SecuBox - Security Suite for OpenWrt
Version: 0.17.0 🎉 First Public Release
Last Updated: 2026-01-31
Status: Production Ready
Modules: 38 LuCI Applications
🎉 First Public Release
SecuBox v0.17.0 marks the First Public Release of the project. All core features are now stable and ready for production deployment.
What's Ready
- ✅ 38 LuCI modules — Complete security and network management suite
- ✅ Three-Loop Security Architecture — Operational, Tactical, and Strategic defense layers
- ✅ CrowdSec Integration — Real-time threat intelligence and automated blocking
- ✅ Deep Packet Inspection — netifyd/nDPId protocol analysis
- ✅ WireGuard VPN — Encrypted mesh connectivity
- ✅ Multi-architecture support — ARM64, ARM32, MIPS, x86
Coming Next (v0.18+)
- 🔵 P2P Hub — Decentralized threat intelligence sharing
- 🔵 did:plc Identity — Self-sovereign node identity for trust networks
Overview
SecuBox is a comprehensive security and network management suite for OpenWrt, providing a unified ecosystem of 38 specialized dashboards and tools. All modules are compiled automatically for multiple OpenWrt architectures via GitHub Actions.
Website: secubox.maegia.tv
Publisher: CyberMind.fr
Three-Loop Security Architecture
SecuBox implements a Three-Loop Security Model for defense in depth:
┌────────────────────────────────────────────────────────┐
│ LOOP 3: STRATEGIC │
│ (Hours → Days) │
│ ┌────────────────────────────────────────────────┐ │
│ │ LOOP 2: TACTICAL │ │
│ │ (Minutes → Hours) │ │
│ │ ┌────────────────────────────────────────┐ │ │
│ │ │ LOOP 1: OPERATIONAL │ │ │
│ │ │ (Milliseconds → Seconds) │ │ │
│ │ │ DETECT → DECIDE → BLOCK │ │ │
│ │ └────────────────────────────────────────┘ │ │
│ │ CORRELATE → ANALYZE → ADAPT │ │
│ └────────────────────────────────────────────────┘ │
│ AGGREGATE → ANTICIPATE → EVOLVE │
└────────────────────────────────────────────────────────┘
| Loop |
Function |
SecuBox Modules |
| Loop 1 |
Real-time blocking |
nftables/fw4, netifyd DPI, CrowdSec Bouncer |
| Loop 2 |
Pattern correlation |
CrowdSec Agent/LAPI, Scenarios, Netdata |
| Loop 3 |
Threat intelligence |
CrowdSec CAPI, Blocklists, P2P Hub (v0.18+) |
See DOCS/THREE-LOOP-ARCHITECTURE.md for detailed analysis.
SecuBox Modules
SecuBox Core (5 modules)
| Module |
Version |
Description |
| luci-app-secubox |
0.7.1 |
Central dashboard/Hub for all SecuBox modules |
| luci-app-secubox-portal |
0.7.0 |
Unified entry point with tabbed navigation |
| luci-app-secubox-admin |
1.0.0 |
Admin control center with appstore and monitoring |
| luci-app-secubox-bonus |
0.2.0 |
Documentation, local repo, and app store |
| luci-app-system-hub |
0.5.1 |
Central system control with logs and backup |
Security & Threat Management (9 modules)
| Module |
Version |
Description |
| luci-app-crowdsec-dashboard |
0.7.0 |
Real-time CrowdSec security monitoring |
| luci-app-secubox-security-threats |
1.0.0 |
Unified netifyd DPI + CrowdSec intelligence |
| luci-app-client-guardian |
0.4.0 |
Network access, captive portal, parental controls |
| luci-app-auth-guardian |
0.4.0 |
OAuth2/OIDC authentication, voucher system |
| luci-app-exposure |
1.0.0 |
Service exposure manager |
| luci-app-tor-shield |
1.0.0 |
Tor anonymization dashboard |
| luci-app-mitmproxy |
0.4.0 |
HTTPS traffic inspection |
| luci-app-cyberfeed |
0.1.1 |
Cyberpunk RSS feed aggregator |
| luci-app-ksm-manager |
0.4.0 |
Cryptographic key/HSM management |
Deep Packet Inspection (2 modules)
| Module |
Version |
Description |
| luci-app-ndpid |
1.1.2 |
nDPId deep packet inspection dashboard |
| luci-app-secubox-netifyd |
1.2.1 |
netifyd DPI with real-time flow monitoring |
Network & Connectivity (8 modules)
| Module |
Version |
Description |
| luci-app-vhost-manager |
0.5.0 |
Nginx reverse proxy with Let's Encrypt SSL |
| luci-app-haproxy |
1.0.0 |
Load balancer with vhosts and SSL |
| luci-app-wireguard-dashboard |
0.7.0 |
WireGuard VPN monitoring |
| luci-app-network-modes |
0.5.0 |
Sniffer, AP, Relay, Router modes |
| luci-app-network-tweaks |
