From 27bc870b877eb9f64303055058aaf553295c69fb Mon Sep 17 00:00:00 2001 From: Anmol Bhatia Date: Wed, 27 Sep 2023 16:04:20 +0200 Subject: [PATCH] Adding dockerfiles and docker compose files for network functions and proxy chains respectively --- Dockerfile.counter | 15 +++++++ Dockerfile.encrypt-decrypt | 30 +++++++++++++ docker-compose-extensive.yml | 87 ++++++++++++++++++++++++++++++++++++ docker-compose-proxy.yml | 33 ++++++++++++++ 4 files changed, 165 insertions(+) create mode 100644 Dockerfile.counter create mode 100644 Dockerfile.encrypt-decrypt create mode 100644 docker-compose-extensive.yml create mode 100644 docker-compose-proxy.yml diff --git a/Dockerfile.counter b/Dockerfile.counter new file mode 100644 index 0000000..381fa29 --- /dev/null +++ b/Dockerfile.counter @@ -0,0 +1,15 @@ +# This Dockerfile is supposed to create a socks proxy server that mimics a firewall. +# This won't build on Mac OS X. Try on Linux or Windows. +FROM ubuntu:20.04 + +RUN apt-get update && apt-get install -y \ + python3 \ + python3-pip \ + && rm -rf /var/lib/apt/lists/* + +RUN pip3 install click socksx + +COPY ./socksx-py/examples/functions.py /functions.py + +EXPOSE 1080 +ENTRYPOINT [ "./functions.py" ] diff --git a/Dockerfile.encrypt-decrypt b/Dockerfile.encrypt-decrypt new file mode 100644 index 0000000..ddedce6 --- /dev/null +++ b/Dockerfile.encrypt-decrypt @@ -0,0 +1,30 @@ +# This Dockerfile is used to build a socks proxy server that can be used to encrypt or decrypt the data +FROM rust:1.72 as build + +RUN rustup component add rustfmt + +RUN apt-get update && apt-get install -y \ + cmake \ + make \ + && rm -rf /var/lib/apt/lists/* + +# Copy over relevant crates +COPY ./socksx /socksx + +# Build an optimized binary +WORKDIR /socksx +RUN cargo build --example functions --release + +# Define final image +FROM ubuntu:23.10 + +RUN apt-get update && apt-get install -y \ + libssl3 \ + libuv1 \ + && rm -rf /var/lib/apt/lists/* + +# Copy `brane-log from the build stage +COPY --from=build /socksx/target/release/examples/functions . + +EXPOSE 1080 +ENTRYPOINT [ "./functions" ] diff --git a/docker-compose-extensive.yml b/docker-compose-extensive.yml new file mode 100644 index 0000000..2a4d647 --- /dev/null +++ b/docker-compose-extensive.yml @@ -0,0 +1,87 @@ +# Example of two proxy chains simulating a sender node/domain and a receiver node/domains. +# On sender side we have socks proxy, which is connected to a counter (mimicing a firewall) and encrypt +# On receiver side we have socks proxy, which is connected to decrypt and counter +# Communication looks like this: +# sender(client) -> proxy (sender's side) -> counter -> encrypt -> proxy (destination's side) -> decrypt -> counter -> destination + +version: '3.8' + +services: + proxy-main: + build: + context: . + dockerfile: Dockerfile + ports: + - "1080:1080" + command: "--host 0.0.0.0 --port 1080 --chain socks6://counter-1:1080 --chain socks6://encrypt:1080 --chain socks6://proxy-other:1080" + networks: + net: + ipv4_address: 172.16.238.2 + + counter-1: + build: + context: . + dockerfile: Dockerfile.counter + command: "--host 0.0.0.0" + networks: + net: + ipv4_address: 172.16.238.3 + + encrypt: + build: + context: . + dockerfile: Dockerfile.encrypt-decrypt + command: "chacha20" + environment: + - CHACHA20_KEY="123456789012345678901234567890" + networks: + net: + ipv4_address: 172.16.238.4 + + proxy-other: + build: + context: . + dockerfile: Dockerfile + ports: + - "1081:1080" + command: "--host 0.0.0.0 --port 1080 --chain socks6://decrypt:1080 --chain socks6://counter-2:1080" + networks: + net: + ipv4_address: 172.16.238.5 + + counter-2: + build: + context: . + dockerfile: Dockerfile.counter + command: "--host 0.0.0.0" + networks: + net: + ipv4_address: 172.16.238.6 + + decrypt: + build: + context: . + dockerfile: Dockerfile.encrypt-decrypt + command: "chacha20" + environment: + - CHACHA20_KEY="123456789012345678901234567890" + networks: + net: + ipv4_address: 172.16.238.7 + + netcat: + image: busybox + command: "nc -l -p 12345" + ports: + - "12345:12345" + restart: always + networks: + net: + ipv4_address: 172.16.238.8 + +networks: + net: + ipam: + driver: default + config: + - subnet: "172.16.238.0/24" diff --git a/docker-compose-proxy.yml b/docker-compose-proxy.yml new file mode 100644 index 0000000..d42d6d1 --- /dev/null +++ b/docker-compose-proxy.yml @@ -0,0 +1,33 @@ +# Example of using a standalone proxy to forward traffic to a destination + +version: '3.8' + +services: + proxy: + build: + context: . + dockerfile: Dockerfile + ports: + - "1080:1080" + command: "--host 0.0.0.0 --port 1080" + networks: + net: + ipv4_address: 172.16.238.2 + + # this will be the destination + netcat: + image: busybox + command: "nc -l -p 12345" + ports: + - "12345:12345" + restart: always + networks: + net: + ipv4_address: 172.16.238.3 + +networks: + net: + ipam: + driver: default + config: + - subnet: "172.16.238.0/24"