- Move UCI defaults script for auto-registration to cs-firewall-bouncer
- Remove redundant secubox-app-crowdsec-bouncer wrapper package
- Update luci-app-crowdsec-dashboard reference to new package name
- Increment PKG_RELEASE to 3
The defaults script handles:
- Automatic bouncer registration with CrowdSec LAPI
- Interface detection for LAN/WAN
- API key generation and UCI config update
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Rename crowdsec-firewall-bouncer to secubox-app-cs-firewall-bouncer
- Rename secubox-auth-logger to secubox-app-auth-logger
- Delete secubox-crowdsec-setup (merged into other packages)
- Fix circular dependencies in luci-app-secubox-crowdsec
- Fix dependency chain in secubox-app-crowdsec-bouncer
- Add consolidated get_overview API to crowdsec-dashboard
- Improve crowdsec-dashboard overview performance
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Consolidate multiple dashboard API calls into a single get_overview RPC
method to reduce network overhead and improve page load performance.
The frontend now transforms the consolidated response to maintain
compatibility with existing view logic. Also increases poll interval
from 30s to 60s.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix typo seccubox_logs -> secubox_logs
- Get country data from alerts (source.cn) instead of decisions
- Display CrowdSec logs instead of non-existent secubox.log
- Rename "SecuBox Log Tail" to "CrowdSec Logs"
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Move Debug Console from Client Guardian to System Hub
- Add Auto-Zoning Rules dedicated view in Client Guardian
- Add public pages for Bug Bounty and Crowdfunding (no ACL)
- Fix auth-logger to only detect real login attempts
- Add private IP whitelist for CrowdSec (RFC1918 ranges)
- Update navigation menus across all apps
- Bump secubox-auth-logger to v1.2.2
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Local Protection Mode banner when CAPI unavailable (LAPI still works)
- Save enrollment key to UCI config for future repairs
- Improve text contrast in wizard (better readability)
- Simplify LAPI repair function based on official OpenWrt approach
- Never delete CAPI credentials to avoid rate-limiting
- Add get_settings/save_settings RPC methods
- Bump version to 0.7.0-r27
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add automatic restart after successful console enrollment
- Update wizard UI to inform user about validation on app.crowdsec.net
- Service must restart after enrollment is validated on CrowdSec Console
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Service restarts during bouncer registration and service start can
cause XHR connections to abort. Treat these as success since the
operation likely completed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New wizard approach:
- Automatic health check on load (LAPI, CAPI, Bouncer, nftables, collections)
- Single configuration page with all options visible
- Only repairs what's broken
- No hub update without CAPI connection
- Single "Apply Configuration" button at the end
- Progress bar during apply
- Summary of what was done at completion
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Treat XHR abort as success when CrowdSec restarts after acquisition config
- Auto-advance to Step 5 after brief delay
- Bump to 0.7.0-r21
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- repair_lapi() now removes stale online_api_credentials.yaml and retries
- New repair_capi() function for dedicated CAPI repair
- console_enroll() handles CAPI credential cleanup before retry
- Added repairCapi API method in frontend
- Bump luci-app-crowdsec-dashboard to 0.7.0-r20
- Add openwrt-luci-bf.yaml scenario for LuCI brute force detection
- Add secubox-auth-acquis.yaml acquisition config
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The serviceWarning variable was null when CrowdSec is running, and
LuCI's E() function rendered it as literal "null" text. Fixed by
using empty fragment when no warning needed.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The refreshView() call was aborting the pending configureAcquisition
XHR request by triggering new API calls. Now only updates the button
state without a full view refresh.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Scan ALL nftables sets (CAPI, cscli, etc.) instead of just base set
- Display blocked IPs count by origin (Community vs Local)
- Show sample of blocked IPs with Unban button
- Add ipv4_capi_count, ipv4_cscli_count, ipv4_total_count to API response
- Support for 14,000+ community blocklist IPs
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add health_check API with LAPI/CAPI/Console status verification
- Add capi_metrics API for community blocklist statistics
- Add hub_available, install_hub_item, remove_hub_item APIs
- Add System Health panel to overview with visual status indicators
