CyberMind-FR
01246a693d
Wiki structure: - Home.md: Main navigation with module categories - Installation.md: Getting started guide - Quick-Start.md: First-time setup walkthrough - Architecture.md: 4-layer architecture overview - Modules.md: Complete catalog of 80+ modules Module documentation (docs/wiki/modules/): - Security.md: 15 security modules (CrowdSec, WAF, Guardians) - Network.md: 12 network modules (HAProxy, Bandwidth, Traffic) - Mesh.md: 7 VPN/mesh modules (WireGuard, P2P, MirrorNet) - DNS.md: 6 DNS modules (DNS Master, Vortex, Meshname) - Apps.md: 20 application modules (Jellyfin, Nextcloud, Matrix) - System.md: 14 system modules (Config Vault, Reporter, RTTY) - AI.md: 8 AI modules (Gateway, LocalAI, Threat Analyst) Updated: - SCREENSHOTS.md: Expanded to 111 modules with all categories - README.md: Added wiki links and module index Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
5.3 KiB
5.3 KiB
Network Modules
SecuBox provides comprehensive network management through 12 integrated modules.
Overview
| Layer | Components |
|---|---|
| Routing | Network Modes, Traffic Shaper |
| Proxy | HAProxy, CDN Cache |
| Monitoring | Bandwidth Manager, Routes Status |
| Services | MQTT Bridge, KSM Manager |
| Diagnostics | Network Diag, Network Tweaks |
Network Modes
Package: luci-app-network-modes
Network mode configuration (Router/AP/Bridge).
Modes
| Mode | Description |
|---|---|
| Router | Full routing with NAT |
| AP | Access Point mode |
| Bridge | Transparent bridge |
| Mesh | Mesh node |
| Client | WISP client |
Features
- One-click mode switching
- Interface auto-configuration
- VLAN support
- Firewall auto-adjustment
HAProxy
Package: secubox-app-haproxy + luci-app-haproxy
Load balancer and reverse proxy.
Features
- Virtual hosts (274+)
- SSL termination (ACME)
- Load balancing
- Health checks
- Statistics dashboard
CLI
haproxyctl status # Service status
haproxyctl vhost list # List vhosts
haproxyctl vhost add <domain> # Add vhost
haproxyctl ssl request <domain> # Request SSL
haproxyctl reload # Reload config
Architecture
Internet → HAProxy (443/80) → mitmproxy WAF → Backend
↓
SSL Termination
Load Balancing
ACL Routing
Bandwidth Manager
Package: luci-app-bandwidth-manager
Traffic monitoring and bandwidth limits.
Features
- Real-time monitoring
- Per-client limits
- Scheduled throttling
- Alert notifications
- Historical graphs
Limit Types
| Type | Description |
|---|---|
| Upload | Upload bandwidth limit |
| Download | Download bandwidth limit |
| Combined | Total bandwidth limit |
| Burst | Burst allowance |
Traffic Shaper
Package: luci-app-traffic-shaper
QoS and traffic prioritization.
Features
- Application-based QoS
- Priority queues
- Bandwidth reservation
- Fair queuing
- Real-time stats
Priority Classes
| Class | Applications |
|---|---|
| Realtime | VoIP, gaming |
| Priority | Video, streaming |
| Normal | Web browsing |
| Bulk | Downloads, backups |
Virtual Hosts
Package: luci-app-vhost-manager
Virtual host management.
Features
- Domain management
- Backend configuration
- SSL certificate status
- WAF integration
- Redirect rules
CDN Cache
Package: luci-app-cdn-cache
Content caching proxy.
Features
- HTTP/HTTPS caching
- Cache policies
- Storage management
- Hit rate statistics
- Purge controls
Routes Status
Package: luci-app-routes-status
Route monitoring and health checks.
Features
- Route health checks
- Up/Down monitoring
- Response time tracking
- Alert notifications
- Historical data
Network Tweaks
Package: luci-app-network-tweaks
Advanced network settings.
Features
- Kernel parameters
- TCP optimization
- Buffer tuning
- Congestion control
- MTU configuration
MQTT Bridge
Package: luci-app-mqtt-bridge
MQTT protocol bridge for IoT.
Features
- Broker configuration
- Bridge connections
- Topic mapping
- TLS support
- Authentication
Network Diagnostics
Package: luci-app-secubox-netdiag
Network diagnostic tools.
Features
- Ping/Traceroute
- DNS lookup
- Port scanning
- Bandwidth test
- Packet capture
SAAS Relay
Package: luci-app-saas-relay
SaaS service relay.
Features
- API proxying
- Rate limiting
- Caching
- Authentication
KSM Manager
Package: luci-app-ksm-manager
Kernel shared memory management.
Features
- Memory deduplication
- Page sharing stats
- Performance tuning
- Container optimization
Configuration
Enable Traffic Shaping
uci set traffic-shaper.main.enabled='1'
uci set traffic-shaper.main.wan='wan'
uci set traffic-shaper.main.download='100000' # 100 Mbps
uci set traffic-shaper.main.upload='50000' # 50 Mbps
uci commit traffic-shaper
Configure HAProxy Vhost
# Add virtual host
haproxyctl vhost add myapp.example.com
# Configure backend
haproxyctl backend set myapp.example.com 192.168.255.10:8080
# Request SSL
haproxyctl ssl request myapp.example.com
# Reload
haproxyctl reload
Bandwidth Limits
# Set client limit
uci add bandwidth-manager limit
uci set bandwidth-manager.@limit[-1].mac='00:11:22:33:44:55'
uci set bandwidth-manager.@limit[-1].download='10000' # 10 Mbps
uci set bandwidth-manager.@limit[-1].upload='5000' # 5 Mbps
uci commit bandwidth-manager
See also:
SecuBox v1.0.0