From d020678c2f48b381d9fff628431153c2d20b298f Mon Sep 17 00:00:00 2001
From: CyberMind-FR <gandalf@Gk2.net>
Date: Tue, 23 Dec 2025 02:23:44 +0100
Subject: [PATCH] =?UTF-8?q?Mise=20=C3=A0=20jour=20des=20r=C3=A9f=C3=A9renc?=
 =?UTF-8?q?es=20des=20submodules?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 CLAUDE.md                  |  290 +++++++
 README.md                  |  670 +++++++++++-----
 build-openwrt-packages.yml |  556 -------------
 build-secubox-images.yml   |  432 ----------
 cleanup-packages.sh        |  147 ----
 fix-makefiles.sh           |   97 ---
 generate-rpcd-files.sh     |  269 -------
 install-rpcd-fix.sh        |  129 ---
 luci-app-secubox           |    2 +-
 secubox-analyzer.sh        | 1543 ------------------------------------
 secubox-debug.sh           |  421 ----------
 secubox-makefile-fixes.zip |  Bin 7833 -> 0 bytes
 secubox-repair.sh          | 1109 --------------------------
 test-validate.yml          |  327 --------
 14 files changed, 780 insertions(+), 5212 deletions(-)
 create mode 100644 CLAUDE.md
 delete mode 100644 build-openwrt-packages.yml
 delete mode 100644 build-secubox-images.yml
 delete mode 100755 cleanup-packages.sh
 delete mode 100755 fix-makefiles.sh
 delete mode 100755 generate-rpcd-files.sh
 delete mode 100755 install-rpcd-fix.sh
 delete mode 100755 secubox-analyzer.sh
 delete mode 100755 secubox-debug.sh
 delete mode 100644 secubox-makefile-fixes.zip
 delete mode 100755 secubox-repair.sh
 delete mode 100644 test-validate.yml

diff --git a/CLAUDE.md b/CLAUDE.md
new file mode 100644
index 00000000..9db82ea0
--- /dev/null
+++ b/CLAUDE.md
@@ -0,0 +1,290 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+SecuBox is a comprehensive security and network management suite for OpenWrt. The repository contains 13 LuCI application packages that provide dashboards for security monitoring, network intelligence, access control, bandwidth management, and system administration.
+
+## Build Commands
+
+### OpenWrt SDK Build
+
+```bash
+# Build a single package
+make package/luci-app-<module-name>/compile V=s
+
+# Clean build for a package
+make package/luci-app-<module-name>/clean
+make package/luci-app-<module-name>/compile V=s
+
+# Install package to staging directory
+make package/luci-app-<module-name>/install
+```
+
+### Testing Packages
+
+```bash
+# Transfer to router
+scp bin/packages/*/base/luci-app-*.ipk root@192.168.1.1:/tmp/
+
+# Install on router
+ssh root@192.168.1.1
+opkg install /tmp/luci-app-*.ipk
+/etc/init.d/rpcd restart
+/etc/init.d/uhttpd restart
+```
+
+### Validation
+
+```bash
+# Validate shell scripts (RPCD backends)
+shellcheck luci-app-*/root/usr/libexec/rpcd/*
+
+# Validate JSON files
+find . -name "*.json" -exec jsonlint {} \;
+
+# Run automated repair tool
+./secubox-tools/secubox-repair.sh
+
+# Run diagnostics
+./secubox-tools/secubox-debug.sh luci-app-<module-name>
+```
+
+## Architecture
+
+### LuCI Package Structure
+
+All SecuBox modules follow a standard LuCI application structure:
+
+```
+luci-app-<module-name>/
+├── Makefile                              # OpenWrt package definition
+├── README.md                             # Module documentation
+├── htdocs/luci-static/resources/
+│   ├── view/<module-name>/               # JavaScript UI views
+│   │   ├── overview.js                   # Main dashboard view
+│   │   └── *.js                          # Additional views
+│   └── <module-name>/
+│       ├── api.js                        # RPC API client module
+│       └── dashboard.css                 # Module-specific styles
+└── root/
+    ├── etc/config/<module-name>          # UCI configuration (optional)
+    └── usr/
+        ├── libexec/rpcd/<module-name>    # RPCD backend script
+        └── share/
+            ├── luci/menu.d/              # Menu JSON definition
+            │   └── luci-app-<module-name>.json
+            └── rpcd/acl.d/               # ACL permissions JSON
+                └── luci-app-<module-name>.json
+```
+
+### Frontend-Backend Communication
+
+1. **Frontend (JavaScript)**: Located in `htdocs/luci-static/resources/`
+   - Views use LuCI's `form` and `view` classes
+   - API calls via `api.js` module using `L.resolveDefault()`
+   - UI components from `ui.js` (Dropdown, Checkbox, Combobox, etc.)
+
+2. **Backend (RPCD)**: Located in `root/usr/libexec/rpcd/`
+   - Shell scripts that implement RPC methods
+   - Must output JSON to stdout
+   - Methods are called via ubus: `ubus call <module> <method>`
+
+3. **Menu Definition**: `root/usr/share/luci/menu.d/luci-app-<module>.json`
+   - Defines menu structure and navigation
+   - Specifies view paths and dependencies
+
+4. **ACL Definition**: `root/usr/share/rpcd/acl.d/luci-app-<module>.json`
+   - Defines access control for ubus methods
+   - Maps read/write permissions to user groups
+
+### Makefile Structure
+
+Each package Makefile must define:
+- `PKG_NAME`: Package name (must match directory)
+- `PKG_VERSION`: Version number
+- `PKG_RELEASE`: Package release number
+- `LUCI_TITLE`: Display title in LuCI
+- `LUCI_DEPENDS`: Package dependencies (e.g., `+luci-base +rpcd`)
+- `LUCI_DESCRIPTION`: Brief description
+- `PKG_MAINTAINER`: Maintainer name and email
+- `PKG_LICENSE`: License (typically Apache-2.0)
+
+The Makefile includes `luci.mk` from the LuCI build system which handles installation.
+
+## Common Development Patterns
+
+### Creating a New Module
+
+1. Copy template: `cp -r templates/luci-app-template luci-app-newmodule`
+2. Update Makefile with new PKG_NAME, LUCI_TITLE, etc.
+3. Create directory structure under `htdocs/` and `root/`
+4. Implement RPCD backend in shell
+5. Create JavaScript views
+6. Define menu and ACL JSON files
+
+### RPCD Backend Pattern
+
+RPCD backends are shell scripts that:
+- Parse `$1` for the method name
+- Output valid JSON using `printf` or `echo`
+- Use `case` statements for method routing
+- Source UCI config if needed: `. /lib/functions.sh`
+
+Example:
+```bash
+#!/bin/sh
+case "$1" in
+    list)
+        echo '{ "status": {}, "stats": {} }'
+        ;;
+    call)
+        case "$2" in
+            status)
+                # Output JSON
+                printf '{"running": true, "version": "1.0.0"}\n'
+                ;;
+        esac
+        ;;
+esac
+```
+
+### JavaScript View Pattern
+
+Views extend `L.view` and implement `load()` and `render()`:
+
+```javascript
+'use strict';
+'require view';
+'require form';
+'require <module>/api as API';
+
+return L.view.extend({
+    load: function() {
+        return Promise.all([
+            API.getStatus(),
+            API.getStats()
+        ]);
+    },
+
+    render: function(data) {
+        var m, s, o;
+        m = new form.Map('config', _('Title'));
+        s = m.section(form.TypedSection, 'section');
+        // Add form fields...
+        return m.render();
+    }
+});
+```
+
+## Module Categories
+
+1. **Core Control** (2 modules)
+   - luci-app-secubox: Central hub
+   - luci-app-system-hub: System control center
+
+2. **Security & Monitoring** (2 modules)
+   - luci-app-crowdsec-dashboard: CrowdSec security
+   - luci-app-netdata-dashboard: System monitoring
+
+3. **Network Intelligence** (2 modules)
+   - luci-app-netifyd-dashboard: Deep packet inspection
+   - luci-app-network-modes: Network mode configuration
+
+4. **VPN & Access Control** (3 modules)
+   - luci-app-wireguard-dashboard: WireGuard VPN
+   - luci-app-client-guardian: NAC & captive portal
+   - luci-app-auth-guardian: Authentication system
+
+5. **Bandwidth & Traffic** (2 modules)
+   - luci-app-bandwidth-manager: QoS & quotas
+   - luci-app-media-flow: Media traffic detection
+
+6. **Performance & Services** (2 modules)
+   - luci-app-cdn-cache: CDN proxy cache
+   - luci-app-vhost-manager: Virtual host manager
+
+## CI/CD Integration
+
+### GitHub Actions Workflows
+
+1. **build-openwrt-packages.yml**: Compiles packages for all architectures
+   - Triggers on push, PR, and tags
+   - Matrix build for 13 architectures
+   - Uploads artifacts per architecture
+
+2. **build-secubox-images.yml**: Builds custom OpenWrt images
+   - Creates complete firmware images with SecuBox pre-installed
+
+3. **test-validate.yml**: Validation and testing
+   - Validates Makefile structure
+   - Checks JSON syntax
+   - Runs shellcheck on scripts
+   - Verifies file permissions
+
+### Supported Architectures
+
+ARM64: aarch64-cortex-a53, aarch64-cortex-a72, aarch64-generic, mediatek-filogic, rockchip-armv8, bcm27xx-bcm2711
+
+ARM32: arm-cortex-a7-neon, arm-cortex-a9-neon, qualcomm-ipq40xx, qualcomm-ipq806x
+
+MIPS: mips-24kc, mipsel-24kc, mipsel-74kc
+
+x86: x86-64, x86-generic
+
+## Key Files and Directories
+
+- `makefiles/`: Reference Makefiles for modules (backup/templates)
+- `secubox-tools/`: Repair and debugging utilities
+  - `secubox-repair.sh`: Auto-fixes Makefile and RPCD issues
+  - `secubox-debug.sh`: Validates package structure
+- `templates/`: Package templates for creating new modules
+- `.github/workflows/`: CI/CD automation scripts
+
+## Common Issues and Solutions
+
+### RPCD Not Responding
+
+After installing/updating a package:
+```bash
+/etc/init.d/rpcd restart
+```
+
+### Menu Not Appearing
+
+Check that:
+1. Menu JSON is valid: `jsonlint root/usr/share/luci/menu.d/*.json`
+2. ACL grants access: Check `root/usr/share/rpcd/acl.d/*.json`
+3. Dependencies are installed: Check Makefile `LUCI_DEPENDS`
+
+### Build Failures
+
+Common causes:
+1. Missing fields in Makefile (PKG_NAME, LUCI_TITLE, etc.)
+2. Invalid JSON syntax in menu.d or acl.d
+3. RPCD script not executable
+4. Wrong include path (should be `include ../../luci.mk`)
+
+Use repair tool: `./secubox-tools/secubox-repair.sh`
+
+## Development Workflow
+
+1. Make changes to module files
+2. Test JSON syntax: `jsonlint <file>.json`
+3. Test shell scripts: `shellcheck <script>`
+4. Build package: `make package/luci-app-<name>/compile V=s`
+5. Install on test router and verify functionality
+6. Run repair tool if needed: `./secubox-tools/secubox-repair.sh`
+7. Commit changes and push (triggers CI validation)
+8. Create tag for release: `git tag -a v1.0.0 -m "Release 1.0.0"`
+
+## Important Notes
+
+- All modules use Apache-2.0 license
+- RPCD backends must be executable (chmod +x)
+- JavaScript files use strict mode: `'use strict';`
+- Menu entries require proper dependency chain
+- ACL must grant both ubus call and luci-cgi access
+- UCI config files are optional (many modules don't need them)
+- All packages build as architecture `all` (no compiled code)
diff --git a/README.md b/README.md
index 73af6fe8..9ee3a27e 100644
--- a/README.md
+++ b/README.md
@@ -1,232 +1,540 @@
-# SecuBox OpenWrt CI/CD
+# SecuBox - Security Suite for OpenWrt
 
 [![Build OpenWrt Packages](https://github.com/gkerma/secubox/actions/workflows/build-openwrt-packages.yml/badge.svg)](https://github.com/gkerma/secubox/actions/workflows/build-openwrt-packages.yml)
 [![Test & Validate](https://github.com/gkerma/secubox/actions/workflows/test-validate.yml/badge.svg)](https://github.com/gkerma/secubox/actions/workflows/test-validate.yml)
+[![License](https://img.shields.io/badge/License-Apache%202.0-green.svg)](LICENSE)
 
 ## 🎯 Overview
 
-Ce dépôt contient les workflows GitHub Actions pour compiler automatiquement les packages SecuBox LuCI pour **toutes les architectures OpenWrt supportées**.
+SecuBox is a comprehensive security and network management suite for OpenWrt, providing a unified ecosystem of specialized dashboards and tools. All modules are compiled automatically for multiple OpenWrt architectures via GitHub Actions.
 
-## 📦 Packages Compilés
+---
 
-| Package | Description |
-|---------|-------------|
-| `luci-app-crowdsec-dashboard` | Dashboard CrowdSec |
-| `luci-app-netdata-dashboard` | Dashboard Netdata |
-| `luci-app-netifyd-dashboard` | Dashboard Netifyd DPI |
-| `luci-app-wireguard-dashboard` | Dashboard WireGuard VPN |
-| `luci-app-network-modes` | Modes réseau (Router/Bridge/AP) |
-| `luci-app-client-guardian` | NAC & Portail Captif |
-| `luci-app-system-hub` | Centre de contrôle unifié |
+## 📦 SecuBox Modules
 
-## 🏗️ Architectures Supportées
+### 🎛️ Core Control
+
+#### **luci-app-secubox** - SecuBox Central Hub
+Unified security dashboard providing central management for all SecuBox components.
+
+**Features:**
+- Centralized dashboard for all modules
+- Integrated monitoring and management
+- Unified navigation interface
+
+[View Details](luci-app-secubox/README.md)
+
+---
+
+#### **luci-app-system-hub** - System Control Center
+Central control and remote assistance dashboard for OpenWrt.
+
+**Features:**
+- 🧩 Component management (start/stop/restart all services)
+- 💚 Health monitoring with score (0-100) and recommendations
+- 🖥️ Remote assistance via RustDesk integration
+- 🔍 Diagnostic collection with anonymization
+- 📋 Unified logs from all components
+- 📅 Scheduled tasks (health reports, backups)
+
+[View Details](luci-app-system-hub/README.md)
+
+---
+
+### 🔒 Security & Monitoring
+
+#### **luci-app-crowdsec-dashboard** - Collaborative Security
+Modern dashboard for CrowdSec intrusion prevention on OpenWrt.
+
+**Features:**
+- 🛡️ Real-time ban monitoring and alerts
+- 📊 Decision management (view, search, ban/unban IPs)
+- 📈 Metrics dashboard (engine stats, parsers, scenarios)
+- 🌍 Geographic threat visualization
+- ⚡ Auto-refresh with dark cybersecurity theme
+
+[View Details](luci-app-crowdsec-dashboard/README.md)
+
+---
+
+#### **luci-app-netdata-dashboard** - Real-time Monitoring
+System monitoring dashboard with live metrics visualization.
+
+**Features:**
+- 📊 CPU, memory, disk, network monitoring
+- 🌡️ Temperature sensor readings
+- ⚙️ Process monitor with resource usage
+- 🎨 Animated gauges and sparklines
+- 🔄 2-second auto-refresh
+
+[View Details](luci-app-netdata-dashboard/README.md)
+
+---
+
+### 🌐 Network Intelligence
+
+#### **luci-app-netifyd-dashboard** - Deep Packet Inspection
+Network intelligence dashboard with DPI for OpenWrt.
+
+**Features:**
+- 🔍 Application detection (Netflix, YouTube, Zoom, etc.)
+- 📡 Protocol identification (HTTP, HTTPS, DNS, QUIC)
+- 🔄 Live network flow tracking
+- 💻 Automatic device discovery
+- 📊 Traffic categorization (Web, Streaming, Gaming, VoIP)
+
+[View Details](luci-app-netifyd-dashboard/README.md)
+
+---
+
+#### **luci-app-network-modes** - Network Configuration
+Configure different network operation modes with one click.
+
+**Features:**
+- 🔍 **Sniffer Mode**: Transparent bridge for traffic analysis
+- 📶 **Access Point**: WiFi AP with 802.11r/k/v roaming
+- 🔄 **Relay/Extender**: Network relay with WireGuard
+- 🌐 **Router Mode**: Full router with proxy and HTTPS frontend
+- 🎛️ One-click mode switching with auto-backup
+
+[View Details](luci-app-network-modes/README.md)
+
+---
+
+### 🔐 VPN & Access Control
+
+#### **luci-app-wireguard-dashboard** - VPN Management
+Modern WireGuard VPN monitoring dashboard.
+
+**Features:**
+- 🔐 Tunnel status monitoring
+- 👥 Peer management (active/idle/inactive)
+- 📊 Per-peer traffic statistics
+- ⚙️ Configuration visualization
+- 🔒 Secure (private keys never exposed)
+
+[View Details](luci-app-wireguard-dashboard/README.md)
+
+---
+
+#### **luci-app-client-guardian** - Network Access Control
+NAC system with captive portal, quarantine, and parental controls.
+
+**Features:**
+- 🔍 Real-time client detection and monitoring
+- 🏠 Zone management (LAN, IoT, Guest, Quarantine)
+- ⏳ Default quarantine policy for new clients
+- 🚪 Modern captive portal with authentication
+- 👨‍👩‍👧‍👦 Parental controls (time limits, content filtering)
+- 🔔 SMS/Email alerts for security events
+
+[View Details](luci-app-client-guardian/README.md)
+
+---
+
+#### **luci-app-auth-guardian** - Authentication System
+Comprehensive authentication and session management.
+
+**Features:**
+- 🎨 Customizable captive portal
+- 🔑 OAuth integration (Google, GitHub, Facebook, Twitter)
+- 🎟️ Voucher system with time/bandwidth limits
+- 🍪 Secure session management
+- ⏭️ MAC/IP/Domain bypass rules
+
+[View Details](luci-app-auth-guardian/README.md)
+
+---
+
+### 📊 Bandwidth & Traffic
+
+#### **luci-app-bandwidth-manager** - QoS & Quotas
+Advanced bandwidth management with automatic media detection.
+
+**Features:**
+- 🎯 8 configurable QoS priority classes
+- 📊 Daily and monthly bandwidth quotas
+- 🎬 Automatic media detection (VoIP, Gaming, Streaming)
+- ⏰ Time-based scheduling (peak/off-peak)
+- 👥 Per-client statistics and controls
+
+[View Details](luci-app-bandwidth-manager/README.md)
+
+---
+
+#### **luci-app-media-flow** - Media Traffic Detection
+Advanced streaming and media traffic monitoring.
+
+**Features:**
+- 🎬 Real-time streaming service detection
+- 📡 Protocol identification (RTSP, HLS, DASH, RTP)
+- 📞 VoIP/Video call monitoring
+- 📊 Per-service bandwidth tracking
+- 📈 Quality of experience metrics
+
+**Supported Services:**
+- Netflix, YouTube, Twitch, Disney+
+- Spotify, Apple Music, Tidal
+- Zoom, Teams, Google Meet, WebEx
+
+[View Details](luci-app-media-flow/README.md)
+
+---
+
+### 🚀 Performance & Services
+
+#### **luci-app-cdn-cache** - Bandwidth Optimization
+Local CDN cache proxy for bandwidth savings.
+
+**Features:**
+- 💾 Smart caching of frequently accessed content
+- 📊 Real-time hit ratio and bandwidth savings stats
+- 📋 Configurable policies by domain/extension
+- 🔧 Automatic purge and preload capabilities
+- 📈 Statistical graphs and trends
+
+**Cache Policies:**
+- Windows Update, Linux Repos
+- Static content (JS, CSS, images)
+- Configurable TTL per content type
+
+[View Details](luci-app-cdn-cache/README.md)
+
+---
+
+#### **luci-app-vhost-manager** - Virtual Hosts
+Virtual host and local SaaS gateway management.
+
+**Features:**
+- 🏠 Internal virtual hosts with custom domains
+- ↪️ External service redirection
+- 🔒 SSL/TLS with Let's Encrypt or self-signed
+- ⚙️ Automatic nginx reverse proxy configuration
+
+**Supported Services:**
+- Nextcloud, GitLab, Jellyfin
+- Home Assistant and more
+
+[View Details](luci-app-vhost-manager/README.md)
+
+---
+
+## 🏗️ Supported Architectures
+
+SecuBox packages are automatically compiled for all major OpenWrt architectures:
 
 ### ARM 64-bit (AArch64)
-
-| Target | Architecture | Devices |
-|--------|--------------|---------|
-| `aarch64-cortex-a53` | Cortex-A53 | **ESPRESSObin**, **Sheeva64**, BananaPi R64 |
-| `aarch64-cortex-a72` | Cortex-A72 | **MOCHAbin**, Raspberry Pi 4, NanoPi R4S |
-| `aarch64-generic` | Generic ARMv8 | Rock64, Pine64, QEMU ARM64 |
-| `mediatek-filogic` | MT7981/MT7986 | GL.iNet MT3000, BananaPi R3 |
-| `rockchip-armv8` | RK3328/RK3399 | NanoPi R4S, R5S, FriendlyARM |
-| `bcm27xx-bcm2711` | BCM2711 | Raspberry Pi 4, Compute Module 4 |
+| Target | Devices |
+|--------|---------|
+| `aarch64-cortex-a53` | ESPRESSObin, Sheeva64, BananaPi R64 |
+| `aarch64-cortex-a72` | MOCHAbin, Raspberry Pi 4, NanoPi R4S |
+| `aarch64-generic` | Rock64, Pine64, QEMU ARM64 |
+| `mediatek-filogic` | GL.iNet MT3000, BananaPi R3 |
+| `rockchip-armv8` | NanoPi R4S/R5S, FriendlyARM |
+| `bcm27xx-bcm2711` | Raspberry Pi 4, Compute Module 4 |
 
 ### ARM 32-bit
-
-| Target | Architecture | Devices |
-|--------|--------------|---------|
-| `arm-cortex-a7-neon` | Cortex-A7 | Orange Pi, BananaPi, Allwinner |
-| `arm-cortex-a9-neon` | Cortex-A9 | Linksys WRT, Turris Omnia |
-| `arm-cortex-a15-neon` | Cortex-A15 | QEMU ARM |
-| `qualcomm-ipq40xx` | IPQ40xx | Google WiFi, Zyxel NBG6617 |
-| `qualcomm-ipq806x` | IPQ806x | Netgear R7800, R7500 |
+| Target | Devices |
+|--------|---------|
+| `arm-cortex-a7-neon` | Orange Pi, BananaPi, Allwinner |
+| `arm-cortex-a9-neon` | Linksys WRT, Turris Omnia |
+| `qualcomm-ipq40xx` | Google WiFi, Zyxel NBG6617 |
+| `qualcomm-ipq806x` | Netgear R7800, R7500 |
 
 ### MIPS
-
-| Target | Architecture | Devices |
-|--------|--------------|---------|
-| `mips-24kc` | MIPS 24Kc | TP-Link Archer, Ubiquiti |
-| `mipsel-24kc` | MIPS LE 24Kc | Xiaomi, GL.iNet, Netgear |
-| `mipsel-74kc` | MIPS LE 74Kc | Broadcom BCM47xx |
+| Target | Devices |
+|--------|---------|
+| `mips-24kc` | TP-Link Archer, Ubiquiti |
+| `mipsel-24kc` | Xiaomi, GL.iNet, Netgear |
+| `mipsel-74kc` | Broadcom BCM47xx |
 
 ### x86
+| Target | Devices |
+|--------|---------|
+| `x86-64` | PC, VMs, Docker, Proxmox |
+| `x86-generic` | Legacy PC, old Atom |
 
-| Target | Architecture | Devices |
-|--------|--------------|---------|
-| `x86-64` | x86_64 | PC, VMs, Docker, Proxmox |
-| `x86-generic` | i386 | Legacy PC, old Atom |
+---
 
-## 🚀 Utilisation
-
-### Compilation Automatique
-
-Les packages sont compilés automatiquement lors de :
-
-1. **Push sur `main`/`master`** : Compilation de test
-2. **Pull Request** : Validation et test
-3. **Tag `v*`** : Création de release avec tous les packages
-
-### Compilation Manuelle
-
-1. Aller dans **Actions** → **Build OpenWrt Packages**
-2. Cliquer sur **Run workflow**
-3. Sélectionner :
-   - **OpenWrt version** : 23.05.5, 22.03.7, ou SNAPSHOT
-   - **Architectures** : `all` ou liste séparée par virgules
-
-```
-# Exemples d'architectures
-all                                    # Toutes les architectures
-x86-64                                 # Uniquement x86_64
-aarch64-cortex-a53,aarch64-cortex-a72  # GlobalScale devices
-mips-24kc,mipsel-24kc                  # MIPS routeurs
-```
-
-### Téléchargement des Artifacts
-
-1. Aller dans **Actions** → Sélectionner un workflow
-2. Cliquer sur le run souhaité
-3. Télécharger les **Artifacts** en bas de page
-
-Les artifacts sont organisés par architecture :
-```
-packages-x86-64/
-  ├── luci-app-crowdsec-dashboard_1.0.0-1_all.ipk
-  ├── luci-app-netdata-dashboard_1.0.0-1_all.ipk
-  ├── ...
-  └── SHA256SUMS
-```
-
-## 📁 Structure du Dépôt
+## 📁 Repository Structure
 
 ```
 secubox/
 ├── .github/
 │   └── workflows/
-│       ├── build-openwrt-packages.yml    # Build principal
-│       └── test-validate.yml              # Tests & validation
-├── luci-app-crowdsec-dashboard/
-│   ├── Makefile
-│   ├── htdocs/luci-static/resources/
-│   │   ├── view/crowdsec/                # JavaScript views
-│   │   └── crowdsec/                     # API & CSS
-│   └── root/
-│       ├── etc/config/                   # UCI config
-│       └── usr/
-│           ├── libexec/rpcd/             # RPCD backend
-│           └── share/
-│               ├── luci/menu.d/          # Menu JSON
-│               └── rpcd/acl.d/           # ACL JSON
-├── luci-app-netdata-dashboard/
-├── luci-app-netifyd-dashboard/
-├── luci-app-wireguard-dashboard/
-├── luci-app-network-modes/
-├── luci-app-client-guardian/
-├── luci-app-system-hub/
-└── README.md
+│       ├── build-openwrt-packages.yml    # Multi-arch build CI
+│       ├── build-secubox-images.yml      # Custom image builder
+│       └── test-validate.yml             # Tests & validation
+├── luci-app-secubox/                     # Central hub
+├── luci-app-system-hub/                  # System control center
+├── luci-app-crowdsec-dashboard/          # CrowdSec security
+├── luci-app-netdata-dashboard/           # System monitoring
+├── luci-app-netifyd-dashboard/           # DPI & traffic analysis
+├── luci-app-wireguard-dashboard/         # WireGuard VPN
+├── luci-app-network-modes/               # Network configuration
+├── luci-app-client-guardian/             # NAC & captive portal
+├── luci-app-auth-guardian/               # Authentication
+├── luci-app-bandwidth-manager/           # QoS & quotas
+├── luci-app-media-flow/                  # Media detection
+├── luci-app-cdn-cache/                   # CDN proxy cache
+├── luci-app-vhost-manager/               # Virtual hosts
+├── makefiles/                            # Reference makefiles
+├── secubox-tools/                        # Repair & debug tools
+└── templates/                            # Package templates
 ```
 
