gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0f6953ad06
secubox-openwrt/package/secubox/luci-app-client-guardian/root/etc/client-guardian/profiles.json
CyberMind-FR 5b55ab3ef9 feat: Dashboard reorganization and auth security fixes 
- Move Debug Console from Client Guardian to System Hub
- Add Auto-Zoning Rules dedicated view in Client Guardian
- Add public pages for Bug Bounty and Crowdfunding (no ACL)
- Fix auth-logger to only detect real login attempts
- Add private IP whitelist for CrowdSec (RFC1918 ranges)
- Update navigation menus across all apps
- Bump secubox-auth-logger to v1.2.2

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-14 09:32:14 +01:00

593 lines
19 KiB
JSON
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"profiles": [
{
"id": "factory_default",
"name": "Configuration Usine",
"description": "Zones firewall par défaut OpenWrt - Réinitialisation standard",
"icon": "🔄",
"is_factory_default": true,
"zones": [
{
"id": "lan",
"name": "Réseau Local (LAN)",
"description": "Tous les appareils du réseau local",
"network": "lan",
"color": "#22c55e",
"icon": "home",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "wan",
"name": "Internet (WAN)",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"is_wan": true,
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "guest",
"name": "Invités",
"description": "Réseau invités isolé (optionnel)",
"network": "guest",
"color": "#8b5cf6",
"icon": "users",
"optional": true,
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "low"
}
],
"auto_zone_rules": [],
"auto_parking_zone": "lan",
"firewall_defaults": {
"input": "ACCEPT",
"output": "ACCEPT",
"forward": "REJECT",
"lan_to_wan": "ACCEPT",
"wan_to_lan": "REJECT"
}
},
{
"id": "family_home",
"name": "Maison Familiale",
"description": "Configuration optimale pour une maison avec parents, enfants et appareils IoT",
"icon": "🏠",
"zones": [
{
"id": "lan_private",
"name": "Réseau Principal",
"description": "Appareils de confiance des parents",
"network": "lan",
"color": "#22c55e",
"icon": "home",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "kids",
"name": "Enfants",
"description": "Contrôle parental actif avec horaires",
"network": "lan",
"color": "#06b6d4",
"icon": "child",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 50,
"time_restrictions": true,
"schedule_start": "08:00",
"schedule_end": "21:00",
"content_filter": "kids",
"priority": "normal"
},
{
"id": "iot",
"name": "Objets Connectés",
"description": "Caméras, thermostats, ampoules (isolés)",
"network": "iot",
"color": "#f59e0b",
"icon": "cpu",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 10,
"priority": "low"
},
{
"id": "guest",
"name": "Invités",
"description": "Accès Internet limité pour visiteurs",
"network": "guest",
"color": "#8b5cf6",
"icon": "users",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 25,
"session_duration": 7200,
"portal_required": true,
"priority": "low"
}
],
"auto_zone_rules": [
{"name": "Caméras IP", "match_type": "vendor", "match_value": "Hikvision|Dahua|Reolink|Ubiquiti|Axis", "target_zone": "iot", "priority": 10, "auto_approve": true},
{"name": "Thermostats", "match_type": "vendor", "match_value": "Nest|Ecobee|Honeywell|Tado", "target_zone": "iot", "priority": 15, "auto_approve": true},
{"name": "Ampoules connectées", "match_type": "vendor", "match_value": "Philips Hue|LIFX|Yeelight|Sengled", "target_zone": "iot", "priority": 20, "auto_approve": true},
{"name": "Enceintes connectées", "match_type": "vendor", "match_value": "Amazon|Google|Sonos|Apple", "target_zone": "iot", "priority": 25, "auto_approve": false},
{"name": "Consoles enfants", "match_type": "vendor", "match_value": "Nintendo|Sony.*PlayStation|Microsoft.*Xbox", "target_zone": "kids", "priority": 30, "auto_approve": false},
