RDKB-62529: Able to access the blocked port HTTPS sites

[suriya-prem]

RDKB-62529: Able to access the blocked port HTTPS sites

Reason for change: Blocked port HTTPS site is accessible.
Test Procedure: Add HTTPS port in managed services in parental control.
Risks: Low
Priority: P1
Signed-off-by: suriyanarayanan_mp@comcast.com

[Copilot]

Pull request overview

Updates firewall rule generation to prevent HTTPS (port 443) access from bypassing Parental Control “Managed Services” port blocks by conditionally suppressing the existing blockssl ACCEPT/DROP rules when Managed Services includes port 443.

Changes:

• Add detection of whether Managed Services config includes port 443 (ms_has_port_443).
• Adjust the condition that emits blockssl (TCP/UDP 443) rules so it won’t override Managed Services port-443 blocking.
• Apply the same logic for both IPv4 and IPv6 firewall rule generation paths.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 6 comments.

File	Description
source/firewall/firewall.c	Detects 443 in Managed Services blocks and gates blockssl rule emission accordingly (IPv4).
source/firewall/firewall_ipv6.c	Mirrors the same 443 detection and blockssl gating logic for IPv6.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (1)

source/firewall/firewall.h:1278

• This header now ends without closing the __FIREWALL_H__ include guard that starts near the top of the file. That will trigger an “unterminated #ifndef” preprocessor error and break the build. Add the final #endif at the end of the file (after these new declarations).

* @return None.
*
*/
void do_ssl_blocking_rules(FILE *fp, const char *chain_name);

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.