From acf1c804eef4fb338d7e6d614982a5b295d8deaa Mon Sep 17 00:00:00 2001 From: t3chn0m4g3 Date: Mon, 30 May 2016 14:51:32 +0000 Subject: [PATCH] point to 16.10 images on dockerhub --- getimages.sh | 4 +-- installer/bin/update-images.sh | 8 ++--- installer/data/systemd/conpot.service | 2 +- installer/data/systemd/cowrie.service | 2 +- installer/data/systemd/dionaea.service | 7 +--- installer/data/systemd/elasticpot.service | 2 +- installer/data/systemd/elk.service | 2 +- installer/data/systemd/emobility.service | 2 +- installer/data/systemd/glastopf.service | 2 +- installer/data/systemd/honeytrap.service | 2 +- installer/data/systemd/suricata.service | 2 +- installer/data/upstart/conpot.conf | 34 ------------------- installer/data/upstart/cowrie.conf | 34 ------------------- installer/data/upstart/dionaea.conf | 35 -------------------- installer/data/upstart/elasticpot.conf | 34 ------------------- installer/data/upstart/elk.conf | 29 ---------------- installer/data/upstart/emobility.conf | 33 ------------------- installer/data/upstart/glastopf.conf | 34 ------------------- installer/data/upstart/honeytrap.conf | 40 ----------------------- installer/data/upstart/suricata.conf | 39 ---------------------- installer/install.sh | 8 ++--- 21 files changed, 18 insertions(+), 337 deletions(-) delete mode 100644 installer/data/upstart/conpot.conf delete mode 100644 installer/data/upstart/cowrie.conf delete mode 100644 installer/data/upstart/dionaea.conf delete mode 100644 installer/data/upstart/elasticpot.conf delete mode 100644 installer/data/upstart/elk.conf delete mode 100644 installer/data/upstart/emobility.conf delete mode 100644 installer/data/upstart/glastopf.conf delete mode 100644 installer/data/upstart/honeytrap.conf delete mode 100644 installer/data/upstart/suricata.conf diff --git a/getimages.sh b/getimages.sh index ff701301..97721408 100755 --- a/getimages.sh +++ b/getimages.sh @@ -31,14 +31,14 @@ if [ $1 == "now" ] then for name in $(cat installer/data/imgcfg/all_images.conf) do - docker pull dtagdevsec/$name:latest1603 + docker pull dtagdevsec/$name:latest1610 done mkdir images chmod 777 images for name in $(cat installer/data/full_images.conf) do echo "Now exporting dtagdevsec/$name:latest1603" - docker save -o images/$name:latest1603.img dtagdevsec/$name:latest1603 + docker save -o images/$name:latest1610.img dtagdevsec/$name:latest1610 done chmod 777 images/*.img fi diff --git a/installer/bin/update-images.sh b/installer/bin/update-images.sh index e89e198d..b41e69c3 100755 --- a/installer/bin/update-images.sh +++ b/installer/bin/update-images.sh @@ -34,8 +34,7 @@ done # We do not want to get interrupted by a check touch /var/run/check.lock -# Stop T-Pot services and delete all T-Pot upstart scripts -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +# Stop T-Pot services and disable all T-Pot services echo "### Stopping T-Pot services and cleaning up." for i in $(cat /data/imgcfg/all_images.conf); do @@ -43,7 +42,6 @@ for i in $(cat /data/imgcfg/all_images.conf); sleep 2 systemctl disable $i; done -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! # Restarting docker services echo "### Restarting docker services ..." @@ -52,10 +50,10 @@ sleep 2 systemctl start docker sleep 2 -# Setup only T-Pot upstart scripts from images.conf and pull the images +# Enable only T-Pot upstart scripts from images.conf and pull the images for i in $(cat /data/images.conf); do - docker pull dtagdevsec/$i:latest1603; + docker pull dtagdevsec/$i:latest1610; systemctl enable $i; done diff --git a/installer/data/systemd/conpot.service b/installer/data/systemd/conpot.service index d2f7407e..0b301a14 100644 --- a/installer/data/systemd/conpot.service +++ b/installer/data/systemd/conpot.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop conpot ExecStartPre=-/usr/bin/docker rm -v conpot ExecStartPre=/bin/bash -c '/usr/bin/clean.sh conpot off' -ExecStart=/usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 81:80 -p 102:102 -p 161:161/udp -p 502:502 dtagdevsec/conpot:latest1603 +ExecStart=/usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 81:80 -p 102:102 -p 161:161/udp -p 502:502 dtagdevsec/conpot:latest1610 ExecStop=/usr/bin/docker stop conpot [Install] diff --git a/installer/data/systemd/cowrie.service b/installer/data/systemd/cowrie.service index aa9b0b76..45db2a9a 100644 --- a/installer/data/systemd/cowrie.service +++ b/installer/data/systemd/cowrie.