-## 🔧 Créer un Nouveau Package
-
-1. Copier le template :
-```bash
-cp -r templates/luci-app-template luci-app-nouveau
+### Package Structure (Standard LuCI App)
 ```
-
-2. Éditer `Makefile` :
-```makefile
-PKG_NAME:=luci-app-nouveau
-PKG_VERSION:=1.0.0
-LUCI_TITLE:=Mon Nouveau Dashboard
-LUCI_DEPENDS:=+luci-base +nouveau-backend
-```
-
-3. Créer les fichiers requis :
-```bash
-luci-app-nouveau/
-├── Makefile
+luci-app-*/
+├── Makefile                              # OpenWrt package definition
+├── README.md                             # Module documentation
 ├── htdocs/luci-static/resources/
-│   ├── view/nouveau/
-│   │   └── overview.js
-│   └── nouveau/
-│       ├── api.js
-│       └── dashboard.css
+│   ├── view/*/                           # JavaScript UI views
+│   └── */
+│       ├── api.js                        # RPC API client
+│       └── dashboard.css                 # Module styles
 └── root/
-    └── usr/share/
-        ├── luci/menu.d/luci-app-nouveau.json
-        └── rpcd/acl.d/luci-app-nouveau.json
+    ├── etc/config/                       # UCI configuration
+    └── usr/
+        ├── libexec/rpcd/                 # RPCD backend (shell/exec)
+        └── share/
+            ├── luci/menu.d/              # Menu JSON
+            └── rpcd/acl.d/               # ACL permissions JSON
 ```
 
-4. Commit et push :
+---
+
+## 🚀 Installation
+
+### Option 1: From Pre-built Packages
+
+Download the latest packages from [GitHub Releases](https://github.com/gkerma/secubox/releases):
+
 ```bash
-git add luci-app-nouveau/
-git commit -m "feat: add luci-app-nouveau"
-git push
+# Install individual modules
+opkg update
+opkg install luci-app-secubox_*.ipk
+
+# Or install specific modules
+opkg install luci-app-system-hub_*.ipk
+opkg install luci-app-crowdsec-dashboard_*.ipk
+opkg install luci-app-client-guardian_*.ipk
 ```
 
-## 🏷️ Créer une Release
+### Option 2: Build from Source
 
 ```bash
-# Créer un tag versionné
-git tag -a v1.2.0 -m "Release 1.2.0"
+# Clone into OpenWrt SDK package directory
+cd ~/openwrt-sdk/package/
+git clone https://github.com/gkerma/secubox.git
+
+# Build all packages
+cd ~/openwrt-sdk/
+make package/secubox/luci-app-secubox/compile V=s
+make package/secubox/luci-app-system-hub/compile V=s
+# ... etc for other modules
+```
+
+### Option 3: Add to OpenWrt Feed
+
+Add to `feeds.conf.default`:
+```
+src-git secubox https://github.com/gkerma/secubox.git
+```
+
+Then:
+```bash
+./scripts/feeds update secubox
+./scripts/feeds install -a -p secubox
+make menuconfig  # Select modules under LuCI > Applications
+make V=s
+```
+
+---
+
+## 🔧 Development
+
+### Create a New Module
+
+```bash
+# Copy template
+cp -r templates/luci-app-template luci-app-newmodule
+
+# Edit Makefile
+cd luci-app-newmodule
+vi Makefile  # Update PKG_NAME, PKG_VERSION, LUCI_TITLE, LUCI_DEPENDS
+
+# Create required files
+mkdir -p htdocs/luci-static/resources/{view/newmodule,newmodule}
+mkdir -p root/usr/{libexec/rpcd,share/{luci/menu.d,rpcd/acl.d}}
+
+# Implement your module...
+```
+
+### Test Locally
+
+```bash
+# Build package
+make package/luci-app-newmodule/compile V=s
+
+# Package will be in bin/packages/<arch>/base/
+scp bin/packages/*/base/luci-app-newmodule_*.ipk root@router:/tmp/
+
+# Install on router
+ssh root@router
+opkg install /tmp/luci-app-newmodule_*.ipk
+/etc/init.d/rpcd restart
+```
+
+### Run Tests
+
+```bash
+# Lint and validate
+shellcheck luci-app-*/root/usr/libexec/rpcd/*
+jsonlint luci-app-*/root/usr/share/luci/menu.d/*.json
+jsonlint luci-app-*/root/usr/share/rpcd/acl.d/*.json
+
+# Or use GitHub Actions workflow
+git push  # Triggers test-validate.yml
+```
+
+---
+
+## 🤖 CI/CD
+
+### Automated Builds
+
+Packages are compiled automatically when:
+- **Push to main/master**: Test compilation
+- **Pull Request**: Validation and testing
+- **Tag `v*`**: Release creation with all architectures
+
+### Manual Build
+
+1. Go to **Actions** → **Build OpenWrt Packages**
+2. Click **Run workflow**
+3. Select:
+   - **OpenWrt version**: 23.05.5, 22.03.7, or SNAPSHOT
+   - **Architectures**: `all` or comma-separated list
+
+```bash
+# Examples
+all                                    # All architectures
+x86-64                                 # x86_64 only
+aarch64-cortex-a53,aarch64-cortex-a72  # GlobalScale devices
+mips-24kc,mipsel-24kc                  # MIPS routers
+```
+
+### Download Artifacts
+
+1. Go to **Actions** → Select workflow run
+2. Click on the run
+3. Download **Artifacts** at bottom of page
+
+Artifacts are organized by architecture:
+```
+packages-x86-64/
+  ├── luci-app-secubox_1.0.0-1_all.ipk
+  ├── luci-app-system-hub_1.0.0-1_all.ipk
+  ├── luci-app-crowdsec-dashboard_1.0.0-1_all.ipk
+  ├── ...
+  └── SHA256SUMS
+```
+
+---
+
+## 📊 OpenWrt Compatibility
+
+| Version | Status | Notes |
+|---------|--------|-------|
+| 24.10.x | 🔜 Planned | Awaiting release |
+| 23.05.x | ✅ Supported | **Recommended** |
+| 22.03.x | ✅ Supported | LTS |
+| 21.02.x | ⚠️ Partial | End of support |
+| SNAPSHOT | ✅ Supported | Unstable |
+
+---
+
+## 🧰 SecuBox Tools
+
+### secubox-repair.sh
+Automated repair tool for all SecuBox modules.
+
+**Features:**
+- Auto-detect and fix Makefile issues
+- Generate missing RPCD files
+- Validate package structure
+- Batch repair all modules
+
+```bash
+./secubox-tools/secubox-repair.sh
+```
+
+### secubox-debug.sh
+Debug and diagnostic tool for development.
+
+**Features:**
+- Validate package structure
+- Check dependencies
+- Test RPCD backends
+- Generate diagnostic reports
+
+```bash
+./secubox-tools/secubox-debug.sh luci-app-module-name
+```
+
+---
+
+## 🏷️ Creating Releases
+
+```bash
+# Create versioned tag
+git tag -a v1.2.0 -m "Release 1.2.0: Add new features"
 git push origin v1.2.0
 ```
 
-La release sera créée automatiquement avec :
-- Archives `.tar.gz` par architecture
-- Archive globale toutes architectures
-- Checksums SHA256
-- Notes de release générées
+The release will be created automatically with:
+- Individual `.tar.gz` archives per architecture
+- Global archive with all architectures
+- SHA256 checksums
+- Auto-generated release notes
 
-## ⚙️ Configuration CI
+---
 
-### Variables d'Environnement
+## 🔗 Links
 
-| Variable | Default | Description |
-|----------|---------|-------------|
-| `OPENWRT_VERSION` | `23.05.5` | Version OpenWrt SDK |
+- **Documentation**: [CyberMind SecuBox](https://cybermind.fr/secubox)
+- **Website**: [CyberMind.fr](https://cybermind.fr)
+- **OpenWrt SDK**: [Documentation](https://openwrt.org/docs/guide-developer/using_the_sdk)
+- **LuCI Development**: [Wiki](https://github.com/openwrt/luci/wiki)
+- **Issue Tracker**: [GitHub Issues](https://github.com/gkerma/secubox/issues)
 
-### Secrets Requis
-
-Aucun secret requis pour la compilation. Le `GITHUB_TOKEN` par défaut suffit pour créer les releases.
-
-### Cache
-
-Le SDK OpenWrt est mis en cache par architecture pour accélérer les builds suivants.
-
-## 🧪 Tests & Validation
-
-Le workflow `test-validate.yml` vérifie :
-
-- ✅ Structure des Makefiles (champs requis)
-- ✅ Syntaxe JSON (menu, ACL)
-- ✅ Syntaxe JavaScript (views)
-- ✅ Scripts shell (shellcheck)
-- ✅ Permissions des fichiers
-- ✅ Build test sur x86_64
-
-## 📊 Matrice de Compatibilité
-
-| OpenWrt | Status | Notes |
-|---------|--------|-------|
-| 24.10.x | 🔜 Prévu | En attente release |
-| 23.05.x | ✅ Supporté | Recommandé |
-| 22.03.x | ✅ Supporté | LTS |
-| 21.02.x | ⚠️ Partiel | Fin de support |
-| SNAPSHOT | ✅ Supporté | Instable |
-
-## 🔗 Liens
-
-- [OpenWrt SDK Documentation](https://openwrt.org/docs/guide-developer/using_the_sdk)
-- [LuCI Development Guide](https://github.com/openwrt/luci/wiki)
-- [CyberMind.fr](https://cybermind.fr)
-- [SecuBox Project](https://cybermind.fr/secubox)
+---
 
 ## 📄 License
 
 Apache-2.0 © 2025 CyberMind.fr
 
+Individual modules may have additional licensing terms - see each module's README.
+
+---
+
+## 🤝 Contributing
+
+Contributions are welcome! Please:
+
+1. Fork the repository
+2. Create a feature branch (`git checkout -b feature/amazing-feature`)
+3. Commit your changes (`git commit -m 'Add amazing feature'`)
+4. Push to the branch (`git push origin feature/amazing-feature`)
+5. Open a Pull Request
+
+---
+
+## 👤 Author
+
+**Gandalf** - [CyberMind.fr](https://cybermind.fr)
+
 ---
 
