From 95270ef270e37803d35e713292402ec927765b66 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:05:03 -0300 Subject: [PATCH 01/12] Specify IP and services in config --- .env.example | 9 +++++++++ .gitignore | 1 + docker-compose.yml | 3 +++ services.json.example | 26 ++++++++++++++++++++++++++ services/api/configurations.py | 25 ++++++++++++++++++------- 5 files changed, 57 insertions(+), 7 deletions(-) create mode 100644 services.json.example diff --git a/.env.example b/.env.example index ff4d170..defd3fa 100644 --- a/.env.example +++ b/.env.example @@ -1,6 +1,9 @@ FLAG_REGEX="[A-Z0-9]{31}=" TULIP_MONGO="mongo:27017" +# The IP of the virtual machine. +VM_IP="10.10.3.1" + # The location of your pcaps as seen by the host TRAFFIC_DIR_HOST="./services/test_pcap" @@ -12,6 +15,12 @@ TICK_START="2018-06-27T13:00+02:00" # Tick length in ms TICK_LENGTH=180000 +# The location of your services.json file as seen by the host +SERVICES_PATH_HOST="./services.json" + +# The location of your services.json file as seen by the container +SERVICES_PATH_DOCKER="/services.json" + #PCAP_OVER_IP="host.docker.internal:1337" #For multiple PCAP_OVER_IP you can comma separate #PCAP_OVER_IP="host.docker.internal:1337,otherhost.com:5050" \ No newline at end of file diff --git a/.gitignore b/.gitignore index 562379c..86ede05 100755 --- a/.gitignore +++ b/.gitignore @@ -132,3 +132,4 @@ workspace.xml .idea /traffic +services.json \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 06fa3f0..a6a4649 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -35,9 +35,12 @@ services: - internal volumes: - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + - ${SERVICES_PATH_HOST}:${SERVICES_PATH_DOCKER}:ro environment: + VM_IP: ${VM_IP} TULIP_MONGO: mongo:27017 TULIP_TRAFFIC_DIR: ${TRAFFIC_DIR_DOCKER} + TULIP_SERVICES_PATH: ${SERVICES_PATH_DOCKER} FLAG_REGEX: ${FLAG_REGEX} TICK_START: ${TICK_START} TICK_LENGTH: ${TICK_LENGTH} diff --git a/services.json.example b/services.json.example new file mode 100644 index 0000000..f0fed30 --- /dev/null +++ b/services.json.example @@ -0,0 +1,26 @@ +[ + { + "port": 9876, + "name": "cc_market" + }, + { + "port": 80, + "name": "maze" + }, + { + "port": 8080, + "name": "scadent" + }, + { + "port": 5000, + "name": "starchaser" + }, + { + "port": 1883, + "name": "scadnet_bin" + }, + { + "port": -1, + "name": "other" + } +] \ No newline at end of file diff --git a/services/api/configurations.py b/services/api/configurations.py index 14169b5..5dd6847 100755 --- a/services/api/configurations.py +++ b/services/api/configurations.py @@ -24,6 +24,7 @@ import os from pathlib import Path +import json traffic_dir = Path(os.getenv("TULIP_TRAFFIC_DIR", "/traffic")) tick_length = os.getenv("TICK_LENGTH", 2*60*1000) @@ -31,11 +32,21 @@ mongo_host = os.getenv("TULIP_MONGO", "localhost:27017") flag_regex = os.getenv("FLAG_REGEX", "[A-Z0-9]{31}=") mongo_server = f'mongodb://{mongo_host}/' -vm_ip = "10.10.3.1" -services = [{"ip": vm_ip, "port": 9876, "name": "cc_market"}, - {"ip": vm_ip, "port": 80, "name": "maze"}, - {"ip": vm_ip, "port": 8080, "name": "scadent"}, - {"ip": vm_ip, "port": 5000, "name": "starchaser"}, - {"ip": vm_ip, "port": 1883, "name": "scadnet_bin"}, - {"ip": vm_ip, "port": -1, "name": "other"}] \ No newline at end of file +vm_ip = os.getenv("VM_IP", "10.10.3.1") +services_path = os.getenv("TULIP_SERVICES_PATH", None) + +if services_path is not None: + with open(services_path, 'r') as f: + services = json.load(f) + for service in services: + service["ip"] = vm_ip +else: + services = [ + {"ip": vm_ip, "port": 9876, "name": "cc_market"}, + {"ip": vm_ip, "port": 80, "name": "maze"}, + {"ip": vm_ip, "port": 8080, "name": "scadent"}, + {"ip": vm_ip, "port": 5000, "name": "starchaser"}, + {"ip": vm_ip, "port": 1883, "name": "scadnet_bin"}, + {"ip": vm_ip, "port": -1, "name": "other"} + ] \ No newline at end of file From 6bc36bd4f2bb93fbb17edbd1e3e565c1ae82c899 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:22:13 -0300 