xor-g/docker_yoba_task
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

3 stage is work

Browse Source
This commit is contained in:
Nick
2024-10-23 03:18:58 +03:00
parent 65afb203f1
commit 76aef119bd
3 changed files with 53 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
Dockerfile
View File

@@ -4,7 +4,11 @@ ARG NET_NAME=kek
ARG CONTAINER_NAME=lol ARG CONTAINER_NAME=lol
ARG STATIC_FILE=/usr/share/nginx/html/index.html ARG STATIC_FILE=/usr/share/nginx/html/index.html
COPY ./scripts/knocking_setup.sh /root/scripts/knocking_setup.sh
RUN sed -i '13,21d' $STATIC_FILE && \ RUN sed -i '13,21d' $STATIC_FILE && \
sed -i "13i <h2>$NET_NAME<br>$CONTAINER_NAME</h2>" $STATIC_FILE sed -i "13i <table>\
<tr><th>NETWORK</th><th>CONTAINER</th></tr>\
<tr><td>$NET_NAME</td><td>$CONTAINER_NAME</td></tr>\
</table>" $STATIC_FILE

31
docker-compose.yml
View File

@@ -3,17 +3,25 @@ version: "3"
services: services:
# ---------------------------------------------- # ----------------------------------------------
ngx1-net1: ngx1-net1:
container_name: ngx1_net1
build: build:
context: . context: .
args: args:
NET_NAME: net_1 NET_NAME: net_1
CONTAINER_NAME: container_1 CONTAINER_NAME: container_1
ports: ports:
- "8080:80" - "8081:80"
command: >
bash -c "apt update
&& apt install knockd iptables iproute2 vim curl -y
&& /root/scripts/knocking_setup.sh && nginx && knockd -d && sleep infinity"
networks: networks:
- net_1 - net_1
- net_3 - net_3
cap_add:
- NET_ADMIN
ngx2-net1: ngx2-net1:
container_name: ngx2_net1
build: build:
context: . context: .
args: args:
@@ -23,31 +31,40 @@ services:
- net_1 - net_1
# ---------------------------------------------- # ----------------------------------------------
ngx1-net2: ngx1-net2:
container_name: ngx1_net2
build: build:
context: . context: .
args: args:
NET_NAME: net_2 NET_NAME: net_2
CONTAINER_NAME: container_1 CONTAINER_NAME: container_1
ports: ports:
- "8081:80" - "8082:80"
command: >
bash -c "apt update
&& apt install knockd iptables iproute2 vim curl -y
&& /root/scripts/knocking_setup.sh && nginx && knockd -d && sleep infinity"
networks: networks:
- net_2 - net_2
- net_3 - net_3
cap_add:
- NET_ADMIN
ngx2-net2: ngx2-net2:
container_name: ngx2_net2
build: build:
context: . context: .
args: args:
NET_NAME: net_2 NET_NAME: net_2
CONTAINER_NAME: container_2 CONTAINER_NAME: container_2
restart: on-failure
networks: networks:
- net_2 - net_2
# ---------------------------------------------- # ----------------------------------------------
visor: visor:
container_name: visor
image: ubuntu:latest image: ubuntu:latest
restart: on-failure
command: > command: >
bash -c "apt update bash -c "apt update
&& apt install iproute2 vim curl nmap -y && apt install iproute2 vim curl nmap knockd -y
&& sleep infinity" && sleep infinity"
networks: networks:
- net_3 - net_3
@@ -56,3 +73,9 @@ networks:
net_1: net_1:
net_2: net_2:
net_3: net_3:
driver: bridge
ipam:
driver: default
config:
- subnet: "172.28.0.0/16"
gateway: "172.28.0.1"

21
scripts/knocking_setup.sh Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
echo -E "
[options]
Interface = eth1
[openNGINX]
sequence = 8100, 7200, 13000
seq_timeout = 5
command = /sbin/iptables -D INPUT -p tcp --dport 80 -j REJECT
tcpflags = syn
[closeNGINX]
sequence = 6300, 5200, 12001
seq_timeout = 5
command = /sbin/iptables -A INPUT -p tcp --dport 80 -j REJECT
tcpflags = syn
" > /etc/knockd.conf
/sbin/iptables -A INPUT -p tcp --dport 80 -j REJECT