feat: Rewrite mitmproxy with native OpenWrt build (v10.0.0)

Complete rewrite of secubox-app-mitmproxy to use native OpenWrt packages instead of pip runtime installation. New packages created: - mitmproxy (10.0.0) - Native build from GitHub source - python3-mitmproxy-rs (0.5.2) - Rust extension with PyO3 - python3-h11 (0.14.0) - HTTP/1.1 protocol - python3-h2 (4.1.0) - HTTP/2 protocol - python3-hyperframe (6.0.1) - HTTP/2 framing - python3-hpack (4.0.0) - HPACK compression - python3-wsproto (1.2.0) - WebSocket protocol - python3-aioquic (1.0.0) - QUIC/HTTP3 support - python3-pylsqpack (0.3.18) - QPACK encoder - python3-kaitaistruct (0.10) - Binary parsing - python3-publicsuffix2 (2.20191221) - Domain parsing - python3-ldap3 (2.9.1) - LDAP support Changes to secubox-app-mitmproxy: - Removed pip dependency, now uses native +mitmproxy package - Removed wrapper scripts (native binaries from mitmproxy package) - Fixed iptables cleanup to use configured port - Bumped version to 2.0.0 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-10 18:28:53 +01:00 · 2026-01-10 18:28:53 +01:00 · 7f5cb14b96
commit 7f5cb14b96
parent c1c713d4c4
17 changed files with 591 additions and 49 deletions
--- a/package/secubox/mitmproxy/Makefile
+++ b/package/secubox/mitmproxy/Makefile
@ -0,0 +1,90 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+# mitmproxy - Native build for OpenWrt
+# Provides mitmproxy, mitmdump, and mitmweb binaries
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=mitmproxy
+PKG_VERSION:=10.0.0
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=https://github.com/mitmproxy/mitmproxy/archive/refs/tags/v$(PKG_VERSION).tar.gz?
+PKG_HASH:=c1884a3b6c33dca05488e483f19dd13cefac6367e16bdf5961c8a9ff4105b9cc
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
+
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/mitmproxy
+  SECTION:=net
+  CATEGORY:=Network
+  SUBMENU:=SecuBox Apps
+  TITLE:=Interactive HTTPS Proxy
+  URL:=https://mitmproxy.org/
+  DEPENDS:= \
+      +python3 \
+      +python3-asyncio \
+      +python3-logging \
+      +python3-openssl \
+      +python3-urllib \
+      +python3-email \
+      +python3-codecs \
+      +python3-ctypes \
+      +python3-multiprocessing \
+      +python3-mitmproxy-rs \
+      +python3-cryptography \
+      +python3-pyopenssl \
+      +python3-tornado \
+      +python3-flask \
+      +python3-h11 \
+      +python3-h2 \
+      +python3-wsproto \
+      +python3-aioquic \
+      +python3-kaitaistruct \
+      +python3-publicsuffix2 \
+      +python3-ldap3 \
+      +python3-passlib \
+      +python3-msgpack \
+      +python3-sortedcontainers \
+      +python3-pyparsing \
+      +python3-ruamel-yaml \
+      +python3-certifi
+endef
+
+define Package/mitmproxy/description
+  mitmproxy is an interactive TLS-capable intercepting HTTP proxy
+  for penetration testers and software developers.
+
+  This package provides:
+  - mitmproxy: Interactive console interface
+  - mitmdump: Command-line dumping tool
+  - mitmweb: Web-based interface
+
+  Native build for OpenWrt with all dependencies.
+endef
+
+define Build/Compile
+	$(call Py3Build/Compile)
+endef
+
+define Py3Package/mitmproxy/install
+	$(INSTALL_DIR) $(1)/usr/bin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mitmproxy $(1)/usr/bin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mitmdump $(1)/usr/bin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/mitmweb $(1)/usr/bin/
+endef
+
+$(eval $(call Py3Package,mitmproxy))
+$(eval $(call BuildPackage,mitmproxy))
+$(eval $(call BuildPackage,mitmproxy-src))
--- a/package/secubox/python3-aioquic/Makefile
+++ b/package/secubox/python3-aioquic/Makefile
@ -0,0 +1,47 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-aioquic
+PKG_VERSION:=1.0.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=aioquic