{"name": "Tablettes enfants", "match_type": "hostname", "match_value": ".*[Kk]id.*|.*[Ee]nfant.*|.*[Cc]hild.*", "target_zone": "kids", "priority": 35, "auto_approve": false},
{"name": "Appareils Apple", "match_type": "vendor", "match_value": "Apple", "target_zone": "lan_private", "priority": 50, "auto_approve": false},
{"name": "PC Windows", "match_type": "vendor", "match_value": "Dell|HP|Lenovo|ASUS|Acer|Microsoft", "target_zone": "lan_private", "priority": 55, "auto_approve": false}
],
"auto_parking_zone": "guest"
},
{
"id": "small_business",
"name": "Petite Entreprise",
"description": "Séparation réseau employés, invités et équipements",
"icon": "🏢",
"zones": [
{
"id": "corporate",
"name": "Réseau Entreprise",
"description": "Postes de travail des employés",
"network": "lan",
"color": "#3b82f6",
"icon": "briefcase",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "servers",
"name": "Serveurs",
"description": "Infrastructure critique",
"network": "servers",
"color": "#ef4444",
"icon": "server",
"internet_access": true,
"local_access": true,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "critical"
},
{
"id": "byod",
"name": "BYOD",
"description": "Appareils personnels des employés",
"network": "byod",
"color": "#f59e0b",
"icon": "smartphone",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 50,
"priority": "normal"
},
{
"id": "guest",
"name": "Visiteurs",
"description": "Accès Internet isolé",
"network": "guest",
"color": "#8b5cf6",
"icon": "users",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 10,
"portal_required": true,
"priority": "low"
}
],
"auto_zone_rules": [
{"name": "Serveurs", "match_type": "hostname", "match_value": ".*[Ss]erver.*|.*[Ss]rv.*|.*[Dd][Cc].*|.*[Nn][Aa][Ss].*", "target_zone": "servers", "priority": 5, "auto_approve": false},
{"name": "Imprimantes réseau", "match_type": "vendor", "match_value": "HP|Canon|Epson|Brother|Xerox|Ricoh|Lexmark", "target_zone": "corporate", "priority": 10, "auto_approve": true},
{"name": "Postes Dell/HP", "match_type": "vendor", "match_value": "Dell|HP|Lenovo", "target_zone": "corporate", "priority": 20, "auto_approve": false},
{"name": "Smartphones", "match_type": "vendor", "match_value": "Apple|Samsung|Xiaomi|OnePlus|Google", "target_zone": "byod", "priority": 30, "auto_approve": false},
{"name": "Tablettes", "match_type": "hostname", "match_value": ".*[Ii][Pp]ad.*|.*[Tt]ablet.*|.*[Gg]alaxy.*[Tt]ab.*", "target_zone": "byod", "priority": 35, "auto_approve": false},
{"name": "IoT/Caméras", "match_type": "vendor", "match_value": "Hikvision|Dahua|Ubiquiti|Axis|Ring", "target_zone": "servers", "priority": 40, "auto_approve": true}
],
"auto_parking_zone": "guest"
},
{
"id": "hotel",
"name": "Hôtel / Gîte",
"description": "Gestion multi-chambres avec isolation stricte",
"icon": "🏨",
"zones": [
{
"id": "management",
"name": "Administration",
"description": "Réseau de gestion",
"network": "lan",
"color": "#22c55e",
"icon": "shield",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "critical"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "rooms_floor1",
"name": "Chambres Étage 1",
"description": "Clients étage 1 (isolés)",
"network": "rooms1",
"color": "#3b82f6",
"icon": "bed",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 20,
"portal_required": true,
"priority": "normal"
},
{
"id": "rooms_floor2",
"name": "Chambres Étage 2",
"description": "Clients étage 2 (isolés)",
"network": "rooms2",
"color": "#06b6d4",
"icon": "bed",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 20,
"portal_required": true,
"priority": "normal"
},
{
"id": "public",
"name": "Espaces Communs",
"description": "Lobby, restaurant, bar",
"network": "public",
"color": "#8b5cf6",
"icon": "wifi",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 15,
