tweaking

healthcheck, watch pid not cpu cleanup dockerfiles bump dicompot, heralding, elasticpot, endlessh to alpine 3.19 bump dionaea, heralding to latest master
2025-07-02 01:27:27 -04:00 · 2024-02-28 19:07:22 +01:00
parent 285b37a00d
commit be74fc75ca
69 changed files with 314 additions and 190 deletions
--- a/docker/dionaea/Dockerfile
+++ b/docker/dionaea/Dockerfile
@ -17,36 +17,37 @@ RUN ARCH=$(arch) && \
    apt install ./libemu2_0.2.0+git20120122-1.2+b1_$ARCH.deb \
                ./libemu-dev_0.2.0+git20120122-1.2+b1_$ARCH.deb -y && \
    apt-get install -y --no-install-recommends \
-	build-essential \
-	ca-certificates \
-	check \
-	cmake \
-	cython3 \
-	git \
-        libcap2-bin \
-	libcurl4-openssl-dev \
-	libev-dev \
-	libglib2.0-dev \
-	libloudmouth1-dev \
-	libnetfilter-queue-dev \
-	libnl-3-dev \
-	libpcap-dev \
-	libssl-dev \
-	libtool \
-	libudns-dev \
-	procps \
-	python3 \
-	python3-dev \
-	python3-boto3 \
-	python3-bson \
-	python3-yaml \
-	fonts-liberation && \
+		build-essential \
+		ca-certificates \
+		check \
+		cmake \
+		cython3 \
+		git \
+		libcap2-bin \
+		libcurl4-openssl-dev \
+		libev-dev \
+		libglib2.0-dev \
+		libloudmouth1-dev \
+		libnetfilter-queue-dev \
+		libnl-3-dev \
+		libpcap-dev \
+		libssl-dev \
+		libtool \
+		libudns-dev \
+		procps \
+		python3 \
+		python3-dev \
+		python3-boto3 \
+		python3-bson \
+		python3-yaml \
+		python3-psutil \
+		fonts-liberation && \
 #
 # Get and install dionaea
-    # Latest master is unstable, SIP causes crashing
-    git clone --depth=1 https://github.com/dinotools/dionaea -b 0.11.0 /root/dionaea/ && \
+    # git clone --depth=1 https://github.com/dinotools/dionaea -b 0.11.0 /root/dionaea/ && \
+    git clone --depth=1 https://github.com/dinotools/dionaea /root/dionaea/ && \
    cd /root/dionaea && \
-    #git checkout 1426750b9fd09c5bfeae74d506237333cd8505e2 && \
+    git checkout 4e459f1b672a5b4c1e8335c0bff1b93738019215 && \
    mkdir build && \
    cd build && \
    cmake -DCMAKE_INSTALL_PREFIX:PATH=/opt/dionaea .. && \
@ -62,6 +63,7 @@ RUN ARCH=$(arch) && \
    chown -R dionaea:dionaea /opt/dionaea/var && \
    rm -rf /opt/dionaea/etc/dionaea/* && \
    mv /root/dist/etc/* /opt/dionaea/etc/dionaea/ && \
+    cp /root/dist/cpu_check.py / && \
 #
 # Setup runtime and clean up
    apt-get purge -y \
@ -88,7 +90,7 @@ RUN ARCH=$(arch) && \
      python3-bson \
      python3-yaml \ 
      wget && \ 
-
+#
    apt-get install -y \
      ca-certificates \
      python3 \
@ -111,7 +113,8 @@ RUN ARCH=$(arch) && \
 #
 # Start dionaea
 STOPSIGNAL SIGINT
-# Dionaea sometimes hangs at 100% CPU usage, if detected process will be killed and container restarts per docker-compose settings
-HEALTHCHECK CMD if [ $(ps -C mpv -p 1 -o %cpu | tail -n 1 | cut -f 1 -d ".") -gt 75 ]; then kill -2 1; else exit 0; fi
+#
+# Dionaea sometimes hangs at 100% CPU usage, if detected container will become unhealthy and restarted by tpotinit
+HEALTHCHECK --interval=5m --timeout=30s --retries=3 CMD python3 /cpu_check.py $(pgrep -of dionaea) 99
 USER dionaea:dionaea
 CMD ["/opt/dionaea/bin/dionaea", "-u", "dionaea", "-g", "dionaea", "-c", "/opt/dionaea/etc/dionaea/dionaea.cfg"]
--- a/docker/dionaea/dist/cpu_check.py
+++ b/docker/dionaea/dist/cpu_check.py
@ -0,0 +1,42 @@
+import psutil
+import sys
+import time
+
+if len(sys.argv) != 3:
+    print("Usage: script.py <PID> <CPU_USAGE_THRESHOLD>")
+    sys.exit(1)
+
+try:
+    pid = int(sys.argv[1])
+except ValueError:
+    print("Please provide a valid integer value for the PID.")