- Add CAPI Blocklist section showing community vs local decisions
- Add Installed Collections card with version display
- Fix settings.js syntax error (missing comma)
- Fix metrics.js null display in acquisition statistics
- Update ACL file with new RPC method permissions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New features:
- New RPCD method: acquisition_metrics for detailed stats
- Realtime metrics display with 10-second polling
- Visual stat cards: lines read, parsed, unparsed, buckets
- Parse rate progress bar with color coding
- Active acquisition sources badges
- Rate calculation (events/sec) between polls
- Live update indicator with timestamp
API changes:
- Added getAcquisitionMetrics() to API layer
- Added acquisition_metrics to ACL permissions
Bumped version to 0.7.0-17
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Portal (luci-app-secubox-portal):
- Fix service status showing 0/9 by checking if init scripts exist
- Only count installed services in status display
- Use pgrep fallback when init script status fails
nDPId Dashboard (luci-app-ndpid):
- Add default /etc/config/ndpid configuration
- Add /etc/init.d/ndpid-compat init script
- Enable compat service in postinst for app detection
- Fix Makefile to install init script and config
CrowdSec Dashboard:
- Add CLAUDE.md with OpenWrt-specific guidelines (pgrep without -x)
- CSS fixes for hiding LuCI left menu in all views
- LAPI repair improvements with retry logic
New Packages:
- secubox-app-crowdsec: OpenWrt-native CrowdSec package
- secubox-app-netifyd: Netifyd DPI integration
- luci-app-secubox: Core SecuBox hub
- luci-theme-secubox: Custom theme
Removed:
- luci-app-secubox-crowdsec (replaced by crowdsec-dashboard)
- secubox-crowdsec-setup (functionality moved to dashboard)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Complete rewrite of Media Flow dashboard with modern dark theme
- Add inline CSS similar to nDPId dashboard style
- Add stats grid with flow count, stream count, service status
- Add clean cards for active streams display
- Add SecuBox header to CrowdSec overview page
- Fix sidebar visibility in CrowdSec pages
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add recovery/reset mode to CrowdSec wizard for bouncer registration issues
- Handle existing bouncer detection with database-level cleanup fallback
- Fix Media Flow pgrep -x issue and add start/stop service ACL permissions
- Fix duplicate nav bar in CrowdSec wizard with aggressive CSS hiding
- Add shared SecuBox header component for consistent navigation
- Fix all portal app links to match actual menu.d paths
- Add UI switcher between SecuBox Portal and standard LuCI
- Hide OpenWrt header and sidebar in SecuBox mode
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Create nav.js for Client Guardian with SecuBox themed tabs
- Create nav.js for CrowdSec dashboard with themed navigation
- Update all Client Guardian views to use CgNav.renderTabs()
- Update all CrowdSec views to use CsNav.renderTabs()
- Update Client Guardian menu.json paths from /client-guardian/ to /guardian/
- Hide default LuCI tabs via CSS injection for both dashboards
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add console_status, console_enroll, console_disable RPCD methods
- Insert Console enrollment as Step 2 in the 7-step wizard
- Add API declarations and ACL permissions for console operations
- Enable share_manual_decisions, share_tainted, share_context by default on enrollment
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add repair_lapi() RPCD method to auto-fix LAPI configuration issues:
- Creates /srv/crowdsec/data directory if missing
- Fixes data_dir and db_path in config.yaml
- Re-registers localhost machine if needed
- Restarts CrowdSec and verifies LAPI is working
- Fix register_bouncer() to handle existing bouncers:
- Deletes existing bouncer before re-registering
- Gets fresh API key on re-registration
- Fix update_firewall_bouncer_config() UCI path:
- Changed from crowdsec.bouncer.$key to crowdsec.@bouncer[0].$key
- Added api_key to allowed parameters
- Rewrite metrics.js with SecuBox cyber-card theming:
- Use Theme.init() for proper theme initialization
- Replace cs-* classes with cyber-* classes
- Add CSS variable fallbacks for light/dark theme support
- Fix hub data parsing for proper component counts
- Add theme require to wizard.js
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Changed form sections from type 'secubox' to match actual UCI config
- General/Dashboard/Module/Notification sections now use type 'core'
- Alert Thresholds section now uses type 'diagnostics'
- Security Settings section now uses type 'security'
- Advanced Settings section uses type 'core'
- Fixes "This section contains no values yet" errors
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Add parseScenario() to format scenario names
- Add getCountryFlag() to display country flag emojis
