feat(security): Implement SysWarden Evolution #1-3 security enhancements
Evolution #1 - IP Blocklist (secubox-app-ipblocklist, luci-app-ipblocklist):
- Pre-emptive blocking layer with ipset (~100k IPs)
- Default sources: Data-Shield, Firehol Level 1
- Supports nftables (fw4) and iptables backends
- LuCI KISS dashboard with sources/whitelist management
Evolution #2 - AbuseIPDB Reporter (luci-app-crowdsec-dashboard v0.8.0):
- New "AbuseIPDB" tab in CrowdSec Dashboard
- crowdsec-reporter.sh CLI for reporting blocked IPs
- RPCD handler luci.crowdsec-abuseipdb with 9 methods
- Cron job for automatic reporting every 15 minutes
- IP reputation checker in dashboard
Evolution #3 - Log Denoising (luci-app-system-hub v0.5.2):
- Three modes: RAW, SMART (noise ratio), SIGNAL_ONLY (filter known IPs)
- Integrates with IP Blocklist ipset + CrowdSec decisions
- RPCD methods: get_denoised_logs, get_denoise_stats
- Denoise mode selector panel with noise ratio indicator
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
CyberMind-FR
cec4893db9