_t HowMany,
 									  std::vector<GWObjects::DefaultConfiguration> &Devices);
 		bool FindDefaultConfigurationForModel(const std::string &Model,
 											  const std::string &Platform,
 											  GWObjects::DefaultConfiguration &DefConfig);
 		uint64_t GetDefaultConfigurationsCount();
 		bool DefaultConfigurationAlreadyExists(std::string &Name);
@@ -222,28 +254,32 @@ namespace OpenWifi {
 		void RemovedExpiredCommands();
 		void RemoveTimedOutCommands();
-		bool RemoveOldCommands(std::string &SerilNumber, std::string &Command);
+		bool RemoveOldCommands(std::string &SerialNumber, std::string &Command);
 		bool AddBlackListDevices(std::vector<GWObjects::BlackListedDevice> &Devices);
 		bool AddBlackListDevice(GWObjects::BlackListedDevice &Device);
 		bool GetBlackListDevice(std::string &SerialNumber, GWObjects::BlackListedDevice &Device);
 		bool DeleteBlackListDevice(std::string &SerialNumber);
-		bool IsBlackListed(const std::string &SerialNumber, std::string &reason,
+		bool IsBlackListed(std::uint64_t SerialNumber, std::string &reason,
 						   std::string &author, std::uint64_t &created);
-		bool IsBlackListed(const std::string &SerialNumber);
+		bool IsBlackListed(std::uint64_t SerialNumber);
 		bool InitializeBlackListCache();
 		bool GetBlackListDevices(uint64_t Offset, uint64_t HowMany,
 								 std::vector<GWObjects::BlackListedDevice> &Devices);
 		bool UpdateBlackListDevice(std::string &SerialNumber, GWObjects::BlackListedDevice &Device);
 		uint64_t GetBlackListDeviceCount();
 		bool DeleteSimulatedDevice(const std::string &SerialNumber);
 		bool RemoveHealthChecksRecordsOlderThan(uint64_t Date);
 		bool RemoveDeviceLogsRecordsOlderThan(uint64_t Date);
 		bool RemoveStatisticsRecordsOlderThan(uint64_t Date);
 		bool RemoveCommandListRecordsOlderThan(uint64_t Date);
 		bool RemoveUploadedFilesRecordsOlderThan(uint64_t Date);
-		bool SetDeviceLastRecordedContact(std::string & SeialNumber, std::uint64_t lastRecordedContact);
+		bool SetDeviceLastRecordedContact(LockedDbSession &Session, std::string & SerialNumber, std::uint64_t lastRecordedContact);
 		bool SetDeviceLastRecordedContact(std::string & SerialNumber, std::uint64_t lastRecordedContact);
 		bool SetDeviceLastRecordedContact(Poco::Data::Session & Session, std::string & SerialNumber, std::uint64_t lastRecordedContact);
 		int Create_Tables();
 		int Create_Statistics();
@@ -260,13 +296,24 @@ namespace OpenWifi {
 		bool AnalyzeCommands(Types::CountedMap &R);
 		bool AnalyzeDevices(GWObjects::Dashboard &D);
 		void FixDeviceTypeBug();
 		int Start() override;
 		void Stop() override;
 		inline Poco::Data::Session	StartSession() {
 			return Pool_->get();
 		}
 	  private:
 		std::unique_ptr<OpenWifi::ScriptDB> ScriptDB_;
 	};
 	inline auto StorageService() { return Storage::instance(); }
 	inline LockedDbSession::LockedDbSession() {
 		Session_ = std::make_shared<Poco::Data::Session>(Poco::Data::Session(StorageService()->StartSession()));
 		Mutex_ = std::make_shared<std::mutex>();
 	}
 } // namespace OpenWifi
--- a/src/TelemetryStream.cpp
+++ b/src/TelemetryStream.cpp
@@ -111,7 +111,6 @@ namespace OpenWifi {
 					}
 				} break;
 				case TelemetryNotification::NotificationType::unregister: {
 					std::lock_guard G(Mutex_);
 					auto client = Clients_.find(Notification->Data_);
 					if (client != Clients_.end()) {
--- a/src/TelemetryStream.h
+++ b/src/TelemetryStream.h
@@ -23,7 +23,7 @@
 #include "framework/SubSystemServer.h"
-#include "AP_WS_ReactorPool.h"
+#include "AP_WS_Reactor_Pool.h"
 #include "TelemetryClient.h"
 namespace OpenWifi {
--- a/src/framework/AppServiceRegistry.h
+++ b/src/framework/AppServiceRegistry.h
@@ -11,10 +11,12 @@
 #include "Poco/File.h"
 #include "Poco/StreamCopier.h"
 #include "Poco/JSON/Object.h"
 #include "Poco/JSON/Parser.h"
 #include "framework/MicroServiceFuncs.h"
-#include "nlohmann/json.hpp"
+// #include "nlohmann/json.hpp"
 namespace OpenWifi {
@@ -28,11 +30,11 @@ namespace OpenWifi {
