diff --git a/Demo/Dockerfiles/Dockerfile.attaquant b/Demo/Dockerfiles/Dockerfile.attaquant index aa5466f..bbdaa4a 100644 --- a/Demo/Dockerfiles/Dockerfile.attaquant +++ b/Demo/Dockerfiles/Dockerfile.attaquant @@ -2,9 +2,13 @@ FROM python:alpine3.20 # Installation des paquets nécessaires pour scapy RUN apk -U upgrade && \ - apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev nmap + apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev nmap iproute2 RUN pip install scapy +COPY Demo/Dockerfiles/attaquant-entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"] + # Copier le script d'attaque #COPY attack.py /attack.py diff --git a/Demo/Dockerfiles/Dockerfile.cible b/Demo/Dockerfiles/Dockerfile.cible index c10bf58..6793bc3 100644 --- a/Demo/Dockerfiles/Dockerfile.cible +++ b/Demo/Dockerfiles/Dockerfile.cible @@ -2,9 +2,12 @@ FROM python:alpine3.20 # Installation des paquets nécessaires pour scapy RUN apk -U upgrade && \ - apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev + apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev iproute2 RUN pip install scapy +COPY Demo/Dockerfiles/cible-entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh +ENTRYPOINT ["/entrypoint.sh"] # Copier le script de détection d'attaques #COPY cible.py /cible.py diff --git a/Demo/Dockerfiles/Dockerfile.idps b/Demo/Dockerfiles/Dockerfile.idps index 330bba4..adc6592 100644 --- a/Demo/Dockerfiles/Dockerfile.idps +++ b/Demo/Dockerfiles/Dockerfile.idps @@ -2,9 +2,13 @@ FROM python:alpine3.20 # Installation des paquets nécessaires pour scapy RUN apk -U upgrade && \ - apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev + apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev iptables iproute2 RUN pip install scapy mysql-connector-python +# Copier le script de démarrage +COPY Demo/Dockerfiles/idps-entrypoint.sh /entrypoint.sh +RUN chmod +x /entrypoint.sh + # Copier le script de l'idps WORKDIR /app @@ -14,9 +18,7 @@ COPY idps /app/idps # Copie du fichier de configuration COPY config.json /app/config.json -# Autres commandes nécessaires pour ton projet -# Par exemple, pour installer des dépendances : -# RUN pip install -r /app/idps/requirements.txt (si applicable) - +# Utiliser le script comme point d'entrée +ENTRYPOINT ["/entrypoint.sh"] # Commande par défaut CMD ["python", "/app/idps/main.py"] diff --git a/Demo/Dockerfiles/attaquant-entrypoint.sh b/Demo/Dockerfiles/attaquant-entrypoint.sh new file mode 100644 index 0000000..11792c1 --- /dev/null +++ b/Demo/Dockerfiles/attaquant-entrypoint.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +ip route add 172.20.2.0/24 via 172.20.1.3 dev eth0 + +# Lancer l'application IDPS +exec "$@" diff --git a/Demo/Dockerfiles/cible-entrypoint.sh b/Demo/Dockerfiles/cible-entrypoint.sh new file mode 100644 index 0000000..74b24ae --- /dev/null +++ b/Demo/Dockerfiles/cible-entrypoint.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +ip route add 172.20.1.0/24 via 172.20.2.2 dev eth0 + +# Lancer l'application IDPS +exec "$@" diff --git a/Demo/Dockerfiles/idps-entrypoint.sh b/Demo/Dockerfiles/idps-entrypoint.sh new file mode 100644 index 0000000..c69f83b --- /dev/null +++ b/Demo/Dockerfiles/idps-entrypoint.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +# Activer l'acheminement des paquets +echo 1 > /proc/sys/net/ipv4/ip_forward + +# Configurer les règles iptables +ip route add 172.20.2.0/24 via 172.20.2.2 dev eth1 +ip route add 172.20.1.0/24 via 172.20.1.3 dev eth2 + +iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT +iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT + +# Lancer l'application IDPS +exec "$@" diff --git a/Demo/deploy.sh b/Demo/deploy.sh new file mode 100755 index 0000000..969b744 --- /dev/null +++ b/Demo/deploy.sh @@ -0,0 +1,6 @@ +#/bin/sh +docker compose build +docker compose stop +#docker rm ids idps +docker rm attaquant1 attaquant2 ids idps cible alert_db +docker compose up -d diff --git a/Demo/docker-compose.yml b/Demo/docker-compose.yml index 596459f..9180621 100644 --- a/Demo/docker-compose.yml +++ b/Demo/docker-compose.yml @@ -7,6 +7,8 @@ services: dockerfile: Demo/Dockerfiles/Dockerfile.attaquant container_name: attaquant1 command: sleep infinity + cap_add: + - NET_ADMIN networks: net_public: ipv4_address: 172.20.1.2 @@ -27,15 +29,19 @@ services: ipv4_address: 172.20.1.3 net_private: ipv4_address: 172.20.2.2 + net_data: + ipv4_address: 172.20.3.2 restart: unless-stopped # Cible cible: build: - context: Dockerfiles/. - dockerfile: Dockerfile.cible + context: .. + dockerfile: Demo/Dockerfiles/Dockerfile.cible container_name: cible command: sleep infinity + cap_add: + - NET_ADMIN networks: net_private: ipv4_address: 172.20.2.3 @@ -44,10 +50,12 @@ services: # Attaquant 2 atk2: build: - context: Dockerfiles/. - dockerfile: Dockerfile.attaquant + context: .. + dockerfile: Demo/Dockerfiles/Dockerfile.attaquant container_name: attaquant2 command: sleep infinity + cap_add: + - NET_ADMIN networks: net_private: ipv4_address: 172.20.2.4 @@ -81,8 +89,8 @@ services: ports: - "3306:3306" networks: - net_private: - ipv4_address: 172.20.2.10 + net_data: + ipv4_address: 172.20.3.10 restart: unless-stopped networks: @@ -96,3 +104,8 @@ networks: ipam: config: - subnet: 172.20.2.0/24 + net_data: + driver: bridge + ipam: + config: + - subnet: 172.20.3.0/24 diff --git a/config.json b/config.json index 5f69321..e028151 100644 --- a/config.json +++ b/config.json @@ -1,7 +1,7 @@ { "rules_dirpath": "/app/idps/rules", - "ifaces": ["eth0", "eth1"], - "db_host": "172.20.2.10", + "ifaces": ["eth1"], + "db_host": "172.20.3.10", "db_database": "sidps", "db_user": "sidps", "db_password": "SUPERPASSWORD", @@ -13,5 +13,13 @@ "synscan_time": 180, "synscan_count": 5, "tcpconnectscan_time": 180, - "tcpconnectscan_count": 5 + "tcpconnectscan_count": 5, + "ackscan_time": 180, + "ackscan_count": 5, + "finscan_time": 180, + "finscan_count": 5, + "nullscan_time": 180, + "nullscan_count": 5, + "xmasscan_time": 180, + "xmasscan_count": 5 }