diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 0000000..2e78a0f --- /dev/null +++ b/docker/README.md @@ -0,0 +1,28 @@ +# Docker instructions + +*Note:* Dockerfiles are only provided for Debian-like distributions so far. + +## Configure image building: + +Uncomment the distribution reference you want to use, in top section in +`debian-distros/Dockerfile`. + +## Build the image: + +`cd debian-distros` +`./docker_build.sh` + +## Run the container, and start ssldump inside the container: + +`./docker_run.sh` +`(in container) sudo ssldump -n -i eth0 -j -AH` + +## Mirror traffic to container + +Outside of the container, adjust local interface name and container IP address +in `mirror_traffic_to_container.sh`. + +Then mirror local traffic to ssldump container: + +`./mirror_traffic_to_container.sh` + diff --git a/docker/debian-bullseye/docker_build.sh b/docker/debian-bullseye/docker_build.sh deleted file mode 100755 index 382566c..0000000 --- a/docker/debian-bullseye/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-bullseye - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/debian-bullseye/docker_run.sh b/docker/debian-bullseye/docker_run.sh deleted file mode 100755 index 9af67e5..0000000 --- a/docker/debian-bullseye/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-bullseye - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/debian-buster/Dockerfile b/docker/debian-buster/Dockerfile deleted file mode 100644 index c86ce8a..0000000 --- a/docker/debian-buster/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -FROM debian:buster-slim - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang && \ - make && \ - sudo make install - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/debian-buster/docker_build.sh b/docker/debian-buster/docker_build.sh deleted file mode 100755 index 9cd8f9c..0000000 --- a/docker/debian-buster/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-buster - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/debian-buster/docker_run.sh b/docker/debian-buster/docker_run.sh deleted file mode 100755 index 1c1073b..0000000 --- a/docker/debian-buster/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-buster - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/debian-bullseye/Dockerfile b/docker/debian-distros/Dockerfile similarity index 53% rename from docker/debian-bullseye/Dockerfile rename to docker/debian-distros/Dockerfile index e59fbc9..33c75cc 100644 --- a/docker/debian-bullseye/Dockerfile +++ b/docker/debian-distros/Dockerfile @@ -1,11 +1,16 @@ -FROM debian:bullseye-slim +#FROM debian:bookworm-slim +#FROM debian:bullseye-slim +#FROM debian:buster-slim +FROM ubuntu:jammy +#FROM ubuntu:focal + ENV LANG C ENV DEBIAN_FRONTEND noninteractive RUN apt-get update && \ apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ + apt-get install -y --no-install-recommends ca-certificates sudo git build-essential cmake ninja-build clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ apt-get clean RUN useradd -ms /bin/bash ssldump @@ -15,13 +20,12 @@ RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers USER ssldump RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build + git clone https://github.com/adulau/ssldump.git ssldump-build -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang CFLAGS="-D_FORTIFY_SOURCE=2 -fstack-protector-strong -Wformat -Werror=format-security -g" && \ - make && \ - sudo make install +RUN cd /home/ssldump/ssldump-build && \ + cmake -G Ninja -B build && \ + ninja -C build && \ + sudo ninja -C build install WORKDIR "/home/ssldump" diff --git a/docker/debian-distros/docker_build.sh b/docker/debian-distros/docker_build.sh new file mode 100755 index 0000000..85b144f --- /dev/null +++ b/docker/debian-distros/docker_build.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +ssldump_version=$(awk '/\s+VERSION/ {print $2}' ../../CMakeLists.txt) +distribution=$(awk '/^FROM/ {gsub(":","-"); print $2}' Dockerfile) + +docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/debian-distros/docker_run.sh b/docker/debian-distros/docker_run.sh new file mode 100755 index 0000000..04c34c3 --- /dev/null +++ b/docker/debian-distros/docker_run.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +ssldump_version=$(awk '/\s+VERSION/ {print $2}' ../../CMakeLists.txt) +distribution=$(awk '/^FROM/ {gsub(":","-"); print $2}' Dockerfile) + +docker run -it ssldump-${distribution}:${ssldump_version} + diff --git a/docker/debian-stretch/Dockerfile b/docker/debian-stretch/Dockerfile deleted file mode 100644 index 3e7ef88..0000000 --- a/docker/debian-stretch/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -FROM debian:stretch-slim - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang && \ - make && \ - sudo make install - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/debian-stretch/docker_build.sh b/docker/debian-stretch/docker_build.sh deleted file mode 100755 index 824a84f..0000000 --- a/docker/debian-stretch/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-stretch - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/debian-stretch/docker_run.sh b/docker/debian-stretch/docker_run.sh deleted file mode 100755 index 56db0f2..0000000 --- a/docker/debian-stretch/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=debian-stretch - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/mirror_traffic_to_container.sh b/docker/mirror_traffic_to_container.sh index a553130..19f3be1 100755 --- a/docker/mirror_traffic_to_container.sh +++ b/docker/mirror_traffic_to_container.sh @@ -1,6 +1,6 @@ #!