secubox-openwrt

gandalf/secubox-openwrt

Fork 0

Commit Graph

Author	SHA1	Message	Date
CyberMind-FR	b5567ff747	fix(secubox-auth-logger): Simplify log format for CrowdSec parsing - v1.2.1: Remove timestamp generation (ucode time functions unavailable) - Use simple format: secubox-auth[1]: authentication failure for... - Update parser to use raw line parsing with custom label type - Change acquisition from type:syslog to type:secubox-auth Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 15:55:30 +01:00
CyberMind-FR	22b344225c	feat(secubox-auth-logger): Add LuCI auth failure detection - Add CGI hook to capture client IP during failed auth attempts - Add JavaScript hook to intercept ubus session.login failures - Add rpcd plugin for ubus-based auth logging - Update CrowdSec parser for case-insensitive matching - Inject JS hook into LuCI theme headers on install This enables CrowdSec to detect and block brute-force attacks on the LuCI web interface, which previously only logged successful authentications. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 15:07:40 +01:00
CyberMind-FR	3b84c8a047	feat(secubox-auth-logger): Add auth failure monitoring for CrowdSec - Create secubox-auth-logger package to monitor SSH/LuCI auth failures - auth-monitor.sh watches logread for failed password attempts - Supports OpenSSH, Dropbear, and uhttpd/LuCI authentication - Logs failures to syslog with secubox-auth tag for CrowdSec parsing - Fix wizard.js syntax error with computed property names - Remove broken Dropbear verbose config (2024.86 doesn't support -v) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-13 09:35:20 +01:00

Author

SHA1

Message

Date

CyberMind-FR

b5567ff747

fix(secubox-auth-logger): Simplify log format for CrowdSec parsing

- v1.2.1: Remove timestamp generation (ucode time functions unavailable)
- Use simple format: secubox-auth[1]: authentication failure for...
- Update parser to use raw line parsing with custom label type
- Change acquisition from type:syslog to type:secubox-auth

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 15:55:30 +01:00

CyberMind-FR

22b344225c

feat(secubox-auth-logger): Add LuCI auth failure detection

- Add CGI hook to capture client IP during failed auth attempts
- Add JavaScript hook to intercept ubus session.login failures
- Add rpcd plugin for ubus-based auth logging
- Update CrowdSec parser for case-insensitive matching
- Inject JS hook into LuCI theme headers on install

This enables CrowdSec to detect and block brute-force attacks
on the LuCI web interface, which previously only logged
successful authentications.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 15:07:40 +01:00

CyberMind-FR

3b84c8a047

feat(secubox-auth-logger): Add auth failure monitoring for CrowdSec

- Create secubox-auth-logger package to monitor SSH/LuCI auth failures
- auth-monitor.sh watches logread for failed password attempts
- Supports OpenSSH, Dropbear, and uhttpd/LuCI authentication
- Logs failures to syslog with secubox-auth tag for CrowdSec parsing
- Fix wizard.js syntax error with computed property names
- Remove broken Dropbear verbose config (2024.86 doesn't support -v)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-13 09:35:20 +01:00

3 Commits