tpotce/docker/log4pot/Dockerfile

FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
ARG PROXY
ENV http_proxy=${PROXY}
#
# Check if APT_PROXY is set and configure apt to use the proxy
RUN bash -c 'if [ -n "${http_proxy}" ]; then \
                 echo "Using APT proxy at ${http_proxy}"; \
                 echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \
               else \
                 echo "APT proxy not configured, proceeding without proxy"; \
             fi' && \
#    bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \
# Setup apt
    apt-get update -y && \
    apt-get install -y \
		build-essential \
		cargo \
		cleo \
		git \
		libcap2 \
		libcap2-bin \
		libcurl4 \
		libcurl4-nss-dev \
		libffi7 \
		libffi-dev \
		libssl-dev \
		python3-pip \
		python3 \
		python3-dev \
		rust-all && \
    pip3 install --upgrade pip && \
    pip3 install poetry pycurl && \
#	     
# Install log4pot from GitHub and setup
    mkdir -p /opt /var/log/log4pot && \
    cd /opt/ && \
    git clone https://github.com/thomaspatzke/Log4Pot && \
    cd Log4Pot && \
    # git checkout fac539f470217347e51127c635f16749a887c0ac && \
    git checkout e224c0f786efb68b4aab892e69857e379b75b0c6 && \
    sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \
    poetry install && \
	setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \
#
# Setup user, groups and configs
	addgroup --gid 2000 log4pot && \
    adduser --system --no-create-home --shell /bin/bash -uid 2000 --disabled-password --disabled-login -gid 2000 log4pot && \
    chown log4pot:log4pot -R /opt/Log4Pot && \
#
# Clean up
    apt-get purge -y build-essential \
		cargo \
		git \
		libffi-dev \
		libssl-dev \
		python3-dev \
		rust-all && \
    apt-get autoremove -y --purge && \
    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git
ENV http_proxy=""
#
# Start log4pot
STOPSIGNAL SIGINT
USER log4pot:log4pot
WORKDIR /opt/Log4Pot/
CMD ["/usr/bin/python3","log4pot-server.py","--port","8080","--log","/var/log/log4pot/log/log4pot.log","--payloader","--download-dir","/var/log/log4pot/payloads/","--download-timeout","15","--response","/opt/Log4Pot/responses/sap-netweaver.html"]
bump elk, log4pot, honeytrap, dionaea to ubuntu 22.04 2022-06-14 10:47:11 +00:00			`FROM ubuntu:22.04`
bump log4pot to latest master rebuild on ubuntu for payload download support 2021-12-20 18:40:38 +00:00			`ENV DEBIAN_FRONTEND noninteractive`
Continue work on builder - add conditional proxy support - use xargs to parallelize image builds - some tweaking and notes 2024-09-07 00:35:04 +00:00			`ARG PROXY`
			`ENV http_proxy=${PROXY}`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`#`
Continue work on builder - add conditional proxy support - use xargs to parallelize image builds - some tweaking and notes 2024-09-07 00:35:04 +00:00			`# Check if APT_PROXY is set and configure apt to use the proxy`
			`RUN bash -c 'if [ -n "${http_proxy}" ]; then \`
			`echo "Using APT proxy at ${http_proxy}"; \`
			`echo "Acquire::http::Proxy \"${http_proxy}\";" > /etc/apt/apt.conf.d/01proxy; \`
			`else \`
			`echo "APT proxy not configured, proceeding without proxy"; \`
			`fi' && \`
			`# bash -c 'echo "Acquire::http::Proxy::ports.ubuntu.com DIRECT;" > /etc/apt/apt.conf.d/99force-no-proxy' && \`
			`# Setup apt`
			`apt-get update -y && \`
bump log4pot to latest master rebuild on ubuntu for payload download support 2021-12-20 18:40:38 +00:00			`apt-get install -y \`
tweaking updating .env, env.example and compose files regarding sentrypeer ENVs make glutton image aware of payloads feature bump glutton to latest master, alpine 3.19, multi-stage build bump ipphoney to alpine 3.19 bump mailoney to alpine 3.19, adjust for py3 revert medpot to previous master, use multi stage build and alpine 3.19 bump cyberchef to latest master bump ngninx to alpine 3.19 bump p0f to alpine 3.19, use multi stage build bump redishoneypot to alpine 3.19, use multi stage build bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen bump spiderfoot to latest master bump spiderfoot to alpine 3.19 bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules update clean.sh to include glutton payloads folder 2024-03-09 11:11:14 +00:00			`build-essential \`
			`cargo \`
			`cleo \`
			`git \`
			`libcap2 \`
			`libcap2-bin \`
			`libcurl4 \`
			`libcurl4-nss-dev \`
			`libffi7 \`
			`libffi-dev \`
			`libssl-dev \`
			`python3-pip \`
			`python3 \`
			`python3-dev \`
			`rust-all && \`
Continue work on builder - add conditional proxy support - use xargs to parallelize image builds - some tweaking and notes 2024-09-07 00:35:04 +00:00			`pip3 install --upgrade pip && \`
