gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd54253f66
secubox-openwrt/package/secubox/secubox-iot-guard/files/config/iot-guard
CyberMind-FR 8ef0c70d0f feat(iot-guard): Add IoT device isolation and security monitoring 
Backend (secubox-iot-guard):
- OUI-based device classification with 100+ IoT vendor prefixes
- 10 device classes: camera, thermostat, lighting, plug, assistant, etc.
- Risk scoring (0-100) with auto-isolation threshold
- Anomaly detection: bandwidth spikes, port scans, time anomalies
- Integration with Client Guardian, MAC Guardian, Vortex Firewall
- iot-guardctl CLI for status/list/scan/isolate/trust/block
- SQLite database for devices, anomalies, cloud dependencies
- Traffic baseline profiles for common device classes

Frontend (luci-app-iot-guard):
- KISS-style overview dashboard with security score
- Device management with isolate/trust/block actions
- Vendor classification rules editor
- Settings form for UCI configuration
- RPCD handler with 11 methods
- Public ACL for unauthenticated dashboard access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-11 10:36:04 +01:00

97 lines
2.4 KiB
Plaintext
Raw Blame History

# IoT Guard - Device Isolation & Security Configuration
config iot-guard 'main'
option enabled '1'
option scan_interval '300'
option auto_isolate '1'
option auto_isolate_threshold '80'
option anomaly_detection '1'
option anomaly_sensitivity 'medium'
option log_level 'info'
# Zone isolation policy
config zone_policy 'isolation'
option target_zone 'iot'
option block_lan '1'
option allow_internet '1'
option bandwidth_limit '10'
# Vendor classification rules
config vendor_rule 'ring'
option vendor_pattern 'Ring|Amazon Ring'
option oui_prefix '40:B4:CD'
option device_class 'camera'
option risk_level 'medium'
option auto_isolate '1'
config vendor_rule 'nest'
option vendor_pattern 'Nest|Google Nest'
option oui_prefix '18:B4:30'
option device_class 'thermostat'
option risk_level 'low'
option auto_isolate '1'
config vendor_rule 'philips_hue'
option vendor_pattern 'Philips Hue|Signify'
option oui_prefix '00:17:88'
option device_class 'bridge'
option risk_level 'low'
option auto_isolate '0'
config vendor_rule 'xiaomi'
option vendor_pattern 'Xiaomi|Mijia'
option oui_prefix '28:6C:07'
option device_class 'mixed'
option risk_level 'high'
option auto_isolate '1'
config vendor_rule 'tuya'
option vendor_pattern 'Tuya|Smart Life'
option oui_prefix 'DC:4F:22'
option device_class 'mixed'
option risk_level 'high'
option auto_isolate '1'
config vendor_rule 'tplink_kasa'
option vendor_pattern 'TP-Link Kasa|Kasa Smart'
option oui_prefix '50:C7:BF'
option device_class 'plug'
option risk_level 'medium'
option auto_isolate '1'
config vendor_rule 'wyze'
option vendor_pattern 'Wyze'
option oui_prefix '2C:AA:8E'
option device_class 'camera'
option risk_level 'medium'
option auto_isolate '1'
config vendor_rule 'espressif'
option vendor_pattern 'Espressif|ESP32|ESP8266'
option oui_prefix '60:01:94'
option device_class 'diy'
option risk_level 'high'
option auto_isolate '1'
config vendor_rule 'amazon_echo'
option vendor_pattern 'Amazon Echo|Alexa'
option oui_prefix 'F0:27:2D'
option device_class 'assistant'
option risk_level 'medium'
option auto_isolate '1'
config vendor_rule 'google_home'
option vendor_pattern 'Google Home'
option oui_prefix '30:FD:38'
option device_class 'assistant'
option risk_level 'medium'
option auto_isolate '1'
# Allowlist - trusted IoT devices
config allowlist 'trusted'
# list mac 'AA:BB:CC:DD:EE:FF'
# Blocklist - banned IoT devices
config blocklist 'banned'
# list mac 'AA:BB:CC:DD:EE:FF'
Reference in New Issue View Git Blame Copy Permalink