 				if (F.exists()) {
 					std::ostringstream OS;
 					std::ifstream IF(FileName);
-					Poco::StreamCopier::copyStream(IF, OS);
+                    Poco::JSON::Parser  P;
-					Registry_ = nlohmann::json::parse(OS.str());
+					Registry_ = P.parse(IF).extract<Poco::JSON::Object::Ptr>();
 				}
 			} catch (...) {
-				Registry_ = nlohmann::json::parse("{}");
+				Registry_ = Poco::makeShared<Poco::JSON::Object>();
 			}
 		}
@@ -44,46 +46,39 @@ namespace OpenWifi {
 		inline ~AppServiceRegistry() { Save(); }
 		inline void Save() {
 			std::istringstream IS(to_string(Registry_));
 			std::ofstream OF;
 			OF.open(FileName, std::ios::binary | std::ios::trunc);
-			Poco::StreamCopier::copyStream(IS, OF);
+            Registry_->stringify(OF);
 		}
-		inline void Set(const char *Key, uint64_t Value) {
+        void Set(const char *key, const std::vector<std::string> &V) {
-			Registry_[Key] = Value;
+            Poco::JSON::Array   Arr;
            for(const auto &s:V) {
                Arr.add(s);
            }
            Registry_->set(key,Arr);
            Save();
        }
-		inline void Set(const char *Key, const std::string &Value) {
+        template<class T> void Set(const char *key, const T &Value) {
-			Registry_[Key] = Value;
+            Registry_->set(key,Value);
 			Save();
 		}
-		inline void Set(const char *Key, bool Value) {
+        bool Get(const char *key, std::vector<std::string> &Value) {
-			Registry_[Key] = Value;
+            if(Registry_->has(key) && !Registry_->isNull(key) && Registry_->isArray(key)) {
-			Save();
+                auto Arr = Registry_->get(key);
                for(const auto &v:Arr) {
                    Value.emplace_back(v);
                }
 		inline bool Get(const char *Key, bool &Value) {
 			if (Registry_[Key].is_boolean()) {
 				Value = Registry_[Key].get<bool>();
                return true;
            }
            return false;
        }
-		inline bool Get(const char *Key, uint64_t &Value) {
+        template<class T> bool Get(const char *key, T &Value) {
-			if (Registry_[Key].is_number_unsigned()) {
+            if(Registry_->has(key) && !Registry_->isNull(key)) {
-				Value = Registry_[Key].get<uint64_t>();
+                Value = Registry_->getValue<T>(key);
 				return true;
 			}
 			return false;
 		}
 		inline bool Get(const char *Key, std::string &Value) {
 			if (Registry_[Key].is_string()) {
 				Value = Registry_[Key].get<std::string>();
                return true;
            }
            return false;
@@ -91,7 +86,7 @@ namespace OpenWifi {
 	  private:
 		std::string FileName;
-		nlohmann::json Registry_;
+		Poco::JSON::Object::Ptr Registry_;
 	};
 	inline auto AppServiceRegistry() { return AppServiceRegistry::instance(); }
--- a/src/framework/AuthClient.cpp
+++ b/src/framework/AuthClient.cpp
@@ -129,4 +129,26 @@ namespace OpenWifi {
 		return RetrieveApiKeyInformation(SessionToken, UInfo, TID, Expired, Contacted, Suspended);
 	}
 	/**
 	 * Given a role, remove the cached user info for any user with that role
 	*/
 	void AuthClient::EmptyCacheForRole(const std::string &role) {
 		SecurityObjects::USER_ROLE roleEnum = SecurityObjects::UserTypeFromString(role);
 		Poco::JSON::Object::ConstIterator it;
 		std::set<std::string> tokens = Cache_.getAllKeys();
 		for(const std::string &token : tokens) {
 			auto UInfo = Cache_.get(token);
 			if (UInfo->userinfo.userRole == roleEnum) {
 				Cache_.remove(token);
 			}
 		}
 		tokens = ApiKeyCache_.getAllKeys();
 		for(const std::string &token : tokens) {
 			auto UInfo = ApiKeyCache_.get(token);
 			if (UInfo->UserInfo.userinfo.userRole == roleEnum) {
 				ApiKeyCache_.remove(token);
 			}
 		}
 	}
 } // namespace OpenWifi
--- a/src/framework/AuthClient.h
+++ b/src/framework/AuthClient.h
@@ -61,6 +61,8 @@ namespace OpenWifi {
 						   SecurityObjects::UserInfoAndPolicy &UInfo, std::uint64_t TID,
 						   bool &Expired, bool &Contacted, bool &Suspended);
