oxbrbtx/PrimAITE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix test config discrepancies

Browse Source
This commit is contained in:
Marek Wolan
2024-01-31 10:48:40 +00:00
parent 0dbaa66aa3
commit 9f993dda57
7 changed files with 660 additions and 681 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/primaite/config/_package_data/example_config.yaml
View File

@@ -508,21 +508,21 @@ agents:
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2

16
src/primaite/game/agent/actions.py
View File

@@ -298,13 +298,13 @@ class NodeFileDeleteAction(NodeFileAbstractAction):
def form_request(self, node_id: int, folder_id: int, file_id: int) -> List[str]:
"""Return the action formatted as a request which can be ingested by the PrimAITE simulation."""
node_uuid = self.manager.get_node_uuid_by_idx(node_id)
folder_uuid = self.manager.get_folder_uuid_by_idx(node_idx=node_id, folder_idx=folder_id)
file_uuid = self.manager.get_file_uuid_by_idx(node_idx=node_id, folder_idx=folder_id, file_idx=file_id)
if node_uuid is None or folder_uuid is None or file_uuid is None:
node_name = self.manager.get_node_name_by_idx(node_id)
folder_name = self.manager.get_folder_name_by_idx(node_idx=node_id, folder_idx=folder_id)
file_name = self.manager.get_file_name_by_idx(node_idx=node_id, folder_idx=folder_id, file_idx=file_id)
if node_name is None or folder_name is None or file_name is None:
return ["do_nothing"]
return ["do_nothing"]
# return ["network", "node", node_uuid, "file_system", "delete", "file", folder_uuid, file_uuid]
# return ["network", "node", node_name, "file_system", "delete", "file", folder_name, file_name]
class NodeFileRepairAction(NodeFileAbstractAction):
@@ -849,7 +849,7 @@ class ActionManager:
return self.folder_names[node_idx][folder_idx]
def get_file_name_by_idx(self, node_idx: int, folder_idx: int, file_idx: int) -> Optional[str]:
"""Get the file UUID corresponding to the given node, folder, and file indices.
"""Get the file name corresponding to the given node, folder, and file indices.
:param node_idx: The index of the node.
:type node_idx: int
@@ -962,9 +962,9 @@ class ActionManager:
ip_address_order = cfg["options"].pop("ip_address_order", {})
ip_address_list = []
for entry in ip_address_order:
node_ref = entry["node_ref"]
node_name = entry["node_name"]
nic_num = entry["nic_num"]
node_obj = game.simulation.network.get_node_by_hostname(node_ref)
node_obj = game.simulation.network.get_node_by_hostname(node_name)
ip_address = node_obj.ethernet_port[nic_num].ip_address
ip_address_list.append(ip_address)

221
tests/assets/configs/bad_primaite_session.yaml
View File

@@ -29,7 +29,7 @@ agents:
- type: DONOTHING
options:
nodes:
- node_hostname: client_2
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
@@ -64,7 +64,7 @@ agents:
- type: NODE_OS_SCAN
options:
nodes:
- node_hostname: client_1
- node_name: client_1
applications:
- application_name: data_manipulation_bot
max_folders_per_node: 1
@@ -185,168 +185,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -393,118 +392,116 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function:
@@ -622,7 +619,7 @@ simulation:
dns_server: 192.168.1.10
services:
- ref: backup_service
type: DatabaseBackup
type: FTPServer
- ref: security_suite
type: server

217
tests/assets/configs/eval_only_primaite_session.yaml
View File

@@ -69,7 +69,7 @@ agents:
- type: NODE_OS_SCAN
options:
nodes:
- node_hostname: client_1
- node_name: client_1
applications:
- application_name: data_manipulation_bot
max_folders_per_node: 1
@@ -189,168 +189,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -397,118 +396,116 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function:

433
tests/assets/configs/multi_agent_session.yaml
View File

@@ -40,7 +40,7 @@ agents:
options:
nodes:
- node_hostname: client_2
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
@@ -75,7 +75,7 @@ agents:
- type: NODE_OS_SCAN
options:
nodes:
- node_hostname: client_1
- node_name: client_1
applications:
- application_name: data_manipulation_bot
max_folders_per_node: 1
@@ -196,168 +196,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -404,118 +403,116 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function:
@@ -642,168 +639,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -850,118 +846,115 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function:

220
tests/assets/configs/test_primaite_session.yaml
View File

@@ -38,7 +38,7 @@ agents:
options:
nodes:
- node_hostname: client_2
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
@@ -73,9 +73,9 @@ agents:
- type: NODE_OS_SCAN
options:
nodes:
- node_hostname: client_1
- node_name: client_1
applications:
- application_hostname: data_manipulation_bot
- application_name: data_manipulation_bot
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
@@ -196,168 +196,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -404,118 +403,115 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function:

218
tests/assets/configs/train_only_primaite_session.yaml
View File

@@ -41,7 +41,7 @@ agents:
options:
nodes:
- node_hostname: client_2
- node_name: client_2
max_folders_per_node: 1
max_files_per_folder: 1
max_services_per_node: 1
@@ -76,7 +76,7 @@ agents:
- type: NODE_OS_SCAN
options:
nodes:
- node_hostname: client_1
- node_name: client_1
applications:
- application_name: data_manipulation_bot
max_folders_per_node: 1
@@ -197,168 +197,167 @@ agents:
1:
action: NODE_SERVICE_SCAN
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# stop webapp service
2:
action: NODE_SERVICE_STOP
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
# start webapp service
3:
action: "NODE_SERVICE_START"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
4:
action: "NODE_SERVICE_PAUSE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
5:
action: "NODE_SERVICE_RESUME"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
6:
action: "NODE_SERVICE_RESTART"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
7:
action: "NODE_SERVICE_DISABLE"
options:
node_id: 2
service_id: 1
node_id: 1
service_id: 0
8:
action: "NODE_SERVICE_ENABLE"
options:
node_id: 2
service_id: 1
9:
node_id: 1
service_id: 0
9: # check database.db file
action: "NODE_FILE_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
10:
action: "NODE_FILE_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
11:
action: "NODE_FILE_DELETE"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
12:
action: "NODE_FILE_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
file_id: 1
file_id: 0
13:
action: "NODE_FILE_RESTORE"
action: "NODE_SERVICE_PATCH"
options:
node_id: 3
folder_id: 1
file_id: 1
node_id: 2
service_id: 0
14:
action: "NODE_FOLDER_SCAN"
options:
node_id: 3
node_id: 2
folder_id: 1
15:
action: "NODE_FOLDER_CHECKHASH"
options:
node_id: 3
node_id: 2
folder_id: 1
16:
action: "NODE_FOLDER_REPAIR"
options:
node_id: 3
node_id: 2
folder_id: 1
17:
action: "NODE_FOLDER_RESTORE"
options:
node_id: 3
node_id: 2
folder_id: 1
18:
action: "NODE_OS_SCAN"
options:
node_id: 3
19:
node_id: 2
19: # shutdown client 1
action: "NODE_SHUTDOWN"
options:
node_id: 6
node_id: 5
20:
action: "NODE_STARTUP"
options:
node_id: 6
node_id: 5
21:
action: "NODE_RESET"
options:
node_id: 6
22:
node_id: 5
22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
permission: 2
source_ip_id: 7
dest_ip_id: 1
source_ip_id: 7 # client 1
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
23:
23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite)
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 2
permission: 2
source_ip_id: 8
dest_ip_id: 1
source_ip_id: 8 # client 2
dest_ip_id: 1 # ALL
source_port_id: 1
dest_port_id: 1
protocol_id: 1
24:
24: # block tcp traffic from client 1 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 3
permission: 2
source_ip_id: 7
dest_ip_id: 3
source_ip_id: 7 # client 1
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
25:
25: # block tcp traffic from client 2 to web app
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 4
permission: 2
source_ip_id: 8
dest_ip_id: 3
source_ip_id: 8 # client 2
dest_ip_id: 3 # web server
source_port_id: 1
dest_port_id: 1
protocol_id: 3
26:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 5
permission: 2
source_ip_id: 7
dest_ip_id: 4
source_ip_id: 7 # client 1
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
27:
action: "NETWORK_ACL_ADDRULE"
options:
position: 1
position: 6
permission: 2
source_ip_id: 8
dest_ip_id: 4
source_ip_id: 8 # client 2
dest_ip_id: 4 # database
source_port_id: 1
dest_port_id: 1
protocol_id: 3
@@ -405,118 +404,115 @@ agents:
38:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
39:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 1
nic_id: 1
node_id: 0
nic_id: 0
40:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
41:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 2
nic_id: 1
node_id: 1
nic_id: 0
42:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
43:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 3
nic_id: 1
node_id: 2
nic_id: 0
44:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
45:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 4
nic_id: 1
node_id: 3
nic_id: 0
46:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
47:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 1
node_id: 4
nic_id: 0
48:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
49:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 5
nic_id: 2
node_id: 4
nic_id: 1
50:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
51:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 6
nic_id: 1
node_id: 5
nic_id: 0
52:
action: "NETWORK_NIC_DISABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
53:
action: "NETWORK_NIC_ENABLE"
options:
node_id: 7
nic_id: 1
node_id: 6
nic_id: 0
options:
nodes:
- node_hostname: router_1
- node_hostname: switch_1
- node_hostname: switch_2
- node_hostname: domain_controller
- node_hostname: web_server
- node_hostname: database_server
- node_hostname: backup_server
- node_hostname: security_suite
- node_hostname: client_1
- node_hostname: client_2
- node_name: domain_controller
- node_name: web_server
- node_name: database_server
- node_name: backup_server
- node_name: security_suite
- node_name: client_1
- node_name: client_2
max_folders_per_node: 2
max_files_per_folder: 2
max_services_per_node: 2
max_nics_per_node: 8
max_acl_rules: 10
ip_address_order:
- node_ref: domain_controller
- node_name: domain_controller
nic_num: 1
- node_ref: web_server
- node_name: web_server
nic_num: 1
- node_ref: database_server
- node_name: database_server
nic_num: 1
- node_ref: backup_server
- node_name: backup_server
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 1
- node_ref: client_1
- node_name: client_1
nic_num: 1
- node_ref: client_2
- node_name: client_2
nic_num: 1
- node_ref: security_suite
- node_name: security_suite
nic_num: 2
reward_function: