feat(ai-insights,tor-shield): KISS cyberpunk theme and domain exclusions

AI Insights Dashboard: - Rewrite CSS with KISS cyberpunk theme (dark bg, neon accents, glowing effects) - Fix CVE feed RPCD for OpenWrt/BusyBox compatibility (date format, JSON building) - Add wget fallback for CVE fetch Tor Shield: - Add excluded_domains support for bypassing Tor routing - Resolve domains via nslookup and add to iptables RETURN rules - Default exclusions: openwrt.org, downloads.openwrt.org, services.nvd.nist.gov Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-12 10:00:38 +01:00 · 2026-02-12 10:00:38 +01:00 · e364595b16
commit e364595b16
parent 040b69ad1d
4 changed files with 504 additions and 127 deletions
--- a/package/secubox/luci-app-ai-insights/htdocs/luci-static/resources/ai-insights/dashboard.css
+++ b/package/secubox/luci-app-ai-insights/htdocs/luci-static/resources/ai-insights/dashboard.css
@ -1,90 +1,159 @@
-/* AI Insights Dashboard Styles */
+/**
 * AI Insights Dashboard - KISS Cyberpunk Theme
 * File: dashboard.css
 * Version: 2.0.0
 */
 /* CSS Variables - Cyberpunk Palette */
 .ai-view {
-	max-width: 1200px;
+	--cyber-bg-primary: #0a0a0f;
-	margin: 0 auto;
+	--cyber-bg-secondary: #141419;
-	padding: 1rem;
+	--cyber-bg-elevated: rgba(255, 255, 255, 0.05);
 	--cyber-bg-tertiary: rgba(255, 255, 255, 0.03);
 	--cyber-text-primary: #e4e4e7;
 	--cyber-text-secondary: #a1a1aa;
 	--cyber-text-tertiary: #71717a;
 	--cyber-border-subtle: rgba(255, 255, 255, 0.08);
 	--cyber-border-default: rgba(255, 255, 255, 0.15);
 	--cyber-accent-primary: #667eea;
 	--cyber-accent-gradient: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
 	--cyber-success: #00d4aa;
 	--cyber-warning: #f59e0b;
 	--cyber-danger: #ef4444;
 	--cyber-info: #06b6d4;
 	--cyber-caution: #f97316;
 }
 .ai-view {
 	max-width: 1400px;
 	margin: 0 auto;
 	padding: 1.5rem;
 	background: var(--cyber-bg-primary);
 	min-height: calc(100vh - 120px);
 	color: var(--cyber-text-primary);
 	font-family: 'Inter', -apple-system, BlinkMacSystemFont, sans-serif;
 }
 /* Header */
 .ai-header {
 	display: flex;
 	justify-content: space-between;
 	align-items: center;
 	margin-bottom: 1.5rem;
 	padding-bottom: 1rem;
-	border-bottom: 1px solid var(--border-color-medium, #ddd);
+	border-bottom: 1px solid var(--cyber-border-subtle);
 }
 .ai-title {
 	font-size: 1.5rem;
-	font-weight: 600;
+	font-weight: 700;
 	background: var(--cyber-accent-gradient);
 	-webkit-background-clip: text;
 	-webkit-text-fill-color: transparent;
 	background-clip: text;
 	letter-spacing: -0.02em;
 }
 .ai-status {
 	display: flex;
 	align-items: center;
 	gap: 0.5rem;
 	font-size: 0.875rem;
 	color: var(--cyber-text-secondary);
 }
 /* Status Dot */
 .ai-dot {
-	width: 10px;
+	width: 8px;
-	height: 10px;
+	height: 8px;
 	border-radius: 50%;
 	display: inline-block;
 }
 .ai-dot.online {
-	background: #28a745;
+	background: var(--cyber-success);
-	box-shadow: 0 0 6px #28a745;
+	box-shadow: 0 0 8px var(--cyber-success), 0 0 16px rgba(0, 212, 170, 0.3);
 	animation: pulse-glow 2s ease-in-out infinite;
 }
 .ai-dot.offline {
-	background: #dc3545;
+	background: var(--cyber-danger);
 	box-shadow: 0 0 4px var(--cyber-danger);
 }
-/* Posture Card */
+@keyframes pulse-glow {
 	0%, 100% { opacity: 1; }
 	50% { opacity: 0.6; }
 }
 /* Posture Card - Hero Section */
 .ai-posture-card {
 	display: flex;
 	align-items: center;
 	gap: 2rem;
-	padding: 1.5rem 2rem;
+	padding: 1.75rem 2rem;
-	border-radius: 12px;
+	border-radius: 16px;
 	margin-bottom: 1.5rem;
 	color: #fff;
-	background: linear-gradient(135deg, #6c757d 0%, #495057 100%);
+	background: var(--cyber-bg-secondary);
 	border: 1px solid var(--cyber-border-subtle);
 	position: relative;
 	overflow: hidden;
 }
-.ai-posture-card.success {
+.ai-posture-card::before {
-	background: linear-gradient(135deg, #28a745 0%, #1e7e34 100%);
+	content: '';
 	position: absolute;
 	top: 0;
 	left: 0;
 	right: 0;
 	height: 3px;
 	background: var(--cyber-border-subtle);
 }
-.ai-posture-card.warning {
+.ai-posture-card.success::before {
-	background: linear-gradient(135deg, #ffc107 0%, #d39e00 100%);
+	background: linear-gradient(90deg, var(--cyber-success), #00ffcc);
-	color: #212529;
+	box-shadow: 0 0 20px var(--cyber-success);
 }
-.ai-posture-card.caution {
+.ai-posture-card.warning::before {
-	background: linear-gradient(135deg, #fd7e14 0%, #dc6502 100%);
+	background: linear-gradient(90deg, var(--cyber-warning), #ffd700);
 	box-shadow: 0 0 20px var(--cyber-warning);
 }
-.ai-posture-card.danger {
+.ai-posture-card.caution::before {
-	background: linear-gradient(135deg, #dc3545 0%, #bd2130 100%);
+	background: linear-gradient(90deg, var(--cyber-caution), #ff8c00);
 	box-shadow: 0 0 20px var(--cyber-caution);
 }
 .ai-posture-card.danger::before {
 	background: linear-gradient(90deg, var(--cyber-danger), #ff6b6b);
 	box-shadow: 0 0 20px var(--cyber-danger);
 }
 .ai-posture-score {
 	text-align: center;
-	min-width: 100px;
+	min-width: 120px;
 }
 .ai-score-value {
-	font-size: 3rem;
+	font-size: 4rem;
-	font-weight: 700;
+	font-weight: 800;
 	line-height: 1;
 	font-family: 'JetBrains Mono', 'Consolas', monospace;
 }
 .ai-posture-card.success .ai-score-value { color: var(--cyber-success); text-shadow: 0 0 30px var(--cyber-success); }
 .ai-posture-card.warning .ai-score-value { color: var(--cyber-warning); text-shadow: 0 0 30px var(--cyber-warning); }
 .ai-posture-card.caution .ai-score-value { color: var(--cyber-caution); text-shadow: 0 0 30px var(--cyber-caution); }
 .ai-posture-card.danger .ai-score-value { color: var(--cyber-danger); text-shadow: 0 0 30px var(--cyber-danger); }
 .ai-score-label {
-	font-size: 0.85rem;
+	font-size: 0.75rem;
-	opacity: 0.9;
+	text-transform: uppercase;
 	letter-spacing: 0.1em;
 	color: var(--cyber-text-tertiary);
 	margin-top: 0.5rem;
 }
 .ai-posture-info {
@ -94,48 +163,77 @@
 .ai-posture-label {
 	font-size: 1.5rem;
 	font-weight: 600;
-	margin-bottom: 0.25rem;
+	margin-bottom: 0.5rem;
 	color: var(--cyber-text-primary);
 }
 .ai-posture-factors {
-	font-size: 0.9rem;
+	font-size: 0.875rem;
-	opacity: 0.9;
+	color: var(--cyber-text-secondary);
 	line-height: 1.5;
 }
 /* Stats Row */
 .ai-stats {
 	display: grid;
-	grid-template-columns: repeat(auto-fit, minmax(140px, 1fr));
+	grid-template-columns: repeat(auto-fit, minmax(160px, 1fr));
 	gap: 1rem;
