gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd54253f66
secubox-openwrt/package/secubox/secubox-iot-guard/root/etc/init.d/iot-guard
CyberMind-FR 8ef0c70d0f feat(iot-guard): Add IoT device isolation and security monitoring 
Backend (secubox-iot-guard):
- OUI-based device classification with 100+ IoT vendor prefixes
- 10 device classes: camera, thermostat, lighting, plug, assistant, etc.
- Risk scoring (0-100) with auto-isolation threshold
- Anomaly detection: bandwidth spikes, port scans, time anomalies
- Integration with Client Guardian, MAC Guardian, Vortex Firewall
- iot-guardctl CLI for status/list/scan/isolate/trust/block
- SQLite database for devices, anomalies, cloud dependencies
- Traffic baseline profiles for common device classes

Frontend (luci-app-iot-guard):
- KISS-style overview dashboard with security score
- Device management with isolate/trust/block actions
- Vendor classification rules editor
- Settings form for UCI configuration
- RPCD handler with 11 methods
- Public ACL for unauthenticated dashboard access

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-11 10:36:04 +01:00

47 lines
751 B
Bash
Raw Blame History

#!/bin/sh /etc/rc.common
#
# IoT Guard - Device Isolation & Security Service
#
START=95
STOP=10
USE_PROCD=1
NAME="iot-guard"
PROG="/usr/sbin/iot-guardctl"
start_service() {
local enabled
config_load iot-guard
config_get_bool enabled main enabled 0
[ "$enabled" -eq 0 ] && {
logger -t "$NAME" "Service disabled"
return 0
}
logger -t "$NAME" "Starting IoT Guard..."
procd_open_instance
procd_set_param command "$PROG" daemon
procd_set_param respawn 3600 5 5
procd_set_param stdout 1
procd_set_param stderr 1
procd_close_instance
logger -t "$NAME" "IoT Guard started"
}
stop_service() {
logger -t "$NAME" "Stopping IoT Guard..."
}
reload_service() {
stop
start
}
service_triggers() {
procd_add_reload_trigger "iot-guard"
}
Reference in New Issue View Git Blame Copy Permalink