gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Document quick-access QR page and port conflict fix

Browse Source 
- Added quick-access.secubox.in QR landing page to tracking
- Documented MetaBlogizer port allocation race condition
- Existing tools: check-ports, fix-ports commands
- Fixed srvi/quick-access port 9013 conflict
- Updated mitmproxy routes (127.0.0.1 → 192.168.255.1)
- Added recommended improvements to backlog

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-03-15 19:46:30 +01:00
parent c59f7cde0b
commit b08e71fa7f
2 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.claude/HISTORY.md
View File

@ -1,8 +1,17 @@
# SecuBox UI & Theme History # SecuBox UI & Theme History
_Last updated: 2026-03-15 (v1.0.0 Beta Release)_ _Last updated: 2026-03-16 (Quick Access QR Page)_
0. **SecuBox v1.0.0 Beta Release (2026-03-15)** 0. **SecuBox Quick Access QR Page (2026-03-16)**
- QR code landing page deployed at https://quick.secubox.in/
- 6 QR codes: VM access (192.168.1.1 & 192.168.255.1), GitHub, Release, Droplet, Streamlit Forge
- Default credentials section: root / c3box
- Dark KISS theme with JavaScript QR generation
- Fixed MetaBlogizer port conflict: srvi and quick-access both assigned port 9013
- Documented port allocation race condition issue
- Existing fix tools: `metablogizerctl check-ports` and `fix-ports`
1. **SecuBox v1.0.0 Beta Release (2026-03-15)**
- BETA-RELEASE.md: Complete security testing documentation - BETA-RELEASE.md: Complete security testing documentation
- Attack surface overview (HAProxy, WAF, LXC, P2P layers) - Attack surface overview (HAProxy, WAF, LXC, P2P layers)
- High-value targets and secrets locations for pen testers - High-value targets and secrets locations for pen testers

27
.claude/WIP.md
View File

@ -10,6 +10,33 @@ _Last updated: 2026-03-16 (Unified SMTP Relay)_
### 2026-03-16 ### 2026-03-16
- **SecuBox v1.0.0-beta Quick Access Page (Complete)**
- QR code landing page at https://quick.secubox.in/
- QR codes for: VM Appliance (192.168.1.1), SecuBox Router (192.168.255.1), Documentation, Beta Release, Droplet Tool, Streamlit Forge
- Default credentials displayed: root / c3box
- Dark KISS theme matching SecuBox design
- JavaScript QR generation using qrcode.js library
- Deployed via MetaBlogizer on port 9013
- **MetaBlogizer Port Conflict Analysis & Fix (Complete)**
- **Root Cause**: `port_in_use()` function checks UCI config only, not running uhttpd processes
- **Symptom**: Two sites (srvi, quick-access) assigned same port 9013 in UCI config
- **Immediate Fix**:
- Killed wrong uhttpd process, started correct one for quick-access
- Reassigned srvi from port 9013 → 9014 in UCI config
- Updated mitmproxy routes with correct IP (192.168.255.1, not 127.0.0.1)
- **Existing Tools**: `metablogizerctl check-ports` and `fix-ports` commands
- **Architectural Issues Identified**:
1. Port allocation race condition between UCI commit and uhttpd reload
2. No check for running processes, only UCI config
3. mitmproxy routes using 127.0.0.1 fail (LXC can't reach host localhost)
- **Recommended Improvements** (backlog):
1. Add `/proc/net/tcp` check in `port_in_use()` for running processes
2. Add port lockfile mechanism for atomic allocation
3. Always use 192.168.255.1 for mitmproxy routes (never 127.0.0.1)
4. Run `check-ports` in post-create hook automatically
- Also fixed gateaucc duplicate (port 8991 → 9000)
- **SecuBox v1.0.0 Version Bump (Complete)** - **SecuBox v1.0.0 Version Bump (Complete)**
- All major roadmap milestones achieved (v0.18, v0.19, v1.0, v1.1+) - All major roadmap milestones achieved (v0.18, v0.19, v1.0, v1.1+)
- Updated version strings: Makefile (1.0.0-r1), CLI tools, RPCD handlers, documentation - Updated version strings: Makefile (1.0.0-r1), CLI tools, RPCD handlers, documentation