+    sys.exit(1)
+
+try:
+    cpu_threshold = float(sys.argv[2])
+except ValueError:
+    print("Please provide a valid number for the CPU usage threshold.")
+    sys.exit(1)
+
+try:
+    target_process = psutil.Process(pid)
+except psutil.NoSuchProcess:
+    print(f"No process with the PID {pid} was found.")
+    sys.exit(1)
+
+# Prepare to calculate the average CPU usage over 3 intervals of 1 second each
+cpu_usages = []
+for _ in range(3):
+    cpu_usages.append(target_process.cpu_percent(interval=1))
+
+# Calculate the average CPU usage
+average_cpu_usage = sum(cpu_usages) / len(cpu_usages)
+print(f"Average CPU Usage of PID {pid} over 3 seconds: {average_cpu_usage}%")
+
+# Check average CPU usage against the threshold
+if average_cpu_usage >= cpu_threshold:
+    print(f"Average CPU usage of PID {pid} is above or equal to the threshold of {cpu_threshold}%.")
+    sys.exit(1)
+else:
+    print(f"Average CPU usage of PID {pid} is below the threshold of {cpu_threshold}%. Exiting with code 0.")
+    sys.exit(0)
--- a/docker/dionaea/docker-compose.yml
+++ b/docker/dionaea/docker-compose.yml
@ -36,12 +36,12 @@ services:
    image: "dtagdevsec/dionaea:alpha"
    read_only: true
    volumes:
-     - /data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
-     - /data/dionaea/roots/tftp:/opt/dionaea/var/dionaea/roots/tftp
-     - /data/dionaea/roots/www:/opt/dionaea/var/dionaea/roots/www
-     - /data/dionaea/roots/upnp:/opt/dionaea/var/dionaea/roots/upnp
-     - /data/dionaea:/opt/dionaea/var/dionaea
-     - /data/dionaea/binaries:/opt/dionaea/var/dionaea/binaries
-     - /data/dionaea/log:/opt/dionaea/var/log
-     - /data/dionaea/rtp:/opt/dionaea/var/dionaea/rtp
+     - $HOME/tpotce/data/dionaea/roots/ftp:/opt/dionaea/var/dionaea/roots/ftp
+     - $HOME/tpotce/data/dionaea/roots/tftp:/opt/dionaea/var/dionaea/roots/tftp
+     - $HOME/tpotce/data/dionaea/roots/www:/opt/dionaea/var/dionaea/roots/www
+     - $HOME/tpotce/data/dionaea/roots/upnp:/opt/dionaea/var/dionaea/roots/upnp
+     - $HOME/tpotce/data/dionaea:/opt/dionaea/var/dionaea
+     - $HOME/tpotce/data/dionaea/binaries:/opt/dionaea/var/dionaea/binaries
+     - $HOME/tpotce/data/dionaea/log:/opt/dionaea/var/log
+     - $HOME/tpotce/data/dionaea/rtp:/opt/dionaea/var/dionaea/rtp