gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd54253f66
secubox-openwrt/package/secubox/secubox-mcp-server/files/usr/lib/secubox-mcp/tools/dns.sh
CyberMind-FR 0e0749ed08 feat: Add threat-analyst, dns-guard, mcp-server and DNS provider DynDNS 
New packages:
- secubox-threat-analyst: AI-powered threat analysis with CrowdSec integration
- luci-app-threat-analyst: LuCI dashboard for threat intelligence
- secubox-dns-guard: DNS security monitoring and blocking
- secubox-mcp-server: Model Context Protocol server for AI assistant integration

Enhancements:
- dns-provider: Add DynDNS support (dyndns, get, update, domains commands)
- gandi.sh: Full DynDNS with WAN IP detection and record updates
- luci-app-dnsguard: Upgrade to v1.1.0 with improved dashboard

Infrastructure:
- BIND9 DNS setup for secubox.in with CAA records
- Wildcard SSL certificates via DNS-01 challenge
- HAProxy config fixes for secubox.in subdomains
- Mail server setup with Roundcube webmail

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 08:30:28 +01:00

82 lines
2.6 KiB
Bash
Raw Blame History

# SecuBox MCP Tool: DNS Query Statistics
# Provides DNS stats from AdGuard Home or dnsmasq
ADGUARD_API="http://127.0.0.1:3000/control"
tool_dns_queries() {
# Try AdGuard Home first
if adguard_available; then
get_adguard_stats
else
# Fallback to dnsmasq stats
get_dnsmasq_stats
fi
}
adguard_available() {
wget -q -O /dev/null --timeout=2 "${ADGUARD_API}/status" 2>/dev/null
}
get_adguard_stats() {
# Get AdGuard Home statistics
local stats=$(wget -q -O - "${ADGUARD_API}/stats" 2>/dev/null)
if [ -z "$stats" ]; then
echo '{"source":"adguard","error":"Could not retrieve stats"}'
return 1
fi
# Parse key metrics
local total=$(echo "$stats" | jsonfilter -e '@.num_dns_queries' 2>/dev/null)
local blocked=$(echo "$stats" | jsonfilter -e '@.num_blocked_filtering' 2>/dev/null)
local safe_browsing=$(echo "$stats" | jsonfilter -e '@.num_replaced_safebrowsing' 2>/dev/null)
local parental=$(echo "$stats" | jsonfilter -e '@.num_replaced_parental' 2>/dev/null)
# Calculate percentages
local block_pct=0
[ "$total" -gt 0 ] 2>/dev/null && block_pct=$((blocked * 100 / total))
# Get top clients and domains
local top_clients=$(wget -q -O - "${ADGUARD_API}/stats" 2>/dev/null | jsonfilter -e '@.top_clients' 2>/dev/null)
local top_blocked=$(wget -q -O - "${ADGUARD_API}/stats" 2>/dev/null | jsonfilter -e '@.top_blocked_domains' 2>/dev/null)
cat <<EOF
{"source":"adguard","total_queries":${total:-0},"blocked_queries":${blocked:-0},"blocked_percent":$block_pct,"safe_browsing_blocked":${safe_browsing:-0},"parental_blocked":${parental:-0},"top_clients":${top_clients:-[]},"top_blocked_domains":${top_blocked:-[]}}
EOF
}
get_dnsmasq_stats() {
# Get dnsmasq statistics from syslog
local cache_hits=0
local cache_misses=0
local queries=0
# Parse dnsmasq stats from logread
local stats=$(logread 2>/dev/null | grep -E "dnsmasq.*queries" | tail -1)
if [ -n "$stats" ]; then
queries=$(echo "$stats" | grep -oE 'queries forwarded [0-9]+' | grep -oE '[0-9]+')
cache_hits=$(echo "$stats" | grep -oE 'queries answered locally [0-9]+' | grep -oE '[0-9]+')
fi
# Count unique domains from conntrack
local unique_domains=0
if [ -f /proc/net/nf_conntrack ]; then
unique_domains=$(grep -c "dport=53" /proc/net/nf_conntrack 2>/dev/null || echo 0)
fi
cat <<EOF
{"source":"dnsmasq","total_queries":${queries:-0},"cache_hits":${cache_hits:-0},"cache_misses":${cache_misses:-0},"active_dns_connections":$unique_domains}
EOF
}
# Get blocked domains list
tool_dns_blocklist() {
if adguard_available; then
local blocklist=$(wget -q -O - "${ADGUARD_API}/filtering/status" 2>/dev/null)
echo "$blocklist"
else
echo '{"error":"Blocklist only available with AdGuard Home"}'
fi
}
Reference in New Issue View Git Blame Copy Permalink