 		void EmptyCacheForRole(const std::string &role);
 	  private:
 		Poco::ExpireLRUCache<std::string, OpenWifi::SecurityObjects::UserInfoAndPolicy> Cache_{
 			512, 1200000};
--- a/src/framework/ConfigurationValidator.cpp
+++ b/src/framework/ConfigurationValidator.cpp
--- a/src/framework/ConfigurationValidator.h
+++ b/src/framework/ConfigurationValidator.h
@@ -5,7 +5,7 @@
 #pragma once
 #include "framework/SubSystemServer.h"
-
+#include "framework/ow_constants.h"
 #include <valijson/adapters/poco_json_adapter.hpp>
 #include <valijson/constraints/constraint.hpp>
 #include <valijson/constraints/constraint_visitor.hpp>
@@ -17,33 +17,42 @@
 namespace OpenWifi {
 	class ConfigurationValidator : public SubSystemServer {
 	  public:
 		enum class ConfigurationType { AP = 0 , SWITCH = 1};
 		static auto instance() {
 			static auto instance_ = new ConfigurationValidator;
 			return instance_;
 		}
-		bool Validate(const std::string &C, std::vector<std::string> &Errors, bool Strict);
+		bool Validate(ConfigurationType Type, const std::string &C, std::string &Errors, bool Strict);
 		int Start() override;
 		void Stop() override;
 		void reinitialize(Poco::Util::Application &self) override;
 		inline static ConfigurationType GetType(const std::string &type) {
 			std::string Type = Poco::toUpper(type);
 			if (Type == Platforms::AP)
 				return ConfigurationType::AP;
 			if (Type == Platforms::SWITCH)
 				return ConfigurationType::SWITCH;
 			return ConfigurationType::AP;
 		}
 	  private:
 		bool Initialized_ = false;
 		bool Working_ = false;
 		void Init();
-		std::unique_ptr<valijson::Schema> RootSchema_;
+		std::array<valijson::Schema,2> 			RootSchema_;
-		std::unique_ptr<valijson::SchemaParser> SchemaParser_;
+		bool SetSchema(ConfigurationType Type, const std::string &SchemaStr);
 		std::unique_ptr<valijson::adapters::PocoJsonAdapter> PocoJsonAdapter_;
 		Poco::JSON::Object::Ptr SchemaDocPtr_;
 		bool SetSchema(const std::string &SchemaStr);
 		ConfigurationValidator()
 			: SubSystemServer("ConfigValidator", "CFG-VALIDATOR", "config.validator") {}
 	};
 	inline auto ConfigurationValidator() { return ConfigurationValidator::instance(); }
-	inline bool ValidateUCentralConfiguration(const std::string &C, std::vector<std::string> &Error,
+	inline bool ValidateUCentralConfiguration(ConfigurationValidator::ConfigurationType Type, const std::string &C, std::string &Errors,
 											  bool strict) {
-		return ConfigurationValidator::instance()->Validate(C, Error, strict);
+		return ConfigurationValidator::instance()->Validate(Type, C, Errors, strict);
 	}
 } // namespace OpenWifi
--- a/src/framework/EventBusManager.cpp
+++ b/src/framework/EventBusManager.cpp
@@ -9,8 +9,6 @@
 namespace OpenWifi {
 	EventBusManager::EventBusManager(Poco::Logger &L) : Logger_(L) {}
 	void EventBusManager::run() {
 		Running_ = true;
 		Utils::SetThreadName("fmwk:EventMgr");
@@ -18,9 +16,9 @@ namespace OpenWifi {
 		KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(), Msg,
 									false);
 		while (Running_) {
-			Poco::Thread::trySleep((unsigned long)MicroServiceDaemonBusTimer());
+			if(!Poco::Thread::trySleep((unsigned long)MicroServiceDaemonBusTimer())) {
 			if (!Running_)
                break;
            }
 			Msg = (MicroServiceMakeSystemEventMessage(KafkaTopics::ServiceEvents::EVENT_KEEP_ALIVE));
 			KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroServicePrivateEndPoint(),
 										Msg, false);
@@ -31,7 +29,7 @@ namespace OpenWifi {
 	};
 	void EventBusManager::Start() {
-		poco_information(Logger(), "Starting...");
+		poco_information(Logger_, "Starting...");
 		if (KafkaManager()->Enabled()) {
 			Thread_.start(*this);
 		}
@@ -39,11 +37,11 @@ namespace OpenWifi {
 	void EventBusManager::Stop() {
 		if (KafkaManager()->Enabled()) {
-			poco_information(Logger(), "Stopping...");
+			poco_information(Logger_, "Stopping...");
 			Running_ = false;
 			Thread_.wakeUp();
 			Thread_.join();
-			poco_information(Logger(), "Stopped...");