 	margin-bottom: 1.5rem;
 }
 .ai-stat {
-	background: var(--background-color-low, #f8f9fa);
+	background: var(--cyber-bg-secondary);
-	border-radius: 8px;
+	border: 1px solid var(--cyber-border-subtle);
-	padding: 1rem;
+	border-radius: 12px;
 	padding: 1.25rem;
 	text-align: center;
-	border-left: 4px solid var(--border-color-medium, #ddd);
+	position: relative;
 	transition: all 0.2s ease;
 }
-.ai-stat.success { border-left-color: #28a745; }
+.ai-stat::before {
-.ai-stat.warning { border-left-color: #ffc107; }
+	content: '';
-.ai-stat.danger { border-left-color: #dc3545; }
+	position: absolute;
 	top: 0;
 	left: 0;
 	right: 0;
 	height: 2px;
 	background: var(--cyber-border-subtle);
 	border-radius: 12px 12px 0 0;
 }
 .ai-stat.success::before { background: var(--cyber-success); box-shadow: 0 0 10px var(--cyber-success); }
 .ai-stat.warning::before { background: var(--cyber-warning); box-shadow: 0 0 10px var(--cyber-warning); }
 .ai-stat.danger::before { background: var(--cyber-danger); box-shadow: 0 0 10px var(--cyber-danger); }
 .ai-stat:hover {
 	border-color: var(--cyber-border-default);
 	transform: translateY(-2px);
 }
 .ai-stat-value {
-	font-size: 1.5rem;
+	font-size: 1.75rem;
 	font-weight: 700;
 	font-family: 'JetBrains Mono', 'Consolas', monospace;
 	color: var(--cyber-text-primary);
 }
 .ai-stat.success .ai-stat-value { color: var(--cyber-success); }
 .ai-stat.warning .ai-stat-value { color: var(--cyber-warning); }
 .ai-stat.danger .ai-stat-value { color: var(--cyber-danger); }
 .ai-stat-label {
-	font-size: 0.85rem;
+	font-size: 0.75rem;
-	color: var(--text-color-low, #666);
+	text-transform: uppercase;
 	letter-spacing: 0.05em;
 	color: var(--cyber-text-tertiary);
 	margin-top: 0.25rem;
 }
 /* Agents Grid */
 .ai-agents-grid {
 	display: grid;
-	grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
+	grid-template-columns: repeat(auto-fit, minmax(280px, 1fr));
 	gap: 1rem;
 	margin-bottom: 1.5rem;
 }
@ -144,24 +242,36 @@
 	display: flex;
 	align-items: center;
 	gap: 1rem;
-	padding: 1rem;
+	padding: 1.25rem;
-	background: var(--background-color-high, #fff);
+	background: var(--cyber-bg-secondary);
-	border: 1px solid var(--border-color-medium, #ddd);
+	border: 1px solid var(--cyber-border-subtle);
-	border-radius: 8px;
+	border-radius: 12px;
-	border-left: 4px solid #6c757d;
+	transition: all 0.2s ease;
 }
 .ai-agent-card:hover {
 	border-color: var(--cyber-border-default);
 	background: var(--cyber-bg-elevated);
 }
 .ai-agent-card.online {
-	border-left-color: #28a745;
+	border-left: 3px solid var(--cyber-success);
 }
 .ai-agent-card.offline {
-	border-left-color: #dc3545;
+	border-left: 3px solid var(--cyber-text-tertiary);
-	opacity: 0.7;
+	opacity: 0.6;
 }
 .ai-agent-icon {
 	font-size: 2rem;
 	width: 48px;
 	height: 48px;
 	display: flex;
 	align-items: center;
 	justify-content: center;
 	background: var(--cyber-bg-elevated);
 	border-radius: 10px;
 }
 .ai-agent-info {
@ -170,39 +280,45 @@
 .ai-agent-name {
 	font-weight: 600;
 	color: var(--cyber-text-primary);
 	margin-bottom: 0.25rem;
 }
 .ai-agent-status {
-	font-size: 0.85rem;
+	font-size: 0.8125rem;
-	color: var(--text-color-low, #666);
