diff options
| author |   Eddie Arrage <eddie.arrage@huawei.com> | 2018-03-20 23:51:35 +0000 |
|---|---|---|
| committer | Eddie Arrage <eddie.arrage@huawei.com> | 2018-03-31 00:11:00 +0000 |
| commit | 56f50acd66d6f041b0347babb131150db3ca2023 (patch) | |
| tree | 4a631df908d55fa7cd2fbf59c5854d06d811bf64 /samples/services/snort_ids/docker/process | |
| parent | c43c773fc33167f46461b4fd1ae58e40d390d59e (diff) | |
Develop snort IDS and content inspect service
- Initial commit to show potential structure of a sample service
- This wil be part of a larger sample application currently dubbed
Service Delivery Controller
- Docker container needs to be built and employs open-source Linux packages
- Service is deployable in Istio service mesh using provided yaml
- Control snort daemon and add custom rules with GRPC messaging
- Process snort alerts actively and send to redis and upstream service
mesh components
- Integrates a web server for better HTTP signature detection
- Improved build script for CI with variables
- Render k8s yaml snort manifest dynamically with command
line options
- Improve snort_client sample script for runtime modifications
including passing args on CLI, error checking
- Update nginx proxy interface
- Added logging to snort server and alert process
Change-Id: Ic56f9fcd9ed21f64b84b85ac8ee280d69af7b7c9
Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
Diffstat (limited to 'samples/services/snort_ids/docker/process')
3 files changed, 44 insertions, 0 deletions
diff --git a/samples/services/snort_ids/docker/process/alert_process.sh b/samples/services/snort_ids/docker/process/alert_process.sh new file mode 100755 index 0000000..6934c8a --- /dev/null +++ b/samples/services/snort_ids/docker/process/alert_process.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +# start nginx server to handle incoming http requests +/usr/sbin/nginx & + +# Process snort alerts +python grpc/snort_alerts.py + diff --git a/samples/services/snort_ids/docker/process/grpc_process.sh b/samples/services/snort_ids/docker/process/grpc_process.sh new file mode 100755 index 0000000..d58c468 --- /dev/null +++ b/samples/services/snort_ids/docker/process/grpc_process.sh @@ -0,0 +1,12 @@ +#!/bin/bash +# +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +python grpc/snort_server.py + diff --git a/samples/services/snort_ids/docker/process/start_process.sh b/samples/services/snort_ids/docker/process/start_process.sh new file mode 100755 index 0000000..8d94b80 --- /dev/null +++ b/samples/services/snort_ids/docker/process/start_process.sh @@ -0,0 +1,16 @@ +#!/bin/bash +# +# Copyright (c) Authors of Clover +# +# All rights reserved. This program and the accompanying materials +# are made available under the terms of the Apache License, Version 2.0 +# which accompanies this distribution, and is available at +# http://www.apache.org/licenses/LICENSE-2.0 +# + +# Alert script processes snort alerts +./process/alert_process.sh & + +# Main script to start grpc server that controls snort +./process/grpc_process.sh -D + |