 **Made with ❤️ in France 🇫🇷**
diff --git a/build-openwrt-packages.yml b/build-openwrt-packages.yml
deleted file mode 100644
index cf5952dc..00000000
--- a/build-openwrt-packages.yml
+++ /dev/null
@@ -1,556 +0,0 @@
-name: Build OpenWrt Packages
-
-on:
-  push:
-    branches: [main, master, develop]
-    tags:
-      - 'v*'
-  pull_request:
-    branches: [main, master]
-  workflow_dispatch:
-    inputs:
-      openwrt_version:
-        description: 'OpenWrt version'
-        required: true
-        default: '23.05.5'
-        type: choice
-        options:
-          - '23.05.5'
-          - '23.05.4'
-          - '22.03.7'
-          - 'SNAPSHOT'
-      architectures:
-        description: 'Architectures to build (comma-separated or "all")'
-        required: false
-        default: 'all'
-
-env:
-  OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version || '23.05.5' }}
-
-jobs:
-  # ============================================
-  # Determine build matrix
-  # ============================================
-  setup:
-    runs-on: ubuntu-latest
-    outputs:
-      matrix: ${{ steps.set-matrix.outputs.matrix }}
-      version: ${{ steps.version.outputs.version }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Determine version
-        id: version
-        run: |
-          if [[ "${{ github.ref }}" == refs/tags/v* ]]; then
-            VERSION="${{ github.ref_name }}"
-          else
-            VERSION="0.0.0-$(git rev-parse --short HEAD)"
-          fi
-          echo "version=${VERSION#v}" >> $GITHUB_OUTPUT
-          echo "📦 Package version: ${VERSION#v}"
-
-      - name: Set build matrix
-        id: set-matrix
-        run: |
-          # Full architecture matrix for OpenWrt
-          # Format: target/subtarget -> SDK name mapping
-          
-          cat > /tmp/matrix.json << 'MATRIX_EOF'
-          {
-            "include": [
-              {
-                "target": "x86-64",
-                "arch": "x86_64",
-                "sdk_name": "x86-64",
-                "description": "x86 64-bit (PC, VM, containers)"
-              },
-              {
-                "target": "x86-generic",
-                "arch": "i386_pentium4",
-                "sdk_name": "x86-generic",
-                "description": "x86 32-bit (legacy PC)"
-              },
-              {
-                "target": "aarch64-generic",
-                "arch": "aarch64_generic",
-                "sdk_name": "armsr-armv8",
-                "description": "ARM 64-bit generic (RPi4, Rock64)"
-              },
-              {
-                "target": "aarch64-cortex-a53",
-                "arch": "aarch64_cortex-a53",
-                "sdk_name": "mvebu-cortexa53",
-                "description": "ARM Cortex-A53 (ESPRESSObin, Sheeva64)"
-              },
-              {
-                "target": "aarch64-cortex-a72",
-                "arch": "aarch64_cortex-a72",
-                "sdk_name": "mvebu-cortexa72",
-                "description": "ARM Cortex-A72 (MOCHAbin, MACCHIATObin)"
-              },
-              {
-                "target": "arm-cortex-a7-neon",
-                "arch": "arm_cortex-a7_neon-vfpv4",
-                "sdk_name": "sunxi-cortexa7",
-                "description": "ARM Cortex-A7 (Orange Pi, Banana Pi)"
-              },
-              {
-                "target": "arm-cortex-a9-neon",
-                "arch": "arm_cortex-a9_neon",
-                "sdk_name": "mvebu-cortexa9",
-                "description": "ARM Cortex-A9 (Linksys WRT, Turris)"
-              },
-              {
-                "target": "arm-cortex-a15-neon",
-                "arch": "arm_cortex-a15_neon-vfpv4",
-                "sdk_name": "armvirt-32",
-                "description": "ARM Cortex-A15 (QEMU ARM)"
-              },
-              {
-                "target": "mips-24kc",
-                "arch": "mips_24kc",
-                "sdk_name": "ath79-generic",
-                "description": "MIPS 24Kc (TP-Link, Ubiquiti)"
-              },
-              {
-                "target": "mipsel-24kc",
-                "arch": "mipsel_24kc",
-                "sdk_name": "ramips-mt7621",
-                "description": "MIPS Little-Endian (Xiaomi, GL.iNet)"
-              },
-              {
-                "target": "mipsel-74kc",
-                "arch": "mipsel_74kc",
-                "sdk_name": "bcm47xx-mips74k",
-                "description": "MIPS 74Kc (Broadcom routers)"
-              },
-              {
-                "target": "mediatek-filogic",
-                "arch": "aarch64_cortex-a53",
-                "sdk_name": "mediatek-filogic",
-                "description": "MediaTek Filogic (MT7981, MT7986)"
-              },
-              {
-                "target": "qualcomm-ipq40xx",
-                "arch": "arm_cortex-a7_neon-vfpv4",
-                "sdk_name": "ipq40xx-generic",
-                "description": "Qualcomm IPQ40xx (Google WiFi, Zyxel)"
-              },
-              {
-                "target": "qualcomm-ipq806x",
-                "arch": "arm_cortex-a15_neon-vfpv4",
-                "sdk_name": "ipq806x-generic",
-                "description": "Qualcomm IPQ806x (Netgear R7800)"
-              },
-              {
-                "target": "rockchip-armv8",
-                "arch": "aarch64_generic",
-                "sdk_name": "rockchip-armv8",
-                "description": "Rockchip (NanoPi R4S, R5S)"
-              },
-              {
-                "target": "bcm27xx-bcm2711",
-                "arch": "aarch64_cortex-a72",
-                "sdk_name": "bcm27xx-bcm2711",
-                "description": "Raspberry Pi 4"
-              }
-            ]
-          }
-          MATRIX_EOF
-          
-          INPUT_ARCHS="${{ github.event.inputs.architectures }}"
-          if [[ -z "$INPUT_ARCHS" || "$INPUT_ARCHS" == "all" ]]; then
-            MATRIX=$(cat /tmp/matrix.json | jq -c '.')
-          else
-            # Filter matrix based on input
-            MATRIX=$(cat /tmp/matrix.json | jq -c --arg archs "$INPUT_ARCHS" '
-              .include |= map(select(.target as $t | $archs | split(",") | map(gsub("^\\s+|\\s+$";"")) | any(. == $t or . == "all")))
-            ')
-          fi
-          
-          # Use delimiter for multiline output
-          echo "matrix<<EOF" >> $GITHUB_OUTPUT
-          echo "$MATRIX" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-          
-          echo "📋 Build matrix:"
-          echo "$MATRIX" | jq '.'
-
-  # ============================================
-  # Build packages for each architecture
-  # ============================================
-  build:
-    needs: setup
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJson(needs.setup.outputs.matrix) }}
-    
-    name: Build ${{ matrix.target }}
-    
-    steps:
-      - name: Checkout source
-        uses: actions/checkout@v4
-
-      - name: Free disk space
-        run: |
-          echo "🧹 Cleaning up disk space..."
-          sudo rm -rf /usr/share/dotnet
-          sudo rm -rf /usr/local/lib/android
-          sudo rm -rf /opt/ghc
-          sudo rm -rf /opt/hostedtoolcache/CodeQL
-          sudo docker image prune --all --force
-          df -h
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y \
-            build-essential clang flex bison g++ gawk \
-            gcc-multilib g++-multilib gettext git libncurses5-dev \
-            libssl-dev python3-setuptools python3-dev rsync \
-            swig unzip zlib1g-dev file wget curl jq
-
-      - name: Cache OpenWrt SDK
-        uses: actions/cache@v4
-        id: cache-sdk
-        with:
-          path: ~/sdk
-          key: openwrt-sdk-${{ env.OPENWRT_VERSION }}-${{ matrix.sdk_name }}
-
-      - name: Download OpenWrt SDK
-        if: steps.cache-sdk.outputs.cache-hit != 'true'
-        run: |
-          echo "📥 Downloading SDK for ${{ matrix.description }}..."
-          
-          VERSION="${{ env.OPENWRT_VERSION }}"
-          SDK_NAME="${{ matrix.sdk_name }}"
-          
-          if [[ "$VERSION" == "SNAPSHOT" ]]; then
-            BASE_URL="https://downloads.openwrt.org/snapshots/targets"
-          else
-            BASE_URL="https://downloads.openwrt.org/releases/${VERSION}/targets"
-          fi
-          
-          # Parse target/subtarget from sdk_name
-          TARGET=$(echo "$SDK_NAME" | cut -d'-' -f1)
-          SUBTARGET=$(echo "$SDK_NAME" | cut -d'-' -f2-)
-          
-          SDK_URL="${BASE_URL}/${TARGET}/${SUBTARGET}"
-          
-          echo "🔍 Looking for SDK at: $SDK_URL"
-          
-          # Find SDK filename
-          SDK_FILE=$(curl -sL "$SDK_URL/" | grep -oP 'openwrt-sdk[^"]+\.tar\.(xz|zst)' | head -1)
-          
-          if [[ -z "$SDK_FILE" ]]; then
-            echo "⚠️ SDK not found, trying alternative URL pattern..."
-            SDK_FILE=$(curl -sL "$SDK_URL/sha256sums" | grep -oP 'openwrt-sdk[^\s]+' | head -1)
-          fi
-          
-          if [[ -z "$SDK_FILE" ]]; then
-            echo "❌ Could not find SDK for ${{ matrix.target }}"
-            echo "🔗 Checked: $SDK_URL"
-            exit 1
-          fi
-          
-          echo "📦 Downloading: $SDK_FILE"
-          wget -q --show-progress "${SDK_URL}/${SDK_FILE}" -O /tmp/sdk.tar.xz || \
-          wget -q --show-progress "${SDK_URL}/${SDK_FILE}" -O /tmp/sdk.tar.zst
-          
-          mkdir -p ~/sdk
-          if [[ "$SDK_FILE" == *.zst ]]; then
-            zstd -d /tmp/sdk.tar.zst -o /tmp/sdk.tar
-            tar -xf /tmp/sdk.tar -C ~/sdk --strip-components=1
-          else
-            tar -xf /tmp/sdk.tar.xz -C ~/sdk --strip-components=1
-          fi
-          
-          echo "✅ SDK extracted to ~/sdk"
-
-      - name: Prepare SDK
-        run: |
-          cd ~/sdk
-          
-          # Update feeds
-          echo "📋 Updating feeds..."
-          ./scripts/feeds update -a
-          ./scripts/feeds install -a
-          
-          # Configure SDK
-          echo "⚙️ Configuring SDK..."
-          make defconfig
-
-      - name: Copy packages to SDK
-        run: |
-          echo "📁 Copying SecuBox packages to SDK..."
-          
-          # List of our packages
-          PACKAGES=(
-            "luci-app-crowdsec-dashboard"
-            "luci-app-netdata-dashboard"
-            "luci-app-netifyd-dashboard"
-            "luci-app-wireguard-dashboard"
-            "luci-app-network-modes"
-            "luci-app-client-guardian"
-            "luci-app-system-hub"
-            "luci-app-cdn-cache"
-          )
-          
-          # Create package directory
-          mkdir -p ~/sdk/package/secubox
-          
-          # Copy each package if it exists
-          for pkg in "${PACKAGES[@]}"; do
-            if [[ -d "$GITHUB_WORKSPACE/$pkg" ]]; then
-              echo "  📦 $pkg"
-              cp -r "$GITHUB_WORKSPACE/$pkg" ~/sdk/package/secubox/
-            else
-              echo "  ⚠️ $pkg not found in repository"
-            fi
-          done
-          
-          # If packages are in a subdirectory
-          if [[ -d "$GITHUB_WORKSPACE/packages" ]]; then
-            cp -r "$GITHUB_WORKSPACE/packages/"* ~/sdk/package/secubox/ 2>/dev/null || true
-          fi
-          
-          # List what we have
-          echo "📋 Packages in SDK:"
-          ls -la ~/sdk/package/secubox/ || echo "  (empty)"
-
-      - name: Update package version
-        run: |
-          VERSION="${{ needs.setup.outputs.version }}"
-          echo "📝 Setting package version to: $VERSION"
-          
-          # Update Makefile version in each package
-          for makefile in ~/sdk/package/secubox/*/Makefile; do
-            if [[ -f "$makefile" ]]; then
-              sed -i "s/PKG_VERSION:=.*/PKG_VERSION:=$VERSION/" "$makefile"
-              sed -i "s/PKG_RELEASE:=.*/PKG_RELEASE:=1/" "$makefile"
-              echo "  ✅ Updated: $(dirname $makefile | xargs basename)"
-            fi
-          done
-
-      - name: Build packages
-        run: |
-          cd ~/sdk
-          
-          echo "🔨 Building SecuBox packages for ${{ matrix.description }}..."
-          
-          # Enable our packages
-          for pkg in ~/sdk/package/secubox/*/; do
-            PKG_NAME=$(basename "$pkg")
-            echo "CONFIG_PACKAGE_${PKG_NAME}=m" >> .config
-          done
-          
-          make defconfig
-          
-          # Build with verbose output on error
-          make package/secubox/compile V=s -j$(nproc) || {
-            echo "❌ Build failed, retrying with single thread..."
-            make package/secubox/compile V=s -j1
-          }
-          
-          # Generate package index
-          make package/index V=s
-
-      - name: Collect artifacts
-        id: collect
-        run: |
-          echo "📦 Collecting built packages..."
-          
-          mkdir -p $GITHUB_WORKSPACE/artifacts/${{ matrix.target }}
-          
-          # Find and copy .ipk files
-          find ~/sdk/bin -name "*.ipk" -exec cp {} $GITHUB_WORKSPACE/artifacts/${{ matrix.target }}/ \;
-          
-          # Copy package index
-          find ~/sdk/bin -name "Packages*" -exec cp {} $GITHUB_WORKSPACE/artifacts/${{ matrix.target }}/ \; 2>/dev/null || true
-          
-          # List artifacts
-          echo "📋 Built packages for ${{ matrix.target }}:"
-          ls -la $GITHUB_WORKSPACE/artifacts/${{ matrix.target }}/
-          
-          # Count packages
-          PKG_COUNT=$(find $GITHUB_WORKSPACE/artifacts/${{ matrix.target }} -name "*.ipk" | wc -l)
-          echo "pkg_count=$PKG_COUNT" >> $GITHUB_OUTPUT
-          
-          if [[ $PKG_COUNT -eq 0 ]]; then
-            echo "⚠️ No packages built!"
-            exit 1
-          fi
-
-      - name: Create checksums
-        run: |
-          cd $GITHUB_WORKSPACE/artifacts/${{ matrix.target }}
-          sha256sum *.ipk > SHA256SUMS
-          echo "✅ Checksums created"
-
-      - name: Upload artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: packages-${{ matrix.target }}
-          path: artifacts/${{ matrix.target }}/
-          retention-days: 30
-
-  # ============================================
-  # Create combined release
-  # ============================================
-  release:
-    needs: [setup, build]
-    runs-on: ubuntu-latest
-    if: startsWith(github.ref, 'refs/tags/v')
-    
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Download all artifacts
-        uses: actions/download-artifact@v4
-        with:
-          path: packages
-          pattern: packages-*
-
-      - name: Organize packages
-        run: |
-          echo "📁 Organizing release packages..."
-          
-          VERSION="${{ needs.setup.outputs.version }}"
-          mkdir -p release
-          
-          # Create architecture-specific archives
-          for arch_dir in packages/packages-*/; do
-            ARCH=$(basename "$arch_dir" | sed 's/packages-//')
-            echo "📦 Processing $ARCH..."
-            
-            # Create tarball
-            tar -czf "release/secubox-${VERSION}-${ARCH}.tar.gz" -C "$arch_dir" .
-            
-            # Copy individual .ipk files to flat structure
-            mkdir -p "release/ipk/${ARCH}"
-            cp "$arch_dir"/*.ipk "release/ipk/${ARCH}/" 2>/dev/null || true
-          done
-          
-          # Create "all architectures" mega-archive
-          tar -czf "release/secubox-${VERSION}-all-architectures.tar.gz" -C packages .
-          
-          # Create release notes
-          cat > release/RELEASE_NOTES.md << EOF
-          # SecuBox $VERSION
-          
-          ## 📦 Packages Included
-          
-          - luci-app-crowdsec-dashboard - CrowdSec Security Dashboard
-          - luci-app-netdata-dashboard - Netdata Monitoring Dashboard
-          - luci-app-netifyd-dashboard - Netifyd DPI Dashboard
-          - luci-app-wireguard-dashboard - WireGuard VPN Dashboard
-          - luci-app-network-modes - Network Mode Switcher
-          - luci-app-client-guardian - NAC & Captive Portal
-          - luci-app-system-hub - System Hub Control Center
-          
-          ## 🏗️ Supported Architectures
-          
-          | Target | Architecture | Description |
-          |--------|--------------|-------------|
-          | x86-64 | x86_64 | PC, VMs, Containers |
-          | aarch64-cortex-a53 | aarch64 | ESPRESSObin, Sheeva64 |
-          | aarch64-cortex-a72 | aarch64 | MOCHAbin, RPi4 |
-          | arm-cortex-a7 | arm | Orange Pi, Banana Pi |
-          | arm-cortex-a9 | arm | Linksys WRT, Turris |
-          | mips-24kc | mips | TP-Link, Ubiquiti |
-          | mipsel-24kc | mipsel | Xiaomi, GL.iNet |
-          | mediatek-filogic | aarch64 | MT7981, MT7986 |
-          | qualcomm-ipq40xx | arm | Google WiFi |
-          | rockchip-armv8 | aarch64 | NanoPi R4S, R5S |
-          
-          ## 📥 Installation
-          
-          \`\`\`bash
-          # Download package for your architecture
-          opkg update
-          opkg install luci-app-crowdsec-dashboard_${VERSION}_*.ipk
-          # ... install other packages as needed
-          \`\`\`
-          
-          ## 🔗 Links
-          
-          - [Documentation](https://cybermind.fr/docs/secubox)
-          - [GitHub](https://github.com/gkerma)
-          - [CyberMind.fr](https://cybermind.fr)
-          
-          ---
-          Built with OpenWrt SDK ${{ env.OPENWRT_VERSION }}
-          EOF
-          
-          echo "✅ Release organized"
-          ls -la release/
-
-      - name: Create global checksums
-        run: |
-          cd release
-          sha256sum *.tar.gz > SHA256SUMS
-          echo "✅ Global checksums created"
-
-      - name: Create GitHub Release
-        uses: softprops/action-gh-release@v2
-        with:
-          name: SecuBox ${{ needs.setup.outputs.version }}
-          body_path: release/RELEASE_NOTES.md
-          files: |
-            release/*.tar.gz
-            release/SHA256SUMS
-          draft: false
-          prerelease: ${{ contains(github.ref, 'alpha') || contains(github.ref, 'beta') || contains(github.ref, 'rc') }}
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-  # ============================================
-  # Build status summary
-  # ============================================
-  summary:
-    needs: [setup, build]
-    runs-on: ubuntu-latest
-    if: always()
-    
-    steps:
-      - name: Download all artifacts
-        uses: actions/download-artifact@v4
-        with:
-          path: packages
-          pattern: packages-*
-        continue-on-error: true
-
-      - name: Generate build summary
-        run: |
-          echo "# 📊 SecuBox Build Summary" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "**Version:** ${{ needs.setup.outputs.version }}" >> $GITHUB_STEP_SUMMARY
-          echo "**OpenWrt:** ${{ env.OPENWRT_VERSION }}" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "## Build Results" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "| Architecture | Status | Packages |" >> $GITHUB_STEP_SUMMARY
-          echo "|--------------|--------|----------|" >> $GITHUB_STEP_SUMMARY
-          
-          for arch_dir in packages/packages-*/; do
-            if [[ -d "$arch_dir" ]]; then
-              ARCH=$(basename "$arch_dir" | sed 's/packages-//')
-              PKG_COUNT=$(find "$arch_dir" -name "*.ipk" 2>/dev/null | wc -l)
-              if [[ $PKG_COUNT -gt 0 ]]; then
-                echo "| $ARCH | ✅ Success | $PKG_COUNT |" >> $GITHUB_STEP_SUMMARY
-              else
-                echo "| $ARCH | ⚠️ No packages | 0 |" >> $GITHUB_STEP_SUMMARY
-              fi
-            fi
-          done
-          
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "## 📦 Artifacts" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "Download artifacts from the Actions tab above." >> $GITHUB_STEP_SUMMARY
diff --git a/build-secubox-images.yml b/build-secubox-images.yml
deleted file mode 100644
index be15ca6d..00000000
--- a/build-secubox-images.yml
+++ /dev/null
@@ -1,432 +0,0 @@
-name: Build SecuBox Images (GlobalScale)
-
-on:
-  workflow_dispatch:
-    inputs:
-      device:
-        description: 'Target device'
-        required: true
-        type: choice
-        options:
-          - espressobin-v7
-          - espressobin-ultra
-          - sheeva64
-          - sheeva64-wifi
-          - mochabin
-          - all
-      openwrt_version:
-        description: 'OpenWrt version'
-        required: true
-        default: '23.05.5'
-        type: choice
-        options:
-          - '23.05.5'
-          - '23.05.4'
-          - 'SNAPSHOT'
-      include_secubox:
-        description: 'Include SecuBox packages'
-        required: true
-        type: boolean
-        default: true
-
-env:
-  OPENWRT_VERSION: ${{ github.event.inputs.openwrt_version }}
-
-jobs:
-  # ============================================
-  # Generate build matrix based on input
-  # ============================================
-  setup:
-    runs-on: ubuntu-latest
-    outputs:
-      matrix: ${{ steps.set-matrix.outputs.matrix }}
-    steps:
-      - name: Set build matrix
-        id: set-matrix
-        run: |
-          DEVICE="${{ github.event.inputs.device }}"
-          
-          # Define all devices in a file to avoid heredoc issues
-          cat > /tmp/devices.json << 'DEVICES_EOF'
-          [
-            {
-              "device": "espressobin-v7",
-              "target": "mvebu",
-              "subtarget": "cortexa53",
-              "profile": "globalscale_espressobin",
-              "description": "ESPRESSObin V7 (1-2GB DDR4)"
-            },
-            {
-              "device": "espressobin-ultra",
-              "target": "mvebu",
-              "subtarget": "cortexa53",
-              "profile": "globalscale_espressobin-ultra",
-              "description": "ESPRESSObin Ultra (PoE, WiFi)"
-            },
-            {
-              "device": "sheeva64",
-              "target": "mvebu",
-              "subtarget": "cortexa53",
-              "profile": "globalscale_sheeva64",
-              "description": "Sheeva64 (Plug computer)"
-            },
-            {
-              "device": "sheeva64-wifi",
-              "target": "mvebu",
-              "subtarget": "cortexa53",
-              "profile": "globalscale_sheeva64",
-              "description": "Sheeva64 WiFi (802.11ac + BT)"
-            },
-            {
-              "device": "mochabin",
-              "target": "mvebu",
-              "subtarget": "cortexa72",
-              "profile": "globalscale_mochabin",
-              "description": "MOCHAbin (Quad-core A72, 10G)"
-            }
-          ]
-          DEVICES_EOF
-          
-          # Filter based on input
-          if [[ "$DEVICE" == "all" ]]; then
-            MATRIX=$(jq -c '{"include": .}' /tmp/devices.json)
-          else
-            MATRIX=$(jq -c --arg dev "$DEVICE" '{"include": [.[] | select(.device == $dev)]}' /tmp/devices.json)
-          fi
-          
-          # Use delimiter for multiline output
-          echo "matrix<<EOF" >> $GITHUB_OUTPUT
-          echo "$MATRIX" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-          
-          echo "📋 Build matrix:"
-          echo "$MATRIX" | jq '.'
-
-  # ============================================
-  # Build firmware images for GlobalScale devices
-  # ============================================
-  build-image:
-    needs: setup
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJson(needs.setup.outputs.matrix) }}
-    
-    name: ${{ matrix.description }}
-
-    steps:
-      - name: Checkout SecuBox packages
-        uses: actions/checkout@v4
-
-      - name: Free disk space
-        run: |
-          echo "🧹 Cleaning up disk space..."
-          sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc
-          sudo docker image prune --all --force
-          df -h