+			poco_information(Logger_, "Stopped...");
 		}
 	}
--- a/src/framework/EventBusManager.h
+++ b/src/framework/EventBusManager.h
@@ -12,7 +12,16 @@ namespace OpenWifi {
 	class EventBusManager : public Poco::Runnable {
 	  public:
-		explicit EventBusManager(Poco::Logger &L);
+		EventBusManager() :
 			Logger_(Poco::Logger::create(
 				"EventBusManager", Poco::Logger::root().getChannel(), Poco::Logger::root().getLevel())) {
 		}
 		static auto instance() {
 			static auto instance_ = new EventBusManager;
 			return instance_;
 		}
 		void run() final;
 		void Start();
 		void Stop();
@@ -24,4 +33,6 @@ namespace OpenWifi {
 		Poco::Logger &Logger_;
 	};
 	inline auto EventBusManager() { return EventBusManager::instance(); }
 } // namespace OpenWifi
--- a/src/framework/KafkaManager.cpp
+++ b/src/framework/KafkaManager.cpp
@@ -79,8 +79,10 @@ namespace OpenWifi {
 		Utils::SetThreadName("Kafka:Prod");
 		cppkafka::Configuration Config(
 			{{"client.id", MicroServiceConfigGetString("openwifi.kafka.client.id", "")},
-			 {"metadata.broker.list",
+			 {"metadata.broker.list",MicroServiceConfigGetString("openwifi.kafka.brokerlist", "")} // ,
-			  MicroServiceConfigGetString("openwifi.kafka.brokerlist", "")}});
+			 // {"send.buffer.bytes", KafkaManager()->KafkaManagerMaximumPayloadSize() }
 			}
 		);
 		AddKafkaSecurity(Config);
@@ -275,6 +277,7 @@ namespace OpenWifi {
 	int KafkaManager::Start() {
 		if (!KafkaEnabled_)
 			return 0;
 		MaxPayloadSize_ = MicroServiceConfigGetInt("openwifi.kafka.max.payload", 250000);
 		ConsumerThr_.Start();
 		ProducerThr_.Start();
 		return 0;
@@ -307,10 +310,8 @@ namespace OpenWifi {
 	}
 	[[nodiscard]] std::string KafkaManager::WrapSystemId(const std::string & PayLoad) {
-		return fmt::format(	R"lit({{ "system" : {{ "id" : {},
+		return fmt::format(	R"lit({{ "system" : {{ "id" : {}, "host" : "{}" }}, "payload" : {} }})lit",
-									"host" : "{}" }},
+						   MicroServiceID(), MicroServicePrivateEndPoint(), PayLoad ) ;
 									"payload" : {} }})lit", MicroServiceID(),
 						   				MicroServicePrivateEndPoint(), PayLoad ) ;
 	}
 	void KafkaManager::PartitionAssignment(const cppkafka::TopicPartitionList &partitions) {
--- a/src/framework/KafkaManager.h
+++ b/src/framework/KafkaManager.h
@@ -94,11 +94,14 @@ namespace OpenWifi {
 			return ConsumerThr_.UnregisterTopicWatcher(Topic,Id);
 		}
 		std::uint64_t KafkaManagerMaximumPayloadSize() const { return MaxPayloadSize_; }
 	  private:
 		bool KafkaEnabled_ = false;
 		std::string SystemInfoWrapper_;
 		KafkaProducer ProducerThr_;
 		KafkaConsumer ConsumerThr_;
 		std::uint64_t MaxPayloadSize_ = 250000;
 		void PartitionAssignment(const cppkafka::TopicPartitionList &partitions);
 		void PartitionRevocation(const cppkafka::TopicPartitionList &partitions);
--- a/src/framework/KafkaTopics.h
+++ b/src/framework/KafkaTopics.h
@@ -20,12 +20,14 @@ namespace OpenWifi::KafkaTopics {
 	inline const char * DEVICE_EVENT_QUEUE = "device_event_queue";
 	inline const char * DEVICE_TELEMETRY = "device_telemetry";
 	inline const char * PROVISIONING_CHANGE = "provisioning_change";
 	inline const char * RRM = "rrm";
 	namespace ServiceEvents {
 		inline const char * EVENT_JOIN = "join";
 		inline const char * EVENT_LEAVE = "leave";
 		inline const char * EVENT_KEEP_ALIVE = "keep-alive";
 		inline const char * EVENT_REMOVE_TOKEN = "remove-token";
 		inline const char * EVENT_PERMISSIONS_UPDATE = "permissions-update";
 		namespace Fields {
 			inline const char * EVENT = "event";
@@ -36,6 +38,7 @@ namespace OpenWifi::KafkaTopics {
 			inline const char * KEY = "key";
 			inline const char * VRSN = "version";
 			inline const char * TOKEN = "token";
 			inline const char * ROLE = "role";
 		} // namespace Fields
 	}	  // namespace ServiceEvents
 } // namespace OpenWifi::KafkaTopics
--- a/src/framework/MicroService.cpp
+++ b/src/framework/MicroService.cpp
@@ -1,4 +1,5 @@
 //
 //
 // Created by stephane bourque on 2022-10-26.
