|
|
1bbd345cee
|
refactor(luci): Mass KissTheme UI rework across all LuCI apps
Convert 90+ LuCI view files from legacy cbi-button-* classes to
KissTheme kiss-btn-* classes for consistent dark theme styling.
Pattern conversions applied:
- cbi-button-positive → kiss-btn-green
- cbi-button-negative/remove → kiss-btn-red
- cbi-button-apply → kiss-btn-cyan
- cbi-button-action → kiss-btn-blue
- cbi-button (plain) → kiss-btn
Also replaced hardcoded colors (#080, #c00, #888, etc.) with
CSS variables (--kiss-green, --kiss-red, --kiss-muted, etc.)
for proper dark theme compatibility.
Apps updated include: ai-gateway, auth-guardian, bandwidth-manager,
cloner, config-advisor, crowdsec-dashboard, dns-provider, exposure,
glances, haproxy, hexojs, iot-guard, jellyfin, ksm-manager,
mac-guardian, magicmirror2, master-link, meshname-dns, metablogizer,
metabolizer, mqtt-bridge, netdata-dashboard, picobrew, routes-status,
secubox-admin, secubox-mirror, secubox-p2p, secubox-security-threats,
service-registry, simplex, streamlit, system-hub, tor-shield,
traffic-shaper, vhost-manager, vortex-dns, vortex-firewall,
webradio, wireguard-dashboard, zigbee2mqtt, zkp, and more.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-03-12 11:09:34 +01:00 |
|
|
|
e58f479cd4
|
feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)
New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)
CrowdSec scenarios split into 11 separate files for reliability.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
2026-02-12 05:02:57 +01:00 |
|
|
|
e258d86eea
|
feat: Admin Control Center with State Management (v0.9.0)
Major feature release implementing comprehensive state management, component registry,
and admin control center with full UI integration.
## Backend Features (secubox-core v0.9.0-1)
State Management System:
- ✅ State database (state-db.json) with 15 states across 4 categories
- ✅ State machine with transition matrix validation
- ✅ secubox-state CLI (8 commands: get, set, history, list, validate, sync, freeze, clear-error)
- ✅ state-machine.sh with atomic transitions using flock
- ✅ State history tracking with timestamps and reasons
- ✅ Error state handling with detailed error info
- ✅ Frozen state support for system-critical components
Component Registry System:
- ✅ Component registry database (component-registry.json)
- ✅ secubox-component CLI (7 commands: list, get, register, unregister, tree, affected, set-setting)
- ✅ Component types: app, module, widget, service, composite
- ✅ Dependency tracking (required/optional)
- ✅ Recursive dependency tree resolution
- ✅ Reverse dependency tracking
- ✅ Component settings management
- ✅ Profile tagging and filtering
Auto-Sync System:
- ✅ secubox-sync-registry CLI for catalog synchronization
- ✅ Auto-populate from catalog.json
- ✅ Plugin catalog directory scanning
- ✅ Installed package detection
- ✅ Automatic state initialization
RPC Backend (luci.secubox):
- ✅ 6 state management RPC methods
- ✅ 5 component registry RPC methods
- ✅ Bulk operations support
- ✅ State validation endpoints
## Frontend Features (luci-app-secubox-admin v1.0.0-16)
UI Components:
- ✅ state-utils.js: 20+ utility functions, state config, transition validation
- ✅ StateIndicator.js: 5 rendering modes (badge, compact, pill, dot, statistics)
- ✅ StateTimeline.js: 4 visualization modes (vertical, horizontal, compact, transition diagram)
- ✅ state-management.css: 600+ lines with animations, responsive design, accessibility
Admin Control Center Dashboard:
- ✅ System overview panel with health metrics
- ✅ Component state summary with statistics
- ✅ Recent state transitions timeline
- ✅ Alerts panel for warnings and errors
- ✅ Quick actions panel
- ✅ Real-time updates (5-second polling)
- ✅ Metric cards with hover effects
- ✅ State distribution by category
API Integration (api.js):
- ✅ 11 RPC method declarations
- ✅ Enhanced methods: getComponentWithState(), getAllComponentsWithStates()