+PKG_HASH:=ed31c2b5afa98c5b6cafa4f36149deaf1dff6c5a69701eadd27167415f9f1660
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-aioquic
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=QUIC and HTTP/3 implementation
+  URL:=https://github.com/aiortc/aioquic
+  DEPENDS:= \
+      +python3-light \
+      +python3-asyncio \
+      +python3-cryptography \
+      +python3-certifi \
+      +python3-pylsqpack \
+      +libopenssl
+endef
+
+define Package/python3-aioquic/description
+  aioquic is a library for QUIC (RFC 9000) and HTTP/3 (RFC 9114).
+  It is built on top of asyncio for Python's async/await support.
+  Used by mitmproxy for QUIC and HTTP/3 interception.
+endef
+
+$(eval $(call Py3Package,python3-aioquic))
+$(eval $(call BuildPackage,python3-aioquic))
+$(eval $(call BuildPackage,python3-aioquic-src))
--- a/package/secubox/python3-h11/Makefile
+++ b/package/secubox/python3-h11/Makefile
@ -0,0 +1,41 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-h11
+PKG_VERSION:=0.14.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=h11
+PKG_HASH:=f5383af3d3633a34a3316095b39c8e8fb4853a28a536e55d347bd8d8e9a14b03
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE.txt
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-h11
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=Pure-Python HTTP/1.1 protocol implementation
+  URL:=https://github.com/python-hyper/h11
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-h11/description
+  h11 is a pure-Python, bring-your-own-I/O implementation
+  of the HTTP/1.1 protocol. It is used by mitmproxy for
+  HTTP/1.1 parsing and generation.
+endef
+
+$(eval $(call Py3Package,python3-h11))
+$(eval $(call BuildPackage,python3-h11))
+$(eval $(call BuildPackage,python3-h11-src))
--- a/package/secubox/python3-h2/Makefile
+++ b/package/secubox/python3-h2/Makefile
@ -0,0 +1,45 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-h2
+PKG_VERSION:=4.1.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=h2
+PKG_HASH:=a83aca08fbe7aacb79fec788c9c0bac936343560ed9ec18b82a13a12c28d2abb
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-h2
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=HTTP/2 State Machine for Python
+  URL:=https://github.com/python-hyper/h2
+  DEPENDS:= \
+      +python3-light \
+      +python3-hyperframe \
+      +python3-hpack
+endef
+
+define Package/python3-h2/description
+  h2 is a pure-Python implementation of a HTTP/2 protocol stack.
+  It provides a state machine that manages the HTTP/2 connection,
+  allowing for high-performance HTTP/2 applications.
+  Used by mitmproxy for HTTP/2 support.
+endef
+
+$(eval $(call Py3Package,python3-h2))
+$(eval $(call BuildPackage,python3-h2))
+$(eval $(call BuildPackage,python3-h2-src))
--- a/package/secubox/python3-hpack/Makefile
+++ b/package/secubox/python3-hpack/Makefile
@ -0,0 +1,41 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-hpack
+PKG_VERSION:=4.0.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=hpack
+PKG_HASH:=fc41de0c63e687ebffde81187a948221294896f6bdc0ae2312708df339430095
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-hpack
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=HPACK header compression for HTTP/2
+  URL:=https://github.com/python-hyper/hpack
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-hpack/description
+  hpack implements the HPACK header compression algorithm
+  for HTTP/2, as specified in RFC 7541.
+  Used by h2 for HTTP/2 support in mitmproxy.
+endef
+
+$(eval $(call Py3Package,python3-hpack))
+$(eval $(call BuildPackage,python3-hpack))
+$(eval $(call BuildPackage,python3-hpack-src))
--- a/package/secubox/python3-hyperframe/Makefile
+++ b/package/secubox/python3-hyperframe/Makefile
@ -0,0 +1,41 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-hyperframe
