API for communicating between services over unix sockets and the web front end over http
Sets up routing, firewall rules, and tunes performance on the pi
Runs CoreDHCP (golang) to dynamically add devices to the nftable Sets they belong to. For example, dhcp, dns, internet, lan, or custom groups.
Two plugins were added to support this. The first, tiny_subnets allows creating /30 subnets and the second, execute runs a bash script, dhcp_helper.sh upon a DHCP with information about the DHCP request and response.
Runs CoreDNS (golang) with custom modules for ad-blocking, dns-rebinding protection, and logging JSON to influxdb or postgres. A local mappings file is used to map DHCP host names to .lan hostnames, for example macbook.lan
Experimental packet monitoring service geared for forensics, written entirely in golang to keep track of unique network flows, DNS queries, and TLS fingerprints
Since devices are unable to speak directly to one another, multicast is broken by design with the network architecture. A golang service repeats packets to services with the original sender's address. This currently repeats to all devices. Future work could monitor IGMP to limit noise or create a bipartite graph of IOT devices and users, where devices would not be able to communicate directly with other deviecs.
This service supports PPP authentication to the ISP. This is useful if SPR is the main router
TBD https://github.com/spr-networks/super/blob/main/monitor-services-compose.yml#L17
Runs hostapd with a hardened configuration and supports the management of per-station PSKs. It hands off MAC addresses to dhcp For DHCP hardening, an XDP filter is applied so that the the layer 2 source addresses matches the client identifier in the layer 3 udp payload for DHCP.
Restarts the router if there's a failure
Additional pis can be connected over wireguard. Description TBD.