- ✅ Bulk operations: bulkSetComponentState()
- ✅ State statistics: getStateStatistics()
- ✅ Retry logic with exponential backoff
- ✅ Promise-based async operations
## Documentation
Comprehensive Documentation:
- ✅ API-REFERENCE.md (1,200+ lines): Complete API docs for RPC, CLI, JS
- ✅ EXAMPLES.md (800+ lines): 30+ usage examples, shell scripts, integration patterns
- ✅ State definitions table (15 states)
- ✅ State transition matrix
- ✅ Component metadata schemas
- ✅ Error codes reference
- ✅ Testing examples
## State Definitions
15 States Across 4 Categories:
- Persistent: available, installed, active, disabled, frozen
- Transient: installing, configuring, activating, starting, stopping, uninstalling
- Runtime: running, stopped
- Error: error (with subtypes)
State Transition Flow:
available → installing → installed → configuring → configured →
activating → active → starting → running → stopping → stopped
## Technical Details
Files Created (10 backend + 8 frontend):
Backend:
- /usr/sbin/secubox-state (12KB, 8 commands)
- /usr/sbin/secubox-component (12KB, 7 commands)
- /usr/sbin/secubox-sync-registry (8.4KB)
- /usr/share/secubox/state-machine.sh (5.2KB)
- /var/lib/secubox/state-db.json (schema)
- /var/lib/secubox/component-registry.json (schema)
Frontend:
- resources/secubox-admin/state-utils.js (~400 lines)
- resources/secubox-admin/components/StateIndicator.js (~350 lines)
- resources/secubox-admin/components/StateTimeline.js (~450 lines)
- resources/secubox-admin/state-management.css (~600 lines)
- resources/view/secubox-admin/control-center.js (~550 lines)
- resources/secubox-admin/api.js (+145 lines)
Documentation:
- docs/admin-control-center/API-REFERENCE.md (1,200+ lines)
- docs/admin-control-center/EXAMPLES.md (800+ lines)
Files Modified (3):
- package/secubox/secubox-core/Makefile (v0.8.0 → v0.9.0-1)
- package/secubox/luci-app-secubox-admin/Makefile (release 15 → 16)
- package/secubox/secubox-core/root/usr/libexec/rpcd/luci.secubox (+157 lines)
## Installation & Migration
Makefile Updates:
- Added 3 new CLI tools to install section
- Added state-machine.sh to scripts
- Updated package description
- Enhanced postinst to initialize databases
- Auto-sync registry on first install
Postinst Features:
- Automatic state-db.json initialization
- Automatic component-registry.json initialization
- Catalog sync on install
- Version announcement with new features
## Performance & Security
Performance:
- File locking (flock) for atomic state transitions
- State history limited to 100 entries per component
- RPC retry logic with exponential backoff
- Bulk operations use Promise.all for parallel execution
- Component list caching (30 seconds)
Security:
- Frozen state prevents unauthorized modifications
- All state changes logged with timestamp and reason
- System-critical components have additional safeguards
- Proper authentication required for state transitions
## Testing & Validation
Features:
- State transition validation
- Component dependency resolution
- Circular dependency detection
- State consistency checker
- Integration test scripts included in docs
## Breaking Changes
None - Backward Compatible:
- Existing RPC methods remain functional
- State-aware methods are additive
- Components without state default to 'available'
- Migration is automatic on install
## Statistics
Total Implementation:
- Lines of Code: ~4,000
- Backend: ~1,800 (Bash + JSON)
- Frontend: ~2,200 (JavaScript + CSS)
- Documentation: ~2,000 (Markdown)
- Functions/Commands: 40+
- RPC Methods: 11
- CLI Commands: 22
- UI Components: 5
- Documentation Pages: 2
## Next Phase
Remaining from Plan:
- Phase 4: System Hub integration
- Phase 5: Migration script (secubox-migrate-state)
- Phase 6: Additional documentation (ARCHITECTURE.md, STATE-MANAGEMENT.md, etc.)
- Phase 7: Additional UI views (components.js, state-manager.js, debug-panel.js)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
2026-01-05 10:05:32 +01:00 |
|