+	color: var(--cyber-text-tertiary);
 	display: flex;
 	align-items: center;
 	gap: 0.5rem;
 }
 .ai-agent-alerts {
-	font-size: 0.85rem;
+	font-size: 0.875rem;
 	color: var(--cyber-text-secondary);
 }
 /* Card */
 .ai-card {
-	background: var(--background-color-high, #fff);
+	background: var(--cyber-bg-secondary);
-	border: 1px solid var(--border-color-medium, #ddd);
+	border: 1px solid var(--cyber-border-subtle);
-	border-radius: 8px;
+	border-radius: 12px;
 	margin-bottom: 1rem;
 	overflow: hidden;
 }
 .ai-card-header {
-	padding: 0.75rem 1rem;
+	padding: 1rem 1.25rem;
-	border-bottom: 1px solid var(--border-color-medium, #ddd);
+	border-bottom: 1px solid var(--cyber-border-subtle);
 	font-weight: 600;
 	font-size: 0.9375rem;
 	display: flex;
 	justify-content: space-between;
 	align-items: center;
 	color: var(--cyber-text-primary);
 }
 .ai-card-body {
-	padding: 1rem;
+	padding: 1.25rem;
 }
 /* Actions */
@ -213,22 +329,54 @@
 }
 .ai-btn {
-	padding: 0.5rem 1rem;
+	padding: 0.625rem 1.25rem;
-	border: none;
+	border: 1px solid var(--cyber-border-subtle);
-	border-radius: 4px;
+	border-radius: 8px;
 	cursor: pointer;
-	font-size: 0.9rem;
+	font-size: 0.875rem;
 	font-weight: 500;
 	text-decoration: none;
-	display: inline-block;
+	display: inline-flex;
-	transition: opacity 0.2s;
+	align-items: center;
 	gap: 0.5rem;
 	transition: all 0.2s ease;
 	background: var(--cyber-bg-elevated);
 	color: var(--cyber-text-primary);
 }
-.ai-btn:hover { opacity: 0.85; }
+.ai-btn:hover {
 	border-color: var(--cyber-border-default);
 	transform: translateY(-1px);
 }
-.ai-btn-primary { background: #007bff; color: #fff; }
+.ai-btn-primary {
-.ai-btn-secondary { background: #6c757d; color: #fff; }
+	background: var(--cyber-accent-gradient);
-.ai-btn-info { background: #17a2b8; color: #fff; }
+	border-color: transparent;
-.ai-btn-outline { background: transparent; border: 1px solid #6c757d; color: #6c757d; }
+	color: #fff;
 	box-shadow: 0 4px 12px rgba(102, 126, 234, 0.3);
 }
 .ai-btn-primary:hover {
 	box-shadow: 0 6px 20px rgba(102, 126, 234, 0.4);
 }
 .ai-btn-secondary {
 	background: rgba(102, 126, 234, 0.15);
 	border-color: rgba(102, 126, 234, 0.3);
 	color: var(--cyber-accent-primary);
 }
 .ai-btn-info {
 	background: rgba(6, 182, 212, 0.15);
 	border-color: rgba(6, 182, 212, 0.3);
 	color: var(--cyber-info);
 }
 .ai-btn-outline {
 	background: transparent;
 	border: 1px solid var(--cyber-border-default);
 	color: var(--cyber-text-secondary);
 }
 /* Alerts */
 .ai-alerts-list {
@ -241,18 +389,30 @@
 	display: flex;
 	align-items: center;
 	gap: 0.75rem;
-	padding: 0.75rem;
+	padding: 0.875rem;
-	background: var(--background-color-low, #f8f9fa);
+	background: var(--cyber-bg-tertiary);
-	border-radius: 4px;
+	border-radius: 8px;
-	border-left: 3px solid #6c757d;
+	border-left: 3px solid var(--cyber-border-subtle);
 	transition: background 0.2s ease;
 }
-.ai-alert-item.alert { border-left-color: #ffc107; }
+.ai-alert-item:hover {
-.ai-alert-item.rule { border-left-color: #007bff; }
+	background: var(--cyber-bg-elevated);
-.ai-alert-item.cve { border-left-color: #dc3545; }
+}
 .ai-alert-item.alert { border-left-color: var(--cyber-warning); }