- Add formatRelativeTime() for relative timestamps
- Fix decisions data flattening in handleUnban, handleBulkUnban, submitBan, and polling
- Fix getDashboardData to properly flatten alerts->decisions structure
- Fix context error in overview renderDecisionsTable (this vs self)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix invisible checkboxes in Step 3 collections:
- Add explicit inline styles to checkbox inputs
- Set width: 18px, height: 18px with cursor: pointer
- Add 'for' attribute to label for better click handling
- Replace null rendering with empty element E([])
- Fixes "null" text appearing on screen
Issue: Collection items not selectable, checkboxes invisible
Cause: Checkboxes may be hidden by browser default styles
Solution: Add explicit inline styles and proper label association
Frontend Changes:
- htdocs/luci-static/resources/view/crowdsec-dashboard/wizard.js
- Add inline styles to checkbox inputs
- Add 'for' attribute linking label to checkbox
- Replace ': null' with ': E([])' to avoid "null" text
Checkboxes now have:
- Explicit dimensions (18x18px)
- Proper cursor styling
- Label association via 'for' attribute
- No more "null" text rendering
Version: 0.6.0-7
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix Next button remaining disabled despite correct status:
- Change renderStep1 to read from data parameter instead of wizardData
- Read status.crowdsec and status.lapi_status from passed data
- Ensures button state reflects actual API response
Issue: Next button not clickable even with LAPI available
Cause: renderStep1 reading from stale wizardData instead of fresh data
Solution: Read from data parameter passed by render()
Frontend Changes:
- htdocs/luci-static/resources/view/crowdsec-dashboard/wizard.js
- renderStep1: Read from data.status instead of this.wizardData
- Extract crowdsecRunning and lapiAvailable from data parameter
Version: 0.6.0-5
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fix missing navigation buttons in wizard:
- Add explicit CSS loading in render() method
- Use L.resource() to load wizard.css
- Inject <link> tag into document head
- Ensures wizard styling is applied
Issue: Navigation buttons (Cancel, Next) not visible
Cause: wizard.css was not being loaded
Solution: Add CSS file loading in render method
Frontend Changes:
- htdocs/luci-static/resources/view/crowdsec-dashboard/wizard.js
- Add CSS link injection in render()
- Load crowdsec-dashboard/wizard.css via L.resource()
Version: 0.6.0-4
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Enhanced CrowdSec Dashboard bouncers page with comprehensive firewall
bouncer management capabilities.
New Features:
- Dedicated Firewall Bouncer management card with 3 status panels:
* Service Status: Running/stopped, boot start enabled/disabled, configured status
* Blocked IPs: Real-time IPv4/IPv6 blocked IP counts with View Details modal
* nftables Status: IPv4/IPv6 table active status
- Service Control Buttons:
* Start/Stop service (contextual based on current state)
* Restart service
* Enable/Disable boot start (contextual)
* Configuration viewer
- Real-time Updates:
* Auto-refresh every 10 seconds via polling
* Manual refresh button
* Live status badge updates
- nftables Details Modal:
* Lists all blocked IPv4 addresses (scrollable)
* Lists all blocked IPv6 addresses (scrollable)
* Shows IPv4/IPv6 rules count
* Formatted with monospace font
- Configuration Viewer Modal:
* Displays all UCI configuration settings
* Shows enabled/disabled status
* Shows IPv4/IPv6 support
* Shows API URL, update frequency, deny action
* Shows deny logging and log prefix
* Shows configured network interfaces
* Handles unconfigured state with installation prompt
UI Enhancements:
- Responsive grid layout for status cards
- Color-coded status indicators (green=active, red=stopped, gray=disabled, yellow=warning)
- Material design badges for all status indicators
- Visual feedback for all operations with notifications
- Loading spinners for async operations
- Professional styling consistent with SecuBox theme
Integration:
- Utilizes new API methods: getFirewallBouncerStatus, controlFirewallBouncer,
getFirewallBouncerConfig, getNftablesStats
- Error handling with user-friendly notifications
- Proper promise chaining and async/await patterns
Technical Details:
- Added renderFirewallBouncerCard() method (125 lines)
- Added handleFirewallBouncerControl() method for service actions
- Added handleFirewallBouncerRefresh() for manual/auto refresh
- Added showNftablesDetails() modal for blocked IPs
- Added showFirewallBouncerConfig() modal for UCI settings
- Enhanced load() to fetch firewall bouncer data
- Updated polling to refresh firewall bouncer status
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Add comprehensive backend support for managing the CrowdSec Firewall Bouncer
through the dashboard with full control and monitoring capabilities.
