tweaking glutton, automatic iptables rules

2025-07-02 01:27:27 -04:00 · 2018-04-16 12:39:46 +00:00
parent 83fbc3eee0
commit edfd5eaa5b
5 changed files with 56 additions and 76 deletions
--- a/docker/glutton/Dockerfile
+++ b/docker/glutton/Dockerfile
@ -45,4 +45,4 @@ RUN apk -U --no-cache add bash \

 # Run supervisor upon container start
 WORKDIR /opt/glutton
-CMD bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log -d true
+CMD exec bin/server -i $(/sbin/ip address | grep '^2: ' | awk '{ print $2 }' | tr -d [:punct:]) -l /var/log/glutton/glutton.log -d true
--- a/docker/glutton/dist/rules.yaml
+++ b/docker/glutton/dist/rules.yaml
@ -1,5 +1,5 @@
 rules:
-  - match: tcp dst port 64295
+  - match: tcp dst port 5001
    type: passthrough
    name: ssh
  - match: tcp dst port 22 or port 2222
@ -35,4 +35,4 @@ rules:
    type: conn_handler
    target: default
  - match: udp
-    type: drop
+    type: drop
--- a/docker/glutton/docker-compose.yml
+++ b/docker/glutton/docker-compose.yml
@ -1,9 +1,6 @@
 # For docker-compose ...
 version: '2.2'

-networks:
-  glutton_local:
-
 services:

 # glutton service
@ -13,9 +10,12 @@ services:
    network_mode: "host"
    #networks:
    # - glutton_local
+    #ports:
+    # - "5000:5000"
+    # - "22:5000"
    cap_add:
     - NET_ADMIN
    image: "dtagdevsec/glutton:1804"
    volumes:
     - /data/glutton/log:/var/log/glutton
-
+     - /root/tpotce/docker/glutton/dist/rules.yaml:/opt/glutton/rules/rules.yaml
--- a/docker/glutton/notes
+++ b/docker/glutton/notes
@ -1,50 +0,0 @@
-1  apk add golang
-    2  apk add go
-    3  apk -U --no-cache add bash                           build-base                           git                           go                           g++                           iptables-dev                           libnetfilter_queue-dev                           libpcap-dev                           procps
-    4  ls
-    5  go get github.com/mushorg/glutton
-    6  go get -d github.com/mushorg/glutton
-    7  ls
-    8  cd $GOPATH
-    9  ls
-   10  cd go/
-   11  ls
-   12  cd src/github.com/mushorg/glutton/
-   13  ls
-   14  go get -u github.com/golang/dep/cmd/dep
-   15  dep
-   16  find / -name dep
-   17  pwd
-   18  cd ..
-   19  ls
-   20  cd ..
-   21  ls
-   22  cd ..
-   23  ls
-   24  cd golang.org/
-   25  ls
-   26  cd x/
-   27  ls
-   28  cd ..
-   29  ls
-   30  cd ..
-   31  ls
-   32  cd ..
-   33  ls
-   34  cd bin
-   35  ls
-   36  dep ensure
-   37  ./dep ensure
-   38  cd ..
-   39  ls
-   40  cd ..
-   41  ls
-   42  cd ..
-   43  ls
-   44  cd root/go/src/github.com/mushorg/glutton/
-   45  which dep
-   46  /root/go/bin/dep ensure
-   47  make build
-   48  bin/server
-   49  history
-