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y \
-            build-essential clang flex bison g++ gawk \
-            gcc-multilib g++-multilib gettext git libncurses5-dev \
-            libssl-dev python3-setuptools python3-dev rsync \
-            swig unzip zlib1g-dev file wget curl qemu-utils
-
-      - name: Clone OpenWrt
-        run: |
-          if [[ "${{ env.OPENWRT_VERSION }}" == "SNAPSHOT" ]]; then
-            git clone --depth 1 https://github.com/openwrt/openwrt.git openwrt
-          else
-            git clone --depth 1 --branch v${{ env.OPENWRT_VERSION }} \
-              https://github.com/openwrt/openwrt.git openwrt
-          fi
-
-      - name: Update feeds
-        run: |
-          cd openwrt
-          ./scripts/feeds update -a
-          ./scripts/feeds install -a
-
-      - name: Copy SecuBox packages
-        if: ${{ github.event.inputs.include_secubox == 'true' }}
-        run: |
-          mkdir -p openwrt/package/secubox
-          
-          for pkg in luci-app-*/; do
-            if [[ -d "$pkg" ]]; then
-              echo "📦 Adding $pkg"
-              cp -r "$pkg" openwrt/package/secubox/
-            fi
-          done
-
-      - name: Generate SecuBox config
-        run: |
-          cd openwrt
-          
-          # Base configuration
-          cat > .config << EOF
-          # Target
-          CONFIG_TARGET_${{ matrix.target }}=y
-          CONFIG_TARGET_${{ matrix.target }}_${{ matrix.subtarget }}=y
-          CONFIG_TARGET_${{ matrix.target }}_${{ matrix.subtarget }}_DEVICE_${{ matrix.profile }}=y
-          
-          # Image settings
-          CONFIG_TARGET_ROOTFS_SQUASHFS=y
-          CONFIG_TARGET_ROOTFS_EXT4FS=y
-          CONFIG_TARGET_KERNEL_PARTSIZE=32
-          CONFIG_TARGET_ROOTFS_PARTSIZE=512
-          
-          # Base packages
-          CONFIG_PACKAGE_luci=y
-          CONFIG_PACKAGE_luci-ssl=y
-          CONFIG_PACKAGE_luci-app-opkg=y
-          CONFIG_PACKAGE_luci-theme-openwrt-2020=y
-          
-          # Networking essentials
-          CONFIG_PACKAGE_curl=y
-          CONFIG_PACKAGE_wget-ssl=y
-          CONFIG_PACKAGE_iptables=y
-          CONFIG_PACKAGE_ip6tables=y
-          CONFIG_PACKAGE_kmod-nft-core=y
-          
-          # USB support
-          CONFIG_PACKAGE_kmod-usb-core=y
-          CONFIG_PACKAGE_kmod-usb3=y
-          CONFIG_PACKAGE_kmod-usb-storage=y
-          
-          # Filesystem
-          CONFIG_PACKAGE_kmod-fs-ext4=y
-          CONFIG_PACKAGE_kmod-fs-vfat=y
-          CONFIG_PACKAGE_block-mount=y
-          
-          # Wireless (if applicable)
-          CONFIG_PACKAGE_hostapd-common=y
-          CONFIG_PACKAGE_wpad-basic-mbedtls=y
-          
-          # Monitoring tools
-          CONFIG_PACKAGE_htop=y
-          CONFIG_PACKAGE_iftop=y
-          CONFIG_PACKAGE_tcpdump=y
-          
-          # SSH
-          CONFIG_PACKAGE_openssh-sftp-server=y
-          EOF
-
-      - name: Add SecuBox packages to config
-        if: ${{ github.event.inputs.include_secubox == 'true' }}
-        run: |
-          cd openwrt
-          
-          # CrowdSec
-          cat >> .config << EOF
-          CONFIG_PACKAGE_crowdsec=y
-          CONFIG_PACKAGE_crowdsec-firewall-bouncer=y
-          CONFIG_PACKAGE_luci-app-crowdsec-dashboard=y
-          EOF
-          
-          # Netdata
-          cat >> .config << EOF
-          CONFIG_PACKAGE_netdata=y
-          CONFIG_PACKAGE_luci-app-netdata-dashboard=y
-          EOF
-          
-          # Netifyd
-          cat >> .config << EOF
-          CONFIG_PACKAGE_netifyd=y
-          CONFIG_PACKAGE_luci-app-netifyd-dashboard=y
-          EOF
-          
-          # WireGuard
-          cat >> .config << EOF
-          CONFIG_PACKAGE_wireguard-tools=y
-          CONFIG_PACKAGE_kmod-wireguard=y
-          CONFIG_PACKAGE_luci-app-wireguard-dashboard=y
-          CONFIG_PACKAGE_qrencode=y
-          EOF
-          
-          # SecuBox core
-          cat >> .config << EOF
-          CONFIG_PACKAGE_luci-app-network-modes=y
-          CONFIG_PACKAGE_luci-app-client-guardian=y
-          CONFIG_PACKAGE_luci-app-system-hub=y
-          EOF
-
-      - name: Add device-specific packages
-        run: |
-          cd openwrt
-          
-          case "${{ matrix.device }}" in
-            mochabin)
-              # 10G networking, more RAM
-              cat >> .config << EOF
-          CONFIG_PACKAGE_kmod-sfp=y
-          CONFIG_PACKAGE_kmod-phy-marvell-10g=y
-          CONFIG_PACKAGE_prometheus-node-exporter-lua=y
-          EOF
-              ;;
-            
-            espressobin-ultra|sheeva64-wifi)
-              # WiFi support
-              cat >> .config << EOF
-          CONFIG_PACKAGE_kmod-mt76=y
-          CONFIG_PACKAGE_kmod-mac80211=y
-          EOF
-              ;;
-            
-            sheeva64*)
-              # Minimal for plug computer
-              cat >> .config << EOF
-          # Optimized for plug form factor
-          CONFIG_PACKAGE_kmod-ledtrig-heartbeat=y
-          EOF
-              ;;
-          esac
-
-      - name: Make defconfig
-        run: |
-          cd openwrt
-          make defconfig
-
-      - name: Download packages
-        run: |
-          cd openwrt
-          make download -j$(nproc) V=s || make download -j1 V=s
-
-      - name: Build firmware
-        run: |
-          cd openwrt
-          
-          echo "🔨 Building firmware for ${{ matrix.description }}..."
-          echo "⏱️ This may take 1-2 hours..."
-          
-          make -j$(nproc) V=s 2>&1 | tee build.log || {
-            echo "❌ Build failed, retrying with single thread..."
-            make -j1 V=s 2>&1 | tee build-retry.log
-          }
-
-      - name: Prepare artifacts
-        run: |
-          mkdir -p artifacts
-          
-          # Copy firmware images
-          find openwrt/bin/targets -name "*.img.gz" -exec cp {} artifacts/ \;
-          find openwrt/bin/targets -name "*.bin" -exec cp {} artifacts/ \;
-          find openwrt/bin/targets -name "*sysupgrade*" -exec cp {} artifacts/ \;
-          find openwrt/bin/targets -name "*factory*" -exec cp {} artifacts/ \;
-          
-          # Copy packages
-          mkdir -p artifacts/packages
-          find openwrt/bin/packages -name "luci-app-*secubox*.ipk" -exec cp {} artifacts/packages/ \; 2>/dev/null || true
-          find openwrt/bin/packages -name "luci-app-*dashboard*.ipk" -exec cp {} artifacts/packages/ \; 2>/dev/null || true
-          
-          # Generate checksums
-          cd artifacts
-          sha256sum * > SHA256SUMS 2>/dev/null || true
-          
-          # Create info file
-          cat > BUILD_INFO.txt << EOF
-          SecuBox Firmware Build
-          =======================
-          Device: ${{ matrix.description }}
-          Profile: ${{ matrix.profile }}
-          Target: ${{ matrix.target }}/${{ matrix.subtarget }}
-          OpenWrt: ${{ env.OPENWRT_VERSION }}
-          SecuBox: ${{ github.event.inputs.include_secubox }}
-          Built: $(date -u +%Y-%m-%dT%H:%M:%SZ)
-          Commit: ${{ github.sha }}
-          EOF
-          
-          echo "📦 Artifacts:"
-          ls -la
-
-      - name: Upload artifacts
-        uses: actions/upload-artifact@v4
-        with:
-          name: secubox-${{ matrix.device }}-${{ env.OPENWRT_VERSION }}
-          path: artifacts/
-          retention-days: 30
-
-  # ============================================
-  # Create combined release for all devices
-  # ============================================
-  release:
-    needs: [setup, build-image]
-    runs-on: ubuntu-latest
-    if: github.event.inputs.device == 'all'
-    
-    steps:
-      - name: Download all artifacts
-        uses: actions/download-artifact@v4
-        with:
-          path: firmware
-          pattern: secubox-*
-
-      - name: Organize release
-        run: |
-          mkdir -p release
-          
-          for device_dir in firmware/secubox-*/; do
-            DEVICE=$(basename "$device_dir" | sed 's/secubox-//' | sed "s/-${{ env.OPENWRT_VERSION }}//")
-            echo "📦 Processing $DEVICE..."
-            
-            # Create device archive
-            tar -czf "release/secubox-firmware-${DEVICE}.tar.gz" -C "$device_dir" .
-          done
-          
-          # Global checksums
-          cd release
-          sha256sum *.tar.gz > SHA256SUMS
-          
-          # Release notes
-          cat > RELEASE_NOTES.md << 'EOF'
-          # SecuBox Firmware Images
-          
-          Pre-built firmware images for GlobalScale devices with SecuBox modules pre-installed.
-          
-          ## Included Devices
-          
-          | Device | SoC | RAM | Description |
-          |--------|-----|-----|-------------|
-          | ESPRESSObin V7 | Armada 3720 | 1-2GB | Entry-level |
-          | ESPRESSObin Ultra | Armada 3720 | 1-2GB | WiFi + PoE |
-          | Sheeva64 | Armada 3720 | 1GB | Plug computer |
-          | MOCHAbin | Armada 7040 | 4-8GB | Quad-core + 10G |
-          
-          ## Pre-installed SecuBox Modules
-          
-          - luci-app-crowdsec-dashboard
-          - luci-app-netdata-dashboard
-          - luci-app-netifyd-dashboard
-          - luci-app-wireguard-dashboard
-          - luci-app-network-modes
-          - luci-app-client-guardian
-          - luci-app-system-hub
-          
-          ## Installation
-          
-          1. Download the appropriate firmware for your device
-          2. Flash using OpenWrt sysupgrade or manufacturer tools
-          3. Access LuCI at http://192.168.1.1
-          4. Navigate to Services → SecuBox
-          
-          ## Support
-          
-          - [Documentation](https://cybermind.fr/docs/secubox)
-          - [CyberMind.fr](https://cybermind.fr)
-          EOF
-
-      - name: Create release
-        if: github.ref == 'refs/heads/main'
-        uses: softprops/action-gh-release@v2
-        with:
-          name: "SecuBox Firmware ${{ env.OPENWRT_VERSION }}"
-          tag_name: "firmware-${{ env.OPENWRT_VERSION }}-${{ github.run_number }}"
-          body_path: release/RELEASE_NOTES.md
-          files: |
-            release/*.tar.gz
-            release/SHA256SUMS
-          draft: true
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/cleanup-packages.sh b/cleanup-packages.sh
deleted file mode 100755
index bef20f47..00000000
--- a/cleanup-packages.sh
+++ /dev/null
@@ -1,147 +0,0 @@
-#!/bin/bash
-# cleanup-packages.sh
-# Script to fix common issues in SecuBox package structure
-
-set -e
-
-echo "🧹 SecuBox Package Cleanup Script"
-echo "=================================="
-echo ""
-
-ERRORS=0
-FIXES=0
-
-# 1. Remove malformed {htdocs directories
-echo "📁 Checking for malformed directories..."
-for pkg in luci-app-*/; do
-    if [[ -d "${pkg}{htdocs" ]]; then
-        echo "  ❌ Found malformed directory: ${pkg}{htdocs"
-        echo "     → Removing..."
-        rm -rf "${pkg}{htdocs"
-        FIXES=$((FIXES + 1))
-    fi
-done
-
-# 2. Ensure htdocs structure exists
-echo ""
-echo "📁 Checking htdocs structure..."
-for pkg in luci-app-*/; do
-    if [[ -d "$pkg" ]]; then
-        PKG_NAME=$(basename "$pkg")
-        
-        # Create htdocs structure if missing
-        if [[ ! -d "${pkg}htdocs/luci-static/resources/view" ]]; then
-            echo "  ⚠️ Missing htdocs structure in $PKG_NAME"
-            mkdir -p "${pkg}htdocs/luci-static/resources/view"
-            FIXES=$((FIXES + 1))
-        fi
-    fi
-done
-
-# 3. Fix file permissions
-echo ""
-echo "🔐 Fixing file permissions..."
-for pkg in luci-app-*/; do
-    # RPCD scripts
-    if [[ -d "${pkg}root/usr/libexec/rpcd" ]]; then
-        for script in "${pkg}root/usr/libexec/rpcd/"*; do
-            if [[ -f "$script" && ! -x "$script" ]]; then
-                echo "  → Making executable: $script"
-                chmod +x "$script"
-                FIXES=$((FIXES + 1))
-            fi
-        done
-    fi
-    
-    # Init scripts
-    if [[ -d "${pkg}root/etc/init.d" ]]; then
-        for script in "${pkg}root/etc/init.d/"*; do
-            if [[ -f "$script" && ! -x "$script" ]]; then
-                echo "  → Making executable: $script"
-                chmod +x "$script"
-                FIXES=$((FIXES + 1))
-            fi
-        done
-    fi
-    
-    # UCI defaults
-    if [[ -d "${pkg}root/etc/uci-defaults" ]]; then
-        for script in "${pkg}root/etc/uci-defaults/"*; do
-            if [[ -f "$script" && ! -x "$script" ]]; then
-                echo "  → Making executable: $script"
-                chmod +x "$script"
-                FIXES=$((FIXES + 1))
-            fi
-        done
-    fi
-done
-
-# 4. Validate Makefiles
-echo ""
-echo "📋 Validating Makefiles..."
-for makefile in luci-app-*/Makefile; do
-    if [[ -f "$makefile" ]]; then
-        PKG=$(dirname "$makefile")
-        PKG_NAME=$(basename "$PKG")
-        
-        # Check PKG_NAME matches directory
-        MAKEFILE_PKG_NAME=$(grep "^PKG_NAME:=" "$makefile" | cut -d'=' -f2)
-        if [[ "$MAKEFILE_PKG_NAME" != "$PKG_NAME" ]]; then
-            echo "  ❌ PKG_NAME mismatch in $PKG_NAME"
-            echo "     Directory: $PKG_NAME"
-            echo "     Makefile:  $MAKEFILE_PKG_NAME"
-            ERRORS=$((ERRORS + 1))
-        fi
-        
-        # Check required fields
-        for field in PKG_VERSION PKG_RELEASE PKG_LICENSE; do
-            if ! grep -q "^${field}:=" "$makefile"; then
-                echo "  ⚠️ Missing $field in $PKG_NAME/Makefile"
-            fi
-        done
-        
-        # Check include statement
-        if ! grep -q "include.*luci.mk" "$makefile"; then
-            echo "  ⚠️ Missing 'include \$(TOPDIR)/feeds/luci/luci.mk' in $PKG_NAME"
-        fi
-    fi
-done
-
-# 5. Check for required directories
-echo ""
-echo "📂 Checking required structure..."
-for pkg in luci-app-*/; do
-    if [[ -d "$pkg" ]]; then
-        PKG_NAME=$(basename "$pkg")
-        
-        REQUIRED_DIRS=(
-            "root/usr/share/luci/menu.d"
-            "root/usr/share/rpcd/acl.d"
-        )
-        
-        for dir in "${REQUIRED_DIRS[@]}"; do
-            if [[ ! -d "${pkg}${dir}" ]]; then
-                echo "  ⚠️ Creating missing: ${PKG_NAME}/${dir}"
-                mkdir -p "${pkg}${dir}"
-                FIXES=$((FIXES + 1))
-            fi
-        done
-    fi
-done
-
-# 6. Summary
-echo ""
-echo "=================================="
-echo "📊 Summary"
-echo "=================================="
-echo "Fixes applied: $FIXES"
-echo "Errors found:  $ERRORS"
-
-if [[ $ERRORS -gt 0 ]]; then
-    echo ""
-    echo "⚠️ Please fix the errors above manually"
-    exit 1
-fi
-
-echo ""
-echo "✅ Cleanup complete!"
diff --git a/fix-makefiles.sh b/fix-makefiles.sh
deleted file mode 100755
index 8cb2d600..00000000
--- a/fix-makefiles.sh
+++ /dev/null
@@ -1,97 +0,0 @@
-#!/bin/bash
-# fix-makefiles.sh
-# Script to fix Makefiles for OpenWrt LuCI packages
-
-set -e
-
-echo "🔧 SecuBox Makefile Fixer"
-echo "========================="
-echo ""
-
-FIXED=0
-SKIPPED=0
-
-for makefile in luci-app-*/Makefile; do
-    if [[ ! -f "$makefile" ]]; then
-        continue
-    fi
-    
-    PKG_DIR=$(dirname "$makefile")
-    PKG_NAME=$(basename "$PKG_DIR")
-    
-    echo "📦 Processing: $PKG_NAME"
-    
-    # Check if already has luci.mk include
-    if grep -q 'include.*feeds/luci/luci\.mk' "$makefile"; then
-        echo "   ✅ Already has luci.mk include"
-        SKIPPED=$((SKIPPED + 1))
-        continue
-    fi
-    
-    # Check if has package.mk include (alternative valid format)
-    if grep -q 'include.*package\.mk' "$makefile" && grep -q 'BuildPackage' "$makefile"; then
-        echo "   ✅ Uses package.mk with BuildPackage (valid)"
-        SKIPPED=$((SKIPPED + 1))
-        continue
-    fi
-    
-    # Need to fix - create backup first
-    cp "$makefile" "${makefile}.bak"
-    
-    # Extract existing values
-    PKG_VERSION=$(grep "^PKG_VERSION:=" "$makefile" | cut -d'=' -f2 || echo "1.0.0")
-    PKG_RELEASE=$(grep "^PKG_RELEASE:=" "$makefile" | cut -d'=' -f2 || echo "1")
-    PKG_LICENSE=$(grep "^PKG_LICENSE:=" "$makefile" | cut -d'=' -f2 || echo "Apache-2.0")
-    LUCI_TITLE=$(grep "^LUCI_TITLE:=" "$makefile" | cut -d'=' -f2- || echo "LuCI - $PKG_NAME")
-    LUCI_DEPENDS=$(grep "^LUCI_DEPENDS:=" "$makefile" | cut -d'=' -f2- || echo "+luci-base")
-    
-    # If no LUCI_TITLE, try to extract from define Package section
-    if [[ -z "$LUCI_TITLE" || "$LUCI_TITLE" == "LuCI - $PKG_NAME" ]]; then
-        TITLE_LINE=$(grep -A5 "define Package/" "$makefile" | grep "TITLE" | head -1 | cut -d'=' -f2-)
-        if [[ -n "$TITLE_LINE" ]]; then
-            LUCI_TITLE="$TITLE_LINE"
-        fi
-    fi
-    
-    # Generate new Makefile
-    cat > "$makefile" << MAKEFILE_EOF
-include \$(TOPDIR)/rules.mk
-
-PKG_NAME:=${PKG_NAME}
-PKG_VERSION:=${PKG_VERSION:-1.0.0}
-PKG_RELEASE:=${PKG_RELEASE:-1}
-PKG_LICENSE:=${PKG_LICENSE:-Apache-2.0}
-PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
-
-LUCI_TITLE:=${LUCI_TITLE:-LuCI - SecuBox Module}
-LUCI_DEPENDS:=${LUCI_DEPENDS:-+luci-base}
-LUCI_PKGARCH:=all
-
-include \$(TOPDIR)/feeds/luci/luci.mk
-
-# call BuildPackage - OpenWrt buildance
-MAKEFILE_EOF
-    
-    echo "   🔧 Fixed Makefile (backup: ${makefile}.bak)"
-    FIXED=$((FIXED + 1))
-    
-done
-
-echo ""
-echo "========================="
-echo "📊 Summary"
-echo "========================="
-echo "Fixed:   $FIXED"
-echo "Skipped: $SKIPPED"
-echo ""
-
-if [[ $FIXED -gt 0 ]]; then
-    echo "⚠️  Review the fixed Makefiles and adjust LUCI_TITLE and LUCI_DEPENDS as needed"
-    echo ""
-    echo "📝 Example correct values:"
-    echo "   LUCI_TITLE:=LuCI - CrowdSec Security Dashboard"
-    echo "   LUCI_DEPENDS:=+luci-base +rpcd +curl"
-fi
-
-echo ""
-echo "✅ Done!"
diff --git a/generate-rpcd-files.sh b/generate-rpcd-files.sh
deleted file mode 100755
index b41c962b..00000000
--- a/generate-rpcd-files.sh
+++ /dev/null
@@ -1,269 +0,0 @@
-#!/bin/sh
-# generate-rpcd-files.sh
-# Generate missing RPCD scripts and ACL files for SecuBox modules
-#
-# Usage: ./generate-rpcd-files.sh <module-name>
-# Example: ./generate-rpcd-files.sh vhost-manager
-
-MODULE="$1"
-
-if [ -z "$MODULE" ]; then
-    echo "Usage: $0 <module-name>"
-    echo "Example: $0 vhost-manager"
-    exit 1
-fi
-
-# Convert module name for different uses
-# vhost-manager -> vhost_manager (for shell variables)
-# vhost-manager -> vhost-manager (for ubus)
-MODULE_UNDERSCORE=$(echo "$MODULE" | tr '-' '_')
-UBUS_NAME="luci.$MODULE"
-PKG_NAME="luci-app-$MODULE"
-
-echo "╔══════════════════════════════════════════════════════════════╗"
-echo "║  Generating RPCD files for: $MODULE"
-echo "╚══════════════════════════════════════════════════════════════╝"
-echo ""
-
-# ============================================
-# Create RPCD script
-# ============================================
-RPCD_SCRIPT="/usr/libexec/rpcd/$MODULE"
-
-echo "→ Creating RPCD script: $RPCD_SCRIPT"
-
-cat > "$RPCD_SCRIPT" << 'RPCD_EOF'
-#!/bin/sh
-# RPCD backend for MODULE_PLACEHOLDER
-# Provides ubus interface: luci.MODULE_PLACEHOLDER
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-# Initialize JSON
-json_init
-
-case "$1" in
-    list)
-        # List available methods
-        json_add_object "status"
-        json_close_object
-        json_add_object "get_config"
-        json_close_object
-        json_add_object "set_config"
-            json_add_string "config" "object"
-        json_close_object
-        json_add_object "get_stats"
-        json_close_object
-        json_dump
-        ;;
-    
-    call)
-        case "$2" in
-            status)
-                # Return module status
-                json_add_boolean "enabled" 1
-                json_add_string "status" "running"
-                json_add_string "version" "2.0.0"
-                json_add_string "module" "MODULE_PLACEHOLDER"
-                
-                # Check if service is running (customize per module)
-                # Example: check nginx for vhost-manager
-                # if pgrep -x nginx > /dev/null 2>&1; then
-                #     json_add_boolean "service_running" 1
-                # else
-                #     json_add_boolean "service_running" 0
-                # fi
-                
-                json_add_boolean "service_running" 1
-                json_dump
-                ;;
-            
-            get_config)
-                # Return current configuration
-                json_add_object "config"
-                
-                # Read from UCI if available
-                if [ -f "/etc/config/MODULE_UNDERSCORE_PLACEHOLDER" ]; then
-                    config_load "MODULE_UNDERSCORE_PLACEHOLDER"
-                    # Add config values here
-                    json_add_boolean "enabled" 1
-                else
-                    json_add_boolean "enabled" 0
-                fi
-                
-                json_close_object
-                json_dump
-                ;;
-            
-            set_config)
-                # Set configuration
-                read -r input
-                
-                # Parse input JSON
-                json_load "$input"
-                json_get_var config config
-                
-                # Apply configuration via UCI
-                # uci set MODULE_UNDERSCORE_PLACEHOLDER.global.enabled="$enabled"
-                # uci commit MODULE_UNDERSCORE_PLACEHOLDER
-                
-                json_init
-                json_add_boolean "success" 1
-                json_add_string "message" "Configuration updated"
-                json_dump
-                ;;
-            
-            get_stats)
-                # Return statistics
-                json_add_object "stats"
-                json_add_int "uptime" "$(cat /proc/uptime | cut -d. -f1)"
-                json_add_string "timestamp" "$(date -Iseconds)"
-                json_close_object
-                json_dump
-                ;;
-            
-            *)
-                # Unknown method
-                json_add_int "error" -32601
-                json_add_string "message" "Method not found"
-                json_dump
-                ;;
-        esac
-        ;;
-esac
-RPCD_EOF
-
-# Replace placeholders
-sed -i "s/MODULE_PLACEHOLDER/$MODULE/g" "$RPCD_SCRIPT"
-sed -i "s/MODULE_UNDERSCORE_PLACEHOLDER/$MODULE_UNDERSCORE/g" "$RPCD_SCRIPT"
-
-chmod +x "$RPCD_SCRIPT"
-echo "  ✓ Created and made executable"
-
-# ============================================
-# Create ACL file
-# ============================================
-ACL_FILE="/usr/share/rpcd/acl.d/${PKG_NAME}.json"
-
-echo "→ Creating ACL file: $ACL_FILE"
-
-cat > "$ACL_FILE" << ACL_EOF
-{
-    "luci-app-$MODULE": {
-        "description": "Grant access to LuCI app $MODULE",
-        "read": {
-            "ubus": {
-                "$UBUS_NAME": ["status", "get_config", "get_stats"]
-            },
-            "uci": ["$MODULE_UNDERSCORE"]
-        },
-        "write": {
-            "ubus": {
-                "$UBUS_NAME": ["set_config"]
-            },
-            "uci": ["$MODULE_UNDERSCORE"]
-        }
-    }
-}
-ACL_EOF
-
-echo "  ✓ Created ACL file"
-
-# ============================================
-# Create Menu file (if not exists)
-# ============================================
-MENU_FILE="/usr/share/luci/menu.d/${PKG_NAME}.json"
-
-if [ ! -f "$MENU_FILE" ]; then
-    echo "→ Creating Menu file: $MENU_FILE"
-    
-    # Convert module name to title
-    TITLE=$(echo "$MODULE" | sed 's/-/ /g' | awk '{for(i=1;i<=NF;i++) $i=toupper(substr($i,1,1)) tolower(substr($i,2))}1')
-    
-    cat > "$MENU_FILE" << MENU_EOF
-{
-    "admin/services/$MODULE_UNDERSCORE": {
-        "title": "$TITLE",
-        "order": 50,
-        "action": {
-            "type": "view",
-            "path": "$MODULE/main"
-        },
-        "depends": {
-            "acl": ["luci-app-$MODULE"],