+PKG_VERSION:=6.0.1
+PKG_RELEASE:=1
+
+PYPI_NAME:=hyperframe
+PKG_HASH:=ae510046231dc8e9ecb1a6586f63d2347bf4c8905914aa84ba585ae85f28a914
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-hyperframe
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=HTTP/2 framing layer for Python
+  URL:=https://github.com/python-hyper/hyperframe
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-hyperframe/description
+  hyperframe is a pure-Python HTTP/2 framing layer implementation.
+  It provides a low-level pure-Python API for working with HTTP/2 frames.
+  Used by h2 for HTTP/2 support in mitmproxy.
+endef
+
+$(eval $(call Py3Package,python3-hyperframe))
+$(eval $(call BuildPackage,python3-hyperframe))
+$(eval $(call BuildPackage,python3-hyperframe-src))
--- a/package/secubox/python3-kaitaistruct/Makefile
+++ b/package/secubox/python3-kaitaistruct/Makefile
@ -0,0 +1,42 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-kaitaistruct
+PKG_VERSION:=0.10
+PKG_RELEASE:=1
+
+PYPI_NAME:=kaitaistruct
+PKG_HASH:=a044dee29173d6afbacf27bcac39daf89b654dd418cfa009ab82d9178a9ae52a
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-kaitaistruct
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=Kaitai Struct runtime for Python
+  URL:=https://kaitai.io/
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-kaitaistruct/description
+  Kaitai Struct is a declarative language for describing
+  binary data structures. This package provides the Python
+  runtime library for parsing binary formats.
+  Used by mitmproxy for binary protocol analysis.
+endef
+
+$(eval $(call Py3Package,python3-kaitaistruct))
+$(eval $(call BuildPackage,python3-kaitaistruct))
+$(eval $(call BuildPackage,python3-kaitaistruct-src))
--- a/package/secubox/python3-ldap3/Makefile
+++ b/package/secubox/python3-ldap3/Makefile
@ -0,0 +1,44 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-ldap3
+PKG_VERSION:=2.9.1
+PKG_RELEASE:=1
+
+PYPI_NAME:=ldap3
+PKG_HASH:=f3e7fc4718e3f09dda568b57100095e0ce58633bcabbed8667ce3f8fbaa4229f
+
+PKG_LICENSE:=LGPL-3.0
+PKG_LICENSE_FILES:=LICENSE.txt
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-ldap3
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=LDAP v3 client library
+  URL:=https://github.com/cannatag/ldap3
+  DEPENDS:= \
+      +python3-light \
+      +python3-pyasn1
+endef
+
+define Package/python3-ldap3/description
+  ldap3 is a pure Python LDAP v3 client library conforming
+  to RFC 4510 and RFC 4511. It supports LDAP operations,
+  connection pooling, and TLS.
+  Used by mitmproxy for LDAP proxy support.
+endef
+
+$(eval $(call Py3Package,python3-ldap3))
+$(eval $(call BuildPackage,python3-ldap3))
+$(eval $(call BuildPackage,python3-ldap3-src))
--- a/package/secubox/python3-mitmproxy-rs/Makefile
+++ b/package/secubox/python3-mitmproxy-rs/Makefile
@ -0,0 +1,46 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-mitmproxy-rs
+PKG_VERSION:=0.5.2
+PKG_RELEASE:=1
+
+PYPI_NAME:=mitmproxy_rs
+PKG_HASH:=7583bea1ff5ea8e96c5cf12127e1698c52725f1dfdac6802891a4675b7287ba5
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+PKG_BUILD_DEPENDS:=python-maturin/host
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-mitmproxy-rs
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=Rust components for mitmproxy
+  URL:=https://github.com/mitmproxy/mitmproxy_rs
+  DEPENDS:= \
+      +python3-light \
+      +python3-asyncio \
+      $(RUST_ARCH_DEPENDS)
+endef
+
+define Package/python3-mitmproxy-rs/description
+  The mitmproxy_rs package contains mitmproxy's Rust components,
+  including WireGuard Mode and Local Redirect Mode support.
+  Built with PyO3 for Python bindings.
+endef
+
+$(eval $(call Py3Package,python3-mitmproxy-rs))
+$(eval $(call BuildPackage,python3-mitmproxy-rs))