"portal_required": true,
"priority": "low"
}
],
"auto_zone_rules": [
{"name": "Équipement hôtel", "match_type": "hostname", "match_value": ".*[Rr]eception.*|.*[Hh]otel.*|.*[Aa]dmin.*", "target_zone": "management", "priority": 5, "auto_approve": false},
{"name": "Imprimantes/POS", "match_type": "vendor", "match_value": "HP|Epson|Star Micronics|Ingenico|Verifone", "target_zone": "management", "priority": 10, "auto_approve": true},
{"name": "Smart TV", "match_type": "vendor", "match_value": "Samsung|LG|Sony|Philips|TCL", "target_zone": "rooms_floor1", "priority": 50, "auto_approve": true}
],
"auto_parking_zone": "public"
},
{
"id": "apartment",
"name": "Immeuble / Colocation",
"description": "Isolation stricte entre locataires",
"icon": "🏘",
"zones": [
{
"id": "landlord",
"name": "Propriétaire",
"description": "Réseau administrateur",
"network": "lan",
"color": "#22c55e",
"icon": "key",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "tenant_a",
"name": "Locataire A",
"description": "Appartement/Chambre A",
"network": "tenant_a",
"color": "#3b82f6",
"icon": "door",
"internet_access": true,
"local_access": false,
"inter_client": true,
"bandwidth_limit": 100,
"priority": "normal"
},
{
"id": "tenant_b",
"name": "Locataire B",
"description": "Appartement/Chambre B",
"network": "tenant_b",
"color": "#06b6d4",
"icon": "door",
"internet_access": true,
"local_access": false,
"inter_client": true,
"bandwidth_limit": 100,
"priority": "normal"
},
{
"id": "tenant_c",
"name": "Locataire C",
"description": "Appartement/Chambre C",
"network": "tenant_c",
"color": "#f59e0b",
"icon": "door",
"internet_access": true,
"local_access": false,
"inter_client": true,
"bandwidth_limit": 100,
"priority": "normal"
},
{
"id": "common",
"name": "Parties Communes",
"description": "Couloirs, buanderie",
"network": "common",
"color": "#8b5cf6",
"icon": "building",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 20,
"priority": "low"
}
],
"auto_zone_rules": [
{"name": "Équipement propriétaire", "match_type": "hostname", "match_value": ".*[Ll]andlord.*|.*[Pp]roprio.*|.*[Aa]dmin.*", "target_zone": "landlord", "priority": 5, "auto_approve": false},
{"name": "Imprimantes/NAS", "match_type": "vendor", "match_value": "Synology|QNAP|HP|Brother", "target_zone": "landlord", "priority": 10, "auto_approve": true}
],
"auto_parking_zone": "common"
},
{
"id": "school",
"name": "École / Formation",
"description": "Séparation élèves, enseignants, administration",
"icon": "🎓",
"zones": [
{
"id": "admin",
"name": "Administration",
"description": "Direction et services",
"network": "lan",
"color": "#22c55e",
"icon": "shield",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "teachers",
"name": "Enseignants",
"description": "Salle des professeurs",
"network": "teachers",
"color": "#3b82f6",
"icon": "chalkboard",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "students",
"name": "Élèves",
"description": "Salles de classe avec filtrage",
"network": "students",
"color": "#06b6d4",
"icon": "book",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 50,
"content_filter": "kids",
"time_restrictions": true,
"schedule_start": "08:00",
"schedule_end": "17:00",
"priority": "normal"
},
{
"id": "lab",
"name": "Laboratoire Info",
"description": "Postes de travail contrôlés",
"network": "lab",
"color": "#f59e0b",
"icon": "computer",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 100,
"priority": "normal"
}
],
"auto_zone_rules": [
{"name": "Serveurs/NAS", "match_type": "hostname", "match_value": ".*[Ss]erver.*|.*[Ss]rv.*|.*[Nn][Aa][Ss].*", "target_zone": "admin", "priority": 5, "auto_approve": false},
{"name": "Imprimantes", "match_type": "vendor", "match_value": "HP|Canon|Epson|Brother|Xerox|Ricoh", "target_zone": "admin", "priority": 10, "auto_approve": true},