/bin/bash -local_if=ens3f0 +local_if=eth0 container_ip=172.17.0.2 sudo iptables -t mangle -I PREROUTING 1 -i ${local_if} -j TEE --gateway ${container_ip} diff --git a/docker/ubuntu-bionic/Dockerfile b/docker/ubuntu-bionic/Dockerfile deleted file mode 100644 index 7c44668..0000000 --- a/docker/ubuntu-bionic/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -FROM ubuntu:bionic - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang && \ - make && \ - sudo make install - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/ubuntu-bionic/docker_build.sh b/docker/ubuntu-bionic/docker_build.sh deleted file mode 100755 index c9f169b..0000000 --- a/docker/ubuntu-bionic/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-bionic - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/ubuntu-bionic/docker_run.sh b/docker/ubuntu-bionic/docker_run.sh deleted file mode 100755 index 1199905..0000000 --- a/docker/ubuntu-bionic/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-bionic - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/ubuntu-focal/Dockerfile b/docker/ubuntu-focal/Dockerfile deleted file mode 100644 index 04502da..0000000 --- a/docker/ubuntu-focal/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -FROM ubuntu:focal - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang && \ - make && \ - sudo make install - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/ubuntu-focal/docker_build.sh b/docker/ubuntu-focal/docker_build.sh deleted file mode 100755 index 89e99d2..0000000 --- a/docker/ubuntu-focal/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-focal - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/ubuntu-focal/docker_run.sh b/docker/ubuntu-focal/docker_run.sh deleted file mode 100755 index d4ee3af..0000000 --- a/docker/ubuntu-focal/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-focal - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/ubuntu-groovy/Dockerfile b/docker/ubuntu-groovy/Dockerfile deleted file mode 100644 index 57d520a..0000000 --- a/docker/ubuntu-groovy/Dockerfile +++ /dev/null @@ -1,28 +0,0 @@ -FROM ubuntu:groovy - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang libssl-dev libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CC=/usr/bin/clang && \ - make && \ - sudo make install - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/ubuntu-groovy/docker_build.sh b/docker/ubuntu-groovy/docker_build.sh deleted file mode 100755 index c700c85..0000000 --- a/docker/ubuntu-groovy/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-groovy - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/ubuntu-groovy/docker_run.sh b/docker/ubuntu-groovy/docker_run.sh deleted file mode 100755 index f2ba0fa..0000000 --- a/docker/ubuntu-groovy/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-groovy - -docker run -it ssldump-${distribution}:${ssldump_version} - diff --git a/docker/ubuntu-xenial/Dockerfile b/docker/ubuntu-xenial/Dockerfile deleted file mode 100644 index 493c874..0000000 --- a/docker/ubuntu-xenial/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ -FROM ubuntu:xenial - -ENV LANG C -ENV DEBIAN_FRONTEND noninteractive - -RUN apt-get update && \ - apt-get dist-upgrade -y && \ - apt-get install -y --no-install-recommends ca-certificates sudo git build-essential automake autoconf clang wget libpcap-dev libnet1-dev libjson-c-dev iproute2 && \ - apt-get clean - -RUN useradd -ms /bin/bash ssldump -RUN passwd -d ssldump -RUN printf 'Defaults:ssldump env_keep=LD_LIBRARY_PATH\n' | tee -a /etc/sudoers -RUN printf 'ssldump ALL=(ALL) ALL\n' | tee -a /etc/sudoers - -USER ssldump - -RUN mkdir /home/ssldump/openssl && \ - cd /home/ssldump/openssl && \ - wget https://www.openssl.org/source/openssl-1.1.1j.tar.gz && \ - tar xvfz openssl-1.1.1j.tar.gz && \ - cd openssl-1.1.1j && \ - ./config && \ - make -j 2 - -RUN cd /home/ssldump && \ - git clone https://github.com/adulau/ssldump.git build - -RUN cd /home/ssldump/build && \ - ./autogen.sh && \ - ./configure CFLAGS="-I../openssl/openssl-1.1.1j/include" LDFLAGS="-L../openssl/openssl-1.1.1j -lcrypto -lssl" && \ - make && \ - sudo make install - -ENV LD_LIBRARY_PATH /home/ssldump/openssl/openssl-1.1.1j -RUN printf '#!/bin/bash\nexport LD_LIBRARY_PATH=/home/ssldump/openssl/openssl-1.1.1j\nssldump $@\n' > /home/ssldump/run_ssldump.sh -RUN chmod +x /home/ssldump/run_ssldump.sh - -WORKDIR "/home/ssldump" - -CMD ["/bin/bash"] diff --git a/docker/ubuntu-xenial/docker_build.sh b/docker/ubuntu-xenial/docker_build.sh deleted file mode 100755 index 0aff63e..0000000 --- a/docker/ubuntu-xenial/docker_build.sh +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-xenial - -docker build -t "ssldump-${distribution}:${ssldump_version}" . diff --git a/docker/ubuntu-xenial/docker_run.sh b/docker/ubuntu-xenial/docker_run.sh deleted file mode 100755 index 8c3e8d3..0000000 --- a/docker/ubuntu-xenial/docker_run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -ssldump_version=1.4b -distribution=ubuntu-xenial - -docker run -it ssldump-${distribution}:${ssldump_version} -