fix(crowdsec): Auto-enable Dropbear verbose logging for SSH detection

When SSH logging is enabled in the wizard, automatically:
- Set dropbear.@dropbear[0].verbose=1 to log auth failures
- Restart dropbear to apply changes

This ensures CrowdSec can detect SSH brute force attempts.
Without verbose mode, Dropbear doesn't log failed auth to syslog.

Also enable uhttpd syslog when HTTP logging is enabled.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

package/secubox/luci-app-crowdsec-dashboard/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=luci-app-crowdsec-dashboard
 PKG_VERSION:=0.7.0
-PKG_RELEASE:=18
+PKG_RELEASE:=19
 PKG_ARCH:=all
 
 PKG_LICENSE:=Apache-2.0

package/secubox/luci-app-crowdsec-dashboard/root/usr/libexec/rpcd/luci.crowdsec-dashboard

@@ -1364,7 +1364,28 @@ configure_acquisition() {
 	uci commit crowdsec
 	steps_done="${steps_done}Updated UCI settings; "
 
-	# Step 3: Generate acquisition YAML files
+	# Step 3: Enable verbose logging for services that need it
+	# Dropbear SSH needs verbose mode to log authentication failures
+	if [ "$ssh_enabled" = "1" ]; then
+		if uci -q get dropbear.@dropbear[0] >/dev/null 2>&1; then
+			uci set dropbear.@dropbear[0].verbose='1'
+			uci commit dropbear
+			/etc/init.d/dropbear restart >/dev/null 2>&1
+			steps_done="${steps_done}Enabled Dropbear verbose logging; "
+		fi
+	fi
+
+	# Enable uhttpd syslog for HTTP auth logging
+	if [ "$http_enabled" = "1" ]; then
+		if uci -q get uhttpd.main >/dev/null 2>&1; then
+			uci set uhttpd.main.syslog='1'
+			uci commit uhttpd
+			/etc/init.d/uhttpd restart >/dev/null 2>&1
+			steps_done="${steps_done}Enabled uhttpd syslog; "
+		fi
+	fi
+
+	# Step 4: Generate acquisition YAML files
 	# OpenWrt uses logread command instead of /var/log/messages by default
 	# All syslog entries (SSH, firewall, system) go through the same log stream
 	# We create ONE unified acquisition file to avoid multiple logread processes