| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | [Unit] | 
					
						
							|  |  |  | Description=tpot | 
					
						
							|  |  |  | Requires=docker.service | 
					
						
							|  |  |  | After=docker.service | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | [Service] | 
					
						
							|  |  |  | Restart=always | 
					
						
							|  |  |  | RestartSec=5 | 
					
						
							| 
									
										
										
										
											2017-11-23 16:08:19 +00:00
										 |  |  | TimeoutSec=infinity | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Get and set internal, external IP infos, but ignore errors | 
					
						
							|  |  |  | ExecStartPre=-/opt/tpot/bin/updateip.sh | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | # Clear state or if persistence is enabled rotate and compress logs from /data | 
					
						
							|  |  |  | ExecStartPre=-/bin/bash -c '/opt/tpot/bin/clean.sh on' | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | # Remove old containers, images and volumes | 
					
						
							| 
									
										
										
										
											2022-03-17 17:09:00 +00:00
										 |  |  | ExecStartPre=/opt/tpot/bin/tpdclean.sh -y | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Get IF, disable offloading, enable promiscious mode for p0f and suricata | 
					
						
							| 
									
										
										
										
											2017-11-17 13:59:14 +00:00
										 |  |  | ExecStartPre=-/bin/bash -c '/sbin/ethtool --offload $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) rx off tx off' | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | ExecStartPre=/bin/bash -c '/sbin/ethtool -K $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) gso off gro off' | 
					
						
							|  |  |  | ExecStartPre=/bin/bash -c '/sbin/ip link set $(/sbin/ip address | grep "^2: " | awk \'{ print $2 }\' | tr -d [:punct:]) promisc on' | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | # Set iptables accept rules to avoid forwarding to honeytrap / NFQUEUE | 
					
						
							|  |  |  | # Forward all other connections to honeytrap / NFQUEUE | 
					
						
							| 
									
										
										
										
											2018-03-15 10:59:27 +00:00
										 |  |  | ExecStartPre=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml set | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Compose T-Pot up | 
					
						
							| 
									
										
										
										
											2018-02-13 11:17:50 +00:00
										 |  |  | ExecStart=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml up --no-color | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-02-22 17:57:55 +00:00
										 |  |  | # We want to see true source for UDP packets in container (https://github.com/moby/libnetwork/issues/1994) | 
					
						
							|  |  |  | ExecStartPost=/bin/bash -c '/usr/bin/sleep 30 && /usr/sbin/conntrack -D -p udp' | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | # Compose T-Pot down, remove containers and volumes | 
					
						
							| 
									
										
										
										
											2018-02-13 11:19:04 +00:00
										 |  |  | ExecStop=/usr/bin/docker-compose -f /opt/tpot/etc/tpot.yml down -v | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | # Remove only previously set iptables rules | 
					
						
							| 
									
										
										
										
											2018-03-15 10:59:27 +00:00
										 |  |  | ExecStopPost=/opt/tpot/bin/rules.sh /opt/tpot/etc/tpot.yml unset | 
					
						
							| 
									
										
										
										
											2017-09-26 15:15:17 +00:00
										 |  |  | 
 | 
					
						
							|  |  |  | [Install] | 
					
						
							|  |  |  | WantedBy=multi-user.target |