{"name": "Ordinateurs prof", "match_type": "hostname", "match_value": ".*[Pp]rof.*|.*[Tt]eacher.*|.*[Ee]nseignant.*", "target_zone": "teachers", "priority": 15, "auto_approve": false},
{"name": "Postes labo", "match_type": "hostname", "match_value": ".*[Ll]ab.*|.*[Pp][Cc][0-9]+.*|.*[Pp]oste.*", "target_zone": "lab", "priority": 20, "auto_approve": true},
{"name": "Chromebooks", "match_type": "vendor", "match_value": "Google|Acer|ASUS|Dell|HP|Lenovo", "target_zone": "students", "priority": 30, "auto_approve": false},
{"name": "Tablettes élèves", "match_type": "hostname", "match_value": ".*[Ee]leve.*|.*[Ss]tudent.*|.*[Tt]ablet.*", "target_zone": "students", "priority": 35, "auto_approve": false}
],
"auto_parking_zone": "students"
},
{
"id": "secure_home",
"name": "Maison Sécurisée",
"description": "Maximum de segmentation pour sécurité avancée",
"icon": "🔒",
"zones": [
{
"id": "trusted",
"name": "Confiance Totale",
"description": "Appareils principaux uniquement",
"network": "lan",
"color": "#22c55e",
"icon": "shield-check",
"internet_access": true,
"local_access": true,
"inter_client": true,
"bandwidth_limit": 0,
"priority": "critical"
},
{
"id": "wan",
"name": "Internet Seul",
"description": "Accès Internet uniquement - pas d'accès au réseau local",
"network": "wan",
"color": "#ef4444",
"icon": "globe",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "normal"
},
{
"id": "work",
"name": "Télétravail",
"description": "Poste de travail professionnel isolé",
"network": "work",
"color": "#3b82f6",
"icon": "briefcase",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 0,
"priority": "high"
},
{
"id": "iot_secure",
"name": "IoT Sécurisé",
"description": "Appareils connectés de confiance",
"network": "iot_secure",
"color": "#06b6d4",
"icon": "lock",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 10,
"priority": "low"
},
{
"id": "iot_untrusted",
"name": "IoT Non Vérifié",
"description": "Appareils chinois et non certifiés",
"network": "iot_untrusted",
"color": "#f59e0b",
"icon": "alert",
"internet_access": false,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 5,
"priority": "low"
},
{
"id": "guest",
"name": "Invités",
"description": "Accès Internet uniquement",
"network": "guest",
"color": "#8b5cf6",
"icon": "users",
"internet_access": true,
"local_access": false,
"inter_client": false,
"bandwidth_limit": 20,
"portal_required": true,
"priority": "low"
}
],
"auto_zone_rules": [
{"name": "Poste télétravail", "match_type": "hostname", "match_value": ".*[Ww]ork.*|.*[Pp]ro.*|.*[Bb]ureau.*|.*[Oo]ffice.*", "target_zone": "work", "priority": 5, "auto_approve": false},
{"name": "Apple trusted", "match_type": "vendor", "match_value": "Apple", "target_zone": "trusted", "priority": 10, "auto_approve": false},
{"name": "PC confiance", "match_type": "vendor", "match_value": "Dell|Lenovo|HP", "target_zone": "trusted", "priority": 15, "auto_approve": false},
{"name": "IoT marques fiables", "match_type": "vendor", "match_value": "Philips|Nest|Ecobee|Sonos|Lutron|Ring", "target_zone": "iot_secure", "priority": 20, "auto_approve": true},
{"name": "Caméras pro", "match_type": "vendor", "match_value": "Ubiquiti|Axis|Reolink", "target_zone": "iot_secure", "priority": 25, "auto_approve": true},
{"name": "IoT chinois", "match_type": "vendor", "match_value": "Tuya|Xiaomi|Yeelight|Shenzhen|Espressif|Tasmota", "target_zone": "iot_untrusted", "priority": 30, "auto_approve": true},
{"name": "IoT inconnu", "match_type": "hostname", "match_value": ".*[Ee][Ss][Pp].*|.*[Tt]asmota.*|.*[Ss]onoff.*", "target_zone": "iot_untrusted", "priority": 35, "auto_approve": true}
],
"auto_parking_zone": "guest"
}
]
}
Reference in New Issue View Git Blame Copy Permalink