1.0.0 |
Auto Proxy DNS & Hosts from vhosts |
| luci-app-mqtt-bridge |
0.4.0 |
USB-to-MQTT IoT hub |
| luci-app-cdn-cache |
0.5.0 |
Content delivery optimization |
| luci-app-media-flow |
0.6.4 |
Streaming detection (Netflix, YouTube, Spotify) |
Bandwidth & Traffic Management (2 modules)
| Module |
Version |
Description |
| luci-app-bandwidth-manager |
0.5.0 |
QoS rules, client quotas, SQM integration |
| luci-app-traffic-shaper |
0.4.0 |
TC/CAKE traffic shaping |
Content & Web Platforms (5 modules)
| Module |
Version |
Description |
| luci-app-gitea |
1.0.0 |
Gitea Platform management |
| luci-app-hexojs |
1.0.0 |
Hexo static site generator |
| luci-app-metabolizer |
1.0.0 |
Metabolizer CMS support |
| luci-app-magicmirror2 |
0.4.0 |
MagicMirror2 smart display |
| luci-app-mmpm |
0.2.0 |
MagicMirror Package Manager |
AI/LLM & Analytics (4 modules)
| Module |
Version |
Description |
| luci-app-localai |
0.1.0 |
LocalAI LLM management |
| luci-app-ollama |
0.1.0 |
Ollama LLM management |
| luci-app-glances |
1.0.0 |
Glances system monitoring |
| luci-app-netdata-dashboard |
0.5.0 |
Real-time Netdata monitoring |
Streaming & Data Processing (2 modules)
| Module |
Version |
Description |
| luci-app-streamlit |
1.0.0 |
Streamlit Platform management |
| luci-app-picobrew |
1.0.0 |
PicoBrew Server management |
IoT & Smart Devices (1 module)
| Module |
Version |
Description |
| luci-app-zigbee2mqtt |
1.0.0 |
Zigbee2MQTT docker management |
Supported Architectures
ARM 64-bit (AArch64)
| Target |
Devices |
aarch64-cortex-a53 |
ESPRESSObin, BananaPi R64 |
aarch64-cortex-a72 |
MOCHAbin, Raspberry Pi 4, NanoPi R4S |
mediatek-filogic |
GL.iNet MT3000, BananaPi R3 |
rockchip-armv8 |
NanoPi R4S/R5S, FriendlyARM |
bcm27xx-bcm2711 |
Raspberry Pi 4, Compute Module 4 |
ARM 32-bit
| Target |
Devices |
arm-cortex-a7-neon |
Orange Pi, BananaPi, Allwinner |
arm-cortex-a9-neon |
Linksys WRT, Turris Omnia |
qualcomm-ipq40xx |
Google WiFi, Zyxel NBG6617 |
MIPS
| Target |
Devices |
mips-24kc |
TP-Link Archer, Ubiquiti |
mipsel-24kc |
Xiaomi, GL.iNet, Netgear |
x86
| Target |
Devices |
x86-64 |
PC, VMs, Docker, Proxmox |
Installation
From Pre-built Packages
Download from GitHub Releases:
opkg update
opkg install luci-app-secubox-portal_*.ipk
opkg install luci-app-system-hub_*.ipk
opkg install luci-app-crowdsec-dashboard_*.ipk
Build from Source
# Clone into OpenWrt SDK
cd ~/openwrt-sdk/package/
git clone https://github.com/CyberMind-FR/secubox-openwrt.git secubox
# Build
cd ~/openwrt-sdk/
make package/secubox/luci-app-secubox-portal/compile V=s
Add as OpenWrt Feed
Add to feeds.conf.default:
src-git secubox https://github.com/CyberMind-FR/secubox-openwrt.git
Then:
./scripts/feeds update secubox
./scripts/feeds install -a -p secubox
make menuconfig # Select modules under LuCI > Applications
make V=s
Repository Structure
secubox-openwrt/
├── package/secubox/ # All 38 SecuBox LuCI packages
├── secubox-tools/ # Build tools and local SDK
├── DOCS/ # Documentation
│ ├── THREE-LOOP-ARCHITECTURE.md # Security model analysis
│ ├── DEVELOPMENT-GUIDELINES.md
│ ├── QUICK-START.md
│ └── VALIDATION-GUIDE.md
└── .github/workflows/ # CI/CD
OpenWrt Compatibility
| Version |
Status |
Package Format |
| 25.x |
Testing |
.apk |
| 24.10.x |
Recommended |
.ipk |
| 23.05.x |
Supported |
.ipk |
Roadmap
| Phase |
Version |
Status |
Focus |
| Core Mesh |
v0.17 |
✅ Released |
Loops 1+2 complete |
| Service Mesh |
v0.18 |
🔵 In Progress |
P2P Hub foundation |
| Intelligence Mesh |
v0.19 |
⚪ Planned |
Full P2P intelligence |
| AI Mesh |
v0.20 |
⚪ Planned |
ML in Loop 2 |
| Certification |
v1.0 |
⚪ Planned |
ANSSI certification |
Links
License
Apache-2.0 © 2024-2026 CyberMind.fr
Contributing
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature)
- Commit your changes (
git commit -m 'Add amazing feature')
- Push to the branch (
git push origin feature/amazing-feature)
- Open a Pull Request
Author
Gandalf - CyberMind.fr
Ex Tenebris, Lux Securitas
🇫🇷 Made with love in France
CyberMind-FR
5c34ca2cae