			`pip3 install poetry pycurl && \`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`#`
			`# Install log4pot from GitHub and setup`
			`mkdir -p /opt /var/log/log4pot && \`
			`cd /opt/ && \`
			`git clone https://github.com/thomaspatzke/Log4Pot && \`
			`cd Log4Pot && \`
bump log4pot to latest master 2022-11-01 09:39:11 +00:00			`# git checkout fac539f470217347e51127c635f16749a887c0ac && \`
			`git checkout e224c0f786efb68b4aab892e69857e379b75b0c6 && \`
update log4pot to the latest master 2022-01-17 14:52:32 +00:00			`sed -i 's#"type": logtype,#"reason": logtype,#g' log4pot-server.py && \`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`poetry install && \`
tweaking updating .env, env.example and compose files regarding sentrypeer ENVs make glutton image aware of payloads feature bump glutton to latest master, alpine 3.19, multi-stage build bump ipphoney to alpine 3.19 bump mailoney to alpine 3.19, adjust for py3 revert medpot to previous master, use multi stage build and alpine 3.19 bump cyberchef to latest master bump ngninx to alpine 3.19 bump p0f to alpine 3.19, use multi stage build bump redishoneypot to alpine 3.19, use multi stage build bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen bump spiderfoot to latest master bump spiderfoot to alpine 3.19 bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules update clean.sh to include glutton payloads folder 2024-03-09 11:11:14 +00:00			`setcap cap_net_bind_service=+ep $(readlink -f $(which python3)) && \`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`#`
			`# Setup user, groups and configs`
tweaking updating .env, env.example and compose files regarding sentrypeer ENVs make glutton image aware of payloads feature bump glutton to latest master, alpine 3.19, multi-stage build bump ipphoney to alpine 3.19 bump mailoney to alpine 3.19, adjust for py3 revert medpot to previous master, use multi stage build and alpine 3.19 bump cyberchef to latest master bump ngninx to alpine 3.19 bump p0f to alpine 3.19, use multi stage build bump redishoneypot to alpine 3.19, use multi stage build bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen bump spiderfoot to latest master bump spiderfoot to alpine 3.19 bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules update clean.sh to include glutton payloads folder 2024-03-09 11:11:14 +00:00			`addgroup --gid 2000 log4pot && \`
bump log4pot to latest master rebuild on ubuntu for payload download support 2021-12-20 18:40:38 +00:00			`adduser --system --no-create-home --shell /bin/bash -uid 2000 --disabled-password --disabled-login -gid 2000 log4pot && \`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`chown log4pot:log4pot -R /opt/Log4Pot && \`
			`#`
			`# Clean up`
tweaking updating .env, env.example and compose files regarding sentrypeer ENVs make glutton image aware of payloads feature bump glutton to latest master, alpine 3.19, multi-stage build bump ipphoney to alpine 3.19 bump mailoney to alpine 3.19, adjust for py3 revert medpot to previous master, use multi stage build and alpine 3.19 bump cyberchef to latest master bump ngninx to alpine 3.19 bump p0f to alpine 3.19, use multi stage build bump redishoneypot to alpine 3.19, use multi stage build bump sentrypeer to latest master, fix bug for open ports in compose files, now all tcp/5060, udp/5060 traffic will be seen bump spiderfoot to latest master bump spiderfoot to alpine 3.19 bump suricata to 7.0.2, fix performance issue with capture-filter-bpf by reducing the rules update clean.sh to include glutton payloads folder 2024-03-09 11:11:14 +00:00			`apt-get purge -y build-essential \`
			`cargo \`
			`git \`
			`libffi-dev \`
			`libssl-dev \`
			`python3-dev \`
			`rust-all && \`
Continue work on builder - add conditional proxy support - use xargs to parallelize image builds - some tweaking and notes 2024-09-07 00:35:04 +00:00			`apt-get autoremove -y --purge && \`
			`apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /opt/Log4Pot/.git`
			`ENV http_proxy=""`
Prep for Log4Pot integration 2021-12-16 20:25:40 +00:00			`#`
			`# Start log4pot`
			`STOPSIGNAL SIGINT`
			`USER log4pot:log4pot`
			`WORKDIR /opt/Log4Pot/`
update log4pot to the latest master 2022-01-17 14:52:32 +00:00			`CMD ["/usr/bin/python3","log4pot-server.py","--port","8080","--log","/var/log/log4pot/log/log4pot.log","--payloader","--download-dir","/var/log/log4pot/payloads/","--download-timeout","15","--response","/opt/Log4Pot/responses/sap-netweaver.html"]`