 //
@@ -29,13 +30,29 @@
 #include "framework/WebSocketLogger.h"
 #include "framework/utils.h"
 #ifdef  USE_MEDUSA_CLIENT
 #include <medusa/MedusaClient.h>
 #endif
 namespace OpenWifi {
-	void MicroService::Exit(int Reason) { std::exit(Reason); }
+	static std::string MakeServiceListString(const Types::MicroServiceMetaMap &Services) {
        std::string SvcList;
        for (const auto &Svc : Services) {
            if (SvcList.empty())
                SvcList = Svc.second.Type;
            else
                SvcList += ", " + Svc.second.Type;
        }
        return SvcList;
    }
 	void MicroService::BusMessageReceived([[maybe_unused]] const std::string &Key,
 										  const std::string &Payload) {
 		std::lock_guard G(InfraMutex_);
 		Poco::Logger &BusLogger = EventBusManager()->Logger();
 		try {
 			Poco::JSON::Parser P;
 			auto Object = P.parse(Payload).extract<Poco::JSON::Object::Ptr>();
@@ -55,13 +72,10 @@ namespace OpenWifi {
 							Object->has(KafkaTopics::ServiceEvents::Fields::KEY)) {
 							auto PrivateEndPoint =
 								Object->get(KafkaTopics::ServiceEvents::Fields::PRIVATE).toString();
-							if (Event == KafkaTopics::ServiceEvents::EVENT_KEEP_ALIVE &&
+							if (Event == KafkaTopics::ServiceEvents::EVENT_LEAVE) {
 								Services_.find(PrivateEndPoint) != Services_.end()) {
 								Services_[PrivateEndPoint].LastUpdate = Utils::Now();
 							} else if (Event == KafkaTopics::ServiceEvents::EVENT_LEAVE) {
 								Services_.erase(PrivateEndPoint);
-								poco_debug(
+								poco_information(
-									logger(),
+									BusLogger,
 									fmt::format(
 										"Service {} ID={} leaving system.",
 										Object->get(KafkaTopics::ServiceEvents::Fields::PRIVATE)
@@ -69,14 +83,7 @@ namespace OpenWifi {
 										ID));
 							} else if (Event == KafkaTopics::ServiceEvents::EVENT_JOIN ||
 									   Event == KafkaTopics::ServiceEvents::EVENT_KEEP_ALIVE) {
-								poco_debug(
+								auto ServiceInfo = Types::MicroServiceMeta{
 									logger(),
 									fmt::format(
 										"Service {} ID={} joining system.",
 										Object->get(KafkaTopics::ServiceEvents::Fields::PRIVATE)
 											.toString(),
 										ID));
 								Services_[PrivateEndPoint] = Types::MicroServiceMeta{
 									.Id = ID,
 									.Type = Poco::toLower(
 										Object->get(KafkaTopics::ServiceEvents::Fields::TYPE)
@@ -94,6 +101,22 @@ namespace OpenWifi {
 												   .toString(),
 									.LastUpdate = Utils::Now()};
                                auto s1 = MakeServiceListString(Services_);
 								auto PreviousSize = Services_.size();
 								Services_[PrivateEndPoint] = ServiceInfo;
 								auto CurrentSize = Services_.size();
 								if(Event == KafkaTopics::ServiceEvents::EVENT_JOIN) {
 									if(!s1.empty()) {
 										poco_information(
 											BusLogger,
 											fmt::format(
 												"Service {} ID={} is joining the system.",
 												Object
 													->get(
 														KafkaTopics::ServiceEvents::Fields::PRIVATE)
 													.toString(),
 												ID));
 									}
 									std::string SvcList;
 									for (const auto &Svc : Services_) {
 										if (SvcList.empty())
@@ -102,12 +125,22 @@ namespace OpenWifi {
 											SvcList += ", " + Svc.second.Type;
 									}
 									poco_information(
-									logger(),
+										BusLogger,
 										fmt::format("Current list of microservices: {}", SvcList));
 								} else if(CurrentSize!=PreviousSize) {
 									poco_information(
 										BusLogger,
 										fmt::format(
 											"Service {} ID={} is being added back in.",
 											Object
 												->get(KafkaTopics::ServiceEvents::Fields::PRIVATE)
 												.toString(),
 											ID));
 								}
 							}
 						} else {
-							poco_error(
+							poco_information(
-								logger(),
+								BusLogger,
 								fmt::format("KAFKA-MSG: invalid event '{}', missing a field.",
 											Event));
 						}
@@ -118,32 +151,49 @@ namespace OpenWifi {
