feat: new networking partition + schema + test everything works

2025-05-17 14:08:14 +02:00 · 2024-11-20 11:33:24 -05:00 · 2024-11-20 11:33:24 -05:00 · 6377eae0ae
commit 6377eae0ae
parent 09abb7e20f
9 changed files with 78 additions and 16 deletions
--- a/Demo/Dockerfiles/Dockerfile.attaquant
+++ b/Demo/Dockerfiles/Dockerfile.attaquant
@ -2,9 +2,13 @@ FROM python:alpine3.20

 # Installation des paquets nécessaires pour scapy
 RUN apk -U upgrade && \
-    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev nmap
+    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev nmap iproute2
 RUN pip install scapy

+COPY Demo/Dockerfiles/attaquant-entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
+
 # Copier le script d'attaque
 #COPY attack.py /attack.py

--- a/Demo/Dockerfiles/Dockerfile.cible
+++ b/Demo/Dockerfiles/Dockerfile.cible
@ -2,9 +2,12 @@ FROM python:alpine3.20

 # Installation des paquets nécessaires pour scapy
 RUN apk -U upgrade && \
-    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev
+    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev iproute2
 RUN pip install scapy

+COPY Demo/Dockerfiles/cible-entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+ENTRYPOINT ["/entrypoint.sh"]
 # Copier le script de détection d'attaques
 #COPY cible.py /cible.py

--- a/Demo/Dockerfiles/Dockerfile.idps
+++ b/Demo/Dockerfiles/Dockerfile.idps
@ -2,9 +2,13 @@ FROM python:alpine3.20

 # Installation des paquets nécessaires pour scapy
 RUN apk -U upgrade && \
-    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev
+    apk add --no-cache libpcap libpcap-dev gcc musl-dev libffi-dev iptables iproute2
 RUN pip install scapy mysql-connector-python

+# Copier le script de démarrage
+COPY Demo/Dockerfiles/idps-entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
 # Copier le script de l'idps
 WORKDIR /app

@ -14,9 +18,7 @@ COPY idps /app/idps
 # Copie du fichier de configuration
 COPY config.json /app/config.json

-# Autres commandes nécessaires pour ton projet
-# Par exemple, pour installer des dépendances :
-# RUN pip install -r /app/idps/requirements.txt (si applicable)
-
+# Utiliser le script comme point d'entrée
+ENTRYPOINT ["/entrypoint.sh"]
 # Commande par défaut
 CMD ["python", "/app/idps/main.py"]
--- a/Demo/Dockerfiles/attaquant-entrypoint.sh
+++ b/Demo/Dockerfiles/attaquant-entrypoint.sh
@ -0,0 +1,6 @@
+#!/bin/sh
+
+ip route add 172.20.2.0/24 via 172.20.1.3 dev eth0
+
+# Lancer l'application IDPS
+exec "$@"
--- a/Demo/Dockerfiles/cible-entrypoint.sh
+++ b/Demo/Dockerfiles/cible-entrypoint.sh
@ -0,0 +1,6 @@
+#!/bin/sh
+
+ip route add 172.20.1.0/24 via 172.20.2.2 dev eth0
+
+# Lancer l'application IDPS
+exec "$@"
--- a/Demo/Dockerfiles/idps-entrypoint.sh
+++ b/Demo/Dockerfiles/idps-entrypoint.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+
+# Activer l'acheminement des paquets
+echo 1 > /proc/sys/net/ipv4/ip_forward
+
+# Configurer les règles iptables
+ip route add 172.20.2.0/24 via 172.20.2.2 dev eth1
+ip route add 172.20.1.0/24 via 172.20.1.3 dev eth2
+
+iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT
+iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT
+
+# Lancer l'application IDPS
+exec "$@"
--- a/Demo/deploy.sh
+++ b/Demo/deploy.sh
@ -0,0 +1,6 @@
+#/bin/sh
+docker compose build
+docker compose stop
+#docker rm ids idps
+docker rm attaquant1 attaquant2 ids idps cible alert_db
+docker compose up -d
--- a/Demo/docker-compose.yml
+++ b/Demo/docker-compose.yml
@ -7,6 +7,8 @@ services:
      dockerfile: Demo/Dockerfiles/Dockerfile.attaquant
    container_name: attaquant1
    command: sleep infinity
+    cap_add:
+      - NET_ADMIN
    networks:
      net_public:
        ipv4_address: 172.20.1.2
@ -27,15 +29,19 @@ services:
        ipv4_address: 172.20.1.3
      net_private:
        ipv4_address: 172.20.2.2
+      net_data:
+        ipv4_address: 172.20.3.2
    restart: unless-stopped

  # Cible
  cible:
    build:
-      context: Dockerfiles/.
-      dockerfile: Dockerfile.cible
+      context: ..
+      dockerfile: Demo/Dockerfiles/Dockerfile.cible
    container_name: cible
    command: sleep infinity
+    cap_add:
+      - NET_ADMIN
    networks:
      net_private:
        ipv4_address: 172.20.2.3
@ -44,10 +50,12 @@ services:
  # Attaquant 2
  atk2:
    build:
-      context: Dockerfiles/.
-      dockerfile: Dockerfile.attaquant
+      context: ..
+      dockerfile: Demo/Dockerfiles/Dockerfile.attaquant
    container_name: attaquant2
    command: sleep infinity
+    cap_add:
+      - NET_ADMIN
    networks:
      net_private:
        ipv4_address: 172.20.2.4
@ -81,8 +89,8 @@ services:
    ports:
      - "3306:3306"
    networks:
-      net_private:
-        ipv4_address: 172.20.2.10
+      net_data:
+        ipv4_address: 172.20.3.10
    restart: unless-stopped

 networks:
@ -96,3 +104,8 @@ networks:
    ipam:
      config:
        - subnet: 172.20.2.0/24
+  net_data:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.20.3.0/24
--- a/config.json
+++ b/config.json
@ -1,7 +1,7 @@
 {
 	"rules_dirpath": "/app/idps/rules",
-	"ifaces": ["eth0", "eth1"],
-	"db_host": "172.20.2.10",
+	"ifaces": ["eth1"],
+	"db_host": "172.20.3.10",
 	"db_database": "sidps",
 	"db_user": "sidps",
 	"db_password": "SUPERPASSWORD",
@ -13,5 +13,13 @@
 	"synscan_time": 180,
 	"synscan_count": 5,
 	"tcpconnectscan_time": 180,
-	"tcpconnectscan_count": 5
+	"tcpconnectscan_count": 5,
+	"ackscan_time": 180,
+	"ackscan_count": 5,
+	"finscan_time": 180,
+	"finscan_count": 5,
+	"nullscan_time": 180,
+	"nullscan_count": 5,
+	"xmasscan_time": 180,
+	"xmasscan_count": 5
 }