RPC Backend Enhancements (luci.crowdsec-dashboard):
- get_firewall_bouncer_status: Detailed status (running, enabled, UCI config, nftables)
- control_firewall_bouncer: Service control (start/stop/restart/enable/disable)
- get_firewall_bouncer_config: Read UCI configuration
- update_firewall_bouncer_config: Modify UCI settings
- get_nftables_stats: nftables statistics (blocked IPs, rules count)
API Methods Added (api.js):
- getFirewallBouncerStatus(): Get bouncer status and health
- controlFirewallBouncer(action): Control service lifecycle
- getFirewallBouncerConfig(): Read configuration
- updateFirewallBouncerConfig(key, value): Update settings
- getNftablesStats(): Get firewall statistics
Features:
- Real-time service status monitoring
- nftables table detection (IPv4/IPv6)
- Blocked IP counting
- UCI configuration management
- Service lifecycle control
- Comprehensive error handling
Status Information Provided:
- Service running state
- Init script enabled state
- UCI configuration status
- nftables tables active (crowdsec, crowdsec6)
- Blocked IPv4/IPv6 count
- Rules count per table
Configuration Options Supported:
- enabled, ipv4, ipv6 (boolean)
- api_url, update_frequency, deny_action, log_level (string)
- deny_log, filter_input, filter_forward (boolean)
- interfaces list
Next: Frontend UI enhancements for bouncer management panel
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Fixed "[object HTMLElement]" display bugs in CrowdSec dashboard views by properly structuring DOM element children arrays.
## Problem:
Multiple CrowdSec dashboard views were showing "[object HTMLElement]" instead of properly rendered content. This occurred when JavaScript code tried to concatenate strings with E() DOM elements using the + operator.
## Root Cause:
```javascript
// WRONG: String concatenation with DOM elements
E('p', {}, _('Access metrics at: ') + E('code', {}, url))
// Results in: "Access metrics at: [object HTMLElement]"
```
When you concatenate a string with a DOM element, JavaScript converts the DOM element to its string representation "[object HTMLElement]", which then gets rendered as text.
## Solution:
Changed from string concatenation to proper children arrays:
```javascript
// CORRECT: Array of children
E('p', {}, [
_('Access metrics at: '),
E('code', {}, url)
])
```
## Files Fixed:
### metrics.js (line 299-302):
- Fixed "Access metrics at: [object HTMLElement]" in metrics export info box
- Changed from concatenation to children array
### settings.js (line 217-220):
- Fixed "Or use: [object HTMLElement]" in collections empty state
- Changed from concatenation to children array
### waf.js (lines 123-126):
- Fixed 4 instances in WAF setup instructions:
- "Install AppSec collections: [object HTMLElement]"
- "Restart CrowdSec service: [object HTMLElement]"
- "Verify status: [object HTMLElement]"
- Changed all from concatenation to children arrays
## Technical Notes:
- The E() helper function expects children to be:
1. A single string
2. A single DOM element
3. An array of strings and/or DOM elements
- String concatenation (+) cannot be used to combine text with DOM elements
- Always use array notation when mixing text and elements
## Testing:
- Deployed to router 192.168.8.191
- Metrics view now displays "Access metrics at: http://127.0.0.1:6060/metrics" correctly
- Settings view shows "Or use: cscli hub update" properly
- WAF view renders all setup instructions with code blocks correctly
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Enhanced dashboard UX when CrowdSec service is not running:
API module (api.js):
- Modified getDashboardData() to handle error responses gracefully
- Returns empty arrays/objects for stats when service is stopped
- Includes error flag in response data
Overview module (overview.js):
- Added 'fs' module import for service control
- Added startCrowdSec() function to start service from UI
- Display warning banner when service is stopped
- Provide actionable message with start service link
Dashboard CSS (dashboard.css):
- Added .cs-warning-banner styles for error messages
- Professional warning styling with icon and content layout
This resolves XHR timeout errors by showing friendly error messages
instead of hanging requests.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Changed 'new api()' to 'api' in all dashboard views since the API module
exports an object, not a constructor class.
Fixed files:
- overview.js
- decisions.js
- alerts.js
- metrics.js
- waf.js
This resolves the 'TypeError: api is not a constructor' error.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
