secubox-openwrt/CLAUDE.md

# Claude Instructions for SecuBox OpenWrt

## OpenWrt Shell Scripting Guidelines

### Process Detection
- **Use `pgrep crowdsec` instead of `pgrep -x crowdsec`**
  - The `-x` flag requires an exact process name match which doesn't work reliably on OpenWrt/BusyBox
  - Same applies to other daemons: use `pgrep <name>` without `-x`

### Command Availability
- `timeout` command is NOT available on OpenWrt by default - use alternatives or check with `command -v timeout`
- `ss` command may not be available - use `netstat` or `/proc/net/tcp` as fallbacks
- `sqlite3` may not be installed - provide fallback methods (e.g., delete database file instead of running SQL)

### JSON Parsing
- **Use `jsonfilter` instead of `jq`** - jsonfilter is native to OpenWrt (part of libubox), jq is often not installed
- Syntax examples:
  ```bash
  # Get a field value
  jsonfilter -i /path/to/file.json -e '@.field_name'

  # Get nested field
  jsonfilter -i /path/to/file.json -e '@.parent.child'

  # Get array length (count elements)
  jsonfilter -i /path/to/file.json -e '@[*]' | wc -l

  # Get array element
  jsonfilter -i /path/to/file.json -e '@[0]'
  ```
- Always check for empty results: `[ -z "$result" ] && result=0`

### Port Detection
When checking if a port is listening, use this order of fallbacks:
1. `/proc/net/tcp` (always available) - ports are in hex (e.g., 8080 = 1F90)
2. `netstat -tln` (usually available)
3. `ss -tln` (may not be available)

### Logging
- OpenWrt uses `logread` instead of traditional log files
- Use `logread -l N` to get last N lines
- CrowdSec writes to `/var/log/crowdsec.log`
feat: Portal service detection, nDPId compat layer, CrowdSec/Netifyd packages Portal (luci-app-secubox-portal): - Fix service status showing 0/9 by checking if init scripts exist - Only count installed services in status display - Use pgrep fallback when init script status fails nDPId Dashboard (luci-app-ndpid): - Add default /etc/config/ndpid configuration - Add /etc/init.d/ndpid-compat init script - Enable compat service in postinst for app detection - Fix Makefile to install init script and config CrowdSec Dashboard: - Add CLAUDE.md with OpenWrt-specific guidelines (pgrep without -x) - CSS fixes for hiding LuCI left menu in all views - LAPI repair improvements with retry logic New Packages: - secubox-app-crowdsec: OpenWrt-native CrowdSec package - secubox-app-netifyd: Netifyd DPI integration - luci-app-secubox: Core SecuBox hub - luci-theme-secubox: Custom theme Removed: - luci-app-secubox-crowdsec (replaced by crowdsec-dashboard) - secubox-crowdsec-setup (functionality moved to dashboard) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-10 12:51:40 +00:00			`# Claude Instructions for SecuBox OpenWrt`

			`## OpenWrt Shell Scripting Guidelines`

			`### Process Detection`
			- Use `pgrep crowdsec` instead of `pgrep -x crowdsec`
			- The `-x` flag requires an exact process name match which doesn't work reliably on OpenWrt/BusyBox
			- Same applies to other daemons: use `pgrep <name>` without `-x`

			`### Command Availability`
			- `timeout` command is NOT available on OpenWrt by default - use alternatives or check with `command -v timeout`
			- `ss` command may not be available - use `netstat` or `/proc/net/tcp` as fallbacks
			- `sqlite3` may not be installed - provide fallback methods (e.g., delete database file instead of running SQL)

fix(media-flow): Fix dashboard theming and flow count display - Add SecuBox dark theme initialization to all views (dashboard, alerts, clients, services, history) - Fix flow count detection by using jsonfilter instead of jq (OpenWrt native) - Prioritize /var/run/netifyd/status.json for ndpid-compat flow data - Remove filtering expect{} from API.getActiveStreams() RPC declaration - Update CLAUDE.md with jsonfilter usage guidelines for OpenWrt The dashboard now correctly displays: - Total Flows count from nDPId via ndpid-compat - nDPId/Netifyd status indicators - SecuBox dark theme with portal header Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-13 06:31:21 +00:00			`### JSON Parsing`
			- Use `jsonfilter` instead of `jq` - jsonfilter is native to OpenWrt (part of libubox), jq is often not installed
			`- Syntax examples:`
			```bash
			`# Get a field value`
			`jsonfilter -i /path/to/file.json -e '@.field_name'`

			`# Get nested field`
			`jsonfilter -i /path/to/file.json -e '@.parent.child'`

			`# Get array length (count elements)`
			`jsonfilter -i /path/to/file.json -e '@[*]' \| wc -l`

			`# Get array element`
			`jsonfilter -i /path/to/file.json -e '@[0]'`
			```
			- Always check for empty results: `[ -z "$result" ] && result=0`

feat: Portal service detection, nDPId compat layer, CrowdSec/Netifyd packages Portal (luci-app-secubox-portal): - Fix service status showing 0/9 by checking if init scripts exist - Only count installed services in status display - Use pgrep fallback when init script status fails nDPId Dashboard (luci-app-ndpid): - Add default /etc/config/ndpid configuration - Add /etc/init.d/ndpid-compat init script - Enable compat service in postinst for app detection - Fix Makefile to install init script and config CrowdSec Dashboard: - Add CLAUDE.md with OpenWrt-specific guidelines (pgrep without -x) - CSS fixes for hiding LuCI left menu in all views - LAPI repair improvements with retry logic New Packages: - secubox-app-crowdsec: OpenWrt-native CrowdSec package - secubox-app-netifyd: Netifyd DPI integration - luci-app-secubox: Core SecuBox hub - luci-theme-secubox: Custom theme Removed: - luci-app-secubox-crowdsec (replaced by crowdsec-dashboard) - secubox-crowdsec-setup (functionality moved to dashboard) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-01-10 12:51:40 +00:00			`### Port Detection`
			`When checking if a port is listening, use this order of fallbacks:`
			1. `/proc/net/tcp` (always available) - ports are in hex (e.g., 8080 = 1F90)
			2. `netstat -tln` (usually available)
			3. `ss -tln` (may not be available)

			`### Logging`
			- OpenWrt uses `logread` instead of traditional log files
			- Use `logread -l N` to get last N lines
			- CrowdSec writes to `/var/log/crowdsec.log`