CyberMind-FR
f39440ab16
Real-time passive flow monitoring on br-lan for network analysis: - dpi-lan-collector service watches netifyd flows in real-time - Tracks active clients, external destinations, and protocols - Per-client bandwidth and flow statistics - Protocol/application detection via nDPI - Zero latency impact - pure passive observation LuCI integration: - New "LAN Flows" dashboard view with real-time updates - RPCD methods: get_lan_status, get_lan_clients, get_lan_destinations, get_lan_protocols - Settings panel for LAN analysis configuration CLI commands: - dpi-dualctl lan - show summary - dpi-dualctl clients - list active LAN clients - dpi-dualctl destinations - external destinations - dpi-dualctl protocols - detected protocols/apps Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
104 lines
2.5 KiB
Bash
104 lines
2.5 KiB
Bash
#!/bin/sh /etc/rc.common
|
|
# DPI Dual-Stream procd service
|
|
# Part of secubox-dpi-dual package
|
|
|
|
START=95
|
|
STOP=10
|
|
USE_PROCD=1
|
|
|
|
NAME="dpi-dual"
|
|
PROG="/usr/sbin/dpi-dualctl"
|
|
|
|
validate_section() {
|
|
uci_load_validate dpi-dual global "$1" "$2" \
|
|
'enabled:bool:1' \
|
|
'mode:string:dual' \
|
|
'correlation:bool:1' \
|
|
'stats_dir:string:/tmp/secubox' \
|
|
'flow_dir:string:/tmp/dpi-flows'
|
|
}
|
|
|
|
start_service() {
|
|
local enabled mode
|
|
|
|
config_load dpi-dual
|
|
config_get enabled settings enabled "1"
|
|
config_get mode settings mode "dual"
|
|
|
|
[ "$enabled" != "1" ] && {
|
|
echo "DPI Dual-Stream is disabled"
|
|
return 0
|
|
}
|
|
|
|
echo "Starting DPI Dual-Stream (mode: $mode)..."
|
|
|
|
# Create directories
|
|
local stats_dir flow_dir
|
|
config_get stats_dir settings stats_dir "/tmp/secubox"
|
|
config_get flow_dir settings flow_dir "/tmp/dpi-flows"
|
|
mkdir -p "$stats_dir" "$flow_dir"
|
|
|
|
# Start TAP stream if enabled
|
|
case "$mode" in
|
|
dual|tap-only)
|
|
/usr/lib/dpi-dual/mirror-setup.sh start
|
|
|
|
# Start flow collector as procd service
|
|
procd_open_instance flow-collector
|
|
procd_set_param command /usr/sbin/dpi-flow-collector start
|
|
procd_set_param respawn
|
|
procd_set_param stdout 1
|
|
procd_set_param stderr 1
|
|
procd_close_instance
|
|
;;
|
|
esac
|
|
|
|
# Start LAN passive collector if enabled
|
|
local lan_enabled
|
|
config_get lan_enabled lan enabled "0"
|
|
if [ "$lan_enabled" = "1" ]; then
|
|
procd_open_instance lan-collector
|
|
procd_set_param command /usr/sbin/dpi-lan-collector start
|
|
procd_set_param respawn
|
|
procd_set_param stdout 1
|
|
procd_set_param stderr 1
|
|
procd_close_instance
|
|
fi
|
|
|
|
# Start correlator if enabled
|
|
local correlation
|
|
config_get correlation settings correlation "1"
|
|
if [ "$correlation" = "1" ]; then
|
|
procd_open_instance correlator
|
|
procd_set_param command /usr/sbin/dpi-correlator start
|
|
procd_set_param respawn
|
|
procd_set_param stdout 1
|
|
procd_set_param stderr 1
|
|
procd_close_instance
|
|
fi
|
|
|
|
echo "DPI Dual-Stream started"
|
|
}
|
|
|
|
stop_service() {
|
|
echo "Stopping DPI Dual-Stream..."
|
|
|
|
# Stop mirror
|
|
/usr/lib/dpi-dual/mirror-setup.sh stop 2>/dev/null
|
|
|
|
echo "DPI Dual-Stream stopped"
|
|
}
|
|
|
|
reload_service() {
|
|
stop_service
|
|
start_service
|
|
}
|
|
|
|
service_triggers() {
|
|
procd_add_reload_trigger "dpi-dual"
|
|
}
|
|
|
|
status() {
|
|
/usr/sbin/dpi-dualctl status
|
|
}
|