 								Object->get(KafkaTopics::ServiceEvents::Fields::TOKEN).toString());
 #endif
 						} else {
-							poco_error(
+							poco_information(
-								logger(),
+								BusLogger,
 								fmt::format("KAFKA-MSG: invalid event '{}', missing token", Event));
 						}
 					} else if (Event == KafkaTopics::ServiceEvents::EVENT_PERMISSIONS_UPDATE) {
 							if (Object->has(KafkaTopics::ServiceEvents::Fields::ROLE)) {
 								// Permissions of this role have updated, cached user info is now invalid
 								AuthClient()->EmptyCacheForRole(
 									Object->get(KafkaTopics::ServiceEvents::Fields::ROLE).toString());
 							} else {
-						poco_error(logger(),
+								poco_information(
 									logger(),
 									fmt::format("KAFKA-MSG: invalid event '{}', missing role", Event));
 							}
 					} else {
 						poco_information(BusLogger,
 								   fmt::format("Unknown Event: {} Source: {}", Event, ID));
 					}
 				}
 			} else {
 				poco_error(logger(), "Bad bus message.");
 				std::ostringstream os;
 				Object->stringify(std::cout);
 				poco_error(BusLogger, fmt::format("Bad bus message: {}", os.str()));
 			}
-			auto i = Services_.begin();
+			auto ServiceHint = Services_.begin();
 			auto now = Utils::Now();
-			for (; i != Services_.end();) {
+            auto si1 = Services_.size();
-				if ((now - i->second.LastUpdate) > 60) {
+            auto ss1 = MakeServiceListString(Services_);
-					i = Services_.erase(i);
+			while(ServiceHint!=Services_.end()) {
 				if ((now - ServiceHint->second.LastUpdate) > 120) {
 					poco_information(BusLogger, fmt::format("ZombieService: Removing service {}, ", ServiceHint->second.PublicEndPoint));
 					ServiceHint = Services_.erase(ServiceHint);
 				} else
-					++i;
+					++ServiceHint;
 			}
            if(Services_.size() != si1) {
                auto ss2 = MakeServiceListString(Services_);
                poco_information(BusLogger, fmt::format("Current list of microservices: {} -> {}", ss1, ss2));
            }
 		} catch (const Poco::Exception &E) {
-			logger().log(E);
+			BusLogger.log(E);
 		}
 	}
@@ -167,9 +217,11 @@ namespace OpenWifi {
 			Res.push_back(ServiceRec);
 		}
 		return Res;
 	}
 	void MicroService::LoadConfigurationFile() {
        if(ConfigContent_.empty()) {
            std::string Location = Poco::Environment::get(DAEMON_CONFIG_ENV_VAR, ".");
            ConfigFileName_ =
                ConfigFileName_.empty() ? Location + "/" + DAEMON_PROPERTIES_FILENAME : ConfigFileName_;
@@ -183,9 +235,11 @@ namespace OpenWifi {
                          << std::endl;
                std::exit(Poco::Util::Application::EXIT_CONFIG);
            }
 		// 	    loadConfiguration(ConfigFile.toString());
            PropConfigurationFile_ = new Poco::Util::PropertyFileConfiguration(ConfigFile.toString());
        } else {
            std::istringstream is(ConfigContent_);
            PropConfigurationFile_ = new Poco::Util::PropertyFileConfiguration(is);
        }
 		configPtr()->addWriteable(PropConfigurationFile_, PRIO_DEFAULT);
 	}
@@ -388,11 +442,13 @@ namespace OpenWifi {
 	void DaemonPostInitialization(Poco::Util::Application &self);
-	void MicroService::initialize(Poco::Util::Application &self) {
+    void MicroService::StartEverything(Poco::Util::Application &self) {
 		// add the default services
        LoadConfigurationFile();
        InitializeLoggingSystem();
        static bool InitializedBaseService=false;
        if(!InitializedBaseService) {
            InitializedBaseService = true;
            SubSystems_.push_back(KafkaManager());
            SubSystems_.push_back(ALBHealthCheckServer());
            SubSystems_.push_back(RESTAPI_ExtServer());
@@ -400,11 +456,13 @@ namespace OpenWifi {
 #ifndef TIP_SECURITY_SERVICE
            SubSystems_.push_back(AuthClient());
 #endif
            Poco::Net::initializeSSL();
            Poco::Net::HTTPStreamFactory::registerFactory();
            Poco::Net::HTTPSStreamFactory::registerFactory();