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop cowrie ExecStartPre=-/usr/bin/docker rm -v cowrie ExecStartPre=/bin/bash -c '/usr/bin/clean.sh cowrie off' -ExecStart=/usr/bin/docker run --name cowrie --rm=true -p 22:2222 -v /data/cowrie:/data/cowrie -v /data/ews:/data/ews dtagdevsec/cowrie:latest1603 +ExecStart=/usr/bin/docker run --name cowrie --rm=true -p 22:2222 -v /data/cowrie:/data/cowrie -v /data/ews:/data/ews dtagdevsec/cowrie:latest1610 ExecStop=/usr/bin/docker stop cowrie [Install] diff --git a/installer/data/systemd/dionaea.service b/installer/data/systemd/dionaea.service index eb3d1c98..6fd94426 100644 --- a/installer/data/systemd/dionaea.service +++ b/installer/data/systemd/dionaea.service @@ -5,15 +5,10 @@ After=docker.service [Service] Restart=always -#PermissionsStartOnly=true -#User=root -#Group=root ExecStartPre=-/usr/bin/docker stop dionaea ExecStartPre=-/usr/bin/docker rm -v dionaea ExecStartPre=/bin/bash -c '/usr/bin/clean.sh dionaea off' -#ExecStartPre=/usr/bin/clean.sh dionaea -ExecStart=/usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8081:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5060:5060 -p 5061:5061 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea:/data/dionaea -v /data/ews:/data/ews dtagdevsec/dionaea:latest1603 -#ExecStartPost=/bin/sleep 2 +ExecStart=/usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8081:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5060:5060 -p 5061:5061 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea:/data/dionaea -v /data/ews:/data/ews dtagdevsec/dionaea:latest1610 ExecStop=/usr/bin/docker stop dionaea [Install] diff --git a/installer/data/systemd/elasticpot.service b/installer/data/systemd/elasticpot.service index fc0e68b3..7b4e2179 100644 --- a/installer/data/systemd/elasticpot.service +++ b/installer/data/systemd/elasticpot.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop elasticpot ExecStartPre=-/usr/bin/docker rm -v elasticpot ExecStartPre=/bin/bash -c '/usr/bin/clean.sh elasticpot off' -ExecStart=/usr/bin/docker run --name elasticpot --rm=true -v /data/elasticpot:/data/elasticpot -v /data/ews:/data/ews -p 9200:9200 dtagdevsec/elasticpot:latest1603 +ExecStart=/usr/bin/docker run --name elasticpot --rm=true -v /data/elasticpot:/data/elasticpot -v /data/ews:/data/ews -p 9200:9200 dtagdevsec/elasticpot:latest1610 ExecStop=/usr/bin/docker stop elasticpot [Install] diff --git a/installer/data/systemd/elk.service b/installer/data/systemd/elk.service index cef71d1f..9d38428e 100644 --- a/installer/data/systemd/elk.service +++ b/installer/data/systemd/elk.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop elk ExecStartPre=-/usr/bin/docker rm -v elk ExecStartPre=/bin/bash -c '/usr/bin/clean.sh elk' -ExecStart=/usr/bin/docker run --name=elk -v /data:/data -v /var/log:/data/host/log -p 127.0.0.1:64296:8080 --rm=true dtagdevsec/elk:latest1603 +ExecStart=/usr/bin/docker run --name=elk -v /data:/data -v /var/log:/data/host/log -p 127.0.0.1:64296:8080 --rm=true dtagdevsec/elk:latest1610 ExecStop=/usr/bin/docker stop elk [Install] diff --git a/installer/data/systemd/emobility.service b/installer/data/systemd/emobility.service index f5c48034..924fe9aa 100644 --- a/installer/data/systemd/emobility.service +++ b/installer/data/systemd/emobility.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop emobility ExecStartPre=-/usr/bin/docker rm -v emobility ExecStartPre=/bin/bash -c '/usr/bin/clean.sh emobility off' -ExecStart=/usr/bin/docker run --name emobility --cap-add=NET_ADMIN -p 8080:8080 -v /data/emobility:/data/eMobility -v /data/ews:/data/ews --rm=true dtagdevsec/emobility:latest1603 +ExecStart=/usr/bin/docker run --name emobility --cap-add=NET_ADMIN -p 8080:8080 -v /data/emobility:/data/eMobility -v /data/ews:/data/ews --rm=true dtagdevsec/emobility:latest1610 ExecStop=/usr/bin/docker stop emobility [Install] diff --git a/installer/data/systemd/glastopf.service b/installer/data/systemd/glastopf.service index ada61c21..ae044010 100644 --- a/installer/data/systemd/glastopf.service +++ b/installer/data/systemd/glastopf.