CyberMind-FR
9b59b55c9e
Create SecuBox wrapper for CrowdSec Firewall Bouncer with enhanced automation and configuration for OpenWrt routers. Package Structure: - Lightweight wrapper depending on upstream crowdsec-firewall-bouncer - No compilation needed (PKG_ARCH=all) - Enhanced UCI configuration with router-optimized defaults - Automatic bouncer registration via uci-defaults script Files Created: - Makefile: OpenWrt package definition with dependencies - README.md: Comprehensive documentation (configuration, troubleshooting) - files/crowdsec-bouncer.config: Enhanced UCI config template - files/crowdsec-bouncer.defaults: Auto-registration and setup script Features: - Auto-detection of LAN/WAN interfaces - Automatic API key generation and registration with CrowdSec LAPI - nftables kernel module loading - Configures IPv4/IPv6 filtering on INPUT/FORWARD chains - Integrates with existing luci-app-crowdsec-dashboard Configuration Highlights: - Default interfaces: br-lan, eth1 - Logging enabled by default - Update frequency: 10s - Deny action: drop - Both IPv4 and IPv6 enabled Dependencies: - crowdsec-firewall-bouncer (upstream from feeds/packages) - crowdsec (SecuBox package) - nftables - uci + libuci Note: Build requires rsync for OpenWrt SDK perl dependency. Package ready for integration once build environment is complete. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
44 lines
1.2 KiB
Makefile
44 lines
1.2 KiB
Makefile
include $(TOPDIR)/rules.mk
|
|
|
|
PKG_NAME:=secubox-app-crowdsec-bouncer
|
|
PKG_VERSION:=0.0.31
|
|
PKG_RELEASE:=1
|
|
PKG_ARCH:=all
|
|
PKG_MAINTAINER:=CyberMind Studio <contact@cybermind.fr>
|
|
PKG_LICENSE:=MIT
|
|
|
|
include $(INCLUDE_DIR)/package.mk
|
|
|
|
define Package/secubox-app-crowdsec-bouncer
|
|
SECTION:=net
|
|
CATEGORY:=Network
|
|
PKGARCH:=all
|
|
SUBMENU:=SecuBox Apps
|
|
TITLE:=SecuBox CrowdSec Firewall Bouncer wrapper
|
|
DEPENDS:=+uci +libuci +crowdsec-firewall-bouncer +crowdsec +nftables
|
|
endef
|
|
|
|
define Package/secubox-app-crowdsec-bouncer/description
|
|
Enhanced wrapper for CrowdSec Firewall Bouncer with automatic configuration
|
|
and registration for SecuBox-powered OpenWrt routers. Provides nftables-based
|
|
IP blocking from CrowdSec decisions with automatic API key management and
|
|
interface detection.
|
|
endef
|
|
|
|
define Package/secubox-app-crowdsec-bouncer/conffiles
|
|
/etc/config/crowdsec
|
|
endef
|
|
|
|
define Build/Compile
|
|
endef
|
|
|
|
define Package/secubox-app-crowdsec-bouncer/install
|
|
$(INSTALL_DIR) $(1)/etc/config
|
|
$(INSTALL_CONF) ./files/crowdsec-bouncer.config $(1)/etc/config/crowdsec-bouncer
|
|
|
|
$(INSTALL_DIR) $(1)/etc/uci-defaults
|
|
$(INSTALL_BIN) ./files/crowdsec-bouncer.defaults $(1)/etc/uci-defaults/99_crowdsec-bouncer
|
|
endef
|
|
|
|
$(eval $(call BuildPackage,secubox-app-crowdsec-bouncer))
|