 .ai-alert-item.rule { border-left-color: var(--cyber-info); }
 .ai-alert-item.cve { border-left-color: var(--cyber-danger); }
 .ai-alert-icon {
 	font-size: 1.25rem;
 	width: 36px;
 	height: 36px;
 	display: flex;
 	align-items: center;
 	justify-content: center;
 	background: var(--cyber-bg-secondary);
 	border-radius: 8px;
 }
 .ai-alert-content {
@ -260,32 +420,144 @@
 }
 .ai-alert-source {
-	font-size: 0.8rem;
+	font-size: 0.75rem;
-	color: var(--text-color-low, #666);
+	color: var(--cyber-text-tertiary);
 	text-transform: uppercase;
 	letter-spacing: 0.05em;
 }
 .ai-alert-message {
-	font-size: 0.9rem;
+	font-size: 0.875rem;
 	color: var(--cyber-text-primary);
 }
 .ai-alert-time {
-	font-size: 0.8rem;
+	font-size: 0.75rem;
-	color: var(--text-color-low, #666);
+	color: var(--cyber-text-tertiary);
 	font-family: 'JetBrains Mono', monospace;
 }
 /* CVE List */
 .ai-cve-list {
 	display: flex;
 	flex-direction: column;
 	gap: 0.75rem;
 }
 .ai-cve-item {
 	display: flex;
 	align-items: flex-start;
 	gap: 1rem;
 	padding: 1rem;
 	background: var(--cyber-bg-tertiary);
 	border-radius: 8px;
 	border: 1px solid var(--cyber-border-subtle);
 	transition: all 0.2s ease;
 }
 .ai-cve-item:hover {
 	border-color: var(--cyber-border-default);
 	background: var(--cyber-bg-elevated);
 }
 .ai-cve-score {
 	min-width: 60px;
 	text-align: center;
 	padding: 0.5rem;
 	border-radius: 8px;
 	font-family: 'JetBrains Mono', monospace;
 }
 .ai-cve-score .score-value {
 	font-size: 1.25rem;
 	font-weight: 700;
 	display: block;
 }
 .ai-cve-score .score-label {
 	font-size: 0.625rem;
 	text-transform: uppercase;
 	letter-spacing: 0.05em;
 	opacity: 0.8;
 }
 .ai-cve-score.danger {
 	background: rgba(239, 68, 68, 0.2);
 	color: var(--cyber-danger);
 	border: 1px solid rgba(239, 68, 68, 0.3);
 	box-shadow: 0 0 15px rgba(239, 68, 68, 0.2);
 }
 .ai-cve-score.warning {
 	background: rgba(245, 158, 11, 0.2);
 	color: var(--cyber-warning);
 	border: 1px solid rgba(245, 158, 11, 0.3);
 }
 .ai-cve-score.caution {
 	background: rgba(249, 115, 22, 0.2);
 	color: var(--cyber-caution);
 	border: 1px solid rgba(249, 115, 22, 0.3);
 }
 .ai-cve-score.success {
 	background: rgba(0, 212, 170, 0.2);
 	color: var(--cyber-success);
 	border: 1px solid rgba(0, 212, 170, 0.3);
 }
 .ai-cve-content {
 	flex: 1;
 	min-width: 0;
 }
 .ai-cve-id {
 	margin-bottom: 0.25rem;
 }
 .ai-cve-id a {
 	color: var(--cyber-accent-primary);
 	text-decoration: none;
 	font-weight: 600;
 	font-family: 'JetBrains Mono', monospace;
 }
 .ai-cve-id a:hover {
 	text-decoration: underline;
 }
 .ai-cve-desc {
 	font-size: 0.8125rem;
 	color: var(--cyber-text-secondary);
 	line-height: 1.4;
 }
 .ai-cve-date {
 	font-size: 0.75rem;
 	color: var(--cyber-text-tertiary);
 	font-family: 'JetBrains Mono', monospace;
 	white-space: nowrap;
 }
 /* Badge */
 .ai-badge {
-	display: inline-block;
+	display: inline-flex;
-	padding: 0.2rem 0.5rem;
+	align-items: center;
-	border-radius: 4px;
+	justify-content: center;
 	min-width: 24px;
 	height: 24px;
 	padding: 0 0.5rem;
 	border-radius: 6px;
 	font-size: 0.75rem;
 	font-weight: 600;
-	background: var(--background-color-low, #e9ecef);
