From caca93f3a02b969ff29bcda65683208ba90a9ff3 Mon Sep 17 00:00:00 2001
From: Marco Ochse <t3chn0m4g3@users.noreply.github.com>
Date: Thu, 2 May 2024 13:43:16 +0200
Subject: [PATCH] #1531, but needs testing

---
 compose/mac_win.yml                | 14 ++++++++------
 docker/tpotinit/dist/entrypoint.sh | 19 ++++++++++---------
 2 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/compose/mac_win.yml b/compose/mac_win.yml
index 233818f0..de60b56d 100644
--- a/compose/mac_win.yml
+++ b/compose/mac_win.yml
@@ -21,6 +21,7 @@ networks:
   medpot_local:
   redishoneypot_local:
   sentrypeer_local:
+  suricata_local:
   tanner_local:
   wordpot_local:
   nginx_local:
@@ -250,7 +251,7 @@ services:
      - ddospot_local
     ports:
      - "19:19/udp"
-     - "53:53/udp"
+#     - "53:53/udp"
      - "123:123/udp"
 #     - "161:161/udp"
      - "1900:1900/udp"
@@ -616,15 +617,16 @@ services:
     depends_on:
       tpotinit:
         condition: service_healthy
-    environment:
-     - OINKCODE=${OINKCODE:-OPEN} # Default to OPEN if unset or NULL (value provided by T-Pot .env)
-    # Loading external Rules from URL
-    # - FROMURL="https://username:password@yoururl.com|https://username:password@otherurl.com"
-    network_mode: "host"
+    networks:
+     - suricata_local
     cap_add:
      - NET_ADMIN
      - SYS_NICE
      - NET_RAW
+    environment:
+     - OINKCODE=${OINKCODE:-OPEN} # Default to OPEN if unset or NULL (value provided by T-Pot .env)
+    # Loading external Rules from URL
+    # - FROMURL="https://username:password@yoururl.com|https://username:password@otherurl.com"
     image: ${TPOT_REPO}/suricata:${TPOT_VERSION}
     pull_policy: ${TPOT_PULL_POLICY}
     volumes:
diff --git a/docker/tpotinit/dist/entrypoint.sh b/docker/tpotinit/dist/entrypoint.sh
index d765e317..87fdc21f 100755
--- a/docker/tpotinit/dist/entrypoint.sh
+++ b/docker/tpotinit/dist/entrypoint.sh
@@ -165,14 +165,14 @@ if [ "${myOSTYPE}" == "linuxkit" ] && [ "${TPOT_OSTYPE}" == "linux" ];
     echo "# Aborting."
     echo
     exit 1
-  else
-    if ! [ -S /var/run/docker.sock ];
-      then
-        echo "# Cannot access /var/run/docker.sock, check docker-compose.yml for proper volume definition."
-        echo
-        echo "# Aborting."
-        exit 1
-    fi
+fi
+
+if ! [ "${myOSTYPE}" == "linuxkit" ] && ! [ -S /var/run/docker.sock ];
+  then
+    echo "# Cannot access /var/run/docker.sock, check docker-compose.yml for proper volume definition."
+    echo
+    echo "# Aborting."
+    exit 1
 fi
 
 # Validate environment variables
@@ -350,5 +350,6 @@ if [ "${myOSTYPE}" != "linuxkit" ];
   else
     echo
     echo "# Docker Desktop for macOS or Windows detected, Conntrack feature is not supported."
-    echo 
+    echo
+    sleep infinity 
 fi