Clean up, add Spiderfoot

tpot configs are now stored in /etc/tpot/
tpot related scripts are now stored /usr/share/tpot/bin
some scripts are improved
some scripts are cleaned of old comments
spiderfoot is now part of tpot

installer/data/systemd/conpot.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop conpot
 ExecStartPre=-/usr/bin/docker rm -v conpot
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh conpot off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh conpot off'
 ExecStart=/usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 1025:1025 -p 50100:50100 dtagdevsec/conpot:1706
 ExecStop=/usr/bin/docker stop conpot
 

installer/data/systemd/cowrie.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop cowrie
 ExecStartPre=-/usr/bin/docker rm -v cowrie
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh cowrie off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh cowrie off'
 ExecStart=/usr/bin/docker run --name cowrie --rm=true -p 22:2222 -p 23:2223 -v /data/cowrie:/data/cowrie -v /data/ews:/data/ews dtagdevsec/cowrie:1706
 ExecStop=/usr/bin/docker stop cowrie
 

installer/data/systemd/dionaea.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop dionaea
 ExecStartPre=-/usr/bin/docker rm -v dionaea
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh dionaea off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh dionaea off'
 ExecStart=/usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 69:69/udp -p 8081:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 1723:1723 -p 1883:1883 -p 1900:1900 -p 3306:3306 -p 5060:5060 -p 5061:5061 -p 5060:5060/udp -p 11211:11211 -v /data/dionaea:/data/dionaea dtagdevsec/dionaea:1706
 ExecStop=/usr/bin/docker stop dionaea
 

installer/data/systemd/elasticpot.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop elasticpot
 ExecStartPre=-/usr/bin/docker rm -v elasticpot
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh elasticpot off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh elasticpot off'
 ExecStart=/usr/bin/docker run --name elasticpot --rm=true -v /data/elasticpot:/data/elasticpot -p 9200:9200 dtagdevsec/elasticpot:1706
 ExecStop=/usr/bin/docker stop elasticpot
 

installer/data/systemd/elk.service

@@ -7,8 +7,8 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop elk
 ExecStartPre=-/usr/bin/docker rm -v elk
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh elk'
-ExecStart=/usr/bin/docker run --name=elk --env-file /data/elk/environment --cap-add=IPC_LOCK --ulimit memlock=-1:-1 --ulimit nofile=65536:65536 -v /data:/data -v /var/log:/data/host/log -p 127.0.0.1:64296:5601 -p 127.0.0.1:64302:9100 -p 127.0.0.1:64298:9200 --rm=true dtagdevsec/elk:1706
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh elk'
+ExecStart=/usr/bin/docker run --name=elk --env-file /etc/tpot/elk/environment --cap-add=IPC_LOCK --ulimit memlock=-1:-1 --ulimit nofile=65536:65536 -v /data:/data -v /var/log:/data/host/log -p 127.0.0.1:64296:5601 -p 127.0.0.1:64302:9100 -p 127.0.0.1:64298:9200 --rm=true dtagdevsec/elk:1706
 ExecStop=/usr/bin/docker stop elk
 
 [Install]

installer/data/systemd/emobility.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop emobility
 ExecStartPre=-/usr/bin/docker rm -v emobility
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh emobility off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh emobility off'
 ExecStart=/usr/bin/docker run --name emobility --cap-add=NET_ADMIN -p 8080:8080 -v /data/emobility:/data/eMobility -v /data/ews:/data/ews --rm=true dtagdevsec/emobility:1706
 ExecStop=/usr/bin/docker stop emobility
 

installer/data/systemd/glastopf.service

@@ -7,7 +7,7 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop glastopf
 ExecStartPre=-/usr/bin/docker rm -v glastopf
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh glastopf off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh glastopf off'
 ExecStart=/usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:1706
 ExecStop=/usr/bin/docker stop glastopf
 

installer/data/systemd/honeytrap.service

@@ -7,15 +7,15 @@ After=docker.service
 Restart=always
 ExecStartPre=-/usr/bin/docker stop honeytrap
 ExecStartPre=-/usr/bin/docker rm -v honeytrap
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh honeytrap off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh honeytrap off'
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j NFQUEUE
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 3306,5060,5061,5601,11211 -j NFQUEUE
-ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 64295,64296,64297,64298,64299,64300,64301 -j NFQUEUE
+ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 64295,64296,64297,64298,64299,64300,64301,64302,64303 -j NFQUEUE
 ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 1025,50100,8080,8081,9200 -j NFQUEUE
 ExecStart=/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap:/data/honeytrap -v /data/ews:/data/ews dtagdevsec/honeytrap:1706
 ExecStop=/usr/bin/docker stop honeytrap
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 1025,50100,8080,8081,9200 -j NFQUEUE
-ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 64295,64296,64297,64298,64299,64300,64301 -j NFQUEUE
+ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 64295,64296,64297,64298,64299,64300,64301,64302,64303 -j NFQUEUE
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 3306,5060,5061,5601,11211 -j NFQUEUE
 ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -m multiport ! --dports 21,22,23,42,69,80,135,443,445,1433,1723,1883,1900 -j NFQUEUE
 

installer/data/systemd/spiderfoot.service

@@ -0,0 +1,14 @@
+[Unit]
+Description=spiderfoot
+Requires=docker.service
+After=docker.service
+
+[Service]
+Restart=always
+ExecStartPre=-/usr/bin/docker stop spiderfoot
+ExecStartPre=-/usr/bin/docker rm -v spiderfoot
+ExecStart=/usr/bin/docker run --name spiderfoot --rm=true -p 127.0.0.1:64303:8080 dtagdevsec/spiderfoot:1706
+ExecStop=/usr/bin/docker stop spiderfoot 
+
+[Install]
+WantedBy=multi-user.target

installer/data/systemd/suricata.service

@@ -11,7 +11,7 @@ ExecStartPre=-/usr/bin/docker rm -v suricata
 ExecStartPre=/bin/bash -c '/sbin/ethtool --offload $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') rx off tx off'
 ExecStartPre=/bin/bash -c '/sbin/ethtool -K $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') gso off gro off'
 ExecStartPre=/bin/bash -c '/sbin/ip link set $(/sbin/ip route | /bin/grep $(/bin/hostname -I | /usr/bin/awk \'{print $1 }\') | /usr/bin/awk \'{print $3 }\') promisc on'
-ExecStartPre=/bin/bash -c '/usr/bin/clean.sh suricata off'
+ExecStartPre=/bin/bash -c '/usr/share/tpot/bin/clean.sh suricata off'
 ExecStart=/usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata:/data/suricata dtagdevsec/suricata:1706
 ExecStop=/usr/bin/docker stop suricata