gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
952 Commits 4 Branches 293 Tags 320 MiB
ae26317815
Commit Graph

7 Commits

Author SHA1 Message Date
CyberMind-FR
56d45fe7c2 feat(waf): Add sensitivity-based auto-ban system with CrowdSec integration 
WAF Auto-ban Features:
- Three sensitivity levels: aggressive, moderate, permissive
- Aggressive: Immediate ban on first critical threat
- Moderate: Ban after 3 attempts in 5 minutes (default)
- Permissive: Ban after 5 attempts in 1 hour
- Attempt tracking with configurable thresholds

Critical threats (immediate in aggressive/moderate):
- CVE exploits, SQL injection, Command injection
- XXE, Log4Shell, SSTI attacks

CrowdSec Integration:
- Auto-ban requests written to /srv/mitmproxy/autoban-requests.log
- Cron job processes bans every minute via mitmproxyctl
- Bans sent to CrowdSec for network-wide enforcement

New Commands:
- mitmproxyctl process-autoban: Process pending bans
- mitmproxyctl reload-autoban: Reload config after UCI changes

CrowdSec Dashboard:
- Added ban button to alerts page
- Modal confirmation with 24h ban duration
- Real-time banned IP tracking

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-02 13:40:52 +01:00
CyberMind-FR
948b8776d8 fix(crowdsec-dashboard): Fix nav paths in all view files 
Change nav paths from services/crowdsec to security/crowdsec in alerts,
bouncers, decisions, and settings views to match the new menu location.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-01 09:21:16 +01:00
CyberMind-FR
31f4db881e refactor(crowdsec-dashboard): KISS rewrite and move to Services menu 
- Rewrite all views with KISS CSS (1200+ lines removed)
- Use unified cs-* CSS prefix with SecuBox theme variables
- Move CrowdSec from Security to Services menu
- Update navigation paths in all views and nav.js
- Add CSS loading in each view's load() function
- Fix Services menu as proper firstchild submenu
- Simplify dashboard.css from 950+ to 112 lines

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 06:51:13 +01:00
CyberMind-FR
1fb2b11d4a feat(crowdsec+haproxy): Dashboard refactor, custom parsers & scenarios 
CrowdSec Dashboard:
- Refactor all views (alerts, bouncers, decisions, overview, settings)
- Add soc.css for Security Operations Center styling
- Remove 3000+ lines of redundant code

CrowdSec Custom Parsers & Scenarios:
- Add secubox-gitea parser and bruteforce scenario
- Add secubox-haproxy parser and bruteforce scenario
- Add secubox-streamlit parser and bruteforce scenario
- Add secubox-webapp parser and bruteforce scenario
- Update Makefile for new parser/scenario files

HAProxy:
- Update api.js, backends.js view improvements
- Update luci.haproxy RPCD backend
- Update haproxyctl helper script

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 11:16:17 +01:00
CyberMind-FR
ed52af6ab9 feat(theming): Add custom navigation tabs to Client Guardian and CrowdSec dashboards 
- Create nav.js for Client Guardian with SecuBox themed tabs
- Create nav.js for CrowdSec dashboard with themed navigation
- Update all Client Guardian views to use CgNav.renderTabs()
- Update all CrowdSec views to use CsNav.renderTabs()
- Update Client Guardian menu.json paths from /client-guardian/ to /guardian/
- Hide default LuCI tabs via CSS injection for both dashboards

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 13:44:11 +01:00
CyberMind-FR
fffe96999c fix(luci-app-crowdsec-dashboard): Fix API instantiation error 
Changed 'new api()' to 'api' in all dashboard views since the API module
exports an object, not a constructor class.

Fixed files:
- overview.js
- decisions.js
- alerts.js
- metrics.js
- waf.js

This resolves the 'TypeError: api is not a constructor' error.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-06 15:56:33 +01:00
CyberMind-FR
31a87c5d7a feat(structure): reorganize luci-app packages into package/secubox/ + appstore migration 
Major structural reorganization and feature additions:

## Folder Reorganization
- Move 17 luci-app-* packages to package/secubox/ (except luci-app-secubox core hub)
- Update all tooling to support new structure:
  - secubox-tools/quick-deploy.sh: search both locations
  - secubox-tools/validate-modules.sh: validate both directories
  - secubox-tools/fix-permissions.sh: fix permissions in both locations
  - .github/workflows/test-validate.yml: build from both paths
- Update README.md links to new package/secubox/ paths

## AppStore Migration (Complete)
- Add catalog entries for all remaining luci-app packages:
  - network-tweaks.json: Network optimization tools
  - secubox-bonus.json: Documentation & demos hub
- Total: 24 apps in AppStore catalog (22 existing + 2 new)
- New category: 'documentation' for docs/demos/tutorials

## VHost Manager v2.0 Enhancements
- Add profile activation system for Internal Services and Redirects
- Implement createVHost() API wrapper for template-based deployment
- Fix Virtual Hosts view rendering with proper LuCI patterns
- Fix RPCD backend shell script errors (remove invalid local declarations)
- Extend backend validation for nginx return directives (redirect support)
- Add section_id parameter for named VHost profiles
- Add Remove button to Redirects page for feature parity
- Update README to v2.0 with comprehensive feature documentation

## Network Tweaks Dashboard
- Close button added to component details modal

Files changed: 340+ (336 renames with preserved git history)
Packages affected: 19 luci-app, 2 secubox-app, 1 theme, 4 tools

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-01 14:59:38 +01:00