+	font-family: 'JetBrains Mono', monospace;
 	background: var(--cyber-bg-elevated);
 	color: var(--cyber-text-secondary);
 }
 .ai-badge.warning {
-	background: #fff3cd;
+	background: rgba(245, 158, 11, 0.2);
-	color: #856404;
+	color: var(--cyber-warning);
 }
 /* Timeline */
@ -297,37 +569,46 @@
 .ai-timeline-item {
 	display: grid;
-	grid-template-columns: 100px 100px 1fr;
+	grid-template-columns: 100px 120px 1fr;
-	gap: 0.5rem;
+	gap: 0.75rem;
-	padding: 0.5rem;
+	padding: 0.75rem;
-	background: var(--background-color-low, #f8f9fa);
+	background: var(--cyber-bg-tertiary);
-	border-radius: 4px;
+	border-radius: 6px;
-	font-size: 0.85rem;
+	font-size: 0.8125rem;
 	border-left: 2px solid var(--cyber-border-subtle);
 }
 .ai-timeline-time {
-	color: var(--text-color-low, #666);
+	color: var(--cyber-text-tertiary);
 	font-family: 'JetBrains Mono', monospace;
 }
 .ai-timeline-source {
 	font-weight: 500;
 	color: var(--cyber-accent-primary);
 }
 .ai-timeline-msg {
 	color: var(--cyber-text-secondary);
 }
 /* Empty state */
 .ai-empty {
-	color: var(--text-color-low, #666);
+	color: var(--cyber-text-tertiary);
 	text-align: center;
-	padding: 2rem;
+	padding: 2.5rem;
 	font-size: 0.875rem;
 }
 /* Loading spinner */
 .spinning::after {
 	content: '';
 	display: inline-block;
 	width: 1em;
 	height: 1em;
 	margin-left: 0.5em;
-	border: 2px solid currentColor;
+	border: 2px solid var(--cyber-border-subtle);
-	border-right-color: transparent;
+	border-right-color: var(--cyber-accent-primary);
 	border-radius: 50%;
 	animation: spin 0.75s linear infinite;
 }
@ -335,3 +616,34 @@
@keyframes spin {
 	to { transform: rotate(360deg); }
 }
 /* Responsive */
@media (max-width: 768px) {
 	.ai-view {
 		padding: 1rem;
 	}
 	.ai-posture-card {
 		flex-direction: column;
 		text-align: center;
 		gap: 1rem;
 		padding: 1.25rem;
 	}
 	.ai-stats {
 		grid-template-columns: repeat(2, 1fr);
 	}
 	.ai-agents-grid {
 		grid-template-columns: 1fr;
 	}
 	.ai-cve-item {
 		flex-direction: column;
 		gap: 0.75rem;
 	}
 	.ai-cve-score {
 		align-self: flex-start;
 	}
 }
--- a/package/secubox/luci-app-ai-insights/root/usr/libexec/rpcd/luci.ai-insights
+++ b/package/secubox/luci-app-ai-insights/root/usr/libexec/rpcd/luci.ai-insights
@ -278,45 +278,73 @@ EOF
 				cache_file="/tmp/cve_feed_cache.json"
 				cache_age=1800
-				# Check cache
+				# Check cache (use ls -l for file age on OpenWrt)
 				if [ -f "$cache_file" ]; then
-					age=$(($(date +%s) - $(stat -c %Y "$cache_file" 2>/dev/null || echo 0)))
+					file_time=$(date -r "$cache_file" +%s 2>/dev/null || echo 0)
-					if [ "$age" -lt "$cache_age" ]; then
+					now=$(date +%s)
 					age=$((now - file_time))
 					if [ "$age" -lt "$cache_age" ] && [ -s "$cache_file" ]; then
 						cat "$cache_file"
 						exit 0
 					fi
 				fi
-				# Fetch from NVD API (last 3 days)
+				# Calculate dates (OpenWrt compatible)
-				start_date=$(date -d "3 days ago" +%Y-%m-%dT00:00:00.000 2>/dev/null || date -u +%Y-%m-%dT00:00:00.000)
+				# 3 days = 259200 seconds
-				end_date=$(date +%Y-%m-%dT23:59:59.999 2>/dev/null || date -u +%Y-%m-%dT23:59:59.999)
+				now=$(date +%s)
 				start_ts=$((now - 259200))