            Poco::Net::FTPStreamFactory::registerFactory();
            Poco::Net::FTPSStreamFactory::registerFactory();
        }
        Poco::File DataDir(ConfigPath("openwifi.system.data"));
        DataDir_ = DataDir.path();
@@ -412,7 +470,7 @@ namespace OpenWifi {
            try {
                DataDir.createDirectory();
            } catch (const Poco::Exception &E) {
-				logger().log(E);
+                Logger_.log(E);
            }
        }
        WWWAssetsDir_ = ConfigPath("openwifi.restapi.wwwassets", "");
@@ -433,6 +491,22 @@ namespace OpenWifi {
        KafkaManager()->RegisterTopicWatcher(KafkaTopics::SERVICE_EVENTS, F);
    }
    void MicroService::StopEverything([[maybe_unused]] Poco::Util::Application &self) {
        LoadConfigurationFile();
        InitializeLoggingSystem();
        Types::TopicNotifyFunction F = [this](const std::string &Key, const std::string &Payload) {
            this->BusMessageReceived(Key, Payload);
        };
        KafkaManager()->RegisterTopicWatcher(KafkaTopics::SERVICE_EVENTS, F);
    }
    void MicroService::initialize([[maybe_unused]] Poco::Util::Application &self) {
 #ifndef USE_MEDUSA_CLIENT
        StartEverything(self);
 #endif
 	}
 	void MicroService::uninitialize() {
 		// add your own uninitialization code here
 		ServerApplication::uninitialize();
@@ -530,14 +604,12 @@ namespace OpenWifi {
 		for (auto i : SubSystems_) {
 			i->Start();
 		}
-		EventBusManager_ = std::make_unique<EventBusManager>(Poco::Logger::create(
+		EventBusManager()->Start();
 			"EventBusManager", Poco::Logger::root().getChannel(), Poco::Logger::root().getLevel()));
 		EventBusManager_->Start();
 	}
 	void MicroService::StopSubSystemServers() {
 		AddActivity("Stopping");
-		EventBusManager_->Stop();
+		EventBusManager()->Stop();
 		for (auto i = SubSystems_.rbegin(); i != SubSystems_.rend(); ++i) {
 			(*i)->Stop();
 		}
@@ -697,7 +769,7 @@ namespace OpenWifi {
 			auto APIKEY = Request.get("X-API-KEY");
 			return APIKEY == MyHash_;
 		} catch (const Poco::Exception &E) {
-			logger().log(E);
+			Logger_.log(E);
 		}
 		return false;
 	}
@@ -718,6 +790,8 @@ namespace OpenWifi {
 		MicroServiceErrorHandler ErrorHandler(*this);
 		Poco::ErrorHandler::set(&ErrorHandler);
        Args_ = args;
 		if (!HelpRequested_) {
 			SavePID();
@@ -733,11 +807,18 @@ namespace OpenWifi {
 				poco_information(logger, "Starting as a daemon.");
 			}
 #ifdef USE_MEDUSA_CLIENT
            MedusaClient::instance()->SetSubSystems(SubSystems_);
            MedusaClient::instance()->Start();
 			waitForTerminationRequest();
            MedusaClient::instance()->Stop();
 #else
 			poco_information(logger, fmt::format("System ID set to {}", ID_));
 			StartSubSystemServers();
 			waitForTerminationRequest();
 			StopSubSystemServers();
 			logger.notice(fmt::format("Stopped {}...", DAEMON_APP_NAME));
 #endif
 		}
 		return Application::EXIT_OK;
--- a/src/framework/MicroService.h
+++ b/src/framework/MicroService.h
@@ -55,9 +55,6 @@ namespace OpenWifi {
 #include "nlohmann/json.hpp"
 #include "ow_version.h"
 #define _OWDEBUG_ std::cout << __FILE__ << ":" << __LINE__ << std::endl;
 // #define _OWDEBUG_ Logger().debug(Poco::format("%s: %lu",__FILE__,__LINE__));
 namespace OpenWifi {
 	class MicroService : public Poco::Util::ServerApplication {
@@ -70,7 +67,6 @@ namespace OpenWifi {
 			  SubSystems_(std::move(Subsystems)), Logger_(Poco::Logger::get("FRAMEWORK")) {
 			instance_ = this;
 			RandomEngine_.seed(std::chrono::steady_clock::now().time_since_epoch().count());
 			// Logger_ = Poco::Logger::root().get("BASE-SVC");
 		}
 		inline static const char *ExtraConfigurationFilename = "/configuration_override.json";
@@ -92,7 +88,7 @@ namespace OpenWifi {
 		inline uint64_t DaemonBusTimer() const { return DAEMON_BUS_TIMER; };
 		[[nodiscard]] const std::string &AppName() { return DAEMON_APP_NAME; }
 		static inline uint64_t GetPID() { return Poco::Process::id(); };
-		[[nodiscard]] inline const std::string GetPublicAPIEndPoint() {
