gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
aecd4ee4f6
secubox-openwrt/package/secubox/secubox-app-device-intel
History
CyberMind-FR f4157811c5 fix(device-intel): Fix empty vendor column and add OUI emoji display 
- Fix wrong mac-guardian DB path (clients.db -> known.db) in 3 files
- Add standalone OUI vendor fallback for ARP/DHCP-only devices
- Expand oui.tsv from ~30 to 100+ entries (GL.iNet, Bosch, Samsung, Docker, etc.)
- Add vendorDisplay() with emoji prefixes for MAC types:
  container, virtual, randomized, IoT, mesh peer

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 18:33:10 +01:00
..
files fix(device-intel): Fix empty vendor column and add OUI emoji display 2026-02-04 18:33:10 +01:00
CONTINUE.md feat: Add device-intel and dns-provider packages 2026-02-04 15:47:20 +01:00
HISTORY.md feat: Add device-intel and dns-provider packages 2026-02-04 15:47:20 +01:00
INSTRUCT.md feat: Add device-intel and dns-provider packages 2026-02-04 15:47:20 +01:00
Makefile fix(device-intel): Align Makefile with SDK build pattern 2026-02-04 16:02:07 +01:00
README.md feat: Add device-intel and dns-provider packages 2026-02-04 15:47:20 +01:00
TODO.md feat: Add device-intel and dns-provider packages 2026-02-04 15:47:20 +01:00

README.md

secubox-app-device-intel

Unified device inventory aggregating data from all SecuBox subsystems. Part of the SecuBox ecosystem.

Overview

Pure aggregation layer that merges mac-guardian, client-guardian, DHCP, P2P mesh, exposure scanner, and emulator module data into a single device inventory with heuristic classification, user overrides, and cross-mesh visibility.

Architecture

device-intelctl (CLI)
  └── functions.sh (aggregation library)
        ├── di_collect_mac_guardian()    → /var/run/mac-guardian/clients.db
        ├── di_collect_client_guardian() → UCI client-guardian
        ├── di_collect_dhcp()           → /tmp/dhcp.leases
        ├── di_collect_p2p_peers()      → ubus luci.secubox-p2p
        ├── di_collect_exposure()       → /proc/net/tcp
        └── di_collect_emulators()      → emulators/*.sh
              ├── usb.sh    → /sys/bus/usb/devices/
              ├── mqtt.sh   → mosquitto broker
              └── zigbee.sh → zigbee2mqtt / deCONZ API

Data Flow

  1. Collect — Query each data source in parallel
  2. Merge — Key on MAC address, combine fields from all sources
  3. Classify — Apply heuristic chain (user > emulator > mesh > port > vendor > hostname)
  4. Cache — Store in /tmp/device-intel/cache-devices.json (configurable TTL)
  5. Serve — CLI or RPCD returns unified JSON

Classification Priority

Priority Source Example
1 User override UCI device-intel.<mac>.type
2 Emulator source MQTT client → mqtt_device
3 Mesh peer match P2P peer IP → mesh_peer
4 Port-based Port 445 → storage
5 Vendor-based Synology → storage
6 Hostname-based .*sensor.* → iot_sensor
7 Fallback unknown

Emulator Modules

KISS-styled pluggable device discovery:

  • usb.sh — Walks /sys/bus/usb/devices/, classifies by bDeviceClass (storage, serial, HID, camera, audio, printer, wireless)
  • mqtt.sh — Queries mosquitto broker via $SYS topics or logs
  • zigbee.sh — Queries zigbee2mqtt HTTP API or deCONZ REST API

Each exports emulate_<type>() returning pipe-delimited device entries.

CLI Usage

device-intelctl status                                    # Overview
device-intelctl list table                                # Tabular view
device-intelctl list json                                 # JSON output
device-intelctl show aa:bb:cc:dd:ee:ff                    # Device detail
device-intelctl classify                                  # Batch classify
device-intelctl set-type aa:bb:cc:dd:ee:ff iot_sensor     # Override type
device-intelctl set-label aa:bb:cc:dd:ee:ff "Temp Sensor" # Custom label
device-intelctl emulators                                 # Module status
device-intelctl mesh-list                                 # Mesh peer devices
device-intelctl export json > inventory.json              # Full export

UCI Configuration

/etc/config/device-intel
  config device-intel 'main'     → enabled, cache_ttl, classify_interval
  config display 'display'       → view mode, grouping, refresh
  config emulator 'mqtt'         → broker_host, port, discovery_topic
  config emulator 'zigbee'       → coordinator, adapter, api_port
  config emulator 'usb'          → scan_interval, track_storage, track_serial
  config device_type '<id>'      → name, icon, color, vendor/hostname/port match rules
  config device '<mac_clean>'    → user overrides (type, label, capabilities, notes)

Files

/etc/config/device-intel                          UCI configuration
/etc/init.d/device-intel                          procd init script
/usr/sbin/device-intelctl                         CLI controller
/usr/lib/secubox/device-intel/functions.sh        Core aggregation library
/usr/lib/secubox/device-intel/classify.sh         Heuristic classification engine
/usr/lib/secubox/device-intel/emulators/usb.sh    USB peripheral emulator
/usr/lib/secubox/device-intel/emulators/mqtt.sh   MQTT broker emulator
/usr/lib/secubox/device-intel/emulators/zigbee.sh Zigbee coordinator emulator

Dependencies

  • jsonfilter (OpenWrt native)
  • curl (for emulator API calls)
  • Optional: secubox-app-mac-guardian, secubox-app-client-guardian, secubox-p2p