fix(interceptor): Use lxc-info for more reliable container detection

Changed LXC container status detection from lxc-ls to lxc-info: - lxc-info -n mitmproxy -s provides direct state query - More reliable than parsing lxc-ls --running output - Fixed container name from secbx-mitmproxy to mitmproxy Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-12 11:35:16 +01:00 · 2026-02-12 11:35:16 +01:00 · 7ea2ff43ba
commit 7ea2ff43ba
parent d5f7da4774
1 changed files with 8 additions and 8 deletions
--- a/package/secubox/luci-app-interceptor/root/usr/libexec/rpcd/luci.interceptor
+++ b/package/secubox/luci-app-interceptor/root/usr/libexec/rpcd/luci.interceptor
@ -46,9 +46,9 @@ get_mitm_status() {
 	# Check UCI config
 	enabled=$(uci -q get mitmproxy.main.enabled || echo "0")

-	# Check if LXC container is running
-	if command -v lxc-ls >/dev/null 2>&1; then
-		lxc-ls --running 2>/dev/null | grep -q "secbx-mitmproxy" && running=1
+	# Check if LXC container is running (use lxc-info which is more reliable)
+	if command -v lxc-info >/dev/null 2>&1; then
+		lxc-info -n mitmproxy -s 2>/dev/null | grep -q "RUNNING" && running=1
 	fi

 	# Count today's threats from log
@ -156,10 +156,10 @@ get_failover_status() {
 get_insider_waf_status() {
 	local enabled=0 running=0 insider_threats=0 blocked_clients=0 exfil_attempts=0

-	# Insider WAF is enabled when mitmproxy "out" instance is running
+	# Insider WAF is enabled when mitmproxy container is running
 	# This inspects LAN→WAN traffic for insider threats
-	if command -v lxc-ls >/dev/null 2>&1; then
-		lxc-ls --running 2>/dev/null | grep -qE "mitmproxy-out|secbx-mitmproxy" && running=1
+	if command -v lxc-info >/dev/null 2>&1; then
+		lxc-info -n mitmproxy -s 2>/dev/null | grep -q "RUNNING" && running=1
 	fi

 	# Check mitmproxy config for outbound inspection
@ -241,7 +241,7 @@ case "$1" in
 				fi

 				# mitmproxy running (external WAF)
-				if pgrep mitmproxy >/dev/null 2>&1 || lxc-ls --running 2>/dev/null | grep -q "secbx-mitmproxy"; then
+				if pgrep mitmproxy >/dev/null 2>&1 || lxc-info -n mitmproxy -s 2>/dev/null | grep -q "RUNNING"; then
 					score=$((score + 17))
 					pillars_active=$((pillars_active + 1))
 				fi
@ -265,7 +265,7 @@ case "$1" in
 				fi

 				# Insider WAF (mitmproxy outbound instance)
-				if lxc-ls --running 2>/dev/null | grep -qE "mitmproxy-out|secbx-mitmproxy"; then
+				if lxc-info -n mitmproxy -s 2>/dev/null | grep -q "RUNNING"; then
 					score=$((score + 16))
 					pillars_active=$((pillars_active + 1))
 				fi