 				# Format: YYYY-MM-DDTHH:MM:SS.000
 				# BusyBox date can format from timestamp with -D
 				start_date=$(date -u -d "@$start_ts" +%Y-%m-%dT00:00:00.000 2>/dev/null)
 				if [ -z "$start_date" ]; then
 					# Fallback: just use current date (NVD will return recent CVEs)
 					start_date=$(date -u +%Y-%m-%dT00:00:00.000)
 				fi
 				end_date=$(date -u +%Y-%m-%dT23:59:59.999)
-				response=$(curl -s --max-time 15 \
+				# Fetch from NVD API - use wget if curl not available
-					"https://services.nvd.nist.gov/rest/json/cves/2.0?pubStartDate=${start_date}&pubEndDate=${end_date}&resultsPerPage=${limit}" 2>/dev/null)
+				nvd_url="https://services.nvd.nist.gov/rest/json/cves/2.0?pubStartDate=${start_date}&pubEndDate=${end_date}&resultsPerPage=${limit}"
-				if [ -n "$response" ]; then
+				if command -v curl >/dev/null 2>&1; then
-					# Parse and format CVEs
+					response=$(curl -s --max-time 20 "$nvd_url" 2>/dev/null)
-					json_init
+				elif command -v wget >/dev/null 2>&1; then
-					json_add_array "cves"
+					response=$(wget -q -O - --timeout=20 "$nvd_url" 2>/dev/null)
 				else
 					echo '{"cves":[],"error":"No HTTP client available"}'
 					exit 0
 				fi
-					echo "$response" | jsonfilter -e '@.vulnerabilities[*]' 2>/dev/null | while read -r vuln; do
+				if [ -n "$response" ] && echo "$response" | grep -q "vulnerabilities"; then
-						cve_id=$(echo "$vuln" | jsonfilter -e '@.cve.id' 2>/dev/null)
+					# Build JSON manually (jshn in while loop doesn't work due to subshell)
-						desc=$(echo "$vuln" | jsonfilter -e '@.cve.descriptions[0].value' 2>/dev/null | head -c 200 | sed 's/"/\\"/g')
+					tmpfile="/tmp/cve_build_$$.json"
-						score=$(echo "$vuln" | jsonfilter -e '@.cve.metrics.cvssMetricV31[0].cvssData.baseScore' 2>/dev/null)
+					echo '{"cves":[' > "$tmpfile"
-						[ -z "$score" ] && score=$(echo "$vuln" | jsonfilter -e '@.cve.metrics.cvssMetricV2[0].cvssData.baseScore' 2>/dev/null)
+					first=1
 					# Parse each vulnerability
 					total=$(echo "$response" | jsonfilter -e '@.totalResults' 2>/dev/null)
 					[ -z "$total" ] && total=0
 					i=0
 					while [ "$i" -lt "$limit" ] && [ "$i" -lt "$total" ]; do
 						cve_id=$(echo "$response" | jsonfilter -e "@.vulnerabilities[$i].cve.id" 2>/dev/null)
 						[ -z "$cve_id" ] && { i=$((i + 1)); continue; }
 						desc=$(echo "$response" | jsonfilter -e "@.vulnerabilities[$i].cve.descriptions[0].value" 2>/dev/null | head -c 200 | sed 's/"/\\"/g; s/\\/\\\\/g' | tr '\n' ' ')
 						score=$(echo "$response" | jsonfilter -e "@.vulnerabilities[$i].cve.metrics.cvssMetricV31[0].cvssData.baseScore" 2>/dev/null)
 						[ -z "$score" ] && score=$(echo "$response" | jsonfilter -e "@.vulnerabilities[$i].cve.metrics.cvssMetricV2[0].cvssData.baseScore" 2>/dev/null)
 						[ -z "$score" ] && score="0"
-						published=$(echo "$vuln" | jsonfilter -e '@.cve.published' 2>/dev/null | cut -c1-10)
+						published=$(echo "$response" | jsonfilter -e "@.vulnerabilities[$i].cve.published" 2>/dev/null | cut -c1-10)
-						json_add_object ""
+						[ "$first" -eq 0 ] && echo ',' >> "$tmpfile"
-						json_add_string "id" "$cve_id"
+						first=0