Subject: [PATCH 02/12] Add docker CI workflow --- .github/workflows/docker-ghcr.yaml | 62 ++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) create mode 100644 .github/workflows/docker-ghcr.yaml diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml new file mode 100644 index 0000000..a8954a4 --- /dev/null +++ b/.github/workflows/docker-ghcr.yaml @@ -0,0 +1,62 @@ +name: Build and Upload Docker image + +on: + push: + branches: ['master'] + +env: + REGISTRY: ghcr.io + IMAGE_NAME_FRONTEND: ${{ github.repository }}-frontend + IMAGE_NAME_API: ${{ github.repository }}-api + IMAGE_NAME_ASSEMBLER: ${{ github.repository }}-assembler + IMAGE_NAME_ENRICHER: ${{ github.repository }}-enricher + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push frontend image + uses: docker/build-push-action@v5 + with: + context: frontend + file: Dockerfile-frontend + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_FRONTEND }}:latest + + - name: Build and push API image + uses: docker/build-push-action@v5 + with: + context: services/api + file: Dockerfile-api + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_API }}:latest + + - name: Build and push Assembler image + uses: docker/build-push-action@v5 + with: + context: services/go-importer + file: Dockerfile-assembler + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ASSEMBLER }}:latest + + - name: Build and push Enricher image + uses: docker/build-push-action@v5 + with: + context: services/enricher + file: Dockerfile-enricher + push: true + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file From abed158b5c13d8358a9b0abe430165efb8b6d203 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:26:20 -0300 Subject: [PATCH 03/12] Fix context paths --- .github/workflows/docker-ghcr.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index a8954a4..9b77b5a 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -19,9 +19,6 @@ jobs: packages: write steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Log in to the Container registry uses: docker/login-action@v3 with: @@ -32,7 +29,7 @@ jobs: - name: Build and push frontend image uses: docker/build-push-action@v5 with: - context: frontend + context: "{{defaultContext}}/frontend" file: Dockerfile-frontend push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_FRONTEND }}:latest @@ -40,7 +37,7 @@ jobs: - name: Build and push API image uses: docker/build-push-action@v5 with: - context: services/api + context: "{{defaultContext}}/services/api" file: Dockerfile-api push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_API }}:latest @@ -48,7 +45,7 @@ jobs: - name: Build and push Assembler image uses: docker/build-push-action@v5 with: - context: services/go-importer + context: "{{defaultContext}}/services/go-importer" file: Dockerfile-assembler push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ASSEMBLER }}:latest @@ -56,7 +53,7 @@ jobs: - name: Build and push Enricher image uses: docker/build-push-action@v5 with: - context: services/enricher + context: "{{defaultContext}}/services/enricher" file: Dockerfile-enricher push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file From d9904f748c664649a3848e491399f18da93427f1 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:27:27 -0300 Subject: [PATCH 04/12] Fix context paths again --- .github/workflows/docker-ghcr.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index 9b77b5a..1160d79 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -32,7 +32,7 @@ jobs: context: "{{defaultContext}}/frontend" file: Dockerfile-frontend push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_FRONTEND }}:latest + tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_FRONTEND }}:latest - name: Build and push API image uses: docker/build-push-action@v5 @@ -40,7 +40,7 @@ jobs: context: "{{defaultContext}}/services/api" file: Dockerfile-api push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_API }}:latest + tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_API }}:latest - name: Build and push Assembler image uses: docker/build-push-action@v5 @@ -48,7 +48,7 @@ jobs: context: "{{defaultContext}}/services/go-importer" file: Dockerfile-assembler push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ASSEMBLER }}:latest + tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_ASSEMBLER }}:latest - name: Build and push Enricher image uses: docker/build-push-action@v5 @@ -56,4 +56,4 @@ jobs: context: "{{defaultContext}}/services/enricher" file: Dockerfile-enricher push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file + tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file From 18be6dec0b6086bd8db60ebf197e9739ccfc627b Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:28:12 -0300 Subject: [PATCH 05/12] Fix context paths again again --- .github/workflows/docker-ghcr.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index 1160d79..c4a932b 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -29,31 +29,31 @@ jobs: - name: Build and push frontend image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}/frontend" + context: "{{defaultContext}}:frontend" file: Dockerfile-frontend push: true - tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_FRONTEND }}:latest + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_FRONTEND }}:latest - name: Build and push API image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}/services/api" + context: "{{defaultContext}}:services/api" file: Dockerfile-api push: true - tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_API }}:latest + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_API }}:latest - name: Build and push Assembler image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}/services/go-importer" + context: "{{defaultContext}}:services/go-importer" file: Dockerfile-assembler push: true - tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_ASSEMBLER }}:latest + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ASSEMBLER }}:latest - name: Build and push Enricher image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}/services/enricher" + context: "{{defaultContext}}:services/enricher" file: Dockerfile-enricher push: true - tags: ${{ env.REGISTRY }}:${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file From 74891e58ad4392ee648cead7cd2565c0d199caf1 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:34:19 -0300 Subject: [PATCH 06/12] Rework workflow to use matrix --- .github/workflows/docker-ghcr.yaml | 55 +++++++++++++----------------- 1 file changed, 23 insertions(+), 32 deletions(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index c4a932b..15b3833 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -6,10 +6,7 @@ on: env: REGISTRY: ghcr.io - IMAGE_NAME_FRONTEND: ${{ github.repository }}-frontend - IMAGE_NAME_API: ${{ github.repository }}-api - IMAGE_NAME_ASSEMBLER: ${{ github.repository }}-assembler - IMAGE_NAME_ENRICHER: ${{ github.repository }}-enricher + IMAGE_NAME_PREFIX: ${{ github.repository }} jobs: build-and-push-image: @@ -18,6 +15,24 @@ jobs: contents: read packages: write + strategy: + matrix: + image_name: + - frontend + - api + - assembler + - enricher + file: + - Dockerfile-frontend + - Dockerfile-api + - Dockerfile-assembler + - Dockerfile-enricher + context: + - frontend + - services/api + - services/go-importer + - services/go-importer + steps: - name: Log in to the Container registry uses: docker/login-action@v3 @@ -26,34 +41,10 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Build and push frontend image - uses: docker/build-push-action@v5 - with: - context: "{{defaultContext}}:frontend" - file: Dockerfile-frontend - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_FRONTEND }}:latest - - - name: Build and push API image - uses: docker/build-push-action@v5 - with: - context: "{{defaultContext}}:services/api" - file: Dockerfile-api - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_API }}:latest - - - name: Build and push Assembler image - uses: docker/build-push-action@v5 - with: - context: "{{defaultContext}}:services/go-importer" - file: Dockerfile-assembler - push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ASSEMBLER }}:latest - - - name: Build and push Enricher image + - name: Build and push image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}:services/enricher" - file: Dockerfile-enricher + context: "{{defaultContext}}:${{ matrix.context }}" + file: Dockerfile-${{ matrix.file }} push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_ENRICHER }}:latest \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}-${{ matrix.image_name }}:latest \ No newline at end of file From 23f8970aba8b29462474c8fa69dfb025d0785e73 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:39:41 -0300 Subject: [PATCH 07/12] Fix matrix usage --- .github/workflows/docker-ghcr.yaml | 37 +++++++++++++++--------------- 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index 15b3833..88ffc5a 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -17,21 +17,22 @@ jobs: strategy: matrix: - image_name: - - frontend - - api - - assembler - - enricher - file: - - Dockerfile-frontend - - Dockerfile-api - - Dockerfile-assembler - - Dockerfile-enricher - context: - - frontend - - services/api - - services/go-importer - - services/go-importer + build: + - image_name: frontend + file: Dockerfile-frontend + context: frontend + + - image_name: api + file: Dockerfile-api + context: services/api + + - image_name: assembler + file: Dockerfile-assembler + context: services/go-importer + + - image_name: enricher + file: Dockerfile-enricher + context: services/go-importer steps: - name: Log in to the Container registry @@ -44,7 +45,7 @@ jobs: - name: Build and push image uses: docker/build-push-action@v5 with: - context: "{{defaultContext}}:${{ matrix.context }}" - file: Dockerfile-${{ matrix.file }} + context: "{{defaultContext}}:${{ matrix.build.context }}" + file: Dockerfile-${{ matrix.build.file }} push: true - tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}-${{ matrix.image_name }}:latest \ No newline at end of file + tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}-${{ matrix.build.image_name }}:latest \ No newline at end of file From 3e3cb9501161fc8a625b709a5c8289dca35f5c07 Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:40:15 -0300 Subject: [PATCH 08/12] Fix Dockerfile references --- .github/workflows/docker-ghcr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-ghcr.yaml b/.github/workflows/docker-ghcr.yaml index 88ffc5a..1fe67d3 100644 --- a/.github/workflows/docker-ghcr.yaml +++ b/.github/workflows/docker-ghcr.yaml @@ -46,6 +46,6 @@ jobs: uses: docker/build-push-action@v5 with: context: "{{defaultContext}}:${{ matrix.build.context }}" - file: Dockerfile-${{ matrix.build.file }} + file: ${{ matrix.build.file }} push: true tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME_PREFIX }}-${{ matrix.build.image_name }}:latest \ No newline at end of file From 8c4e917955792a8c7713dfe5c287fdf6491e404c Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 18:52:47 -0300 Subject: [PATCH 09/12] Add prod docker compose --- docker-compose.prod.yml | 74 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 docker-compose.prod.yml diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml new file mode 100644 index 0000000..39596d1 --- /dev/null +++ b/docker-compose.prod.yml @@ -0,0 +1,74 @@ +version: "3.2" +services: + mongo: + image: mongo:5 + networks: + - internal + restart: always + ports: + - "127.0.0.1:27017:27017" + + frontend: + image: ghcr.io/iamsilk/tulip-frontend:latest + restart: unless-stopped + ports: + - "3000:3000" + depends_on: + - mongo + networks: + - internal + environment: + API_SERVER_ENDPOINT: http://api:5000/ + + api: + image: ghcr.io/iamsilk/tulip-api:latest + restart: unless-stopped + depends_on: + - mongo + networks: + - internal + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + - ${SERVICES_PATH_HOST}:${SERVICES_PATH_DOCKER}:ro + environment: + VM_IP: ${VM_IP} + TULIP_MONGO: mongo:27017 + TULIP_TRAFFIC_DIR: ${TRAFFIC_DIR_DOCKER} + TULIP_SERVICES_PATH: ${SERVICES_PATH_DOCKER} + FLAG_REGEX: ${FLAG_REGEX} + TICK_START: ${TICK_START} + TICK_LENGTH: ${TICK_LENGTH} + + assembler: + image: ghcr.io/iamsilk/tulip-assembler:latest + restart: unless-stopped + depends_on: + - mongo + networks: + - internal + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + command: "./assembler -dir ${TRAFFIC_DIR_DOCKER}" + environment: + TULIP_MONGO: ${TULIP_MONGO} + FLAG_REGEX: ${FLAG_REGEX} + PCAP_OVER_IP: ${PCAP_OVER_IP} + extra_hosts: + - "host.docker.internal:host-gateway" + + + enricher: + image: ghcr.io/iamsilk/tulip-enricher:latest + restart: unless-stopped + depends_on: + - mongo + networks: + - internal + volumes: + - ${TRAFFIC_DIR_HOST}:${TRAFFIC_DIR_DOCKER}:ro + command: "./enricher -eve ${TRAFFIC_DIR_DOCKER}/eve.json" + environment: + TULIP_MONGO: ${TULIP_MONGO} + +networks: + internal: From 77340833a5c787af2b35e38ffb9f0d93e43d99bb Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sun, 5 May 2024 19:12:43 -0300 Subject: [PATCH 10/12] Edit docs --- README.md | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index a892ded..61583b9 100755 --- a/README.md +++ b/README.md @@ -20,29 +20,20 @@ Tulip was developed by Team Europe for use in the first International Cyber Secu ![](./demo_images/demo2.png) ![](./demo_images/demo3.png) -## Configuration -Before starting the stack, edit `services/configurations.py`: - -``` -vm_ip = "10.60.4.1" -services = [{"ip": vm_ip, "port": 18080, "name": "BIOMarkt"}, - {"ip": vm_ip, "port": 5555, "name": "SaaS"}, -] -``` - -You can also edit this during the CTF, just rebuild the `api` service: -``` -docker-compose up --build -d api -``` - ## Usage The stack can be started with docker-compose, after creating an `.env` file. See `.env.example` as an example of how to configure your environment. + ``` cp .env.example .env # < Edit the .env file with your favourite text editor > + +cp services.json.example services.json +# < Edit the services.json file > + docker-compose up -d --build ``` + To ingest traffic, it is recommended to create a shared bind mount with the docker-compose. One convenient way to set this up is as follows: 1. On the vulnbox, start a rotating packet sniffer (e.g. tcpdump, suricata, ...) 1. Using rsync, copy complete captures to the machine running tulip (e.g. to /traffic) From 612c7ce67bed22625708efd85dfedd1ca3029cb1 Mon Sep 17 00:00:00 2001 From: ShellWeHack Date: Fri, 21 Jun 2024 11:26:52 -0300 Subject: [PATCH 11/12] Update configurations.py --- services/api/configurations.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/services/api/configurations.py b/services/api/configurations.py index 5dd6847..6dd06bb 100755 --- a/services/api/configurations.py +++ b/services/api/configurations.py @@ -40,7 +40,8 @@ with open(services_path, 'r') as f: services = json.load(f) for service in services: - service["ip"] = vm_ip + if "ip" not in service: + service["ip"] = vm_ip else: services = [ {"ip": vm_ip, "port": 9876, "name": "cc_market"}, @@ -49,4 +50,4 @@ {"ip": vm_ip, "port": 5000, "name": "starchaser"}, {"ip": vm_ip, "port": 1883, "name": "scadnet_bin"}, {"ip": vm_ip, "port": -1, "name": "other"} - ] \ No newline at end of file + ] From 89fd7013d0dee240ef54e19f3944db08c6b8026a Mon Sep 17 00:00:00 2001 From: Stephen White Date: Sat, 20 Jul 2024 11:16:58 -0300 Subject: [PATCH 12/12] Remove IP from flow check --- frontend/src/components/FlowList.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/components/FlowList.tsx b/frontend/src/components/FlowList.tsx index dc9ccef..517298f 100644 --- a/frontend/src/components/FlowList.tsx +++ b/frontend/src/components/FlowList.tsx @@ -85,7 +85,7 @@ export function FlowList() { const transformedFlowData = flowData?.map((flow) => ({ ...flow, service_tag: - services?.find((s) => s.ip === flow.dst_ip && s.port === flow.dst_port) + services?.find((s) => s.port === flow.dst_port) ?.name ?? "unknown", }));