+$(eval $(call BuildPackage,python3-mitmproxy-rs-src))
--- a/package/secubox/python3-publicsuffix2/Makefile
+++ b/package/secubox/python3-publicsuffix2/Makefile
@ -0,0 +1,42 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-publicsuffix2
+PKG_VERSION:=2.20191221
+PKG_RELEASE:=1
+
+PYPI_NAME:=publicsuffix2
+PKG_HASH:=00f8cc31aa8d0d5592a5ced19cccba7de428ebca985db26ac852d920ddd6fe7b
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-publicsuffix2
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=Public Suffix List implementation
+  URL:=https://github.com/nexB/python-publicsuffix2
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-publicsuffix2/description
+  publicsuffix2 is a Python library to get the public suffix
+  of a domain using Mozilla's Public Suffix List. It's useful
+  for extracting registered domain from URLs.
+  Used by mitmproxy for domain parsing and cookie handling.
+endef
+
+$(eval $(call Py3Package,python3-publicsuffix2))
+$(eval $(call BuildPackage,python3-publicsuffix2))
+$(eval $(call BuildPackage,python3-publicsuffix2-src))
--- a/package/secubox/python3-pylsqpack/Makefile
+++ b/package/secubox/python3-pylsqpack/Makefile
@ -0,0 +1,41 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-pylsqpack
+PKG_VERSION:=0.3.18
+PKG_RELEASE:=1
+
+PYPI_NAME:=pylsqpack
+PKG_HASH:=45ae55e721877505f4d5ccd49591d69353f2a548a8673dfafb251d385b3c097f
+
+PKG_LICENSE:=BSD-3-Clause
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-pylsqpack
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=QPACK encoder/decoder for HTTP/3
+  URL:=https://github.com/aiortc/pylsqpack
+  DEPENDS:=+python3-light
+endef
+
+define Package/python3-pylsqpack/description
+  pylsqpack provides Python bindings for ls-qpack, the QPACK
+  encoder and decoder used in HTTP/3 for header compression.
+  Required by aioquic for QUIC/HTTP3 support.
+endef
+
+$(eval $(call Py3Package,python3-pylsqpack))
+$(eval $(call BuildPackage,python3-pylsqpack))
+$(eval $(call BuildPackage,python3-pylsqpack-src))
--- a/package/secubox/python3-wsproto/Makefile
+++ b/package/secubox/python3-wsproto/Makefile
@ -0,0 +1,44 @@
+#
+# Copyright (C) 2025 CyberMind.fr (SecuBox)
+#
+# This is free software, licensed under the MIT License.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=python3-wsproto
+PKG_VERSION:=1.2.0
+PKG_RELEASE:=1
+
+PYPI_NAME:=wsproto
+PKG_HASH:=ad565f26ecb92588a3e43bc3d96164de84cd9902482b130d0ddbaa9664a85065
+
+PKG_LICENSE:=MIT
+PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
+
+include $(TOPDIR)/feeds/packages/lang/python/pypi.mk
+include $(INCLUDE_DIR)/package.mk
+include $(TOPDIR)/feeds/packages/lang/python/python3-package.mk
+
+define Package/python3-wsproto
+  SECTION:=lang
+  CATEGORY:=Languages
+  SUBMENU:=Python
+  TITLE:=WebSocket protocol implementation
+  URL:=https://github.com/python-hyper/wsproto
+  DEPENDS:= \
+      +python3-light \
+      +python3-h11
+endef
+
+define Package/python3-wsproto/description
+  wsproto is a pure-Python WebSocket protocol library.
+  It provides a state machine for implementing WebSocket
+  clients and servers without I/O.
+  Used by mitmproxy for WebSocket support.
+endef
+
+$(eval $(call Py3Package,python3-wsproto))
+$(eval $(call BuildPackage,python3-wsproto))
+$(eval $(call BuildPackage,python3-wsproto-src))
--- a/package/secubox/secubox-app-mitmproxy/Makefile
+++ b/package/secubox/secubox-app-mitmproxy/Makefile
@ -3,14 +3,15 @@
 #
 # This is free software, licensed under the MIT License.
 #
-# mitmproxy - Interactive HTTPS proxy for traffic inspection
-# Runtime installation via pip for full Python dependency management
+# secubox-app-mitmproxy - mitmproxy integration for SecuBox
+# Provides init scripts, UCI configuration, and control utilities
+# Uses native mitmproxy package (no pip required)
 #

