gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5b3ee567c5
secubox-openwrt/package/secubox/secubox-app-device-intel/TODO.md
CyberMind-FR 57db9cfb40 feat: Add device-intel and dns-provider packages 
Add 4 new packages implementing unified device intelligence and
DNS provider API management:

- secubox-app-dns-provider: dnsctl CLI with OVH, Gandi, Cloudflare
  adapters for DNS record CRUD, HAProxy vhost sync, propagation
  verification, and ACME DNS-01 wildcard certificate issuance
- luci-app-dns-provider: RPCD handler + LuCI views for provider
  settings and DNS record management
- secubox-app-device-intel: Aggregation layer merging mac-guardian,
  client-guardian, DHCP, P2P mesh, and exposure data with heuristic
  classification engine and USB/MQTT/Zigbee emulator modules
- luci-app-device-intel: RPCD handler + 5 LuCI views (dashboard,
  devices, emulators, mesh, settings) with shared API and CSS

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 15:47:20 +01:00

1.5 KiB
Raw Blame History

secubox-app-device-intel — TODO

Pending

  • Add exposure scanner integration (cross-ref listening ports with device IPs)
  • Implement periodic auto-classification via cron (currently on-demand only)
  • Add device event logging (first seen, type changed, went offline)
  • Support MAC-to-IP resolution from ARP table as fallback source
  • Add per-emulator caching with independent TTLs
  • Implement device capabilities list (from emulator metadata)
  • Add device notes field in UCI overrides
  • Wire "Expose via DNS" action from device context to dns-provider
  • Add mesh device inventory sharing protocol (P2P device-intel RPC)
  • Implement topology view data (for future network map visualization)

Emulator Improvements

  • USB: detect mount point sizes and filesystem types
  • USB: identify known Zigbee/Z-Wave dongle models by VID:PID
  • MQTT: subscribe to configurable topic patterns for device discovery
  • MQTT: detect Home Assistant MQTT discovery protocol devices
  • Zigbee: support zigbee2mqtt MQTT-based discovery (not just HTTP API)
  • Zigbee: parse device capabilities from zigbee-herdsman-converters
  • Add BLE emulator module (bluetooth low energy device scanning)
  • Add Thread/Matter emulator module

Classification Engine

  • Add machine learning hints from traffic pattern analysis
  • Integrate CrowdSec threat data into risk scoring
  • Add device fingerprinting via DHCP option analysis
  • Support custom classification rules via LuCI form