+		[[nodiscard]] inline std::string GetPublicAPIEndPoint() const {
 			return MyPublicEndPoint_ + "/api/v1";
 		};
 		[[nodiscard]] inline const std::string &GetUIURI() const { return UIURI_; };
@@ -107,7 +103,8 @@ namespace OpenWifi {
 		}
 		static MicroService &instance() { return *instance_; }
-		inline void Exit(int Reason);
+		inline void Exit(int Reason) { std::exit(Reason); }
 		void BusMessageReceived(const std::string &Key, const std::string &Payload);
 		Types::MicroServiceMetaVec GetServices(const std::string &Type);
 		Types::MicroServiceMetaVec GetServices();
@@ -115,6 +112,8 @@ namespace OpenWifi {
 		void Reload();
 		void LoadMyConfig();
 		void initialize(Poco::Util::Application &self) override;
        void StartEverything(Poco::Util::Application &self);
        void StopEverything(Poco::Util::Application &self);
        void uninitialize() override;
 		void reinitialize(Poco::Util::Application &self) override;
 		void defineOptions(Poco::Util::OptionSet &options) override;
@@ -132,7 +131,7 @@ namespace OpenWifi {
 		void Reload(const std::string &Sub);
 		Types::StringVec GetSubSystems() const;
 		Types::StringPairVec GetLogLevels();
-		const Types::StringVec &GetLogLevelNames();
+		static const Types::StringVec &GetLogLevelNames();
 		uint64_t ConfigGetInt(const std::string &Key, uint64_t Default);
 		uint64_t ConfigGetInt(const std::string &Key);
 		uint64_t ConfigGetBool(const std::string &Key, bool Default);
@@ -166,12 +165,25 @@ namespace OpenWifi {
 								const std::string &FormatterPattern,
 								const std::string &root_env_var);
 		inline bool AllowExternalMicroServices() const { return AllowExternalMicroServices_; }
        const ArgVec &Args() const { return Args_; }
        inline void SetConfigContent(const std::string &Content) { ConfigContent_ = Content; }
        inline std::optional<OpenWifi::Types::MicroServiceMeta> GetPrivateEndPointServiceKey( const std::string & ServicePrivateEndPoint ) {
            std::lock_guard   G(InfraMutex_);
            auto K = Services_.find(ServicePrivateEndPoint);
            if(K==end(Services_)) {
                return std::nullopt;
            }
            return K->second;
        }
 	  private:
 		static MicroService *instance_;
 		bool HelpRequested_ = false;
 		std::string LogDir_;
 		std::string ConfigFileName_;
        std::string ConfigContent_;
 		uint64_t ID_ = 1;
 		Poco::SharedPtr<Poco::Crypto::RSAKey> AppKey_;
 		bool DebugMode_ = false;
@@ -201,7 +213,7 @@ namespace OpenWifi {
 		Poco::JWT::Signer Signer_;
 		Poco::Logger &Logger_;
 		Poco::ThreadPool TimerPool_{"timer:pool", 2, 32};
-		std::unique_ptr<EventBusManager> EventBusManager_;
+        ArgVec Args_;
 	};
 	inline MicroService *MicroService::instance_ = nullptr;
--- a/src/framework/MicroServiceFuncs.cpp
+++ b/src/framework/MicroServiceFuncs.cpp
@@ -129,4 +129,12 @@ namespace OpenWifi {
 		return ALBHealthCheckServer()->RegisterExtendedHealthMessage(Callback);
 	}
 	std::string MicroServiceAccessKey() {
 		return MicroService::instance().Hash();
 	}
    std::optional<OpenWifi::Types::MicroServiceMeta> MicroServicePrivateAccessKey(const std::string &servicePrivateEndPoint) {
        return MicroService::instance().GetPrivateEndPointServiceKey(servicePrivateEndPoint);
    }
 } // namespace OpenWifi
--- a/src/framework/MicroServiceFuncs.h
+++ b/src/framework/MicroServiceFuncs.h
@@ -22,6 +22,9 @@ namespace OpenWifi {
 	std::string MicroServicePublicEndPoint();
 	std::string MicroServiceConfigGetString(const std::string &Key,
 											const std::string &DefaultValue);
 	std::string MicroServiceAccessKey();
    std::optional<OpenWifi::Types::MicroServiceMeta> MicroServicePrivateAccessKey(const std::string &servicePrivateEndPoint);
    bool MicroServiceConfigGetBool(const std::string &Key, bool DefaultValue);
 	std::uint64_t MicroServiceConfigGetInt(const std::string &Key, std::uint64_t DefaultValue);
 	std::string MicroServicePrivateEndPoint();
--- a/Show More
+++ b/Show More