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop glastopf ExecStartPre=-/usr/bin/docker rm -v glastopf ExecStartPre=/bin/bash -c '/usr/bin/clean.sh glastopf off' -ExecStart=/usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:latest1603 +ExecStart=/usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:latest1610 ExecStop=/usr/bin/docker stop glastopf [Install] diff --git a/installer/data/systemd/honeytrap.service b/installer/data/systemd/honeytrap.service index 4d09b4a5..0a39b976 100644 --- a/installer/data/systemd/honeytrap.service +++ b/installer/data/systemd/honeytrap.service @@ -9,7 +9,7 @@ ExecStartPre=-/usr/bin/docker stop honeytrap ExecStartPre=-/usr/bin/docker rm -v honeytrap ExecStartPre=/bin/bash -c '/usr/bin/clean.sh honeytrap off' ExecStartPre=/sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE -ExecStart=/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap:/data/honeytrap -v /data/ews:/data/ews dtagdevsec/honeytrap:latest1603 +ExecStart=/usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap:/data/honeytrap -v /data/ews:/data/ews dtagdevsec/honeytrap:latest1610 ExecStop=/usr/bin/docker stop honeytrap ExecStopPost=/sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE diff --git a/installer/data/systemd/suricata.service b/installer/data/systemd/suricata.service index 391f6d42..b8536621 100644 --- a/installer/data/systemd/suricata.service +++ b/installer/data/systemd/suricata.service @@ -8,7 +8,7 @@ Restart=always ExecStartPre=-/usr/bin/docker stop suricata ExecStartPre=-/usr/bin/docker rm -v suricata ExecStartPre=/bin/bash -c '/usr/bin/clean.sh suricata off' -ExecStart=/usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata:/data/suricata dtagdevsec/suricata:latest1603 +ExecStart=/usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata:/data/suricata dtagdevsec/suricata:latest1610 ExecStop=/usr/bin/docker stop suricata [Install] diff --git a/installer/data/upstart/conpot.conf b/installer/data/upstart/conpot.conf deleted file mode 100644 index bb51b86a..00000000 --- a/installer/data/upstart/conpot.conf +++ /dev/null @@ -1,34 +0,0 @@ -######################################################## -# T-Pot # -# ConPot upstart script # -# # -# v16.03.2 by mo, DTAG, 2016-03-02 # -######################################################## - -description "ConPot" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing conpot containers - myCID=$(docker ps -a | grep conpot | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/conpot/* || true - mkdir -p /data/conpot/log - chmod 760 /data/conpot -R - chown tpot:tpot /data/conpot -R - fi -end script -script - /usr/bin/docker run --name conpot --rm=true -v /data/conpot:/data/conpot -v /data/ews:/data/ews -p 81:80 -p 102:102 -p 161:161/udp -p 502:502 dtagdevsec/conpot:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/cowrie.conf b/installer/data/upstart/cowrie.conf deleted file mode 100644 index 80efdd25..00000000 --- a/installer/data/upstart/cowrie.conf +++ /dev/null @@ -1,34 +0,0 @@ -######################################################## -# T-Pot # -# Cowrie upstart script # -# # -# v16.03.4 by av / mo, DTAG, 2016-03-03 # -######################################################## - -description "Cowrie" -author "av" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing cowrie containers - myCID=$(docker ps -a | grep cowrie | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/cowrie/* || true - mkdir -p /data/cowrie/log/tty/ /data/cowrie/downloads/ /data/cowrie/keys/ /data/cowrie/misc/ - chmod 760 /data/cowrie -R - chown tpot:tpot /data/cowrie -R - fi -end script -script - /usr/bin/docker run --name cowrie --rm=true -p 22:2222 -v /data/cowrie:/data/cowrie -v /data/ews:/data/ews dtagdevsec/cowrie:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/dionaea.conf b/installer/data/upstart/dionaea.conf deleted file mode 100644 index 