-            "uci": {
-                "$MODULE_UNDERSCORE": true
-            }
-        }
-    }
-}
-MENU_EOF
-    
-    echo "  ✓ Created menu file"
-else
-    echo "→ Menu file already exists: $MENU_FILE"
-fi
-
-# ============================================
-# Create UCI config (if not exists)
-# ============================================
-UCI_CONFIG="/etc/config/$MODULE_UNDERSCORE"
-
-if [ ! -f "$UCI_CONFIG" ]; then
-    echo "→ Creating UCI config: $UCI_CONFIG"
-    
-    cat > "$UCI_CONFIG" << UCI_EOF
-config global 'global'
-    option enabled '1'
-    option version '2.0.0'
-UCI_EOF
-    
-    echo "  ✓ Created UCI config"
-else
-    echo "→ UCI config already exists: $UCI_CONFIG"
-fi
-
-# ============================================
-# Restart services
-# ============================================
-echo ""
-echo "→ Restarting rpcd..."
-/etc/init.d/rpcd restart
-
-echo "→ Clearing LuCI cache..."
-rm -rf /tmp/luci-*
-
-# Wait for rpcd to initialize
-sleep 2
-
-# ============================================
-# Verify
-# ============================================
-echo ""
-echo "╔══════════════════════════════════════════════════════════════╗"
-echo "║  Verification"
-echo "╚══════════════════════════════════════════════════════════════╝"
-echo ""
-
-# Check ubus registration
-if ubus list "$UBUS_NAME" > /dev/null 2>&1; then
-    echo "✓ $UBUS_NAME is registered in ubus"
-    echo ""
-    echo "Available methods:"
-    ubus -v list "$UBUS_NAME"
-    
-    echo ""
-    echo "Testing status call:"
-    ubus call "$UBUS_NAME" status
-else
-    echo "✗ $UBUS_NAME is NOT registered"
-    echo ""
-    echo "Debug steps:"
-    echo "  1. Check script: cat $RPCD_SCRIPT"
-    echo "  2. Test manually: echo '{\"method\":\"list\"}' | $RPCD_SCRIPT"
-    echo "  3. Check logs: logread | grep rpcd"
-fi
-
-echo ""
-echo "Done!"
diff --git a/install-rpcd-fix.sh b/install-rpcd-fix.sh
deleted file mode 100755
index f988d648..00000000
--- a/install-rpcd-fix.sh
+++ /dev/null
@@ -1,129 +0,0 @@
-#!/bin/sh
-# install-rpcd-fix.sh
-# Quick installation script for SecuBox RPCD fixes
-# 
-# Upload this script along with rpcd/ and acl/ folders to the router
-# then run: sh install-rpcd-fix.sh
-
-echo "╔══════════════════════════════════════════════════════════════╗"
-echo "║           SecuBox RPCD Fix Installer                         ║"
-echo "╚══════════════════════════════════════════════════════════════╝"
-echo ""
-
-SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
-
-# Check if running as root
-if [ "$(id -u)" != "0" ]; then
-    echo "Error: This script must be run as root"
-    exit 1
-fi
-
-# ============================================
-# Install RPCD scripts
-# ============================================
-echo "→ Installing RPCD scripts..."
-
-if [ -d "$SCRIPT_DIR/rpcd" ]; then
-    for script in "$SCRIPT_DIR/rpcd"/*; do
-        [ -f "$script" ] || continue
-        
-        NAME=$(basename "$script")
-        DEST="/usr/libexec/rpcd/$NAME"
-        
-        cp "$script" "$DEST"
-        chmod +x "$DEST"
-        echo "  ✓ Installed: $DEST"
-    done
-else
-    echo "  ⚠ No rpcd/ directory found"
-fi
-
-# ============================================
-# Install ACL files
-# ============================================
-echo ""
-echo "→ Installing ACL files..."
-
-mkdir -p /usr/share/rpcd/acl.d
-
-if [ -d "$SCRIPT_DIR/acl" ]; then
-    for acl in "$SCRIPT_DIR/acl"/*.json; do
-        [ -f "$acl" ] || continue
-        
-        NAME=$(basename "$acl")
-        DEST="/usr/share/rpcd/acl.d/$NAME"
-        
-        cp "$acl" "$DEST"
-        echo "  ✓ Installed: $DEST"
-    done
-else
-    echo "  ⚠ No acl/ directory found"
-fi
-
-# ============================================
-# Create missing UCI configs
-# ============================================
-echo ""
-echo "→ Creating UCI configs..."
-
-# vhost_manager
-if [ ! -f /etc/config/vhost_manager ]; then
-    cat > /etc/config/vhost_manager << 'EOF'
-config global 'global'
-    option enabled '1'
-    option nginx_dir '/etc/nginx/conf.d'
-    option acme_dir '/etc/acme'
-EOF
-    echo "  ✓ Created: /etc/config/vhost_manager"
-fi
-
-# ============================================
-# Restart services
-# ============================================
-echo ""
-echo "→ Restarting services..."
-
-# Restart rpcd
-/etc/init.d/rpcd restart
-echo "  ✓ rpcd restarted"
-
-# Clear LuCI cache
-rm -rf /tmp/luci-*
-echo "  ✓ LuCI cache cleared"
-
-# Wait for rpcd to initialize
-sleep 2
-
-# ============================================
-# Verify installation
-# ============================================
-echo ""
-echo "╔══════════════════════════════════════════════════════════════╗"
-echo "║           Verification                                       ║"
-echo "╚══════════════════════════════════════════════════════════════╝"
-echo ""
-
-# List installed modules
-echo "Checking ubus registration:"
-
-MODULES="vhost-manager secubox bandwidth-manager auth-guardian media-flow"
-
-for module in $MODULES; do
-    UBUS_NAME="luci.$module"
-    if ubus list "$UBUS_NAME" > /dev/null 2>&1; then
-        echo "  ✓ $UBUS_NAME"
-    else
-        echo "  ✗ $UBUS_NAME (not registered)"
-    fi
-done
-
-echo ""
-echo "Testing vhost-manager status:"
-ubus call luci.vhost-manager status 2>/dev/null || echo "  ✗ Failed"
-
-echo ""
-echo "Installation complete!"
-echo ""
-echo "If modules are still not working, check:"
-echo "  logread | grep rpcd"
-echo "  logread | grep ubus"
diff --git a/luci-app-secubox b/luci-app-secubox
index 9ec07852..dddfeac6 160000
--- a/luci-app-secubox
+++ b/luci-app-secubox
@@ -1 +1 @@
-Subproject commit 9ec07852ca63d717db4f8610700b41fb97bc359b
+Subproject commit dddfeac6f37efed185c300cad5593e4b1c65eb0e
diff --git a/secubox-analyzer.sh b/secubox-analyzer.sh
deleted file mode 100755
index 4a0bb65a..00000000
--- a/secubox-analyzer.sh
+++ /dev/null
@@ -1,1543 +0,0 @@
-#!/bin/bash
-#
-# secubox-analyzer.sh
-# ====================
-# Outil complet de debug, analyse et correction des sources SecuBox
-# Analyse en profondeur le code source, détecte les problèmes et les corrige
-#
-# Usage:
-#   ./secubox-analyzer.sh                     # Analyse complète
-#   ./secubox-analyzer.sh --fix               # Analyse + correction
-#   ./secubox-analyzer.sh --module NAME       # Analyser un module spécifique
-#   ./secubox-analyzer.sh --report            # Générer rapport HTML
-#   ./secubox-analyzer.sh --test-rpc          # Tester les scripts RPCD localement
-#
-# Auteur: CyberMind.fr
-# License: Apache-2.0
-#
-
-set -e
-
-# ============================================
-# Configuration
-# ============================================
-VERSION="2.1.0"
-SCRIPT_NAME=$(basename "$0")
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-WORK_DIR="${WORK_DIR:-$SCRIPT_DIR}"
-REPORT_DIR="${REPORT_DIR:-$WORK_DIR/.secubox-reports}"
-TIMESTAMP=$(date +%Y%m%d_%H%M%S)
-
-# Colors
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-CYAN='\033[0;36m'
-MAGENTA='\033[0;35m'
-WHITE='\033[1;37m'
-GRAY='\033[0;90m'
-BOLD='\033[1m'
-DIM='\033[2m'
-NC='\033[0m'
-
-# Counters
-declare -A STATS=(
-    [modules]=0
-    [errors]=0
-    [warnings]=0
-    [fixes]=0
-    [files_checked]=0
-    [issues_found]=0
-)
-
-# Options
-DO_FIX=false
-DO_REPORT=false
-DO_TEST_RPC=false
-DO_VERBOSE=false
-DO_DEEP=false
-TARGET_MODULE=""
-
-# Issue tracking
-declare -a ISSUES=()
-declare -a FIXES_APPLIED=()
-
-# ============================================
-# Module Registry
-# ============================================
-declare -A MODULES=(
-    [secubox]="SecuBox Hub|+luci-base +rpcd +curl +jq"
-    [crowdsec-dashboard]="CrowdSec Dashboard|+luci-base +rpcd +crowdsec"
-    [netdata-dashboard]="Netdata Dashboard|+luci-base +rpcd +netdata"
-    [netifyd-dashboard]="Netifyd Dashboard|+luci-base +rpcd +netifyd"
-    [wireguard-dashboard]="WireGuard Dashboard|+luci-base +rpcd +wireguard-tools +qrencode"
-    [network-modes]="Network Modes|+luci-base +rpcd"
-    [client-guardian]="Client Guardian|+luci-base +rpcd +nodogsplash"
-    [system-hub]="System Hub|+luci-base +rpcd"
-    [bandwidth-manager]="Bandwidth Manager|+luci-base +rpcd +tc-full +kmod-sched-cake"
-    [auth-guardian]="Auth Guardian|+luci-base +rpcd +curl"
-    [media-flow]="Media Flow|+luci-base +rpcd +netifyd"
-    [vhost-manager]="VHost Manager|+luci-base +rpcd +nginx-ssl"
-    [cdn-cache]="CDN Cache|+luci-base +rpcd +nginx"
-    [traffic-shaper]="Traffic Shaper|+luci-base +rpcd +tc-full"
-)
-
-# ============================================
-# Logging & Output
-# ============================================
-log_file=""
-
-init_logging() {
-    mkdir -p "$REPORT_DIR"
-    log_file="$REPORT_DIR/analyze_${TIMESTAMP}.log"
-    exec > >(tee -a "$log_file") 2>&1
-}
-
-print_banner() {
-    echo ""
-    echo -e "${CYAN}╔═══════════════════════════════════════════════════════════════════════════╗${NC}"
-    echo -e "${CYAN}║${NC}                                                                           ${CYAN}║${NC}"
-    echo -e "${CYAN}║${NC}   ${BOLD}${WHITE}SecuBox Source Analyzer${NC}                                               ${CYAN}║${NC}"
-    echo -e "${CYAN}║${NC}   ${DIM}Debug • Analyze • Fix${NC}                                     ${DIM}v${VERSION}${NC}   ${CYAN}║${NC}"
-    echo -e "${CYAN}║${NC}                                                                           ${CYAN}║${NC}"
-    echo -e "${CYAN}╚═══════════════════════════════════════════════════════════════════════════╝${NC}"
-    echo ""
-}
-
-print_section() {
-    echo ""
-    echo -e "${BLUE}┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓${NC}"
-    echo -e "${BLUE}┃${NC}  ${BOLD}$1${NC}"
-    echo -e "${BLUE}┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┛${NC}"
-}
-
-print_module_header() {
-    local name="$1"
-    local title="${MODULES[$name]%%|*}"
-    echo ""
-    echo -e "${MAGENTA}╭───────────────────────────────────────────────────────────────────────────╮${NC}"
-    echo -e "${MAGENTA}│${NC}  📦 ${BOLD}luci-app-${name}${NC}"
-    [[ -n "$title" ]] && echo -e "${MAGENTA}│${NC}     ${DIM}$title${NC}"
-    echo -e "${MAGENTA}╰───────────────────────────────────────────────────────────────────────────╯${NC}"
-}
-
-print_subsection() {
-    echo -e "  ${CYAN}▸ $1${NC}"
-}
-
-ok() { echo -e "    ${GREEN}✓${NC} $1"; }
-warn() { 
-    echo -e "    ${YELLOW}⚠${NC} $1"
-    ((STATS[warnings]++))
-    ISSUES+=("WARN|$current_module|$1")
-}
-error() { 
-    echo -e "    ${RED}✗${NC} $1"
-    ((STATS[errors]++))
-    ISSUES+=("ERROR|$current_module|$1")
-}
-info() { echo -e "    ${CYAN}→${NC} $1"; }
-debug() { $DO_VERBOSE && echo -e "    ${GRAY}  $1${NC}"; }
-fixed() { 
-    echo -e "    ${GREEN}🔧${NC} $1"
-    ((STATS[fixes]++))
-    FIXES_APPLIED+=("$current_module|$1")
-}
-
-# ============================================
-# Utility Functions
-# ============================================
-
-# Check if command exists
-has_cmd() {
-    command -v "$1" &>/dev/null
-}
-
-# Get module name from directory
-get_module_name() {
-    basename "$1" | sed 's/^luci-app-//'
-}
-
-# Convert module-name to module_name
-to_underscore() {
-    echo "$1" | tr '-' '_'
-}
-
-# Validate JSON syntax
-validate_json() {
-    local file="$1"
-    local errors=""
-    
-    if has_cmd jq; then
-        errors=$(jq empty "$file" 2>&1) && return 0
-    elif has_cmd python3; then
-        errors=$(python3 -c "import json; json.load(open('$file'))" 2>&1) && return 0
-    elif has_cmd node; then
-        errors=$(node -e "JSON.parse(require('fs').readFileSync('$file'))" 2>&1) && return 0
-    else
-        return 0  # Can't validate
-    fi
-    
-    echo "$errors"
-    return 1
-}
-
-# Validate JavaScript syntax
-validate_js() {
-    local file="$1"
-    local errors=""
-    
-    if has_cmd node; then
-        errors=$(node --check "$file" 2>&1) && return 0
-    elif has_cmd eslint; then
-        errors=$(eslint --no-eslintrc "$file" 2>&1) && return 0
-    fi
-    
-    # Basic check
-    if grep -qE "^'use strict'|require\('view'\)|return view\.extend" "$file" 2>/dev/null; then
-        return 0
-    fi
-    
-    echo "$errors"
-    return 1
-}
-
-# Validate shell script
-validate_shell() {
-    local file="$1"
-    local errors=""
-    
-    # Check shebang
-    local shebang=$(head -1 "$file")
-    if [[ ! "$shebang" =~ ^#! ]]; then
-        echo "Missing shebang"
-        return 1
-    fi
-    
-    # Shellcheck if available
-    if has_cmd shellcheck; then
-        errors=$(shellcheck -s sh -f gcc "$file" 2>&1)
-        local exit_code=$?
-        if [[ $exit_code -ne 0 ]]; then
-            echo "$errors"
-            return 1
-        fi
-    fi
-    
-    # Basic syntax check
-    if has_cmd sh; then
-        errors=$(sh -n "$file" 2>&1) && return 0
-        echo "$errors"
-        return 1
-    fi
-    
-    return 0
-}
-
-# ============================================
-# Analysis Functions
-# ============================================
-
-# Analyze directory structure
-analyze_structure() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    
-    print_subsection "Directory Structure"
-    
-    # Required directories
-    local required_dirs=(
-        "root/usr/libexec/rpcd"
-        "root/usr/share/rpcd/acl.d"
-        "root/usr/share/luci/menu.d"
-        "htdocs/luci-static/resources/view"
-    )
-    
-    local missing=0
-    for dir in "${required_dirs[@]}"; do
-        if [[ -d "$pkg_dir/$dir" ]]; then
-            debug "OK: $dir"
-        else
-            warn "Missing directory: $dir"
-            ((missing++))
-            
-            if $DO_FIX; then
-                mkdir -p "$pkg_dir/$dir"
-                fixed "Created: $dir"
-            fi
-        fi
-    done
-    
-    [[ $missing -eq 0 ]] && ok "All required directories present"
-    
-    # Check for malformed directories
-    local malformed=$(find "$pkg_dir" -type d -name '{*' -o -name '*}' 2>/dev/null)
-    if [[ -n "$malformed" ]]; then
-        error "Found malformed directories"
-        echo "$malformed" | while read -r dir; do
-            info "  $dir"
-            if $DO_FIX; then
-                rm -rf "$dir"
-                fixed "Removed: $dir"
-            fi
-        done
-    fi
-    
-    ((STATS[files_checked]++))
-}
-
-# Analyze Makefile
-analyze_makefile() {
-    local pkg_dir="$1"
-    local name="$2"
-    local makefile="$pkg_dir/Makefile"
-    
-    print_subsection "Makefile Analysis"
-    
-    if [[ ! -f "$makefile" ]]; then
-        error "Makefile missing"
-        if $DO_FIX; then
-            generate_makefile "$pkg_dir" "$name"
-        fi
-        return 1
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Check required fields
-    local required_fields=("PKG_NAME" "PKG_VERSION" "PKG_RELEASE" "PKG_LICENSE")
-    local missing_fields=()
-    
-    for field in "${required_fields[@]}"; do
-        if grep -q "^${field}:=" "$makefile"; then
-            local value=$(grep "^${field}:=" "$makefile" | cut -d'=' -f2)
-            debug "$field = $value"
-        else
-            missing_fields+=("$field")
-        fi
-    done
-    
-    if [[ ${#missing_fields[@]} -gt 0 ]]; then
-        warn "Missing fields: ${missing_fields[*]}"
-        if $DO_FIX; then
-            generate_makefile "$pkg_dir" "$name"
-        fi
-    fi
-    
-    # Check PKG_NAME matches directory
-    local pkg_name=$(grep "^PKG_NAME:=" "$makefile" | cut -d'=' -f2)
-    if [[ "$pkg_name" != "luci-app-$name" ]]; then
-        error "PKG_NAME mismatch: expected 'luci-app-$name', got '$pkg_name'"
-        if $DO_FIX; then
-            sed -i "s/^PKG_NAME:=.*/PKG_NAME:=luci-app-$name/" "$makefile"
-            fixed "Corrected PKG_NAME"
-        fi
-    else
-        ok "PKG_NAME correct"
-    fi
-    
-    # Check include statement
-    if grep -q 'include.*feeds/luci/luci\.mk' "$makefile"; then
-        ok "Uses luci.mk (correct)"
-    elif grep -q 'include.*package\.mk' "$makefile"; then
-        warn "Uses package.mk (should use luci.mk for LuCI apps)"
-        if $DO_FIX; then
-            generate_makefile "$pkg_dir" "$name"
-        fi
-    else
-        error "Missing include statement"
-        if $DO_FIX; then
-            generate_makefile "$pkg_dir" "$name"
-        fi
-    fi
-    
-    # Check LUCI_TITLE
-    if ! grep -q "^LUCI_TITLE:=" "$makefile"; then
-        warn "Missing LUCI_TITLE"
-    fi
-    
-    # Check LUCI_DEPENDS
-    if ! grep -q "^LUCI_DEPENDS:=" "$makefile"; then
-        warn "Missing LUCI_DEPENDS"
-    fi
-}
-
-# Analyze RPCD script
-analyze_rpcd() {
-    local pkg_dir="$1"
-    local name="$2"
-    local rpcd_dir="$pkg_dir/root/usr/libexec/rpcd"
-    local rpcd_script="$rpcd_dir/$name"
-    
-    print_subsection "RPCD Script Analysis"
-    
-    # Check if script exists
-    if [[ ! -f "$rpcd_script" ]]; then
-        # Try alternative names
-        local alt_scripts=(
-            "$rpcd_dir/luci.$name"
-            "$rpcd_dir/luci-$name"
-            "$rpcd_dir/${name//-/_}"
-        )
-        
-        local found=false
-        for alt in "${alt_scripts[@]}"; do
-            if [[ -f "$alt" ]]; then
-                warn "RPCD script at non-standard location: $(basename "$alt")"
-                if $DO_FIX; then
-                    cp "$alt" "$rpcd_script"
-                    fixed "Copied to standard location"
-                fi
-                found=true
-                break
-            fi
-        done
-        
-        if ! $found; then
-            error "RPCD script missing: $name"
-            info "Expected: $rpcd_script"
-            if $DO_FIX; then
-                generate_rpcd "$pkg_dir" "$name"
-            fi
-            return 1
-        fi
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Check permissions
-    if [[ ! -x "$rpcd_script" ]]; then
-        warn "RPCD script not executable"
-        if $DO_FIX; then
-            chmod +x "$rpcd_script"
-            fixed "Made executable"
-        fi
-    else
-        ok "Script is executable"
-    fi
-    
-    # Validate shell syntax
-    local shell_errors=$(validate_shell "$rpcd_script")
-    if [[ -n "$shell_errors" ]]; then
-        error "Shell syntax errors:"
-        echo "$shell_errors" | head -5 | while read -r line; do
-            info "  $line"
-        done
-    else
-        ok "Shell syntax valid"
-    fi
-    
-    # Check shebang
-    local shebang=$(head -1 "$rpcd_script")
-    if [[ "$shebang" != "#!/bin/sh" && "$shebang" != "#!/bin/bash" ]]; then
-        warn "Non-standard shebang: $shebang"
-        if $DO_FIX; then
-            sed -i '1s|^.*$|#!/bin/sh|' "$rpcd_script"
-            fixed "Fixed shebang"
-        fi
-    fi
-    
-    # Check for required components
-    local components=(
-        "json_init:JSON initialization"
-        "json_add:JSON building"
-        "json_dump:JSON output"
-        'case.*list:list handler'
-        'case.*call:call handler'
-    )
-    
-    for comp in "${components[@]}"; do
-        local pattern="${comp%%:*}"
-        local desc="${comp##*:}"
-        
-        if grep -qE "$pattern" "$rpcd_script"; then
-            debug "Has $desc"
-        else
-            warn "Missing $desc ($pattern)"
-        fi
-    done
-    
-    # Check for status method
-    if grep -q 'status)' "$rpcd_script" || grep -q '"status"' "$rpcd_script"; then
-        ok "Has 'status' method"
-    else
-        error "Missing 'status' method (required for LuCI)"
-        if $DO_FIX; then
-            # This is complex - regenerate the whole script
-            generate_rpcd "$pkg_dir" "$name"
-        fi
-    fi
-    
-    # Extract and display methods
-    if $DO_VERBOSE; then
-        info "Methods found:"
-        grep -oE '\b[a-z_]+\)' "$rpcd_script" 2>/dev/null | tr -d ')' | sort -u | while read -r method; do
-            [[ -n "$method" ]] && debug "  - $method"
-        done
-    fi
-    
-    # Check ubus object name consistency
-    local ubus_name=$(grep -oE "luci\.$name|luci\.${name//-/_}" "$rpcd_script" | head -1)
-    if [[ -z "$ubus_name" ]]; then
-        warn "Cannot determine ubus object name from script"
-    else
-        debug "ubus name: $ubus_name"
-    fi
-}
-
-# Analyze ACL file
-analyze_acl() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local acl_dir="$pkg_dir/root/usr/share/rpcd/acl.d"
-    
-    print_subsection "ACL File Analysis"
-    
-    # Find ACL file
-    local acl_file=""
-    local acl_patterns=(
-        "$acl_dir/luci-app-${name}.json"
-        "$acl_dir/luci-${name}.json"
-        "$acl_dir/${name}.json"
-        "$acl_dir/luci-app-${name_u}.json"
-    )
-    
-    for pattern in "${acl_patterns[@]}"; do
-        if [[ -f "$pattern" ]]; then
-            acl_file="$pattern"
-            break
-        fi
-    done
-    
-    if [[ -z "$acl_file" ]]; then
-        error "ACL file missing"
-        info "Expected: $acl_dir/luci-app-${name}.json"
-        if $DO_FIX; then
-            generate_acl "$pkg_dir" "$name"
-        fi
-        return 1
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Check filename
-    local expected_name="luci-app-${name}.json"
-    local actual_name=$(basename "$acl_file")
-    if [[ "$actual_name" != "$expected_name" ]]; then
-        warn "ACL filename should be: $expected_name (got: $actual_name)"
-        if $DO_FIX; then
-            mv "$acl_file" "$acl_dir/$expected_name"
-            acl_file="$acl_dir/$expected_name"
-            fixed "Renamed ACL file"
-        fi
-    fi
-    
-    # Validate JSON
-    local json_errors=$(validate_json "$acl_file")
-    if [[ -n "$json_errors" ]]; then
-        error "Invalid JSON syntax"
-        echo "$json_errors" | head -3 | while read -r line; do
-            info "  $line"
-        done
-        if $DO_FIX; then
-            generate_acl "$pkg_dir" "$name"
-        fi
-        return 1
-    else
-        ok "JSON syntax valid"
-    fi
-    
-    # Check ubus permissions
-    local ubus_name="luci.$name"
-    if grep -q "\"$ubus_name\"" "$acl_file"; then
-        ok "Contains ubus permission for $ubus_name"
-    else
-        error "Missing ubus permission for $ubus_name"
-        if $DO_FIX; then
-            generate_acl "$pkg_dir" "$name"
-        fi
-    fi
-    
-    # Check for status method permission
-    if grep -q '"status"' "$acl_file"; then
-        ok "Has 'status' method permission"
-    else
-        warn "Missing 'status' method in ACL"
-    fi
-    
-    # Deep analysis
-    if $DO_DEEP && has_cmd jq; then
-        info "ACL structure:"
-        jq -r 'keys[]' "$acl_file" 2>/dev/null | while read -r key; do
-            debug "  Section: $key"
-        done
-    fi
-}
-
-# Analyze Menu file
-analyze_menu() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local menu_dir="$pkg_dir/root/usr/share/luci/menu.d"
-    
-    print_subsection "Menu File Analysis"
-    
-    # Find menu file
-    local menu_file=""
-    local menu_patterns=(
-        "$menu_dir/luci-app-${name}.json"
-        "$menu_dir/luci-${name}.json"
-        "$menu_dir/${name}.json"
-    )
-    
-    for pattern in "${menu_patterns[@]}"; do
-        if [[ -f "$pattern" ]]; then
-            menu_file="$pattern"
-            break
-        fi
-    done
-    
-    if [[ -z "$menu_file" ]]; then
-        error "Menu file missing"
-        if $DO_FIX; then
-            generate_menu "$pkg_dir" "$name"
-        fi
-        return 1
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Validate JSON
-    local json_errors=$(validate_json "$menu_file")
-    if [[ -n "$json_errors" ]]; then
-        error "Invalid JSON syntax"
-        if $DO_FIX; then
-            generate_menu "$pkg_dir" "$name"
-        fi
-        return 1
-    else
-        ok "JSON syntax valid"
-    fi
-    
-    # Check menu path
-    if has_cmd jq; then
-        local menu_path=$(jq -r 'keys[0]' "$menu_file" 2>/dev/null)
