tweaking

compose/mac_win.yml

@@ -409,6 +409,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

compose/mobile.yml

@@ -364,6 +364,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

compose/raspberry_showcase.yml

@@ -364,6 +364,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

compose/sensor.yml

@@ -428,6 +428,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

compose/standard.yml

@@ -430,6 +430,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

compose/tpot_services.yml

@@ -363,25 +363,25 @@ services:
     volumes:
      - ${TPOT_DATA_PATH}/endlessh/log:/var/log/endlessh
 
-# Glutton service
-  glutton:
-    container_name: glutton
-    restart: always
-    depends_on:
-      tpotinit:
-        condition: service_healthy
-    tmpfs:
-     - /var/lib/glutton:uid=2000,gid=2000
-     - /run:uid=2000,gid=2000
-    network_mode: "host"
-    cap_add:
-     - NET_ADMIN
-    image: ${TPOT_REPO}/glutton:${TPOT_VERSION}
-    pull_policy: ${TPOT_PULL_POLICY}
-    read_only: true
-    volumes:
-     - ${TPOT_DATA_PATH}/glutton/log:/var/log/glutton
-     - ${TPOT_DATA_PATH}/glutton/payloads:/opt/glutton/payloads
+# # Glutton service
+  # glutton:
+    # container_name: glutton
+    # restart: always
+    # depends_on:
+      # tpotinit:
+        # condition: service_healthy
+    # tmpfs:
+     # - /var/lib/glutton:uid=2000,gid=2000
+     # - /run:uid=2000,gid=2000
+    # network_mode: "host"
+    # cap_add:
+     # - NET_ADMIN
+    # image: ${TPOT_REPO}/glutton:${TPOT_VERSION}
+    # pull_policy: ${TPOT_PULL_POLICY}
+    # read_only: true
+    # volumes:
+     # - ${TPOT_DATA_PATH}/glutton/log:/var/log/glutton
+     # - ${TPOT_DATA_PATH}/glutton/payloads:/opt/glutton/payloads
 
 # Hellpot service
   hellpot:
@@ -560,6 +560,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

docker-compose.yml

@@ -430,6 +430,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: ${TPOT_REPO}/mailoney:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     read_only: true

docker/glutton/Dockerfile

@@ -18,7 +18,6 @@ RUN apk -U --no-cache add \
     git clone https://github.com/mushorg/glutton && \
     cd /opt/glutton/ && \
     git checkout c1204c65ce32bfdc0e08fb2a9abe89b3b8eeed62 && \
-    # git checkout c25045b95b43ed9bfee89b2d14a50f5794a9cf2b && \
     cp /root/dist/system.go . && \
     go mod download && \
     make build && \

docker/glutton/docker-compose.yml

@@ -20,4 +20,4 @@ services:
     volumes:
      - $HOME/tpotce/data/glutton/log:/var/log/glutton
      - $HOME/tpotce/data/glutton/payloads:/opt/glutton/payloads
-#     - $HOME/tpotce/docker/glutton/dist/rules.yaml:/opt/glutton/rules/rules.yaml
+#     - $HOME/tpotce/docker/glutton/dist/rules.yaml:/opt/glutton/config/rules.yaml

docker/mailoney/docker-compose.yml

@@ -22,6 +22,7 @@ services:
      - mailoney_local
     ports:
      - "25:25"
+     - "587:25"
     image: "dtagdevsec/mailoney:alpha"
     read_only: true
     volumes:

docker/tpotinit/Dockerfile

@@ -45,4 +45,5 @@ WORKDIR /opt/tpot
 #HEALTHCHECK --interval=5s --timeout=30s --retries=3 CMD pgrep -f autoheal || exit 1
 HEALTHCHECK --retries=1000 --interval=5s CMD test -f /tmp/success || exit 1
 STOPSIGNAL SIGTERM
+# Using ENTRYPOINT so we can catch SIGTERM for cleanup
 ENTRYPOINT ["/opt/tpot/entrypoint.sh"]

docker/tpotinit/dist/bin/rules.sh

@@ -57,11 +57,11 @@ fi
 ### Setting up iptables-legacy rules for glutton
 if [ "$myNFQCHECK" == "glutton" ];
   then
-    iptables-legacy -w -t raw -A PREROUTING -s 127.0.0.1 -j ACCEPT
-    iptables-legacy -w -t raw -A PREROUTING -d 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -A PREROUTING -s 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -A PREROUTING -d 127.0.0.1 -j ACCEPT
 
     for myPORT in $myRULESPORTS; do
-      iptables-legacy -w -t raw -A PREROUTING -p tcp --dport $myPORT -j ACCEPT
+      iptables -w -t mangle -A PREROUTING -p tcp --dport $myPORT -j ACCEPT
     done
     # No need for NFQ forwarding, such rules are set up by glutton
 fi
@@ -84,11 +84,11 @@ fi
 ### Removing iptables-legacy rules for glutton
 if [ "$myNFQCHECK" == "glutton" ];
   then
-    iptables-legacy -w -t raw -D PREROUTING -s 127.0.0.1 -j ACCEPT
-    iptables-legacy -w -t raw -D PREROUTING -d 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -D PREROUTING -s 127.0.0.1 -j ACCEPT
+    iptables -w -t mangle -D PREROUTING -d 127.0.0.1 -j ACCEPT
 
     for myPORT in $myRULESPORTS; do
-      iptables-legacy -w -t raw -D PREROUTING -p tcp --dport $myPORT -j ACCEPT
+      iptables -w -t mangle -D PREROUTING -p tcp --dport $myPORT -j ACCEPT
     done
     # No need for removing NFQ forwarding, such rules are removed by glutton
 fi

docker/tpotinit/dist/entrypoint.sh

@@ -17,6 +17,7 @@ cleanup() {
       echo
   fi
   kill -TERM "$PID"
+  rm -f /tmp/success
   echo "# Cleanup done."
   echo
 }