42b43f44..00000000 --- a/installer/data/upstart/dionaea.conf +++ /dev/null @@ -1,35 +0,0 @@ -######################################################## -# T-Pot # -# Dionaea upstart script # -# # -# v16.03.6 by mo, DTAG, 2016-03-03 # -######################################################## - -description "Dionaea" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing dionaea containers - myCID=$(docker ps -a | grep dionaea | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/dionaea/* || true - rm /data/ews/dionaea/ews.json || true - mkdir -p /data/dionaea/log /data/dionaea/bistreams /data/dionaea/binaries /data/dionaea/rtp /data/dionaea/wwwroot - chmod 760 /data/dionaea -R - chown tpot:tpot /data/dionaea -R - fi -end script -script - /usr/bin/docker run --name dionaea --cap-add=NET_BIND_SERVICE --rm=true -p 21:21 -p 42:42 -p 8081:80 -p 135:135 -p 443:443 -p 445:445 -p 1433:1433 -p 3306:3306 -p 5060:5060 -p 5061:5061 -p 69:69/udp -p 5060:5060/udp -v /data/dionaea:/data/dionaea -v /data/ews:/data/ews dtagdevsec/dionaea:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/elasticpot.conf b/installer/data/upstart/elasticpot.conf deleted file mode 100644 index 95cb8436..00000000 --- a/installer/data/upstart/elasticpot.conf +++ /dev/null @@ -1,34 +0,0 @@ -######################################################## -# T-Pot # -# Elasticpot upstart script # -# # -# v16.03.5 by ms/mo, DTAG, 2016-03-03 # -######################################################## - -description "ElasticPot" -author "ms" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing elasticpot containers - myCID=$(docker ps -a | grep elasticpot | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/elasticpot/* || true - mkdir -p /data/elasticpot/log - chmod 760 /data/elasticpot -R - chown tpot:tpot /data/elasticpot -R - fi -end script -script - /usr/bin/docker run --name elasticpot --rm=true -v /data/elasticpot:/data/elasticpot -v /data/ews:/data/ews -p 9200:9200 dtagdevsec/elasticpot:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/elk.conf b/installer/data/upstart/elk.conf deleted file mode 100644 index d4ced75a..00000000 --- a/installer/data/upstart/elk.conf +++ /dev/null @@ -1,29 +0,0 @@ -######################################################## -# T-Pot # -# ELK upstart script # -# # -# v16.03.7 by mo, DTAG, 2016-03-12 # -######################################################## - -description "ELK" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing elk containers - myCID=$(docker ps -a | grep elk | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # ELK data will be kept for <= 90 days, check /etc/crontab for curator modification - # ELK daemon log files will be removed - rm -rf /data/elk/log/* || true -end script -script - /usr/bin/docker run --name=elk -v /data:/data -v /var/log:/data/host/log -p 127.0.0.1:64296:8080 --rm=true dtagdevsec/elk:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/emobility.conf b/installer/data/upstart/emobility.conf deleted file mode 100644 index 8e49654f..00000000 --- a/installer/data/upstart/emobility.conf +++ /dev/null @@ -1,33 +0,0 @@ -######################################################## -# T-Pot # -# eMobility upstart script # -# # -# v16.03.1 by ms / mo, DTAG, 2016-03-03 # -######################################################## - -description "emobility" -author "ms" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing emobility containers - myCID=$(docker ps -a | grep emobility | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/emobility/* || true - rm /data/ews/emobility/ews.json || true - mkdir -p /data/emobility/log /data/ews/emobility - chmod 760 /data/emobility -R - chown tpot:tpot /data/emobility -R - fi -end script -script - # Delayed start to avoid rapid respawning - sleep 2 - /usr/bin/docker run --name emobility --cap-add=NET_ADMIN -p 8080:8080 -v /data/emobility:/data/eMobility -v /data/ews:/data/ews --rm=true dtagdevsec/emobility:latest1603 -end script diff --git a/installer/data/upstart/glastopf.conf b/installer/data/upstart/glastopf.conf deleted file mode 100644 index ce26abdd..00000000 --- a/installer/data/upstart/glastopf.conf +++ /dev/null @@ -1,34 +0,0 @@ -######################################################## -# T-Pot # -# Glastopf upstart script # -# # -# v16.03.4 by mo, DTAG, 2016-03-04 # -######################################################## - -description "Glastopf" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing glastopf containers - myCID=$(docker ps -a | grep glastopf | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/glastopf/* || true - mkdir -p /data/glastopf - chmod 760 /data/glastopf -R - chown tpot:tpot /data/glastopf -R - fi -end script -script - /usr/bin/docker run --name glastopf --rm=true -v /data/glastopf:/data/glastopf -v /data/ews:/data/ews -p 80:80 dtagdevsec/glastopf:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/data/upstart/honeytrap.conf b/installer/data/upstart/honeytrap.conf deleted file mode 100644 index ff5f80e4..00000000 --- a/installer/data/upstart/honeytrap.conf +++ /dev/null @@ -1,40 +0,0 @@ -######################################################## -# T-Pot # -# Honeytrap upstart script # -# # -# v16.03.8 by mo, DTAG, 2016-03-04 # -######################################################## - -description "Honeytrap" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing honeytrap containers - myCID=$(docker ps -a | grep honeytrap | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/honeytrap/* || true - mkdir -p /data/honeytrap/log/ /data/honeytrap/attacks/ /data/honeytrap/downloads/ - chmod 760 /data/honeytrap/ -R - chown tpot:tpot /data/honeytrap/ -R - fi - # Enable NFQ chain - /sbin/iptables -w -A INPUT -p tcp --syn -m state --state NEW -j NFQUEUE -end script -script - /usr/bin/docker run --name honeytrap --cap-add=NET_ADMIN --net=host --rm=true -v /data/honeytrap:/data/honeytrap -v /data/ews:/data/ews dtagdevsec/honeytrap:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script -post-stop script - # Drop NFQ chain - /sbin/iptables -w -D INPUT -p tcp --syn -m state --state NEW -j NFQUEUE -end script diff --git a/installer/data/upstart/suricata.conf b/installer/data/upstart/suricata.conf deleted file mode 100644 index 1fd1c5f1..00000000 --- a/installer/data/upstart/suricata.conf +++ /dev/null @@ -1,39 +0,0 @@ -######################################################## -# T-Pot # -# Suricata upstart script # -# # -# v16.03.3 by mo, DTAG, 2016-03-04 # -######################################################## - -description "Suricata" -author "mo" -start on started docker and filesystem -stop on runlevel [!2345] -respawn -pre-start script - # Remove any existing suricata containers - myCID=$(docker ps -a | grep suricata | awk '{ print $1 }') - if [ "$myCID" != "" ]; - then docker rm -v $myCID; - fi - # Remove any data from previous container if persistence is not enabled - if ! [ -f /data/persistence.on ]; - then - rm -rf /data/suricata/* || true - mkdir -p /data/suricata/log - chmod 760 -R /data/suricata - chown tpot:tpot -R /data/suricata - fi - # Get IF, disable offloading, enable promiscious mode - myIF=$(route | grep default | awk '{ print $8 }') - /sbin/ethtool --offload $myIF rx off tx off - /sbin/ethtool -K $myIF gso off gro off - /sbin/ip link set $myIF promisc on -end script -script - /usr/bin/docker run --name suricata --cap-add=NET_ADMIN --net=host --rm=true -v /data/suricata:/data/suricata dtagdevsec/suricata:latest1603 -end script -post-start script - # Delay next start to avoid rapid respawning - sleep 2 -end script diff --git a/installer/install.sh b/installer/install.sh index 6fe384f0..d24fedce 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -236,13 +236,13 @@ if [ -d /root/tpot/images ]; fuECHO "### Found cached images and will load from local." for name in $(cat /root/tpot/data/images.conf) do - fuECHO "### Now loading dtagdevsec/$name:latest1603" - docker load -i /root/tpot/images/$name:latest1603.img + fuECHO "### Now loading dtagdevsec/$name:latest1610" + docker load -i /root/tpot/images/$name:latest1610.img done else for name in $(cat /root/tpot/data/images.conf) do - docker pull dtagdevsec/$name:latest1603 + docker pull dtagdevsec/$name:latest1610 done fi @@ -274,7 +274,7 @@ tee -a /etc/crontab <