CyberMind-FR
d01828d632
New packages for passive network tap with session replay capabilities: secubox-avatar-tap: - Mitmproxy-based passive session capture - Captures authenticated sessions (cookies, auth headers, tokens) - SQLite database for session storage - CLI tool (avatar-tapctl) for management - Transparent proxy mode support - Runs inside streamlit LXC container luci-app-avatar-tap: - KISS-style dashboard for session management - Real-time stats (sessions, domains, replays) - Replay/Label/Delete actions per session - Start/Stop controls Designed for SecuBox Avatar authentication relay system with future Nitrokey/GPG integration. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
46 lines
1.2 KiB
Bash
Executable File
46 lines
1.2 KiB
Bash
Executable File
#!/bin/sh /etc/rc.common
|
|
|
|
START=95
|
|
STOP=10
|
|
USE_PROCD=1
|
|
|
|
PROG="/usr/bin/mitmdump"
|
|
TAP_SCRIPT="/usr/share/avatar-tap/tap.py"
|
|
|
|
start_service() {
|
|
local enabled
|
|
config_load avatar-tap
|
|
config_get enabled main enabled '0'
|
|
|
|
[ "$enabled" = "1" ] || return 0
|
|
|
|
local listen_port listen_addr mode db_path log_path
|
|
config_get listen_port main listen_port '8888'
|
|
config_get listen_addr main listen_addr '0.0.0.0'
|
|
config_get mode main mode 'transparent'
|
|
config_get db_path main db_path '/srv/avatar-tap/sessions.db'
|
|
config_get log_path main log_path '/var/log/avatar-tap.log'
|
|
|
|
# Ensure directories exist
|
|
mkdir -p "$(dirname "$db_path")"
|
|
mkdir -p "$(dirname "$log_path")"
|
|
|
|
procd_open_instance
|
|
procd_set_param command $PROG \
|
|
-s "$TAP_SCRIPT" \
|
|
-p "$listen_port" \
|
|
--listen-host "$listen_addr" \
|
|
--mode "$mode" \
|
|
--set "db_path=$db_path"
|
|
procd_set_param env AVATAR_TAP_DB="$db_path"
|
|
procd_set_param stdout 1
|
|
procd_set_param stderr 1
|
|
procd_set_param file /etc/config/avatar-tap
|
|
procd_set_param respawn
|
|
procd_close_instance
|
|
}
|
|
|
|
service_triggers() {
|
|
procd_add_reload_trigger "avatar-tap"
|
|
}
|