 include $(TOPDIR)/rules.mk

 PKG_NAME:=secubox-app-mitmproxy
-PKG_VERSION:=8.1.1
+PKG_VERSION:=2.0.0
 PKG_RELEASE:=1

 PKG_MAINTAINER:=CyberMind <contact@cybermind.fr>
@ -22,31 +23,25 @@ define Package/secubox-app-mitmproxy
  SECTION:=net
  CATEGORY:=Network
  SUBMENU:=SecuBox Apps
-  TITLE:=mitmproxy - Interactive HTTPS Proxy
+  TITLE:=mitmproxy - Interactive HTTPS Proxy (SecuBox Integration)
  URL:=https://mitmproxy.org/
-  DEPENDS:=+python3 +python3-pip +ca-bundle
+  DEPENDS:=+mitmproxy +jq +openssl-util
  PKGARCH:=all
 endef

 define Package/secubox-app-mitmproxy/description
-  mitmproxy is a free and open source interactive HTTPS proxy.
-  It can intercept, inspect, modify and replay HTTP/HTTPS traffic.
+  SecuBox integration package for mitmproxy.
+  Provides init scripts, UCI configuration, and control utilities.
+
+  Uses native mitmproxy package - no pip or runtime installation required.

  Features:
  - Intercept and modify HTTP/HTTPS traffic
  - Web-based interface (mitmweb)
  - Scripting API for automation
  - SSL/TLS certificate generation
-  - Request/response inspection
-  - URL and cookie capture
-
-  Use cases:
-  - Security testing and penetration testing
-  - API debugging and development
-  - Network traffic analysis
-  - Parental controls and content filtering
-
-  Note: mitmproxy is installed via pip on first run.
+  - Transparent proxy mode with iptables
+  - QUIC/HTTP3 support
 endef

 define Package/secubox-app-mitmproxy/conffiles
@ -54,16 +49,9 @@ define Package/secubox-app-mitmproxy/conffiles
 endef

 define Build/Compile
-	@echo "No compilation required - mitmproxy installed via pip at runtime"
 endef

 define Package/secubox-app-mitmproxy/install
-	# Wrapper scripts
-	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) ./files/usr/bin/mitmproxy $(1)/usr/bin/mitmproxy
-	$(INSTALL_BIN) ./files/usr/bin/mitmdump $(1)/usr/bin/mitmdump
-	$(INSTALL_BIN) ./files/usr/bin/mitmweb $(1)/usr/bin/mitmweb
-
 	# Config
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_CONF) ./files/etc/config/mitmproxy $(1)/etc/config/mitmproxy
@ -78,32 +66,28 @@ define Package/secubox-app-mitmproxy/install

 	# CA certificate directory
 	$(INSTALL_DIR) $(1)/etc/mitmproxy
+
+	# Runtime directories
+	$(INSTALL_DIR) $(1)/var/lib/mitmproxy
+	$(INSTALL_DIR) $(1)/tmp/mitmproxy
 endef

 define Package/secubox-app-mitmproxy/postinst
 #!/bin/sh
 [ -n "$${IPKG_INSTROOT}" ] || {
-	# Create data directories
-	mkdir -p /var/lib/mitmproxy
-	mkdir -p /tmp/mitmproxy
+	# Create runtime directories
+	mkdir -p /var/lib/mitmproxy /tmp/mitmproxy /etc/mitmproxy

-	# Install mitmproxy via pip if not already installed
-	if ! python3 -c "import mitmproxy" 2>/dev/null; then
-		echo "Installing mitmproxy via pip..."
-		pip3 install --no-cache-dir mitmproxy==8.1.1
-	fi
-
-	# Generate CA certificate if not exists
+	# Generate CA certificate if needed
 	if [ ! -f /etc/mitmproxy/mitmproxy-ca.pem ]; then
 		echo "Generating mitmproxy CA certificate..."
-		/usr/bin/mitmdump --set confdir=/etc/mitmproxy -q &
-		sleep 5
-		killall -q mitmdump 2>/dev/null || killall -q python3 2>/dev/null || true
+		mitmdump --set confdir=/etc/mitmproxy -q &
+		sleep 3
+		killall mitmdump 2>/dev/null || true
 	fi

 	/etc/init.d/mitmproxy enable
 	echo "mitmproxy installed. Start with: /etc/init.d/mitmproxy start"
-	echo "Web interface at: http://router:8081"
 }
 exit 0
 endef
--- a/package/secubox/secubox-app-mitmproxy/files/etc/init.d/mitmproxy
+++ b/package/secubox/secubox-app-mitmproxy/files/etc/init.d/mitmproxy
@ -108,11 +108,14 @@ setup_iptables() {
 }

 cleanup_iptables() {
+	# Get configured port (default 8080)
+	local port=$(uci -q get mitmproxy.main.listen_port || echo "8080")
+
 	# Remove mitmproxy redirect rules
 	iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 80 \
-		-j REDIRECT --to-port 8080 2>/dev/null
+		-j REDIRECT --to-port "$port" 2>/dev/null
 	iptables -t nat -D PREROUTING -i br-lan -p tcp --dport 443 \
-		-j REDIRECT --to-port 8080 2>/dev/null
+		-j REDIRECT --to-port "$port" 2>/dev/null
 	iptables -t nat -D PREROUTING -p tcp -m mark --mark 0x1/0x1 -j ACCEPT 2>/dev/null
 }

--- a/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmdump
+++ b/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmdump
@ -1,3 +0,0 @@
-#!/bin/sh
-# mitmdump wrapper script
-exec python3 -m mitmproxy.tools.dump "$@"
--- a/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmproxy
+++ b/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmproxy
@ -1,3 +0,0 @@
-#!/bin/sh
-# mitmproxy wrapper script
-exec python3 -m mitmproxy "$@"
--- a/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmweb
+++ b/package/secubox/secubox-app-mitmproxy/files/usr/bin/mitmweb
@ -1,3 +0,0 @@
-#!/bin/sh
-# mitmweb wrapper script
-exec python3 -m mitmproxy.tools.web "$@"