-						json_add_string "description" "$desc"
+						printf '{"id":"%s","description":"%s","score":%s,"published":"%s"}' \
-						json_add_double "score" "$score"
+							"$cve_id" "$desc" "$score" "$published" >> "$tmpfile"
-						json_add_string "published" "$published"
+
-						json_close_object
+						i=$((i + 1))
 					done
-					json_close_array
+					echo ']}' >> "$tmpfile"
-					json_dump > "$cache_file"
+					mv "$tmpfile" "$cache_file"
 					cat "$cache_file"
 				else
 					echo '{"cves":[],"error":"Failed to fetch CVE feed"}'
--- a/package/secubox/secubox-app-tor/files/etc/config/tor-shield
+++ b/package/secubox/secubox-app-tor/files/etc/config/tor-shield
@ -50,6 +50,10 @@ config transparent 'trans'
 	list excluded_ips '10.0.0.0/8'
 	list excluded_ips '172.16.0.0/12'
 	list excluded_ips '127.0.0.0/8'
 	# Domains excluded from Tor routing (for opkg, NTP, etc)
 	list excluded_domains 'downloads.openwrt.org'
 	list excluded_domains 'openwrt.org'
 	list excluded_domains 'services.nvd.nist.gov'
 config bridges 'bridges'
 	option enabled '0'
--- a/package/secubox/secubox-app-tor/files/etc/init.d/tor-shield
+++ b/package/secubox/secubox-app-tor/files/etc/init.d/tor-shield
@ -202,6 +202,9 @@ setup_iptables() {
 	# Exclude local networks
 	config_list_foreach trans excluded_ips add_excluded_ip
 	# Exclude domains (resolve to IP and bypass Tor)
 	config_list_foreach trans excluded_domains add_excluded_domain
 	# Redirect DNS if enabled
 	if [ "$dns_over_tor" = "1" ]; then
 		iptables -t nat -A TOR_SHIELD -p udp --dport 53 -j REDIRECT --to-ports $dns_port
@ -219,6 +222,7 @@ setup_iptables() {
 		iptables -t filter -A TOR_SHIELD -m owner --uid-owner $tor_uid -j ACCEPT
 		iptables -t filter -A TOR_SHIELD -d 127.0.0.0/8 -j ACCEPT
 		config_list_foreach trans excluded_ips add_excluded_filter_ip
 		config_list_foreach trans excluded_domains add_excluded_domain_filter
 		# Allow response packets for inbound connections (HAProxy, etc)
 		iptables -t filter -A TOR_SHIELD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
 		iptables -t filter -A TOR_SHIELD -j REJECT
@ -291,6 +295,35 @@ add_excluded_lan_ip() {
 	iptables -t nat -A TOR_SHIELD_LAN -d "$1" -j RETURN
 }
 # Resolve domain to IP and exclude from Tor routing
 add_excluded_domain() {
 	local domain="$1"
 	[ -z "$domain" ] && return
 	# Resolve IPv4 addresses using nslookup (available on OpenWrt)
 	local ips=$(nslookup "$domain" 2>/dev/null | tail -n+3 | grep "Address" | awk '{print $2}' | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$')
 	if [ -n "$ips" ]; then
 		for ip in $ips; do
 			iptables -t nat -A TOR_SHIELD -d "$ip" -j RETURN
 			logger -t tor-shield "Excluded domain $domain -> $ip"
 		done
 	else
 		logger -t tor-shield "Warning: Could not resolve domain $domain"
 	fi
 }
 add_excluded_domain_filter() {
 	local domain="$1"
 	[ -z "$domain" ] && return
 	local ips=$(nslookup "$domain" 2>/dev/null | tail -n+3 | grep "Address" | awk '{print $2}' | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$')
 	for ip in $ips; do
 		iptables -t filter -A TOR_SHIELD -d "$ip" -j ACCEPT
 	done
 }
 setup_lan_proxy() {
 	local lan_proxy
 	config_get lan_proxy trans lan_proxy '0'