-        local view_path=$(jq -r '.[keys[0]].action.path // empty' "$menu_file" 2>/dev/null)
-        
-        debug "Menu path: $menu_path"
-        debug "View path: $view_path"
-        
-        # Check if view file exists
-        if [[ -n "$view_path" ]]; then
-            local view_file="$pkg_dir/htdocs/luci-static/resources/view/${view_path}.js"
-            if [[ -f "$view_file" ]]; then
-                ok "View file exists: ${view_path}.js"
-            else
-                warn "View file not found: ${view_path}.js"
-            fi
-        fi
-    fi
-    
-    ok "Menu file valid"
-}
-
-# Analyze View files (JavaScript)
-analyze_views() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local view_base="$pkg_dir/htdocs/luci-static/resources/view"
-    
-    print_subsection "View Files Analysis"
-    
-    # Find JavaScript files
-    local js_files=$(find "$pkg_dir/htdocs" -name "*.js" 2>/dev/null)
-    local js_count=$(echo "$js_files" | grep -c . 2>/dev/null || echo 0)
-    
-    if [[ $js_count -eq 0 ]]; then
-        warn "No JavaScript view files found"
-        if $DO_FIX; then
-            generate_view "$pkg_dir" "$name"
-        fi
-        return 1
-    fi
-    
-    info "Found $js_count JavaScript file(s)"
-    
-    echo "$js_files" | while read -r js_file; do
-        [[ -z "$js_file" ]] && continue
-        
-        ((STATS[files_checked]++))
-        local filename=$(basename "$js_file")
-        
-        # Validate syntax
-        local js_errors=$(validate_js "$js_file")
-        if [[ -n "$js_errors" ]]; then
-            error "Syntax error in $filename"
-            echo "$js_errors" | head -3 | while read -r line; do
-                info "  $line"
-            done
-        else
-            ok "Valid: $filename"
-        fi
-        
-        # Check for required patterns
-        if ! grep -q "'require view'" "$js_file" && ! grep -q '"require view"' "$js_file"; then
-            if ! grep -q "require('view')" "$js_file"; then
-                warn "$filename: Missing 'require view'"
-            fi
-        fi
-        
-        # Check RPC declaration
-        if grep -q "rpc.declare" "$js_file"; then
-            local rpc_object=$(grep -oE "object:\s*['\"][^'\"]+['\"]" "$js_file" | head -1)
-            debug "$filename uses RPC: $rpc_object"
-            
-            # Check if RPC object matches module
-            if ! echo "$rpc_object" | grep -qE "luci\.$name|luci\.${name_u}"; then
-                warn "RPC object may not match module name"
-            fi
-        fi
-        
-        # Check for view.extend
-        if ! grep -q "view.extend" "$js_file"; then
-            warn "$filename: Missing view.extend"
-        fi
-    done
-}
-
-# Analyze UCI config
-analyze_config() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local config_dir="$pkg_dir/root/etc/config"
-    local config_file="$config_dir/$name_u"
-    
-    print_subsection "UCI Config Analysis"
-    
-    if [[ ! -f "$config_file" ]]; then
-        info "No UCI config file (optional)"
-        return 0
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Basic validation
-    if head -1 "$config_file" | grep -q "^config "; then
-        ok "UCI config format valid"
-    else
-        warn "UCI config may have invalid format"
-    fi
-    
-    # Check for global section
-    if grep -q "config global" "$config_file"; then
-        ok "Has 'global' section"
-    else
-        info "No 'global' section (may be intentional)"
-    fi
-}
-
-# Analyze init script
-analyze_init() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local init_dir="$pkg_dir/root/etc/init.d"
-    
-    print_subsection "Init Script Analysis"
-    
-    # Find init script
-    local init_script=""
-    for pattern in "$init_dir/$name" "$init_dir/$name_u" "$init_dir/luci-app-$name"; do
-        if [[ -f "$pattern" ]]; then
-            init_script="$pattern"
-            break
-        fi
-    done
-    
-    if [[ -z "$init_script" ]]; then
-        info "No init script (optional for LuCI apps)"
-        return 0
-    fi
-    
-    ((STATS[files_checked]++))
-    
-    # Check permissions
-    if [[ ! -x "$init_script" ]]; then
-        warn "Init script not executable"
-        if $DO_FIX; then
-            chmod +x "$init_script"
-            fixed "Made init script executable"
-        fi
-    else
-        ok "Init script executable"
-    fi
-    
-    # Check for required functions
-    local required_funcs=("start" "stop")
-    for func in "${required_funcs[@]}"; do
-        if grep -q "${func}()" "$init_script" || grep -q "${func}_service" "$init_script"; then
-            debug "Has $func function"
-        else
-            warn "Missing $func function"
-        fi
-    done
-}
-
-# Cross-reference check
-analyze_cross_references() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    
-    print_subsection "Cross-Reference Check"
-    
-    local issues=0
-    
-    # Check RPCD <-> ACL consistency
-    local rpcd_script="$pkg_dir/root/usr/libexec/rpcd/$name"
-    local acl_file="$pkg_dir/root/usr/share/rpcd/acl.d/luci-app-${name}.json"
-    
-    if [[ -f "$rpcd_script" && -f "$acl_file" ]]; then
-        # Extract methods from RPCD
-        local rpcd_methods=$(grep -oE '\b[a-z_]+\)' "$rpcd_script" 2>/dev/null | tr -d ')' | sort -u)
-        
-        # Check if they're in ACL
-        for method in $rpcd_methods; do
-            [[ "$method" == "list" || "$method" == "call" || "$method" == "esac" ]] && continue
-            
-            if ! grep -q "\"$method\"" "$acl_file" 2>/dev/null; then
-                warn "Method '$method' in RPCD but not in ACL"
-                ((issues++))
-            fi
-        done
-    fi
-    
-    # Check Menu <-> View consistency
-    local menu_file="$pkg_dir/root/usr/share/luci/menu.d/luci-app-${name}.json"
-    
-    if [[ -f "$menu_file" ]] && has_cmd jq; then
-        local view_path=$(jq -r '.[keys[0]].action.path // empty' "$menu_file" 2>/dev/null)
-        
-        if [[ -n "$view_path" ]]; then
-            local view_file="$pkg_dir/htdocs/luci-static/resources/view/${view_path}.js"
-            
-            if [[ ! -f "$view_file" ]]; then
-                error "Menu references non-existent view: $view_path"
-                ((issues++))
-            fi
-        fi
-    fi
-    
-    # Check View <-> RPCD consistency
-    local view_files=$(find "$pkg_dir/htdocs" -name "*.js" 2>/dev/null)
-    
-    for view_file in $view_files; do
-        [[ -z "$view_file" ]] && continue
-        
-        # Extract RPC object names
-        local rpc_objects=$(grep -oE "object:\s*['\"][^'\"]+['\"]" "$view_file" 2>/dev/null | grep -oE "'[^']+'" | tr -d "'")
-        
-        for obj in $rpc_objects; do
-            local expected_rpcd="${obj#luci.}"
-            local rpcd_path="$pkg_dir/root/usr/libexec/rpcd/$expected_rpcd"
-            
-            if [[ ! -f "$rpcd_path" ]]; then
-                warn "View uses RPC object '$obj' but RPCD script '$expected_rpcd' not found"
-                ((issues++))
-            fi
-        done
-    done
-    
-    if [[ $issues -eq 0 ]]; then
-        ok "All cross-references valid"
-    fi
-}
-
-# ============================================
-# Generator Functions
-# ============================================
-
-generate_makefile() {
-    local pkg_dir="$1"
-    local name="$2"
-    local makefile="$pkg_dir/Makefile"
-    
-    local title="${MODULES[$name]%%|*}"
-    local depends="${MODULES[$name]##*|}"
-    
-    [[ -z "$title" ]] && title="SecuBox Module"
-    [[ -z "$depends" ]] && depends="+luci-base +rpcd"
-    
-    cat > "$makefile" << EOF
-include \$(TOPDIR)/rules.mk
-
-PKG_NAME:=luci-app-${name}
-PKG_VERSION:=${VERSION}
-PKG_RELEASE:=1
-PKG_LICENSE:=Apache-2.0
-PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
-
-LUCI_TITLE:=LuCI - ${title}
-LUCI_DEPENDS:=${depends}
-LUCI_PKGARCH:=all
-
-include \$(TOPDIR)/feeds/luci/luci.mk
-
-# call BuildPackage - OpenWrt buildroot
-EOF
-    
-    fixed "Generated Makefile"
-}
-
-generate_rpcd() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local rpcd_dir="$pkg_dir/root/usr/libexec/rpcd"
-    local rpcd_script="$rpcd_dir/$name"
-    
-    mkdir -p "$rpcd_dir"
-    
-    cat > "$rpcd_script" << 'RPCD_EOF'
-#!/bin/sh
-# RPCD backend for __NAME__
-# Provides ubus interface: luci.__NAME__
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-MODULE_NAME="__NAME__"
-MODULE_VERSION="__VERSION__"
-UCI_CONFIG="__NAME_U__"
-
-json_init
-
-case "$1" in
-    list)
-        json_add_object "status"
-        json_close_object
-        json_add_object "get_config"
-        json_close_object
-        json_add_object "set_config"
-            json_add_string "config" "object"
-        json_close_object
-        json_add_object "get_stats"
-        json_close_object
-        json_dump
-        ;;
-    
-    call)
-        case "$2" in
-            status)
-                json_add_string "module" "$MODULE_NAME"
-                json_add_string "version" "$MODULE_VERSION"
-                json_add_boolean "enabled" 1
-                json_add_string "status" "running"
-                json_add_string "timestamp" "$(date -Iseconds 2>/dev/null || date)"
-                json_dump
-                ;;
-            
-            get_config)
-                json_add_object "config"
-                if [ -f "/etc/config/$UCI_CONFIG" ]; then
-                    json_add_boolean "enabled" 1
-                else
-                    json_add_boolean "enabled" 0
-                fi
-                json_close_object
-                json_dump
-                ;;
-            
-            set_config)
-                read -r input
-                json_add_boolean "success" 1
-                json_add_string "message" "Configuration updated"
-                json_dump
-                ;;
-            
-            get_stats)
-                json_add_object "stats"
-                json_add_int "uptime" "$(cat /proc/uptime 2>/dev/null | cut -d. -f1 || echo 0)"
-                json_close_object
-                json_dump
-                ;;
-            
-            *)
-                json_add_int "error" -32601
-                json_add_string "message" "Method not found: $2"
-                json_dump
-                ;;
-        esac
-        ;;
-esac
-RPCD_EOF
-    
-    sed -i "s/__NAME__/$name/g" "$rpcd_script"
-    sed -i "s/__NAME_U__/$name_u/g" "$rpcd_script"
-    sed -i "s/__VERSION__/$VERSION/g" "$rpcd_script"
-    
-    chmod +x "$rpcd_script"
-    fixed "Generated RPCD script"
-}
-
-generate_acl() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local acl_dir="$pkg_dir/root/usr/share/rpcd/acl.d"
-    local acl_file="$acl_dir/luci-app-${name}.json"
-    
-    mkdir -p "$acl_dir"
-    
-    cat > "$acl_file" << EOF
-{
-    "luci-app-${name}": {
-        "description": "Grant access to LuCI app ${name}",
-        "read": {
-            "ubus": {
-                "luci.${name}": ["status", "get_config", "get_stats"]
-            },
-            "uci": ["${name_u}"]
-        },
-        "write": {
-            "ubus": {
-                "luci.${name}": ["set_config"]
-            },
-            "uci": ["${name_u}"]
-        }
-    }
-}
-EOF
-    
-    fixed "Generated ACL file"
-}
-
-generate_menu() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local menu_dir="$pkg_dir/root/usr/share/luci/menu.d"
-    local menu_file="$menu_dir/luci-app-${name}.json"
-    
-    mkdir -p "$menu_dir"
-    
-    local title="${MODULES[$name]%%|*}"
-    [[ -z "$title" ]] && title=$(echo "$name" | sed 's/-/ /g' | sed 's/\b\(.\)/\u\1/g')
-    
-    cat > "$menu_file" << EOF
-{
-    "admin/services/${name_u}": {
-        "title": "${title}",
-        "order": 50,
-        "action": {
-            "type": "view",
-            "path": "${name_u}/main"
-        },
-        "depends": {
-            "acl": ["luci-app-${name}"],
-            "uci": {
-                "${name_u}": true
-            }
-        }
-    }
-}
-EOF
-    
-    fixed "Generated Menu file"
-}
-
-generate_view() {
-    local pkg_dir="$1"
-    local name="$2"
-    local name_u=$(to_underscore "$name")
-    local view_dir="$pkg_dir/htdocs/luci-static/resources/view/${name_u}"
-    local view_file="$view_dir/main.js"
-    
-    mkdir -p "$view_dir"
-    
-    local title="${MODULES[$name]%%|*}"
-    [[ -z "$title" ]] && title="$name"
-    
-    cat > "$view_file" << EOF
-'use strict';
-'require view';
-'require rpc';
-'require ui';
-'require form';
-
-var callStatus = rpc.declare({
-    object: 'luci.${name}',
-    method: 'status',
-    expect: { }
-});
-
-return view.extend({
-    load: function() {
-        return Promise.all([
-            callStatus()
-        ]);
-    },
-
-    render: function(data) {
-        var status = data[0] || {};
-        var m, s, o;
-
-        m = new form.Map('${name_u}', _('${title}'),
-            _('SecuBox ${title} module'));
-
-        s = m.section(form.NamedSection, 'global', 'global', _('Status'));
-        s.anonymous = true;
-
-        o = s.option(form.DummyValue, '_status', _('Module Status'));
-        o.rawhtml = true;
-        o.cfgvalue = function() {
-            var running = status.status === 'running';
-            return '<span style="color:' + (running ? 'green' : 'red') + '">' +
-                   (running ? '● Running' : '○ Stopped') + '</span>';
-        };
-
-        o = s.option(form.DummyValue, '_version', _('Version'));
-        o.cfgvalue = function() {
-            return status.version || 'Unknown';
-        };
-
-        return m.render();
-    },
-
-    handleSaveApply: null,
-    handleSave: null,
-    handleReset: null
-});
-EOF
-    
-    fixed "Generated View file"
-}
-
-# ============================================
-# RPC Testing
-# ============================================
-
-test_rpc_local() {
-    local pkg_dir="$1"
-    local name="$2"
-    local rpcd_script="$pkg_dir/root/usr/libexec/rpcd/$name"
-    
-    print_subsection "Local RPC Testing"
-    
-    if [[ ! -f "$rpcd_script" ]]; then
-        error "RPCD script not found"
-        return 1
-    fi
-    
-    if [[ ! -x "$rpcd_script" ]]; then
-        chmod +x "$rpcd_script"
-    fi
-    
-    # Create mock environment
-    local mock_dir=$(mktemp -d)
-    
-    # Mock /lib/functions.sh
-    cat > "$mock_dir/functions.sh" << 'EOF'
-config_load() { :; }
-config_get() { :; }
-config_set() { :; }
-EOF
-    
-    # Mock jshn.sh
-    cat > "$mock_dir/jshn.sh" << 'EOF'
-json_init() { JSON_OUTPUT="{"; JSON_FIRST=1; }
-json_add_string() { 
-    [ "$JSON_FIRST" = 1 ] && JSON_FIRST=0 || JSON_OUTPUT="$JSON_OUTPUT,"
-    JSON_OUTPUT="$JSON_OUTPUT\"$1\":\"$2\""
-}
-json_add_boolean() {
-    [ "$JSON_FIRST" = 1 ] && JSON_FIRST=0 || JSON_OUTPUT="$JSON_OUTPUT,"
-    JSON_OUTPUT="$JSON_OUTPUT\"$1\":$2"
-}
-json_add_int() {
-    [ "$JSON_FIRST" = 1 ] && JSON_FIRST=0 || JSON_OUTPUT="$JSON_OUTPUT,"
-    JSON_OUTPUT="$JSON_OUTPUT\"$1\":$2"
-}
-json_add_object() {
-    [ "$JSON_FIRST" = 1 ] && JSON_FIRST=0 || JSON_OUTPUT="$JSON_OUTPUT,"
-    JSON_OUTPUT="$JSON_OUTPUT\"$1\":{"
-    JSON_FIRST=1
-}
-json_add_array() {
-    [ "$JSON_FIRST" = 1 ] && JSON_FIRST=0 || JSON_OUTPUT="$JSON_OUTPUT,"
-    JSON_OUTPUT="$JSON_OUTPUT\"$1\":["
-    JSON_FIRST=1
-}
-json_close_object() { JSON_OUTPUT="$JSON_OUTPUT}"; JSON_FIRST=0; }
-json_close_array() { JSON_OUTPUT="$JSON_OUTPUT]"; JSON_FIRST=0; }
-json_dump() { echo "$JSON_OUTPUT}"; }
-json_load() { :; }
-json_get_var() { :; }
-EOF
-    
-    # Create wrapper script
-    local wrapper="$mock_dir/wrapper.sh"
-    cat > "$wrapper" << EOF
-#!/bin/sh
-. "$mock_dir/functions.sh"
-. "$mock_dir/jshn.sh"
-EOF
-    
-    # Append the original script (without shebang and includes)
-    tail -n +2 "$rpcd_script" | grep -v '^\. /lib\|^\. /usr/share' >> "$wrapper"
-    chmod +x "$wrapper"
-    
-    # Test 'list' command
-    info "Testing 'list' command..."
-    local list_output=$("$wrapper" list 2>&1)
-    
-    if echo "$list_output" | grep -q '"status"'; then
-        ok "list command works"
-        if $DO_VERBOSE; then
-            echo "$list_output" | head -5 | while read -r line; do
-                debug "  $line"
-            done
-        fi
-    else
-        warn "list command may have issues"
-        debug "Output: $list_output"
-    fi
-    
-    # Test 'call status' command
-    info "Testing 'call status' command..."
-    local status_output=$("$wrapper" call status 2>&1)
-    
-    if echo "$status_output" | grep -qE '"status"|"module"|"version"'; then
-        ok "status method works"
-        if $DO_VERBOSE; then
-            echo "$status_output" | while read -r line; do
-                debug "  $line"
-            done
-        fi
-    else
-        warn "status method may have issues"
-        debug "Output: $status_output"
-    fi
-    
-    # Cleanup
-    rm -rf "$mock_dir"
-}
-
-# ============================================
-# Report Generation
-# ============================================
-
-generate_html_report() {
-    local report_file="$REPORT_DIR/report_${TIMESTAMP}.html"
-    
-    print_section "Generating HTML Report"
-    
-    cat > "$report_file" << 'HTML_HEADER'
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>SecuBox Analysis Report</title>
-    <style>
-        :root { --bg: #0f172a; --card: #1e293b; --border: #334155; --text: #f1f5f9; --green: #22c55e; --yellow: #eab308; --red: #ef4444; --blue: #3b82f6; }
-        * { margin: 0; padding: 0; box-sizing: border-box; }
-        body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; background: var(--bg); color: var(--text); line-height: 1.6; padding: 2rem; }
-        .container { max-width: 1200px; margin: 0 auto; }
-        h1 { font-size: 2rem; margin-bottom: 0.5rem; }
-        .subtitle { color: #94a3b8; margin-bottom: 2rem; }
-        .stats { display: grid; grid-template-columns: repeat(auto-fit, minmax(150px, 1fr)); gap: 1rem; margin-bottom: 2rem; }
-        .stat { background: var(--card); border: 1px solid var(--border); border-radius: 8px; padding: 1rem; text-align: center; }
-        .stat-value { font-size: 2rem; font-weight: bold; }
-        .stat-label { font-size: 0.875rem; color: #94a3b8; }
-        .stat-value.green { color: var(--green); }
-        .stat-value.yellow { color: var(--yellow); }
-        .stat-value.red { color: var(--red); }
-        .section { background: var(--card); border: 1px solid var(--border); border-radius: 8px; padding: 1.5rem; margin-bottom: 1rem; }
-        .section h2 { font-size: 1.25rem; margin-bottom: 1rem; display: flex; align-items: center; gap: 0.5rem; }
-        .issue { padding: 0.75rem; border-radius: 4px; margin-bottom: 0.5rem; display: flex; align-items: flex-start; gap: 0.5rem; }
-        .issue.error { background: rgba(239, 68, 68, 0.1); border-left: 3px solid var(--red); }
-        .issue.warn { background: rgba(234, 179, 8, 0.1); border-left: 3px solid var(--yellow); }
-        .issue .icon { flex-shrink: 0; }
-        .issue .module { color: var(--blue); font-weight: 500; }
-        .issue .message { color: #cbd5e1; }
-        .fix { padding: 0.75rem; background: rgba(34, 197, 94, 0.1); border-left: 3px solid var(--green); border-radius: 4px; margin-bottom: 0.5rem; }
-        .timestamp { color: #64748b; font-size: 0.875rem; margin-top: 2rem; }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <h1>🛡️ SecuBox Analysis Report</h1>
-        <p class="subtitle">Generated: TIMESTAMP_PLACEHOLDER</p>
-        
-        <div class="stats">
-            <div class="stat">
-                <div class="stat-value">MODULES_COUNT</div>
-                <div class="stat-label">Modules</div>
-            </div>
-            <div class="stat">
-                <div class="stat-value">FILES_COUNT</div>
-                <div class="stat-label">Files Checked</div>
-            </div>
-            <div class="stat">
-                <div class="stat-value red">ERRORS_COUNT</div>
-                <div class="stat-label">Errors</div>
-            </div>
-            <div class="stat">
-                <div class="stat-value yellow">WARNINGS_COUNT</div>
-                <div class="stat-label">Warnings</div>
-            </div>
-            <div class="stat">
-                <div class="stat-value green">FIXES_COUNT</div>
-                <div class="stat-label">Fixes Applied</div>
-            </div>
-        </div>
-HTML_HEADER
-    
-    # Issues section
-    if [[ ${#ISSUES[@]} -gt 0 ]]; then
-        echo '<div class="section"><h2>⚠️ Issues Found</h2>' >> "$report_file"
-        
-        for issue in "${ISSUES[@]}"; do
-            local type="${issue%%|*}"
-            local rest="${issue#*|}"
-            local module="${rest%%|*}"
-            local message="${rest#*|}"
-            
-            local class="warn"
-            local icon="⚠️"
-            [[ "$type" == "ERROR" ]] && class="error" && icon="❌"
-            
-            echo "<div class=\"issue $class\"><span class=\"icon\">$icon</span><span class=\"module\">$module:</span><span class=\"message\">$message</span></div>" >> "$report_file"
-        done
-        
-        echo '</div>' >> "$report_file"
-    fi
-    
-    # Fixes section
-    if [[ ${#FIXES_APPLIED[@]} -gt 0 ]]; then
-        echo '<div class="section"><h2>🔧 Fixes Applied</h2>' >> "$report_file"
-        
-        for fix in "${FIXES_APPLIED[@]}"; do
-            local module="${fix%%|*}"
-            local message="${fix#*|}"
-            echo "<div class=\"fix\">✅ <strong>$module:</strong> $message</div>" >> "$report_file"
-        done
-        
-        echo '</div>' >> "$report_file"
-    fi
-    
-    # Footer
-    cat >> "$report_file" << 'HTML_FOOTER'
-        <p class="timestamp">SecuBox Analyzer v__VERSION__</p>
-    </div>
-</body>
-</html>
-HTML_FOOTER
-    
-    # Replace placeholders
-    sed -i "s/TIMESTAMP_PLACEHOLDER/$(date)/g" "$report_file"
-    sed -i "s/MODULES_COUNT/${STATS[modules]}/g" "$report_file"
-    sed -i "s/FILES_COUNT/${STATS[files_checked]}/g" "$report_file"
-    sed -i "s/ERRORS_COUNT/${STATS[errors]}/g" "$report_file"
-    sed -i "s/WARNINGS_COUNT/${STATS[warnings]}/g" "$report_file"
-    sed -i "s/FIXES_COUNT/${STATS[fixes]}/g" "$report_file"
-    sed -i "s/__VERSION__/$VERSION/g" "$report_file"
-    
-    ok "Report generated: $report_file"
-    
-    # Try to open in browser
-    if has_cmd xdg-open; then
-        xdg-open "$report_file" 2>/dev/null &
-    elif has_cmd open; then
-        open "$report_file" 2>/dev/null &
-    fi
-}
-
-# ============================================
-# Main Analysis
-# ============================================
-
-analyze_module() {
-    local pkg_dir="$1"
-    local name=$(get_module_name "$pkg_dir")
-    
-    current_module="$name"
-    ((STATS[modules]++))
-    
-    print_module_header "$name"
-    
-    # Run all analyses
-    analyze_structure "$pkg_dir" "$name"
-    analyze_makefile "$pkg_dir" "$name"
-    analyze_rpcd "$pkg_dir" "$name"
-    analyze_acl "$pkg_dir" "$name"
-    analyze_menu "$pkg_dir" "$name"
-    analyze_views "$pkg_dir" "$name"
-    analyze_config "$pkg_dir" "$name"
-    analyze_init "$pkg_dir" "$name"
-    analyze_cross_references "$pkg_dir" "$name"
-    
-    # Optional RPC testing
-    if $DO_TEST_RPC; then
-        test_rpc_local "$pkg_dir" "$name"
-    fi
-}
-
-print_summary() {
-    print_section "Analysis Summary"
-    
-    echo ""
-    echo -e "  ${BOLD}Modules analyzed:${NC}  ${STATS[modules]}"
-    echo -e "  ${BOLD}Files checked:${NC}     ${STATS[files_checked]}"
-    echo ""
-    echo -e "  ${RED}Errors:${NC}            ${STATS[errors]}"
-    echo -e "  ${YELLOW}Warnings:${NC}          ${STATS[warnings]}"
-    echo -e "  ${GREEN}Fixes applied:${NC}     ${STATS[fixes]}"
-    echo ""
-    
-    if [[ ${STATS[errors]} -gt 0 ]]; then
