gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd54253f66
secubox-openwrt/package/secubox/secubox-p2p-intel/files/etc/config/p2p-intel
CyberMind-FR a8eb8b1271 feat(p2p-intel): ZKP trust integration and IOC blockchain recording 
P2P Mesh Intelligence implementation:
- Add ZKP trust bonus (+20) for verified peers in IOC validation
- Create blockchain.sh for permanent threat_ioc and ioc_feedback blocks
- Create feedback.sh for IOC effectiveness tracking and reputation updates
- Enhance gossip.sh IOC handler with ZKP-validated trust checks
- Add SCORE_IOC_EFFECTIVE (+5) and SCORE_IOC_FALSE_POSITIVE (-8) to reputation
- Add zkp_trust_bonus and feedback config options

fix(mailserver): Correct vmail UID from 102 to 5000

Dovecot was using wrong UID (102/redis instead of 5000/vmail) causing
permission denied errors when accessing mailboxes.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-24 17:20:33 +01:00

54 lines
1.4 KiB
Plaintext
Raw Blame History

config p2p_intel 'main'
option enabled '1'
option auto_collect '1'
option collect_interval '300'
# Collect IOCs every 5 minutes
option auto_share '1'
option auto_apply '0'
# Manual approval by default
config sources 'sources'
option crowdsec '1'
option mitmproxy '1'
option waf '1'
option dns_guard '1'
config validation 'validation'
option require_signature '1'
option min_source_trust '40'
# Minimum trust score to accept IOCs
option zkp_trust_bonus '20'
# Extra trust for ZKP-verified peers
option zkp_require_for_critical '1'
# Require ZKP verification for critical severity IOCs
option verify_transitive '1'
# Verify IOCs from peers-of-peers
option max_age_hours '168'
# Reject IOCs older than 7 days
config sharing 'sharing'
option min_severity 'medium'
# Only share medium+ severity
option sign_iocs '1'
option include_evidence '0'
# Include raw evidence (larger payloads)
option batch_size '50'
config application 'application'
option apply_method 'nftables'
# nftables, iptables, or crowdsec
option ipset_name 'p2p_intel_blocked'
option ban_duration '86400'
# 24 hours default
option whitelist_local '1'
# Never block local subnets
config feedback 'feedback'
option enabled '1'
option track_effectiveness '1'
# Track if IOCs actually blocked attacks
option reputation_update '1'
# Update peer reputation on feedback (+5/-8)
option blockchain_record '1'
# Record feedback to blockchain audit trail
Reference in New Issue View Git Blame Copy Permalink