-        echo -e "  ${RED}✗ Some errors need attention${NC}"
-        if ! $DO_FIX; then
-            echo -e "    ${DIM}Run with --fix to attempt automatic repairs${NC}"
-        fi
-    elif [[ ${STATS[warnings]} -gt 0 ]]; then
-        echo -e "  ${YELLOW}⚠ Some warnings to review${NC}"
-    else
-        echo -e "  ${GREEN}✓ All modules look good!${NC}"
-    fi
-    
-    echo ""
-    
-    if [[ -n "$log_file" ]]; then
-        echo -e "  ${DIM}Log file: $log_file${NC}"
-    fi
-}
-
-# ============================================
-# CLI
-# ============================================
-
-show_help() {
-    cat << EOF
-${BOLD}SecuBox Source Analyzer v${VERSION}${NC}
-
-Analyze, debug, and fix SecuBox LuCI module sources.
-
-${BOLD}USAGE:${NC}
-    $SCRIPT_NAME [OPTIONS] [MODULE]
-
-${BOLD}OPTIONS:${NC}
-    --fix           Apply automatic fixes for detected issues
-    --report        Generate HTML report
-    --test-rpc      Test RPCD scripts locally (mock environment)
-    --deep          Enable deep analysis
-    --verbose, -v   Show detailed output
-    --help, -h      Show this help
-
-${BOLD}EXAMPLES:${NC}
-    $SCRIPT_NAME                        Analyze all modules
-    $SCRIPT_NAME --fix                  Analyze and fix all modules
-    $SCRIPT_NAME --module vhost-manager Analyze specific module
-    $SCRIPT_NAME --fix --report         Fix and generate report
-    $SCRIPT_NAME --test-rpc             Test RPC scripts locally
-
-${BOLD}ENVIRONMENT:${NC}
-    WORK_DIR        Directory containing luci-app-* packages
-    REPORT_DIR      Directory for reports (default: .secubox-reports)
-
-EOF
-}
-
-parse_args() {
-    while [[ $# -gt 0 ]]; do
-        case "$1" in
-            --fix)
-                DO_FIX=true
-                shift
-                ;;
-            --report)
-                DO_REPORT=true
-                shift
-                ;;
-            --test-rpc)
-                DO_TEST_RPC=true
-                shift
-                ;;
-            --deep)
-                DO_DEEP=true
-                shift
-                ;;
-            --verbose|-v)
-                DO_VERBOSE=true
-                shift
-                ;;
-            --module)
-                TARGET_MODULE="$2"
-                shift 2
-                ;;
-            --help|-h)
-                show_help
-                exit 0
-                ;;
-            -*)
-                echo "Unknown option: $1"
-                show_help
-                exit 1
-                ;;
-            *)
-                TARGET_MODULE="$1"
-                shift
-                ;;
-        esac
-    done
-}
-
-main() {
-    parse_args "$@"
-    
-    print_banner
-    init_logging
-    
-    echo -e "  ${CYAN}Working directory:${NC} $WORK_DIR"
-    echo -e "  ${CYAN}Fix mode:${NC}          $($DO_FIX && echo 'ON' || echo 'OFF')"
-    echo -e "  ${CYAN}Test RPC:${NC}          $($DO_TEST_RPC && echo 'ON' || echo 'OFF')"
-    echo -e "  ${CYAN}Report:${NC}            $($DO_REPORT && echo 'ON' || echo 'OFF')"
-    
-    cd "$WORK_DIR" || exit 1
-    
-    # Find and analyze modules
-    if [[ -n "$TARGET_MODULE" ]]; then
-        local pkg_dir="$WORK_DIR/luci-app-$TARGET_MODULE"
-        [[ ! -d "$pkg_dir" ]] && pkg_dir="$WORK_DIR/$TARGET_MODULE"
-        
-        if [[ -d "$pkg_dir" ]]; then
-            analyze_module "$pkg_dir"
-        else
-            error "Module not found: $TARGET_MODULE"
-            exit 1
-        fi
-    else
-        for pkg_dir in luci-app-*/; do
-            [[ -d "$pkg_dir" ]] && analyze_module "${pkg_dir%/}"
-        done
-    fi
-    
-    # Generate report if requested
-    $DO_REPORT && generate_html_report
-    
-    # Print summary
-    print_summary
-    
-    # Exit code
-    [[ ${STATS[errors]} -gt 0 ]] && exit 1
-    exit 0
-}
-
-main "$@"
diff --git a/secubox-debug.sh b/secubox-debug.sh
deleted file mode 100755
index 7d3b898c..00000000
--- a/secubox-debug.sh
+++ /dev/null
@@ -1,421 +0,0 @@
-#!/bin/sh
-# secubox-debug.sh
-# Debug and analysis script for SecuBox LuCI modules RPC/ubus issues
-# 
-# Usage: ./secubox-debug.sh [module-name]
-# Example: ./secubox-debug.sh vhost-manager
-#          ./secubox-debug.sh all
-
-set -e
-
-# Colors
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-CYAN='\033[0;36m'
-NC='\033[0m' # No Color
-
-# SecuBox modules list
-MODULES="
-secubox
-crowdsec-dashboard
-netdata-dashboard
-netifyd-dashboard
-wireguard-dashboard
-network-modes
-client-guardian
-system-hub
-bandwidth-manager
-auth-guardian
-media-flow
-vhost-manager
-cdn-cache
-traffic-shaper
-"
-
-echo ""
-echo "${CYAN}╔══════════════════════════════════════════════════════════════╗${NC}"
-echo "${CYAN}║          SecuBox RPC/UBUS Debug & Analysis Tool              ║${NC}"
-echo "${CYAN}╚══════════════════════════════════════════════════════════════╝${NC}"
-echo ""
-
-# ============================================
-# System Information
-# ============================================
-print_section() {
-    echo ""
-    echo "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
-    echo "${BLUE}  $1${NC}"
-    echo "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
-}
-
-print_ok() {
-    echo "  ${GREEN}✓${NC} $1"
-}
-
-print_warn() {
-    echo "  ${YELLOW}⚠${NC} $1"
-}
-
-print_error() {
-    echo "  ${RED}✗${NC} $1"
-}
-
-print_info() {
-    echo "  ${CYAN}→${NC} $1"
-}
-
-# ============================================
-# Check prerequisites
-# ============================================
-print_section "System Prerequisites"
-
-# Check if running on OpenWrt
-if [ -f /etc/openwrt_release ]; then
-    print_ok "Running on OpenWrt"
-    . /etc/openwrt_release
-    print_info "Version: $DISTRIB_DESCRIPTION"
-else
-    print_warn "Not running on OpenWrt - some checks may fail"
-fi
-
-# Check rpcd
-if pgrep -x rpcd > /dev/null 2>&1; then
-    print_ok "rpcd is running (PID: $(pgrep -x rpcd))"
-else
-    print_error "rpcd is NOT running!"
-    echo "       Try: /etc/init.d/rpcd restart"
-fi
-
-# Check uhttpd
-if pgrep -x uhttpd > /dev/null 2>&1; then
-    print_ok "uhttpd is running"
-else
-    print_warn "uhttpd not running (nginx mode?)"
-fi
-
-# Check ubus socket
-if [ -S /var/run/ubus/ubus.sock ]; then
-    print_ok "ubus socket exists"
-else
-    print_error "ubus socket missing!"
-fi
-
-# ============================================
-# List all ubus objects
-# ============================================
-print_section "Available UBUS Objects"
-
-echo ""
-echo "  All registered ubus objects:"
-echo "  ${CYAN}─────────────────────────────${NC}"
-
-ubus list 2>/dev/null | while read obj; do
-    # Highlight luci objects
-    case "$obj" in
-        luci.*)
-            echo "  ${GREEN}$obj${NC}"
-            ;;
-        *)
-            echo "  $obj"
-            ;;
-    esac
-done
-
-# Count luci objects
-LUCI_COUNT=$(ubus list 2>/dev/null | grep -c "^luci\." || echo "0")
-echo ""
-print_info "Total LuCI objects registered: $LUCI_COUNT"
-
-# ============================================
-# Check SecuBox modules
-# ============================================
-print_section "SecuBox Modules Status"
-
-echo ""
-printf "  ${CYAN}%-25s %-10s %-10s %-10s %-10s${NC}\n" "MODULE" "UBUS" "RPCD" "ACL" "MENU"
-echo "  ─────────────────────────────────────────────────────────────────"
-
-check_module() {
-    local module="$1"
-    local ubus_name="luci.$module"
-    local rpcd_script="/usr/libexec/rpcd/$module"
-    local acl_file="/usr/share/rpcd/acl.d/luci-app-${module}.json"
-    local menu_file="/usr/share/luci/menu.d/luci-app-${module}.json"
-    
-    # Alternative paths
-    local rpcd_script_alt="/usr/libexec/rpcd/luci.$module"
-    local acl_file_alt="/usr/share/rpcd/acl.d/luci-${module}.json"
-    local menu_file_alt="/usr/share/luci/menu.d/luci-${module}.json"
-    
-    # Check ubus
-    local ubus_status="${RED}✗${NC}"
-    if ubus list "$ubus_name" > /dev/null 2>&1; then
-        ubus_status="${GREEN}✓${NC}"
-    fi
-    
-    # Check rpcd script
-    local rpcd_status="${RED}✗${NC}"
-    if [ -x "$rpcd_script" ] || [ -x "$rpcd_script_alt" ]; then
-        rpcd_status="${GREEN}✓${NC}"
-    elif [ -f "$rpcd_script" ] || [ -f "$rpcd_script_alt" ]; then
-        rpcd_status="${YELLOW}!${NC}"  # exists but not executable
-    fi
-    
-    # Check ACL
-    local acl_status="${RED}✗${NC}"
-    if [ -f "$acl_file" ] || [ -f "$acl_file_alt" ]; then
-        acl_status="${GREEN}✓${NC}"
-    fi
-    
-    # Check menu
-    local menu_status="${RED}✗${NC}"
-    if [ -f "$menu_file" ] || [ -f "$menu_file_alt" ]; then
-        menu_status="${GREEN}✓${NC}"
-    fi
-    
-    printf "  %-25s %-18s %-18s %-18s %-18s\n" \
-        "$module" "$ubus_status" "$rpcd_status" "$acl_status" "$menu_status"
-}
-
-for module in $MODULES; do
-    check_module "$module"
-done
-
-echo ""
-echo "  ${CYAN}Legend:${NC} ${GREEN}✓${NC}=OK  ${YELLOW}!${NC}=Issue  ${RED}✗${NC}=Missing"
-
-# ============================================
-# Detailed module analysis
-# ============================================
-TARGET_MODULE="$1"
-
-if [ -n "$TARGET_MODULE" ] && [ "$TARGET_MODULE" != "all" ]; then
-    print_section "Detailed Analysis: $TARGET_MODULE"
-    
-    MODULE="$TARGET_MODULE"
-    UBUS_NAME="luci.$MODULE"
-    
-    echo ""
-    echo "  ${CYAN}UBUS Object: $UBUS_NAME${NC}"
-    echo "  ─────────────────────────────────────"
-    
-    # Check if ubus object exists
-    if ubus list "$UBUS_NAME" > /dev/null 2>&1; then
-        print_ok "Object registered in ubus"
-        
-        echo ""
-        echo "  Available methods:"
-        ubus -v list "$UBUS_NAME" 2>/dev/null | sed 's/^/    /'
-        
-        echo ""
-        echo "  Testing 'status' method:"
-        if ubus call "$UBUS_NAME" status 2>/dev/null; then
-            print_ok "status method works"
-        else
-            print_error "status method failed"
-        fi
-    else
-        print_error "Object NOT registered in ubus"
-        echo ""
-        echo "  ${YELLOW}Troubleshooting steps:${NC}"
-        echo ""
-        
-        # Check RPCD script
-        RPCD_PATHS="
-/usr/libexec/rpcd/$MODULE
-/usr/libexec/rpcd/luci.$MODULE
-/usr/libexec/rpcd/luci-$MODULE
-"
-        echo "  1. Checking RPCD script locations:"
-        FOUND_RPCD=""
-        for path in $RPCD_PATHS; do
-            if [ -f "$path" ]; then
-                FOUND_RPCD="$path"
-                if [ -x "$path" ]; then
-                    print_ok "Found executable: $path"
-                else
-                    print_error "Found but NOT executable: $path"
-                    echo "       ${YELLOW}Fix: chmod +x $path${NC}"
-                fi
-            fi
-        done
-        
-        if [ -z "$FOUND_RPCD" ]; then
-            print_error "No RPCD script found!"
-            echo "       Expected at: /usr/libexec/rpcd/$MODULE"
-        fi
-        
-        # Check ACL file
-        echo ""
-        echo "  2. Checking ACL configuration:"
-        ACL_PATHS="
-/usr/share/rpcd/acl.d/luci-app-${MODULE}.json
-/usr/share/rpcd/acl.d/luci-${MODULE}.json
-/usr/share/rpcd/acl.d/${MODULE}.json
-"
-        FOUND_ACL=""
-        for path in $ACL_PATHS; do
-            if [ -f "$path" ]; then
-                FOUND_ACL="$path"
-                print_ok "Found ACL: $path"
-                
-                # Validate JSON
-                if command -v jsonfilter > /dev/null 2>&1; then
-                    if jsonfilter -i "$path" -e '@' > /dev/null 2>&1; then
-                        print_ok "JSON syntax valid"
-                    else
-                        print_error "Invalid JSON syntax!"
-                    fi
-                fi
-                
-                # Check for correct ubus permission
-                if grep -q "\"$UBUS_NAME\"" "$path" 2>/dev/null; then
-                    print_ok "ACL contains $UBUS_NAME permission"
-                else
-                    print_warn "ACL might be missing $UBUS_NAME permission"
-                fi
-            fi
-        done
-        
-        if [ -z "$FOUND_ACL" ]; then
-            print_error "No ACL file found!"
-        fi
-        
-        # Test RPCD script directly
-        if [ -n "$FOUND_RPCD" ] && [ -x "$FOUND_RPCD" ]; then
-            echo ""
-            echo "  3. Testing RPCD script directly:"
-            
-            # Test list method
-            echo '{"method":"list"}' | "$FOUND_RPCD" 2>&1 | head -20
-        fi
-    fi
-    
-    # Check menu entry
-    echo ""
-    echo "  ${CYAN}Menu Configuration${NC}"
-    echo "  ─────────────────────────────────────"
-    
-    MENU_PATHS="
-/usr/share/luci/menu.d/luci-app-${MODULE}.json
-/usr/share/luci/menu.d/luci-${MODULE}.json
-"
-    for path in $MENU_PATHS; do
-        if [ -f "$path" ]; then
-            print_ok "Found menu: $path"
-            echo ""
-            cat "$path" | sed 's/^/    /'
-        fi
-    done
-fi
-
-# ============================================
-# Common fixes
-# ============================================
-print_section "Common Fixes"
-
-echo ""
-echo "  ${YELLOW}If a module is not working:${NC}"
-echo ""
-echo "  1. ${CYAN}Restart rpcd:${NC}"
-echo "     /etc/init.d/rpcd restart"
-echo ""
-echo "  2. ${CYAN}Check script permissions:${NC}"
-echo "     chmod +x /usr/libexec/rpcd/<module-name>"
-echo ""
-echo "  3. ${CYAN}Validate JSON files:${NC}"
-echo "     jsonfilter -i /usr/share/rpcd/acl.d/luci-app-<module>.json -e '@'"
-echo ""
-echo "  4. ${CYAN}Check rpcd logs:${NC}"
-echo "     logread | grep rpcd"
-echo ""
-echo "  5. ${CYAN}Test ubus manually:${NC}"
-echo "     ubus call luci.<module> status"
-echo ""
-echo "  6. ${CYAN}Reload LuCI:${NC}"
-echo "     rm -rf /tmp/luci-*"
-echo "     /etc/init.d/uhttpd restart"
-echo ""
-
-# ============================================
-# Generate fix script
-# ============================================
-if [ -n "$TARGET_MODULE" ] && [ "$TARGET_MODULE" != "all" ]; then
-    print_section "Auto-Fix Script for $TARGET_MODULE"
-    
-    FIX_SCRIPT="/tmp/fix-${TARGET_MODULE}.sh"
-    
-    cat > "$FIX_SCRIPT" << FIXEOF
-#!/bin/sh
-# Auto-generated fix script for $TARGET_MODULE
-
-echo "Fixing $TARGET_MODULE..."
-
-# Fix permissions
-if [ -f /usr/libexec/rpcd/$TARGET_MODULE ]; then
-    chmod +x /usr/libexec/rpcd/$TARGET_MODULE
-    echo "✓ Fixed permissions for RPCD script"
-fi
-
-if [ -f /usr/libexec/rpcd/luci.$TARGET_MODULE ]; then
-    chmod +x /usr/libexec/rpcd/luci.$TARGET_MODULE
-    echo "✓ Fixed permissions for RPCD script (alt)"
-fi
-
-# Restart rpcd
-/etc/init.d/rpcd restart
-echo "✓ Restarted rpcd"
-
-# Clear LuCI cache
-rm -rf /tmp/luci-*
-echo "✓ Cleared LuCI cache"
-
-# Test
-sleep 2
-if ubus list luci.$TARGET_MODULE > /dev/null 2>&1; then
-    echo "✓ Module $TARGET_MODULE is now registered!"
-    ubus -v list luci.$TARGET_MODULE
-else
-    echo "✗ Module still not working. Check logs:"
-    echo "  logread | grep -i rpcd"
-    echo "  logread | grep -i $TARGET_MODULE"
-fi
-FIXEOF
-    
-    chmod +x "$FIX_SCRIPT"
-    
-    echo ""
-    echo "  Generated fix script: ${GREEN}$FIX_SCRIPT${NC}"
-    echo ""
-    echo "  Run it with: ${CYAN}sh $FIX_SCRIPT${NC}"
-    echo ""
-fi
-
-# ============================================
-# Summary
-# ============================================
-print_section "Quick Commands"
-
-echo ""
-echo "  ${CYAN}Debug specific module:${NC}"
-echo "    ./secubox-debug.sh vhost-manager"
-echo ""
-echo "  ${CYAN}List all ubus objects:${NC}"
-echo "    ubus list | grep luci"
-echo ""
-echo "  ${CYAN}Test RPC call:${NC}"
-echo "    ubus call luci.vhost-manager status"
-echo ""
-echo "  ${CYAN}View RPCD logs:${NC}"
-echo "    logread | grep -E '(rpcd|ubus)'"
-echo ""
-echo "  ${CYAN}Full restart:${NC}"
-echo "    /etc/init.d/rpcd restart && rm -rf /tmp/luci-* && /etc/init.d/uhttpd restart"
-echo ""
-
-echo "${CYAN}╔══════════════════════════════════════════════════════════════╗${NC}"
-echo "${CYAN}║                    Debug Complete                            ║${NC}"
-echo "${CYAN}╚══════════════════════════════════════════════════════════════╝${NC}"
-echo ""
diff --git a/secubox-makefile-fixes.zip b/secubox-makefile-fixes.zip
deleted file mode 100644
index cd380abe4052447e99881c8413597be83c491221..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 7833
zcma)B1yq#V8XXXnmXwt4?(RmqTNq@Jp*uySK}tc8p<9L$k(5SY=nw^@1W5@2X$jwO
zefJ>>_uZLwX3d&4Yk&VfXaC>7&psN;*O1TvXD>eQMB~4{{PzP5KnAb}+JdaWb|6;{
zT^&@wH9j*X@Y!(pLI)rqEnNcukk0<B@jndO-!P~yVA#3e1G530oY;WwZq{t~-GMHa
zV4%ZKXnZ*A*|-E6A6^0la0ZR8cT3a?0RTWi1OS-+4YcZium7*BzoG=_sk&pJBzF78
zgU3qayd=ma3R=n3xO8%qk`p<G&vgaZ>nwkaeP6H36x%IJ>Fw#|*yz)Ufq+p&V^-=7
z=oY-_F=@JO2V%7AUwRtWM4vn&Rxy3=&d&XPo*Xj{Q|^KFK~xWO7mtL2m#d?=A}F;3
z2!f@DajRwvuJ)A49LP?#H`tTX8`_(he3x>Y!mG`z4<KZ%kvC|Xy=zl4e|x@YE|)^H
zyeM9{GV{GGY7Mp#Pg!G1fM&3;DhCo86`#c>lJ_UhM%B{K%*^rG<i&f!v&j~@(3#BA
zJMp&~q3yFGxulfCr1ubVDzO#h^ULym?(NMnnFPNA(pH4$(16(-&^o{C%R<S=VNU{E
zq!bHK_?5TjP7Iko+vy&*SQ@O7Ga=%AoV`vzrg$BXoy1w^w#<rKO4$TjkM-P*a4uNZ
z4>b?UT+P?%{14u4k=x;Sn1dN@(Sip?a!n1VaZc&@)_e`oveL}XHNy0pM(8eINDH8Y
zr6<@DE);v91Moh`<)==_;Tky`SL);p{vJb0jVoLy#BiOk{ag48TDhVONK;jPl@q&u
zNxv9LI`i|UbJSgIu#J>#awu&xPHojSz1t#!{2~6abK=trx9z|lBXbbbtOB>Fw_D(9
zsJ@)52QYPBTXZeE;9-q#NjaaI)|UcFOR}Lv#wx<z#+(4gZyl=EJ{_vYc7?PJF&uL}
z8a7T5uSX;r(8^d{O!_!UQT>*dzdKF{vlRAIOwxi+8y2kC@Pj0DSd<GI@?622c{Kt8
znmXbO?Y8=Ed4$ZScL9M5FR2VDFj~IkILsoEr&U=Bi_{y=@;g3$gHF%0r-Z+NaT*dJ
zlN7*$?mO$8E@r+dyu|4eRDjR3je|cBAXs$60y!jrN9vJt50t>jyE~;ibf<xVAtPRh
z={@PrxMUC1c;)56s77>=Zc1(>=QtZgkhNEln3YwoAs+WuofHqg4mO?0fI3AGOg_p(
zxZnWQO7&qzu533W?vIl4rBqeI?VGb`%3_Esb-*vdmV8+v856P2JTAKytaeM~L*w!i
z=fYw8O*rJ2udF=?-c{JF>>NFRDuy1ema}oCV$N{OTYV(V;fgtg5BmR$dqFB!;Da<<
z)Pgzj>$eFwhTbNdI_)a9bs{q37$6o5MKUeS^51%#r@Ozww(PStNbfk^YsnqE`)u|4
zte2+!HYdB9THd0d@Kg$D!Bc<(k|AFT;{)*%U$1)`ic`1n*>zf6R*u+_XH>*<q~9m>
zF=NE>JL~>Mu81JU6nTG2x3IlK4z}I7Vr~v*6OOS_M(q&+Cn>p?D7yM?fx_2>O6n_$
z=f%U#3Ty5}X=Voz*(tuDb+V6Z&ep+=05(a7qd_gQB@TyzHHq<^@Agrl(@yFY%MkrQ
zqUpXVkCPmP9o{t*k<LWLAk9K+Szy%PsJBV$mS<}swcCY1RWf53-mlVOhjeXy#uTsr
zJ-LdTe8d*f{V-hUbU4S-6Xw|RGPi~W6FXJ;;5;(xYdz!yw)=fI2k;jNTS``O`q?5+
zM06v^qF%(qj{6iu5N*cFhN1+7vK;3LRE;MPjufDo>E=wq<&6mEy5Rav7o?Z3pDXB|
zyM?3IPf@VL1#vd66vY`R2l=$4F<cP)@Imv>pcfQz1vp64R6U3j-)~8OQkH^uLSrAU
zh)0Z1xeyCt^DCwbSlIU7+WnYrP2~`;P#O^1-%0g_G*9B9J=gEcS1DilE^nw-`DsJ!
z<pb~UjM?ra!IKtMl5fif@h9}i^WPa8efXG<(wgVL`bkYAVG*oT7h3lPa^Kk~YQS2u
zCMR-%!~Ql%Zcfbz8Th~sYQ!ToL#_<O=8yFX_PKFrygTE4Xq)QCYZxz*HQ7PTn(4u>
z_YE*m6;hOhmV+IJ^rbXG@#(6za@>e>LPFpCmI}!ajX0Sl;c6{}&&TQ|&n>&L^5Q;4
zX<+J=vE?9j8v2|nBicWC<%9LT0CPPnCp@K}0GUUN>s87%m#2-aZ+)F0N%-Ru6U@WZ
z&>$y%)k?YKRu#;oW(?zY;NGD-^&2HQ-D9%g{+y*({*mKacXs+1xlM<=*#WT;dWp_j
z)b$D?D;<@@1z!5s$8q$uNH%Vqi{W<{bA<!(uy%BHyZB`J2Xph&ft*3(+;``8hs%Nd
zY6o%=`hqa7C~@{w36jKa*k++0B2q<`h>?v_jL3e5+w8+T0V+#jXZ;vEe(L+&Ud($;
zX%Dp6=j%8oSqsML=STqw4HOoUf&~jRKl$7}JpHEI7Reh`lhw;Gx4gkG4Q^t%b}0Xa
zL=UWczlS>NYtY2Zh?H*f3uk-S*GYkaxQe94Eyd;QCr8>7)cub;8Y|Fp=F8-3&1KMU
z>R=>moX9d1RBH@&DGc;T#H|%|B~Rim(04V5eJCQh7MVj-Q|uI`MfFT;?WPlgdz#s8
z*djPh$MB<I8Vh|T6&XE)lM7<nlV;?~GU?iT_ykT>a*R$dnF#Y6LJ9L-%Ns)l=8p$o
zAv{c)Zr<z*73&;c87iS4xz1&@Bg-S)1$eCWIz}^_ZL6Y4-X^_W{9sr=zr7wS2ZHXS
z%KAYirXmC~x1aEtlcoZ8Z}&wuKMY6;GNF43loi|;-P=gNZBgVvZ=pX48fZ3J*t8>Z
zRF<yhzm~G((l)DYW1wD!FYViOCYf_*8SZ=-APqOOT<8D*HvCq%0(-&L@n7@H?rQy)
zfy9G1jI;4u(<sp!aG2mHYT9OMWR$-r5TAxW)*c;MTlEfAiR`UfHG;kVAnt9~M7rp>
zZ}*jA>ekBNdXVtjy;vvM6ZH#N$JvXZrt4PHprEJ3I^2S7{Gf1fbhi>+>$NVYoZwv2
z-+RpdG4%#3Soz(1JW(~O=x;KDLt&h;NU0sH$6C2gshB3=(CXYJRw`N`(^wStA{%wt
z>B-4blX-Xj8c1g<Oy*&Ga2{m?OdPWeMaZqmCA2||Tg(M^ua>$N&B%C$3JC(UCxPt^
z$0Tl(9ft!RKEQIEZoW0<T1N6c4tZl*EX=J%I-*O015KOUN(Fb(<TPGlE=PYO>}&3*
z^>>qCw{{ir5?t<;48d?Ie{N(gLIU|yYuND)LzLY7E85vvZ$gsf09~nSV43+e_h`oT
zK+PW{w|JlCSLrKaHBfFt__s{Th}Il|3PTg>OHqeP3}HPP)m~uO`v-l;(mW;)4t9N)
zCD;d<9hbd$lT|B&O~)K7#lLF4tuP7frjSA51wY|-^XTRvG8uey<UL+uJ?=AU-oBWg
zwK=a8@({AsOhMQgJ+&na<YVLTeglZd<IRgH`2iE6iArS`Ar-}t>oyOKD<=X|E7A2w
z+R7V6lQz`a4lI`^D)s9!7d%I-`;2-=Y``=b*s?Nt(h5<T8pg3<xefBO$F37AqF=sM
zk5M%F>C3vgs#ws3@j~&*-d*1T#_$N&wVfAgX;5m1{`clyYgnm6!ZLD`NkEFZ8uPu^
zS|8>{ukD{ed_C+qORXtpZS|u-EEUmO{9`xMUh$BqjUq9wEK+-bGI~U!K5AFBq{$Ew
zhdw}r*7Wm)Lu&@)DiA3S!!X>s>3fyE@kzwqonq}4)ELyx2xpD@HuoQu=wx$o=e*1F
z_@Q04g61|-!fuiy_ZCqEd+ca`QZwPnJ7HPzgti;+4I^DJO#^jMM_9H9&>@{g9G1@)
zkXQ<1^Eb1tnp+T3cVbgz2n|JEgvnNyS4S^?{6e%OSwvI*pr$l2*m}v`7d};uG?j%c
zSUV$$A9N+VNth{pY&QsDAUS-PkF7q$Y)0+-*JX?!sY=xXHR)W=tuho?-#UVYwjs~s
z^%QLe+R>$Z<E$r%M2zWVg_db3`s!(R@%8n0rc1R9sWfv=EjPWZ6@ng#&evCZ(@)hz
zJEH{puvGQHx>y;82k+(HN~#1#p&x2=eWH7~s{+1-NqFD2;bkGYndqIex}K1si3p02
z1$67V`&f-A4<CW6j5M7aw&<YFgdqN0++<PHZ-V_dNo>9mIYP57(L~3VnASe@<N+QY
zEX4Ysp5mCdvJ29Sr!T(l+*Cuv*ADsq$x_MYSz>Oo^YzrPR2|WWi7nG6IkQc(UfD%N
zeqZIJ&Gog0p|&4#EUhxTYXidB{ZvFD4+39|a<(n4v1YgWFS|gZb@y6I!^J2(wtUQS
zicc#$7v}uKai+>U{V(<+PxL1iPvE^s3mX8ygZH9)b|9dGyAzue@SZJvBjoyj+R=jk
zl*61Xe&fD&>YJgx`vksq=q7Fi5pi#dtdA60OP}0<k{#s|e~>VYZOCP=HK45l&|*7<
zNIJn-npby_XK)00$ko@{l#HBP+P~BHABea<Y;;{rH8gvD#9DsDPC>FdgS;&Nu|UYB
zfn^`JmQLUIZmT>~E*HiaQN19>9177Av5Ps*&R~ytI4m>x(F>);Jj1}y7OoKblWc*g
zmgA*riPLw>+93{0%n7*KQpPM9h+vY?;q`Pk-x7rmsik`g$8mikx7@g*%xHogIK$(y
z{c4EwAFerX8V24aVZf-ZT7wA;l4pCiXDd^BDHR4+vG(w`jShXt+Z62-9dT30S*$w2
zKOO`4i~;)lGrt6Vtf3l{W#XGXK4!|5iK4wDT5I!Y!mKGINHFr4ByY4%W6DY`Iep^g
z!_G9ixx5Hudekfkh85dT#<mk5zrX^zXmDBy+o5wahD3};+tw>&wYCTqjh5jx#28}r
z+Wai`xYykK7?fEypFO@Ge{A2HekzlwJ#H}{T2N+8l4CZKm6n+@lBDh<eaC`ZJIM8e
zE#00Alks?$wg4zSjWYIin~Xz~)q!EOAAy7a>B)vfQ&5hHW;6~CFPeXEH`Xk{0)SV+
zvpSc$@riN!21cJct6=6hc^Lp09D$)i))#*?ypPBbX?fj;&}KBtcYOK=yK>rSqB1TF
znzq%3Wk3N_RErU9qVJT}Zj9BaQW@i~u0+tyPRZu|rmEt#DTyt?Uh*E-nCkh;*Up3p
z_6iVm;^q@HJ$p`uCCs;DVPSN)U7zGtBoyGq&X-o?OHW1^yb*3o^5Lh+b#IzcYoD$v
zYqa)kh6SV`7qv3uHc3v4)PQEIsoUC7cVdt^rXC%BE~X#WNaf(`TS!5qvl|ukI|#M`
zEg~^LdJW$JyuyZV@Xq6;y)A@UFY6I&4M$nKOYz{QX`(-^g$lHNk##A_Qt%x}3+m5u
z)zor=P*w)1M<z@q8gl(`rKDz}5-=j2|2PLdoiu#SRs90hwq(+1*VCILM+jsiH23a+
z?shS6*4pz9NWx5DvFRg{cor?2Z#l(1pH_}c*lwUUc6TyoND>{?Yo)s=dC^xiy1i-W
z?|SuMLpZGe?!eQHu(T@IN!Jx-H%waHKK(YmIr*>r5TLDYfZkGQXq94^`cg%0dAH5U
z{ilSMjY%WW&(cxvT;4n*(-5>Zeilz~x8$2ezzx!nMs<=DinP?Po^Ooz07C-|B*ylQ
zuPD<NZzOuMEriV|y9!Bsd>#|Sk?#t<bwI%|T)I6QsW$qtDbrxbC?$b1*(YvRMxaGh
zURFzf-G@m7OSF{mnKR#;kQ|HpUQ&(rxYzpw42ywP+UZfG0u?Ru><#qlNJ62JV?|lU
zCU%d#RP8D!Ch1>mZ&FYCuZwRO4)(MT=Hb;O3wSn#YlZrm+PV0HlMA6YHCmA|{2oW|
z<Qy#1Dy2GEM6*YH*6F<|^5$@{qTt71y~-^7+0hF5QkOmVtaOTOAtb%|QSJ5Wj8929
zy_kWvbo}|=F0f4VzTm~Z=N!B1Q;}~qA2F3eI{q?RKNCiR-!^Jz38Ndx-pLN=_IJW~
zcvlI0Hh!~M=MC}<<HaBXeFZ#xya|Ur+w7fV{Oz{c|NiMO-*yFPnr=(nxIEl;6PU_j
zt&ZagHbT&#ozit3*K<+Yh2Df}UYjF`^RSu^N!2<H6<b{0Q+~%I{RlgyQ1X?r-2Uq5
z)JtEhH`sIeiV*pv@*5_P@qrNKBpMEhdE=yK(?pZmipckk<{>L?zyk>h{Lc&RSUX0H
zgYLqKbj`|n+tCL_-4RhQv&@eJO3H?Dh}C<LW?!TTqA1KQtC}S;6;3Z^$pizDgD`Cp
zIs1fXmyTZYc&^+G1$TwKecXy_y7Ag~!}#^C|5nbSU=n8NhL5AKV+qqYhDMPW1sUrD
zU1Qt#7hfp57Y}(?hpA3&vF1xikYF@SAui}>95!u=4o9tis^PNld~e)srs}Q7uS-d&
z+#(V$QNK0nMW!A;=94OOLZf5yxK+`(MgDX$vIA(hN~Y<_`xGgT2ICu@XbGfrezFHy
zDW;Gf<>aHaIMK8b)h!j^LZ<j+=aC>$IWHey%s%48<6C)(cp4&d+qIM@xLlfkGS)xV
z!)9>s9&kQ&7g5tC@Ehed(>}Dg;Vw&PC1lyAqv~s$cxTz@@u^4MdZY?i=6gj4#vQtH
zg4FpOQ^Xa_K#}khu%Pq3Ph-NP>+`JPCqk3RI8nzOr?e<wky4B7%%@K}-Pt`eD_CpU
z>5{K^jXW_oZwW)5THBjjjo)23%y_=k^u<>+{N=+p*rX850-V|rxXo+d3v%KZ81Rkl
zQyRBviFL4+q%Ev}My885h~!6j@P1E#>%M*3wSi_8%Ld1l!KA4U^)-={iI8ekw!W-h
z(b3SFY^aDrUu*{jCgJUOc?M~|Dc{KMh{r?v`@|b>9cf*EiaMoS+QXS|P=F;cIg?mw
z+INeoQHZ7p+)IRKQqKLM5K_jpdbHmk5@lM0rv+9>BxZaMau!;kg2cJU<c~uQl4|l_
z8y2v7z1wRlXJkN@&k_hkhCF2-8+8ZcLiysolGlq(TpcUx?{BvhuhBi%?6X{-Q$AAO
z=O&P#!);dSF^yc}GaX0i81|sDAM<}U>x0MG8<eZFYiV|9ePbBR88obqjCjOt>ZeZr
zDK|cyEPV4-E@_1iQSXVPBZ7_EZ40kPrsW}#4i%^N1FXrxRE;@2^rvVIBC>;V!tywG
z6&@tt;DPb<ut3rVONcvaTVo8R6p0)Zdr7r5TuBoQTa52^SKL12ijkRtW)g5_I>xRe
z=z%1uT;G6o*)hLH_?RWA(8u&|>#RHb$L&rVWWCSl3DApHh#(%ovx_?=58x~1l<BIN
zZLpI6fvBO3fJlDrssjt6{~ldn1J<R^zW#3q2M>Lae;!}_(OAy${ye<+6;Jj8-jzog
z@G_SkW1N*a-)>$!$oN?Xo+<!x12X<inZMiIU#zYy_j8v1jN5-@Wev|U&S&X=tS$@R
z;mj@#-p`r+8NL6?4EAqJU0`=*$)D{0%!Gesmj!pxm$18#5W{I*nhu}S`ZFK?mDb_^
zt#N_Rm9>8I`7_J>l~3*UOZl89n{YChrkdwu{>(LhC4+V29}8Sya%G{*?@lVfuS_~n
zE-iF1JNxIG_Nq|sS3Xpz|DwzVR+k=co=@LdkGPl>{aWr2PW{j12)-znq((nG*?CL2
zxa<2BHRLAX@;%@`0smZtKONVvi(mn-{<l#&JK=@nUFyBg>Hq1ze!bBA3wVD|>n~pH
WsshMxUBm4h{QVvo0C@Qq=6?Xas72cV

diff --git a/secubox-repair.sh b/secubox-repair.sh
deleted file mode 100755
index 9128543f..00000000
--- a/secubox-repair.sh
+++ /dev/null
@@ -1,1109 +0,0 @@
-#!/bin/bash
-#
-# secubox-repair.sh
-# =================
-# Script générique pour vérifier et réparer tous les modules SecuBox
-# Exécuter depuis Linux sur le dossier contenant les packages luci-app-*
-#
-# Usage:
-#   ./secubox-repair.sh                    # Vérification seulement
-#   ./secubox-repair.sh --fix              # Vérification + réparation
-#   ./secubox-repair.sh --fix --deploy     # + déploiement sur routeur
-#   ./secubox-repair.sh --help             # Aide
-#
-# Auteur: CyberMind.fr
-# License: Apache-2.0
-#
-
-set -e
-
-# ============================================
-# Configuration
-# ============================================
-VERSION="2.0.0"
-SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
-WORK_DIR="${SCRIPT_DIR}"
-
-# Router SSH config (modifiable)
-ROUTER_HOST="${ROUTER_HOST:-192.168.1.1}"
-ROUTER_USER="${ROUTER_USER:-root}"
-ROUTER_PORT="${ROUTER_PORT:-22}"
-
-# Colors
-RED='\033[0;31m'
-GREEN='\033[0;32m'
-YELLOW='\033[1;33m'
-BLUE='\033[0;34m'
-CYAN='\033[0;36m'
-MAGENTA='\033[0;35m'
-BOLD='\033[1m'
-NC='\033[0m'
-
-# Counters
-ERRORS=0
-WARNINGS=0
-FIXES=0
-MODULES_CHECKED=0
-
-# Options
-DO_FIX=false
-DO_DEPLOY=false
-VERBOSE=false
-
-# ============================================
-# SecuBox Modules Definition
-# ============================================
-declare -A MODULE_INFO=(
-    ["secubox"]="SecuBox Hub|Central dashboard for all modules|+luci-base +rpcd +curl +jq"
-    ["crowdsec-dashboard"]="CrowdSec Dashboard|Collaborative threat intelligence|+luci-base +rpcd +crowdsec"
-    ["netdata-dashboard"]="Netdata Dashboard|Real-time system monitoring|+luci-base +rpcd +netdata"
-    ["netifyd-dashboard"]="Netifyd Dashboard|Deep packet inspection|+luci-base +rpcd +netifyd"
-    ["wireguard-dashboard"]="WireGuard Dashboard|VPN management with QR codes|+luci-base +rpcd +wireguard-tools +qrencode"
-    ["network-modes"]="Network Modes|Network topology switcher|+luci-base +rpcd"
-    ["client-guardian"]="Client Guardian|NAC and captive portal|+luci-base +rpcd +nodogsplash"
-    ["system-hub"]="System Hub|System control center|+luci-base +rpcd"
-    ["bandwidth-manager"]="Bandwidth Manager|QoS and quota management|+luci-base +rpcd +tc-full +kmod-sched-cake"
-    ["auth-guardian"]="Auth Guardian|OAuth and voucher portal|+luci-base +rpcd +curl"
-    ["media-flow"]="Media Flow|Streaming detection|+luci-base +rpcd +netifyd"
-    ["vhost-manager"]="VHost Manager|Reverse proxy and SSL|+luci-base +rpcd +nginx-ssl"
-    ["cdn-cache"]="CDN Cache|Local content cache|+luci-base +rpcd +nginx"
-    ["traffic-shaper"]="Traffic Shaper|Advanced traffic control|+luci-base +rpcd +tc-full"
-)
-
-# ============================================
-# Helper Functions
-# ============================================
-print_header() {
-    echo ""
-    echo -e "${CYAN}╔══════════════════════════════════════════════════════════════════════╗${NC}"
-    echo -e "${CYAN}║${NC}  ${BOLD}$1${NC}"
-    echo -e "${CYAN}╚══════════════════════════════════════════════════════════════════════╝${NC}"
-}
-
-print_section() {
-    echo ""
-    echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
-    echo -e "${BLUE}  $1${NC}"
-    echo -e "${BLUE}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${NC}"
-}
-
-print_module() {
-    echo ""
-    echo -e "${MAGENTA}┌──────────────────────────────────────────────────────────────────────┐${NC}"
-    echo -e "${MAGENTA}│${NC}  📦 ${BOLD}$1${NC}"
-    echo -e "${MAGENTA}└──────────────────────────────────────────────────────────────────────┘${NC}"
-}
-
-ok() {
-    echo -e "  ${GREEN}✓${NC} $1"
-}
-
-warn() {
-    echo -e "  ${YELLOW}⚠${NC} $1"
-    ((WARNINGS++))
-}
-
-error() {
-    echo -e "  ${RED}✗${NC} $1"
-    ((ERRORS++))
-}
-
-info() {
-    echo -e "  ${CYAN}→${NC} $1"
-}
-
-fixed() {
-    echo -e "  ${GREEN}🔧${NC} $1"
-    ((FIXES++))
-}
-
-verbose() {
-    if $VERBOSE; then
-        echo -e "  ${CYAN}  $1${NC}"
-    fi
-}
-
-# ============================================
-# Validation Functions
-# ============================================
-
-# Validate JSON file
-validate_json() {
-    local file="$1"
-    if command -v jq &> /dev/null; then
-        if jq empty "$file" 2>/dev/null; then
-            return 0
-        else
-            return 1
-        fi
-    elif command -v python3 &> /dev/null; then
-        if python3 -c "import json; json.load(open('$file'))" 2>/dev/null; then
-            return 0
-        else
-            return 1
-        fi
-    else
-        # Can't validate, assume OK
-        return 0
-    fi
-}
-
-# Validate JavaScript file
-validate_js() {
-    local file="$1"
-    if command -v node &> /dev/null; then
-        if node --check "$file" 2>/dev/null; then
-            return 0
-        else
-            return 1
-        fi
-    else
-        # Basic syntax check with grep
-        if grep -qE '(function|const|let|var|class|import|export)' "$file"; then
-            return 0
-        else
-            return 1
-        fi
-    fi
-}
-
-# ============================================
-# Check Functions
-# ============================================
-
-check_makefile() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local makefile="$pkg_dir/Makefile"
-    
-    info "Checking Makefile..."
-    
-    if [[ ! -f "$makefile" ]]; then
-        error "Makefile missing!"
-        if $DO_FIX; then
-            generate_makefile "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    # Check required fields
-    local required_fields=("PKG_NAME" "PKG_VERSION" "PKG_RELEASE" "PKG_LICENSE")
-    local missing_fields=()
-    
-    for field in "${required_fields[@]}"; do
-        if ! grep -q "^${field}:=" "$makefile"; then
-            missing_fields+=("$field")
-        fi
-    done
-    
-    if [[ ${#missing_fields[@]} -gt 0 ]]; then
-        warn "Missing fields: ${missing_fields[*]}"
-    fi
-    
-    # Check PKG_NAME matches directory
-    local makefile_pkg_name=$(grep "^PKG_NAME:=" "$makefile" | cut -d'=' -f2)
-    if [[ "$makefile_pkg_name" != "luci-app-$pkg_name" ]]; then
-        error "PKG_NAME mismatch: expected 'luci-app-$pkg_name', got '$makefile_pkg_name'"
-        if $DO_FIX; then
-            sed -i "s/^PKG_NAME:=.*/PKG_NAME:=luci-app-$pkg_name/" "$makefile"
-            fixed "PKG_NAME corrected"
-        fi
-    fi
-    
-    # Check for luci.mk include
-    if ! grep -q 'include.*feeds/luci/luci\.mk' "$makefile"; then
-        if grep -q 'include.*package\.mk' "$makefile"; then
-            warn "Uses package.mk instead of luci.mk (may be intentional)"
-        else
-            error "Missing include for luci.mk"
-            if $DO_FIX; then
-                generate_makefile "$pkg_dir" "$pkg_name"
-            fi
-        fi
-    else
-        ok "Makefile valid with luci.mk"
-    fi
-    
-    return 0
-}
-
-check_rpcd_script() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local rpcd_dir="$pkg_dir/root/usr/libexec/rpcd"
-    local rpcd_script="$rpcd_dir/$pkg_name"
-    
-    info "Checking RPCD script..."
-    
-    # Check for rpcd directory
-    if [[ ! -d "$rpcd_dir" ]]; then
-        warn "RPCD directory missing: $rpcd_dir"
-        if $DO_FIX; then
-            mkdir -p "$rpcd_dir"
-            fixed "Created RPCD directory"
-        fi
-    fi
-    
-    # Check for rpcd script
-    if [[ ! -f "$rpcd_script" ]]; then
-        error "RPCD script missing: $rpcd_script"
-        if $DO_FIX; then
-            generate_rpcd_script "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    # Check if executable
-    if [[ ! -x "$rpcd_script" ]]; then
-        warn "RPCD script not executable"
-        if $DO_FIX; then
-            chmod +x "$rpcd_script"
-            fixed "Made RPCD script executable"
-        fi
-    fi
-    
-    # Check shebang
-    local first_line=$(head -1 "$rpcd_script")
-    if [[ "$first_line" != "#!/bin/sh" && "$first_line" != "#!/bin/bash" ]]; then
-        warn "RPCD script missing proper shebang"
-    fi
-    
-    # Check for required functions
-    if ! grep -q 'json_init\|json_add' "$rpcd_script"; then
-        warn "RPCD script may be missing JSON functions"
-    fi
-    
-    # Check list and call handlers
-    if ! grep -q 'case.*list' "$rpcd_script"; then
-        error "RPCD script missing 'list' handler"
-    fi
-    
-    if ! grep -q 'case.*call' "$rpcd_script"; then
-        error "RPCD script missing 'call' handler"
-    fi
-    
-    # Check for status method
-    if ! grep -q 'status' "$rpcd_script"; then
-        warn "RPCD script missing 'status' method"
-    fi
-    
-    ok "RPCD script exists"
-    return 0
-}
-
-check_acl_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local acl_dir="$pkg_dir/root/usr/share/rpcd/acl.d"
-    local acl_file="$acl_dir/luci-app-${pkg_name}.json"
-    
-    info "Checking ACL file..."
-    
-    # Check for acl directory
-    if [[ ! -d "$acl_dir" ]]; then
-        warn "ACL directory missing"
-        if $DO_FIX; then
-            mkdir -p "$acl_dir"
-            fixed "Created ACL directory"
-        fi
-    fi
-    
-    # Check for acl file
-    if [[ ! -f "$acl_file" ]]; then
-        error "ACL file missing: $acl_file"
-        if $DO_FIX; then
-            generate_acl_file "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    # Validate JSON
-    if ! validate_json "$acl_file"; then
-        error "ACL file has invalid JSON syntax"
-        if $DO_FIX; then
-            generate_acl_file "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    # Check for correct ubus permission
-    local ubus_name="luci.$pkg_name"
-    if ! grep -q "$ubus_name" "$acl_file"; then
-        warn "ACL may be missing '$ubus_name' permission"
-        if $DO_FIX; then
-            generate_acl_file "$pkg_dir" "$pkg_name"
-        fi
-    fi
-    
-    ok "ACL file valid"
-    return 0
-}
-
-check_menu_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local menu_dir="$pkg_dir/root/usr/share/luci/menu.d"
-    local menu_file="$menu_dir/luci-app-${pkg_name}.json"
-    
-    info "Checking Menu file..."
-    
-    # Check for menu directory
-    if [[ ! -d "$menu_dir" ]]; then
-        warn "Menu directory missing"
-        if $DO_FIX; then
-            mkdir -p "$menu_dir"
-            fixed "Created Menu directory"
-        fi
-    fi
-    
-    # Check for menu file
-    if [[ ! -f "$menu_file" ]]; then
-        error "Menu file missing: $menu_file"
-        if $DO_FIX; then
-            generate_menu_file "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    # Validate JSON
-    if ! validate_json "$menu_file"; then
-        error "Menu file has invalid JSON syntax"
-        if $DO_FIX; then
-            generate_menu_file "$pkg_dir" "$pkg_name"
-        fi
-        return 1
-    fi
-    
-    ok "Menu file valid"
-    return 0
-}
-
-check_view_files() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local view_dir="$pkg_dir/htdocs/luci-static/resources/view"
-    
-    info "Checking View files..."
-    
-    # Check htdocs structure
-    if [[ ! -d "$pkg_dir/htdocs/luci-static/resources" ]]; then
-        warn "htdocs structure missing"
-        if $DO_FIX; then
-            mkdir -p "$pkg_dir/htdocs/luci-static/resources/view/${pkg_name//-/_}"
-            fixed "Created htdocs structure"
-        fi
-    fi
-    
-    # Find JS view files
-    local js_files=$(find "$pkg_dir/htdocs" -name "*.js" 2>/dev/null | wc -l)
-    if [[ $js_files -eq 0 ]]; then
-        warn "No JavaScript view files found"
-        if $DO_FIX; then
-            generate_view_file "$pkg_dir" "$pkg_name"
-        fi
-    else
-        # Validate each JS file
-        while IFS= read -r js_file; do
-            if [[ -n "$js_file" ]]; then
-                if validate_js "$js_file"; then
-                    verbose "Valid: $js_file"
-                else
-                    error "Invalid JS syntax: $js_file"
-                fi
-            fi
-        done < <(find "$pkg_dir/htdocs" -name "*.js" 2>/dev/null)
-        ok "Found $js_files JavaScript view file(s)"
-    fi
-    
-    return 0
-}
-
-check_config_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local config_dir="$pkg_dir/root/etc/config"
-    local config_file="$config_dir/$pkg_name_underscore"
-    
-    info "Checking UCI config..."
-    
-    if [[ ! -d "$config_dir" ]]; then
-        if $DO_FIX; then
-            mkdir -p "$config_dir"
-        fi
-    fi
-    
-    if [[ ! -f "$config_file" ]]; then
-        warn "UCI config missing (optional)"
-        if $DO_FIX; then
-            generate_config_file "$pkg_dir" "$pkg_name"
-        fi
-    else
-        ok "UCI config exists"
-    fi
-    
-    return 0
-}
-
-check_malformed_dirs() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    
-    info "Checking for malformed directories..."
-    
-    # Check for {htdocs or other malformed dirs
-    local malformed=$(find "$pkg_dir" -type d -name '{*' 2>/dev/null)
-    
-    if [[ -n "$malformed" ]]; then
-        error "Found malformed directories:"
-        echo "$malformed" | while read -r dir; do
-            echo "    - $dir"
-            if $DO_FIX; then
-                rm -rf "$dir"
-                fixed "Removed: $dir"
-            fi
-        done
-    else
-        ok "No malformed directories"
-    fi
-    
-    return 0
-}
-
-check_permissions() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    
-    info "Checking file permissions..."
-    
-    local files_fixed=0
-    
-    # RPCD scripts
-    while IFS= read -r script; do
-        if [[ -n "$script" && ! -x "$script" ]]; then
-            warn "Not executable: $script"
-            if $DO_FIX; then
-                chmod +x "$script"
-                ((files_fixed++))
-            fi
-        fi
-    done < <(find "$pkg_dir" -path "*/usr/libexec/rpcd/*" -type f 2>/dev/null)
-    
-    # Init scripts
-    while IFS= read -r script; do
-        if [[ -n "$script" && ! -x "$script" ]]; then
-            warn "Not executable: $script"
-            if $DO_FIX; then
-                chmod +x "$script"
-                ((files_fixed++))
-            fi
-        fi
-    done < <(find "$pkg_dir" -path "*/etc/init.d/*" -type f 2>/dev/null)
-    
-    # UCI defaults
-    while IFS= read -r script; do
-        if [[ -n "$script" && ! -x "$script" ]]; then
-            warn "Not executable: $script"
-            if $DO_FIX; then
-                chmod +x "$script"
-                ((files_fixed++))
-            fi
-        fi
-    done < <(find "$pkg_dir" -path "*/etc/uci-defaults/*" -type f 2>/dev/null)
-    
-    if [[ $files_fixed -gt 0 ]]; then
-        fixed "Fixed permissions on $files_fixed file(s)"
-    else
-        ok "Permissions OK"
-    fi
-    
-    return 0
-}
-
-# ============================================
-# Generate Functions
-# ============================================
-
-generate_makefile() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local makefile="$pkg_dir/Makefile"
-    
-    # Get module info
-    local info="${MODULE_INFO[$pkg_name]}"
-    local title=$(echo "$info" | cut -d'|' -f1)
-    local desc=$(echo "$info" | cut -d'|' -f2)
-    local depends=$(echo "$info" | cut -d'|' -f3)
-    
-    # Defaults if not in MODULE_INFO
-    title="${title:-SecuBox Module}"
-    desc="${desc:-SecuBox LuCI application}"
-    depends="${depends:-+luci-base +rpcd}"
-    
-    cat > "$makefile" << MAKEFILE_EOF
-include \$(TOPDIR)/rules.mk
-
-PKG_NAME:=luci-app-${pkg_name}
-PKG_VERSION:=${VERSION}
-PKG_RELEASE:=1
-PKG_LICENSE:=Apache-2.0
-PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
-
-LUCI_TITLE:=LuCI - ${title}
-LUCI_DESCRIPTION:=${desc}
-LUCI_DEPENDS:=${depends}
-LUCI_PKGARCH:=all
-
-include \$(TOPDIR)/feeds/luci/luci.mk
-
-# call BuildPackage - OpenWrt buildroot
-MAKEFILE_EOF
-    
-    fixed "Generated Makefile"
-}
-
-generate_rpcd_script() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local rpcd_dir="$pkg_dir/root/usr/libexec/rpcd"
-    local rpcd_script="$rpcd_dir/$pkg_name"
-    
-    mkdir -p "$rpcd_dir"
-    
-    cat > "$rpcd_script" << 'RPCD_EOF'
-#!/bin/sh
-# RPCD backend for PKG_NAME_PLACEHOLDER
-# Provides ubus interface: luci.PKG_NAME_PLACEHOLDER
-
-. /lib/functions.sh
-. /usr/share/libubox/jshn.sh
-
-# Configuration
-MODULE_NAME="PKG_NAME_PLACEHOLDER"
-MODULE_VERSION="VERSION_PLACEHOLDER"
-UCI_CONFIG="PKG_NAME_UNDERSCORE_PLACEHOLDER"
-
-# Initialize JSON output
-json_init
-
-case "$1" in
-    list)
-        # List available methods
-        json_add_object "status"
-        json_close_object
-        
-        json_add_object "get_config"
-        json_close_object
-        
-        json_add_object "set_config"
-            json_add_string "config" "object"
-        json_close_object
-        
-        json_add_object "get_stats"
-        json_close_object
-        
-        json_dump
-        ;;
-    
-    call)
-        case "$2" in
-            status)
-                # Return module status
-                json_add_string "module" "$MODULE_NAME"
-                json_add_string "version" "$MODULE_VERSION"
-                json_add_boolean "enabled" 1
-                json_add_string "status" "running"
-                json_add_string "timestamp" "$(date -Iseconds 2>/dev/null || date)"
-                json_dump
-                ;;
-            
-            get_config)
-                # Return current configuration
-                json_add_object "config"
-                
-                if [ -f "/etc/config/$UCI_CONFIG" ]; then
-                    config_load "$UCI_CONFIG"
-                    json_add_boolean "enabled" 1
-                else
-                    json_add_boolean "enabled" 0
-                fi
-                
-                json_close_object
-                json_dump
-                ;;
-            
-            set_config)
-                # Set configuration
-                read -r input
-                
-                # Parse and apply config
-                # uci set $UCI_CONFIG...
-                # uci commit $UCI_CONFIG
-                
-                json_add_boolean "success" 1
-                json_add_string "message" "Configuration updated"
-                json_dump
-                ;;
-            
-            get_stats)
-                # Return statistics
-                json_add_object "stats"
-                json_add_int "uptime" "$(cat /proc/uptime 2>/dev/null | cut -d. -f1 || echo 0)"
-                json_add_string "timestamp" "$(date -Iseconds 2>/dev/null || date)"
-                json_close_object
-                json_dump
-                ;;
-            
-            *)
-                json_add_int "error" -32601
-                json_add_string "message" "Method not found: $2"
-                json_dump
-                ;;
-        esac
-        ;;
-    
-    *)
-        echo "Usage: $0 {list|call}" >&2
-        exit 1
-        ;;
-esac
-RPCD_EOF
-    
-    # Replace placeholders
-    sed -i "s/PKG_NAME_PLACEHOLDER/$pkg_name/g" "$rpcd_script"
-    sed -i "s/PKG_NAME_UNDERSCORE_PLACEHOLDER/$pkg_name_underscore/g" "$rpcd_script"
-    sed -i "s/VERSION_PLACEHOLDER/$VERSION/g" "$rpcd_script"
-    
-    chmod +x "$rpcd_script"
-    fixed "Generated RPCD script"
-}
-
-generate_acl_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local acl_dir="$pkg_dir/root/usr/share/rpcd/acl.d"
-    local acl_file="$acl_dir/luci-app-${pkg_name}.json"
-    
-    mkdir -p "$acl_dir"
-    
-    cat > "$acl_file" << ACL_EOF
-{
-    "luci-app-${pkg_name}": {
-        "description": "Grant access to LuCI app ${pkg_name}",
-        "read": {
-            "ubus": {
-                "luci.${pkg_name}": [
-                    "status",
-                    "get_config",
-                    "get_stats"
-                ]
-            },
-            "uci": ["${pkg_name_underscore}"]
-        },
-        "write": {
-            "ubus": {
-                "luci.${pkg_name}": [
-                    "set_config"
-                ]
-            },
-            "uci": ["${pkg_name_underscore}"]
-        }
-    }
-}
-ACL_EOF
-    
-    fixed "Generated ACL file"
-}
-
-generate_menu_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local menu_dir="$pkg_dir/root/usr/share/luci/menu.d"
-    local menu_file="$menu_dir/luci-app-${pkg_name}.json"
-    
-    mkdir -p "$menu_dir"
-    
-    # Generate title from pkg_name
-    local title=$(echo "$pkg_name" | sed 's/-/ /g' | awk '{for(i=1;i<=NF;i++) $i=toupper(substr($i,1,1)) tolower(substr($i,2))}1')
-    
-    # Get from MODULE_INFO if available
-    if [[ -n "${MODULE_INFO[$pkg_name]}" ]]; then
-        title=$(echo "${MODULE_INFO[$pkg_name]}" | cut -d'|' -f1)
-    fi
-    
-    cat > "$menu_file" << MENU_EOF
-{
-    "admin/services/${pkg_name_underscore}": {
-        "title": "${title}",
-        "order": 50,
-        "action": {
-            "type": "view",
-            "path": "${pkg_name_underscore}/main"
-        },
-        "depends": {
-            "acl": ["luci-app-${pkg_name}"],
-            "uci": {
-                "${pkg_name_underscore}": true
-            }
-        }
-    }
-}
-MENU_EOF
-    
-    fixed "Generated Menu file"
-}
-
-generate_view_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local view_dir="$pkg_dir/htdocs/luci-static/resources/view/${pkg_name_underscore}"
-    local view_file="$view_dir/main.js"
-    
-    mkdir -p "$view_dir"
-    
-    # Generate title
-    local title=$(echo "$pkg_name" | sed 's/-/ /g' | awk '{for(i=1;i<=NF;i++) $i=toupper(substr($i,1,1)) tolower(substr($i,2))}1')
-    
-    if [[ -n "${MODULE_INFO[$pkg_name]}" ]]; then
-        title=$(echo "${MODULE_INFO[$pkg_name]}" | cut -d'|' -f1)
-    fi
-    
-    cat > "$view_file" << 'VIEW_EOF'
-'use strict';
-'require view';
-'require rpc';
-'require ui';
-'require form';
-
-var callStatus = rpc.declare({
-    object: 'luci.PKG_NAME_PLACEHOLDER',
-    method: 'status',
-    expect: { }
-});
-
-return view.extend({
-    load: function() {
-        return Promise.all([
-            callStatus()
-        ]);
-    },
-
-    render: function(data) {
-        var status = data[0] || {};
-        var m, s, o;
-
-        m = new form.Map('PKG_NAME_UNDERSCORE_PLACEHOLDER', _('TITLE_PLACEHOLDER'),
-            _('DESCRIPTION_PLACEHOLDER'));
-
-        s = m.section(form.NamedSection, 'status', 'status', _('Status'));
-        s.anonymous = true;
-
-        o = s.option(form.DummyValue, '_status', _('Module Status'));
-        o.rawhtml = true;
-        o.cfgvalue = function() {
-            var running = status.status === 'running';
-            return '<span class="label ' + (running ? 'success' : 'danger') + '">' +
-                   (running ? _('Running') : _('Stopped')) + '</span>';
-        };
-
-        o = s.option(form.DummyValue, '_version', _('Version'));
-        o.cfgvalue = function() {
-            return status.version || 'Unknown';
-        };
-
-        return m.render();
-    },
-
-    handleSaveApply: null,
-    handleSave: null,
-    handleReset: null
-});
-VIEW_EOF
-    
-    # Replace placeholders
-    sed -i "s/PKG_NAME_PLACEHOLDER/$pkg_name/g" "$view_file"
-    sed -i "s/PKG_NAME_UNDERSCORE_PLACEHOLDER/$pkg_name_underscore/g" "$view_file"
-    sed -i "s/TITLE_PLACEHOLDER/$title/g" "$view_file"
-    sed -i "s/DESCRIPTION_PLACEHOLDER/SecuBox $title module/g" "$view_file"
-    
-    fixed "Generated View file"
-}
-
-generate_config_file() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    local pkg_name_underscore="${pkg_name//-/_}"
-    local config_dir="$pkg_dir/root/etc/config"
-    local config_file="$config_dir/$pkg_name_underscore"
-    
-    mkdir -p "$config_dir"
-    
-    cat > "$config_file" << CONFIG_EOF
-config global 'global'
-    option enabled '1'
-    option version '${VERSION}'
-CONFIG_EOF
-    
-    fixed "Generated UCI config"
-}
-
-# ============================================
-# Deploy Functions
-# ============================================
-
-deploy_to_router() {
-    local pkg_dir="$1"
-    local pkg_name="$2"
-    
-    print_section "Deploying $pkg_name to router ($ROUTER_HOST)"
-    
-    # Test SSH connection
-    if ! ssh -q -o ConnectTimeout=5 -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "echo ok" &>/dev/null; then
-        error "Cannot connect to router via SSH"
-        echo "  Check: ROUTER_HOST=$ROUTER_HOST ROUTER_USER=$ROUTER_USER ROUTER_PORT=$ROUTER_PORT"
-        return 1
-    fi
-    
-    ok "SSH connection OK"
-    
-    # Create directories on router
-    info "Creating directories..."
-    ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "mkdir -p /usr/libexec/rpcd /usr/share/rpcd/acl.d /usr/share/luci/menu.d"
-    
-    # Deploy RPCD script
-    local rpcd_script="$pkg_dir/root/usr/libexec/rpcd/$pkg_name"
-    if [[ -f "$rpcd_script" ]]; then
-        info "Deploying RPCD script..."
-        scp -P "$ROUTER_PORT" "$rpcd_script" "$ROUTER_USER@$ROUTER_HOST:/usr/libexec/rpcd/"
-        ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "chmod +x /usr/libexec/rpcd/$pkg_name"
-        ok "RPCD script deployed"
-    fi
-    
-    # Deploy ACL file
-    local acl_file="$pkg_dir/root/usr/share/rpcd/acl.d/luci-app-${pkg_name}.json"
-    if [[ -f "$acl_file" ]]; then
-        info "Deploying ACL file..."
-        scp -P "$ROUTER_PORT" "$acl_file" "$ROUTER_USER@$ROUTER_HOST:/usr/share/rpcd/acl.d/"
-        ok "ACL file deployed"
-    fi
-    
-    # Deploy Menu file
-    local menu_file="$pkg_dir/root/usr/share/luci/menu.d/luci-app-${pkg_name}.json"
-    if [[ -f "$menu_file" ]]; then
-        info "Deploying Menu file..."
-        scp -P "$ROUTER_PORT" "$menu_file" "$ROUTER_USER@$ROUTER_HOST:/usr/share/luci/menu.d/"
-        ok "Menu file deployed"
-    fi
-    
-    # Deploy View files
-    if [[ -d "$pkg_dir/htdocs" ]]; then
-        info "Deploying View files..."
-        ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "mkdir -p /www/luci-static/resources/view"
-        scp -r -P "$ROUTER_PORT" "$pkg_dir/htdocs/luci-static/resources/"* "$ROUTER_USER@$ROUTER_HOST:/www/luci-static/resources/" 2>/dev/null || true
-        ok "View files deployed"
-    fi
-    
-    # Restart rpcd
-    info "Restarting rpcd..."
-    ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "/etc/init.d/rpcd restart"
-    
-    # Clear LuCI cache
-    info "Clearing LuCI cache..."
-    ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "rm -rf /tmp/luci-*"
-    
-    # Test
-    sleep 2
-    info "Testing ubus registration..."
-    if ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "ubus list luci.$pkg_name" &>/dev/null; then
-        ok "luci.$pkg_name is registered!"
-        
-        # Test status call
-        info "Testing status call..."
-        ssh -p "$ROUTER_PORT" "$ROUTER_USER@$ROUTER_HOST" "ubus call luci.$pkg_name status"
-    else
-        error "luci.$pkg_name is NOT registered"
-        echo "  Check logs: ssh $ROUTER_USER@$ROUTER_HOST logread | grep rpcd"
-    fi
-}
-
-# ============================================
-# Main Check Function
-# ============================================
-
-check_module() {
-    local pkg_dir="$1"
-    local pkg_name=$(basename "$pkg_dir" | sed 's/^luci-app-//')
-    
-    print_module "luci-app-$pkg_name"
-    
-    ((MODULES_CHECKED++))
-    
-    # Run all checks
-    check_malformed_dirs "$pkg_dir" "$pkg_name"
-    check_makefile "$pkg_dir" "$pkg_name"
-    check_rpcd_script "$pkg_dir" "$pkg_name"
-    check_acl_file "$pkg_dir" "$pkg_name"
-    check_menu_file "$pkg_dir" "$pkg_name"
-    check_view_files "$pkg_dir" "$pkg_name"
-    check_config_file "$pkg_dir" "$pkg_name"
-    check_permissions "$pkg_dir" "$pkg_name"
-    
-    # Deploy if requested
-    if $DO_DEPLOY; then
-        deploy_to_router "$pkg_dir" "$pkg_name"
-    fi
-}
-
-# ============================================
-# Summary
-# ============================================
-
-print_summary() {
-    print_header "Summary"
-    
-    echo ""
-    echo -e "  ${BOLD}Modules checked:${NC}  $MODULES_CHECKED"
-    echo -e "  ${GREEN}Fixes applied:${NC}    $FIXES"
-    echo -e "  ${YELLOW}Warnings:${NC}         $WARNINGS"
-    echo -e "  ${RED}Errors:${NC}           $ERRORS"
-    echo ""
-    
-    if [[ $ERRORS -gt 0 ]]; then
-        echo -e "  ${RED}⚠ Some errors remain. Run with --fix to repair.${NC}"
-    elif [[ $WARNINGS -gt 0 ]]; then
-        echo -e "  ${YELLOW}⚠ Some warnings. Review and fix manually if needed.${NC}"
-    else
-        echo -e "  ${GREEN}✓ All modules validated successfully!${NC}"
-    fi
-    
-    echo ""
-    
-    if ! $DO_DEPLOY && $DO_FIX; then
-        echo -e "  ${CYAN}Tip: Use --deploy to push fixes to router${NC}"
-        echo ""
-    fi
-}
-
-# ============================================
-# Help
-# ============================================
-
-show_help() {
-    cat << EOF
-${BOLD}SecuBox Module Repair Tool v${VERSION}${NC}
-
-Usage: $0 [OPTIONS] [MODULE_NAME]
-
-Options:
-  --fix         Apply automatic fixes
-  --deploy      Deploy fixed modules to router (requires SSH)
-  --verbose     Show detailed output
-  --help        Show this help
-
-Environment Variables:
-  ROUTER_HOST   Router IP address (default: 192.168.1.1)
-  ROUTER_USER   SSH user (default: root)
-  ROUTER_PORT   SSH port (default: 22)
-
-Examples:
-  $0                              Check all modules
-  $0 --fix                        Check and fix all modules
-  $0 --fix vhost-manager          Fix specific module
-  $0 --fix --deploy               Fix and deploy to router
-  
-  ROUTER_HOST=192.168.8.191 $0 --fix --deploy
-
-EOF
-}
-
-# ============================================
-# Main
-# ============================================
-
-main() {
-    # Parse arguments
-    local target_module=""
-    
-    while [[ $# -gt 0 ]]; do
-        case "$1" in
-            --fix)
-                DO_FIX=true
-                shift
-                ;;
-            --deploy)
-                DO_DEPLOY=true
-                shift
-                ;;
-            --verbose|-v)
-                VERBOSE=true
-                shift
-                ;;
-            --help|-h)
-                show_help
-                exit 0
-                ;;
-            -*)
-                echo "Unknown option: $1"
-                show_help
-                exit 1
-                ;;
-            *)
-                target_module="$1"
-                shift
-                ;;
-        esac
-    done
-    
-    # Header
-    print_header "SecuBox Module Repair Tool v${VERSION}"
-    
-    echo ""
-    echo -e "  ${CYAN}Working directory:${NC} $WORK_DIR"
-    echo -e "  ${CYAN}Fix mode:${NC}          $($DO_FIX && echo 'ON' || echo 'OFF')"
-    echo -e "  ${CYAN}Deploy mode:${NC}       $($DO_DEPLOY && echo 'ON' || echo 'OFF')"
-    
-    if $DO_DEPLOY; then
-        echo -e "  ${CYAN}Router:${NC}            $ROUTER_USER@$ROUTER_HOST:$ROUTER_PORT"
-    fi
-    
-    # Find modules
-    cd "$WORK_DIR"
-    
-    if [[ -n "$target_module" ]]; then
-        # Check specific module
-        local pkg_dir="$WORK_DIR/luci-app-$target_module"
-        if [[ ! -d "$pkg_dir" ]]; then
-            pkg_dir="$WORK_DIR/$target_module"
-        fi
-        
-        if [[ -d "$pkg_dir" ]]; then
-            check_module "$pkg_dir"
-        else
-            error "Module not found: $target_module"
-            exit 1
-        fi
-    else
-        # Check all modules
-        for pkg_dir in luci-app-*/; do
-            if [[ -d "$pkg_dir" ]]; then
-                check_module "${pkg_dir%/}"
-            fi
-        done
-    fi
-    
-    # Summary
-    print_summary
-    
-    # Exit code
-    if [[ $ERRORS -gt 0 ]]; then
-        exit 1
-    fi
-    exit 0
-}
-
-# Run
-main "$@"
diff --git a/test-validate.yml b/test-validate.yml
deleted file mode 100644
index 36a6ad3e..00000000
--- a/test-validate.yml
+++ /dev/null
@@ -1,327 +0,0 @@
-name: Test & Validate Packages
-
-on:
-  push:
-    branches: [main, master, develop]
-  pull_request:
-    branches: [main, master]
-
-jobs:
-  # ============================================
-  # Lint and validate package structure
-  # ============================================
-  lint:
-    runs-on: ubuntu-latest
-    name: Lint & Validate
-    
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install validators
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y shellcheck jq
-
-      - name: Validate Makefile structure
-        run: |
-          echo "📋 Validating Makefile structure..."
-          
-          ERRORS=0
-          
-          for makefile in */Makefile; do
-            if [[ -f "$makefile" ]]; then
-              PKG=$(dirname "$makefile")
-              echo "  🔍 Checking $PKG..."
-              
-              # Required fields
-              REQUIRED_FIELDS=(
-                "PKG_NAME"
-                "PKG_VERSION"
-                "PKG_RELEASE"
-                "PKG_LICENSE"
-                "LUCI_TITLE"
-              )
-              
-              for field in "${REQUIRED_FIELDS[@]}"; do
-                if ! grep -q "^${field}:=" "$makefile"; then
-                  echo "    ❌ Missing: $field"
-                  ERRORS=$((ERRORS + 1))
-                fi
-              done
-              
-              # Check for include statements
-              if ! grep -q "include.*luci.mk\|include.*package.mk" "$makefile"; then
-                echo "    ❌ Missing include statement (luci.mk or package.mk)"
-                ERRORS=$((ERRORS + 1))
-              fi
-            fi
-          done
-          
-          if [[ $ERRORS -gt 0 ]]; then
-            echo "❌ Found $ERRORS errors"
-            exit 1
-          fi
-          echo "✅ All Makefiles valid"
-
-      - name: Validate JSON files
-        run: |
-          echo "📋 Validating JSON files..."
-          
-          ERRORS=0
-          
-          # Find all JSON files
-          while IFS= read -r jsonfile; do
-            echo "  🔍 Checking $jsonfile..."
-            if ! jq empty "$jsonfile" 2>/dev/null; then
-              echo "    ❌ Invalid JSON"
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -name "*.json" -type f)
-          
-          if [[ $ERRORS -gt 0 ]]; then
-            echo "❌ Found $ERRORS JSON errors"
-            exit 1
-          fi
-          echo "✅ All JSON files valid"
-
-      - name: Validate JavaScript syntax
-        run: |
-          echo "📋 Validating JavaScript files..."
-          
-          # Install node for syntax check
-          curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
-          sudo apt-get install -y nodejs
-          
-          ERRORS=0
-          
-          while IFS= read -r jsfile; do
-            echo "  🔍 Checking $jsfile..."
-            if ! node --check "$jsfile" 2>/dev/null; then
-              echo "    ❌ Syntax error"
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -name "*.js" -type f)
-          
-          if [[ $ERRORS -gt 0 ]]; then
-            echo "❌ Found $ERRORS JavaScript errors"
-            exit 1
-          fi
-          echo "✅ All JavaScript files valid"
-
-      - name: Validate shell scripts
-        run: |
-          echo "📋 Validating shell scripts..."
-          
-          ERRORS=0
-          
-          # Check RPCD scripts
-          while IFS= read -r script; do
-            echo "  🔍 Checking $script..."
-            if ! shellcheck -s sh "$script"; then
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -path "*/rpcd/*" -type f -executable)
-          
-          # Check init scripts
-          while IFS= read -r script; do
-            echo "  🔍 Checking $script..."
-            if ! shellcheck -s sh "$script"; then
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -path "*/init.d/*" -type f)
-          
-          if [[ $ERRORS -gt 0 ]]; then
-            echo "⚠️ Found $ERRORS shellcheck warnings (non-blocking)"
-          fi
-          echo "✅ Shell script validation complete"
-
-      - name: Check file permissions
-        run: |
-          echo "📋 Checking file permissions..."
-          
-          ERRORS=0
-          
-          # RPCD scripts should be executable
-          while IFS= read -r script; do
-            if [[ ! -x "$script" ]]; then
-              echo "  ❌ Not executable: $script"
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -path "*/usr/libexec/rpcd/*" -type f 2>/dev/null)
-          
-          # Init scripts should be executable
-          while IFS= read -r script; do
-            if [[ ! -x "$script" ]]; then
-              echo "  ❌ Not executable: $script"
-              ERRORS=$((ERRORS + 1))
-            fi
-          done < <(find . -path "*/etc/init.d/*" -type f 2>/dev/null)
-          
-          if [[ $ERRORS -gt 0 ]]; then
-            echo "❌ Found $ERRORS permission errors"
-            exit 1
-          fi
-          echo "✅ File permissions correct"
-
-      - name: Validate package structure
-        run: |
-          echo "📋 Validating package structure..."
-          
-          for pkg in luci-app-*/; do
-            if [[ -d "$pkg" ]]; then
-              echo "  📦 Checking $pkg..."
-              
-              # Required directories/files
-              REQUIRED=(
-                "Makefile"
-              )
-              
-              # Optional but recommended
-              RECOMMENDED=(
-                "htdocs/luci-static/resources"
-                "root/usr/share/luci/menu.d"
-                "root/usr/share/rpcd/acl.d"
-              )
-              
-              for req in "${REQUIRED[@]}"; do
-                if [[ ! -e "${pkg}${req}" ]]; then
-                  echo "    ❌ Missing required: $req"
-                  exit 1
-                fi
-              done
-              
-              for rec in "${RECOMMENDED[@]}"; do
-                if [[ ! -e "${pkg}${rec}" ]]; then
-                  echo "    ⚠️ Missing recommended: $rec"
-                fi
-              done
-            fi
-          done
-          
-          echo "✅ Package structure valid"
-
-  # ============================================
-  # Quick build test on x86_64
-  # ============================================
-  test-build:
-    runs-on: ubuntu-latest
-    name: Test Build (x86_64)
-    needs: lint
-    
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y \
-            build-essential clang flex bison g++ gawk \
-            gcc-multilib g++-multilib gettext git libncurses5-dev \
-            libssl-dev python3-setuptools python3-dev rsync unzip zlib1g-dev wget
-
-      - name: Cache OpenWrt SDK
-        uses: actions/cache@v4
-        id: cache-sdk
-        with:
-          path: ~/sdk
-          key: openwrt-sdk-23.05.5-x86-64-test
-
-      - name: Download OpenWrt SDK
-        if: steps.cache-sdk.outputs.cache-hit != 'true'
-        run: |
-          SDK_URL="https://downloads.openwrt.org/releases/23.05.5/targets/x86/64"
-          SDK_FILE=$(curl -sL "$SDK_URL/" | grep -oP 'openwrt-sdk[^"]+\.tar\.xz' | head -1)
-          
-          wget -q "${SDK_URL}/${SDK_FILE}" -O /tmp/sdk.tar.xz
-          mkdir -p ~/sdk
-          tar -xf /tmp/sdk.tar.xz -C ~/sdk --strip-components=1
-
-      - name: Prepare SDK
-        run: |
-          cd ~/sdk
-          ./scripts/feeds update -a
-          ./scripts/feeds install -a
-          make defconfig
-
-      - name: Copy packages
-        run: |
-          mkdir -p ~/sdk/package/secubox
-          
-          for pkg in luci-app-*/; do
-            if [[ -d "$pkg" ]]; then
-              cp -r "$pkg" ~/sdk/package/secubox/
-            fi
-          done
-
-      - name: Build test
-        run: |
-          cd ~/sdk
-          
-          # Enable packages
-          for pkg in ~/sdk/package/secubox/*/; do
-            PKG_NAME=$(basename "$pkg")
-            echo "CONFIG_PACKAGE_${PKG_NAME}=m" >> .config
-          done
-          
-          make defconfig
-          
-          # Build with timeout
-          timeout 30m make package/secubox/compile V=s -j$(nproc) || {
-            echo "⚠️ Build timeout or error"
-            exit 1
-          }
-
-      - name: Verify output
-        run: |
-          echo "📋 Built packages:"
-          find ~/sdk/bin -name "*.ipk" -exec ls -la {} \;
-          
-          PKG_COUNT=$(find ~/sdk/bin -name "*.ipk" | wc -l)
-          echo "📦 Total packages built: $PKG_COUNT"
-          
-          if [[ $PKG_COUNT -eq 0 ]]; then
-            echo "❌ No packages were built!"
-            exit 1
-          fi
-
-  # ============================================
-  # Generate documentation
-  # ============================================
-  docs:
-    runs-on: ubuntu-latest
-    name: Generate Docs
-    needs: lint
-    
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Generate package list
-        run: |
-          echo "# SecuBox Packages" > PACKAGES.md
-          echo "" >> PACKAGES.md
-          echo "| Package | Version | Description |" >> PACKAGES.md
-          echo "|---------|---------|-------------|" >> PACKAGES.md
-          
-          for makefile in luci-app-*/Makefile; do
-            if [[ -f "$makefile" ]]; then
-              PKG_NAME=$(grep "^PKG_NAME:=" "$makefile" | cut -d'=' -f2)
-              PKG_VERSION=$(grep "^PKG_VERSION:=" "$makefile" | cut -d'=' -f2)
-              PKG_TITLE=$(grep "^LUCI_TITLE:=" "$makefile" | cut -d'=' -f2-)
-              
-              echo "| $PKG_NAME | $PKG_VERSION | $PKG_TITLE |" >> PACKAGES.md
-            fi
-          done
-          
-          echo "" >> PACKAGES.md
-          echo "Generated: $(date -u +%Y-%m-%dT%H:%M:%SZ)" >> PACKAGES.md
-          
-          cat PACKAGES.md
-
-      - name: Upload docs
-        uses: actions/upload-artifact@v4
-        with:
-          name: documentation
-          path: PACKAGES.md