diff --git a/src/primaite/config/_package_data/example_config.yaml b/src/primaite/config/_package_data/example_config.yaml index 68aa9106..7a286931 100644 --- a/src/primaite/config/_package_data/example_config.yaml +++ b/src/primaite/config/_package_data/example_config.yaml @@ -508,21 +508,21 @@ agents: max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 diff --git a/src/primaite/game/agent/actions.py b/src/primaite/game/agent/actions.py index 40c40077..3b1fb926 100644 --- a/src/primaite/game/agent/actions.py +++ b/src/primaite/game/agent/actions.py @@ -298,13 +298,13 @@ class NodeFileDeleteAction(NodeFileAbstractAction): def form_request(self, node_id: int, folder_id: int, file_id: int) -> List[str]: """Return the action formatted as a request which can be ingested by the PrimAITE simulation.""" - node_uuid = self.manager.get_node_uuid_by_idx(node_id) - folder_uuid = self.manager.get_folder_uuid_by_idx(node_idx=node_id, folder_idx=folder_id) - file_uuid = self.manager.get_file_uuid_by_idx(node_idx=node_id, folder_idx=folder_id, file_idx=file_id) - if node_uuid is None or folder_uuid is None or file_uuid is None: + node_name = self.manager.get_node_name_by_idx(node_id) + folder_name = self.manager.get_folder_name_by_idx(node_idx=node_id, folder_idx=folder_id) + file_name = self.manager.get_file_name_by_idx(node_idx=node_id, folder_idx=folder_id, file_idx=file_id) + if node_name is None or folder_name is None or file_name is None: return ["do_nothing"] return ["do_nothing"] - # return ["network", "node", node_uuid, "file_system", "delete", "file", folder_uuid, file_uuid] + # return ["network", "node", node_name, "file_system", "delete", "file", folder_name, file_name] class NodeFileRepairAction(NodeFileAbstractAction): @@ -849,7 +849,7 @@ class ActionManager: return self.folder_names[node_idx][folder_idx] def get_file_name_by_idx(self, node_idx: int, folder_idx: int, file_idx: int) -> Optional[str]: - """Get the file UUID corresponding to the given node, folder, and file indices. + """Get the file name corresponding to the given node, folder, and file indices. :param node_idx: The index of the node. :type node_idx: int @@ -962,9 +962,9 @@ class ActionManager: ip_address_order = cfg["options"].pop("ip_address_order", {}) ip_address_list = [] for entry in ip_address_order: - node_ref = entry["node_ref"] + node_name = entry["node_name"] nic_num = entry["nic_num"] - node_obj = game.simulation.network.get_node_by_hostname(node_ref) + node_obj = game.simulation.network.get_node_by_hostname(node_name) ip_address = node_obj.ethernet_port[nic_num].ip_address ip_address_list.append(ip_address) diff --git a/tests/assets/configs/bad_primaite_session.yaml b/tests/assets/configs/bad_primaite_session.yaml index 3e9be3bb..f5d7850c 100644 --- a/tests/assets/configs/bad_primaite_session.yaml +++ b/tests/assets/configs/bad_primaite_session.yaml @@ -29,7 +29,7 @@ agents: - type: DONOTHING options: nodes: - - node_hostname: client_2 + - node_name: client_2 max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 @@ -64,7 +64,7 @@ agents: - type: NODE_OS_SCAN options: nodes: - - node_hostname: client_1 + - node_name: client_1 applications: - application_name: data_manipulation_bot max_folders_per_node: 1 @@ -185,168 +185,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -393,118 +392,116 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 + options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: @@ -622,7 +619,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server diff --git a/tests/assets/configs/eval_only_primaite_session.yaml b/tests/assets/configs/eval_only_primaite_session.yaml index 0c3872b0..b46c2f8d 100644 --- a/tests/assets/configs/eval_only_primaite_session.yaml +++ b/tests/assets/configs/eval_only_primaite_session.yaml @@ -69,7 +69,7 @@ agents: - type: NODE_OS_SCAN options: nodes: - - node_hostname: client_1 + - node_name: client_1 applications: - application_name: data_manipulation_bot max_folders_per_node: 1 @@ -189,168 +189,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -397,118 +396,116 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 + options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: diff --git a/tests/assets/configs/multi_agent_session.yaml b/tests/assets/configs/multi_agent_session.yaml index 87bcc14f..23bd46c2 100644 --- a/tests/assets/configs/multi_agent_session.yaml +++ b/tests/assets/configs/multi_agent_session.yaml @@ -40,7 +40,7 @@ agents: options: nodes: - - node_hostname: client_2 + - node_name: client_2 max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 @@ -75,7 +75,7 @@ agents: - type: NODE_OS_SCAN options: nodes: - - node_hostname: client_1 + - node_name: client_1 applications: - application_name: data_manipulation_bot max_folders_per_node: 1 @@ -196,168 +196,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -404,118 +403,116 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 + options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: @@ -642,168 +639,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -850,118 +846,115 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: diff --git a/tests/assets/configs/test_primaite_session.yaml b/tests/assets/configs/test_primaite_session.yaml index 84b1c15f..1aa6ad71 100644 --- a/tests/assets/configs/test_primaite_session.yaml +++ b/tests/assets/configs/test_primaite_session.yaml @@ -38,7 +38,7 @@ agents: options: nodes: - - node_hostname: client_2 + - node_name: client_2 max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 @@ -73,9 +73,9 @@ agents: - type: NODE_OS_SCAN options: nodes: - - node_hostname: client_1 + - node_name: client_1 applications: - - application_hostname: data_manipulation_bot + - application_name: data_manipulation_bot max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 @@ -196,168 +196,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -404,118 +403,115 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: diff --git a/tests/assets/configs/train_only_primaite_session.yaml b/tests/assets/configs/train_only_primaite_session.yaml index 62826cd4..115b6c85 100644 --- a/tests/assets/configs/train_only_primaite_session.yaml +++ b/tests/assets/configs/train_only_primaite_session.yaml @@ -41,7 +41,7 @@ agents: options: nodes: - - node_hostname: client_2 + - node_name: client_2 max_folders_per_node: 1 max_files_per_folder: 1 max_services_per_node: 1 @@ -76,7 +76,7 @@ agents: - type: NODE_OS_SCAN options: nodes: - - node_hostname: client_1 + - node_name: client_1 applications: - application_name: data_manipulation_bot max_folders_per_node: 1 @@ -197,168 +197,167 @@ agents: 1: action: NODE_SERVICE_SCAN options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # stop webapp service 2: action: NODE_SERVICE_STOP options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 # start webapp service 3: action: "NODE_SERVICE_START" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 4: action: "NODE_SERVICE_PAUSE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 5: action: "NODE_SERVICE_RESUME" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 6: action: "NODE_SERVICE_RESTART" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 7: action: "NODE_SERVICE_DISABLE" options: - node_id: 2 - service_id: 1 + node_id: 1 + service_id: 0 8: action: "NODE_SERVICE_ENABLE" options: - node_id: 2 - service_id: 1 - 9: + node_id: 1 + service_id: 0 + 9: # check database.db file action: "NODE_FILE_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 10: action: "NODE_FILE_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 11: action: "NODE_FILE_DELETE" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 12: action: "NODE_FILE_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 - file_id: 1 + file_id: 0 13: - action: "NODE_FILE_RESTORE" + action: "NODE_SERVICE_PATCH" options: - node_id: 3 - folder_id: 1 - file_id: 1 + node_id: 2 + service_id: 0 14: action: "NODE_FOLDER_SCAN" options: - node_id: 3 + node_id: 2 folder_id: 1 15: action: "NODE_FOLDER_CHECKHASH" options: - node_id: 3 + node_id: 2 folder_id: 1 16: action: "NODE_FOLDER_REPAIR" options: - node_id: 3 + node_id: 2 folder_id: 1 17: action: "NODE_FOLDER_RESTORE" options: - node_id: 3 + node_id: 2 folder_id: 1 18: action: "NODE_OS_SCAN" options: - node_id: 3 - 19: + node_id: 2 + 19: # shutdown client 1 action: "NODE_SHUTDOWN" options: - node_id: 6 + node_id: 5 20: action: "NODE_STARTUP" options: - node_id: 6 + node_id: 5 21: action: "NODE_RESET" options: - node_id: 6 - 22: + node_id: 5 + 22: # "ACL: ADDRULE - Block outgoing traffic from client 1" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: position: 1 permission: 2 - source_ip_id: 7 - dest_ip_id: 1 + source_ip_id: 7 # client 1 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 23: + 23: # "ACL: ADDRULE - Block outgoing traffic from client 2" (not supported in Primaite) action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 2 permission: 2 - source_ip_id: 8 - dest_ip_id: 1 + source_ip_id: 8 # client 2 + dest_ip_id: 1 # ALL source_port_id: 1 dest_port_id: 1 protocol_id: 1 - 24: + 24: # block tcp traffic from client 1 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 3 permission: 2 - source_ip_id: 7 - dest_ip_id: 3 + source_ip_id: 7 # client 1 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 - 25: + 25: # block tcp traffic from client 2 to web app action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 4 permission: 2 - source_ip_id: 8 - dest_ip_id: 3 + source_ip_id: 8 # client 2 + dest_ip_id: 3 # web server source_port_id: 1 dest_port_id: 1 protocol_id: 3 26: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 5 permission: 2 - source_ip_id: 7 - dest_ip_id: 4 + source_ip_id: 7 # client 1 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 27: action: "NETWORK_ACL_ADDRULE" options: - position: 1 + position: 6 permission: 2 - source_ip_id: 8 - dest_ip_id: 4 + source_ip_id: 8 # client 2 + dest_ip_id: 4 # database source_port_id: 1 dest_port_id: 1 protocol_id: 3 @@ -405,118 +404,115 @@ agents: 38: action: "NETWORK_NIC_DISABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 39: action: "NETWORK_NIC_ENABLE" options: - node_id: 1 - nic_id: 1 + node_id: 0 + nic_id: 0 40: action: "NETWORK_NIC_DISABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 41: action: "NETWORK_NIC_ENABLE" options: - node_id: 2 - nic_id: 1 + node_id: 1 + nic_id: 0 42: action: "NETWORK_NIC_DISABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 43: action: "NETWORK_NIC_ENABLE" options: - node_id: 3 - nic_id: 1 + node_id: 2 + nic_id: 0 44: action: "NETWORK_NIC_DISABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 45: action: "NETWORK_NIC_ENABLE" options: - node_id: 4 - nic_id: 1 + node_id: 3 + nic_id: 0 46: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 47: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 1 + node_id: 4 + nic_id: 0 48: action: "NETWORK_NIC_DISABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 49: action: "NETWORK_NIC_ENABLE" options: - node_id: 5 - nic_id: 2 + node_id: 4 + nic_id: 1 50: action: "NETWORK_NIC_DISABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 51: action: "NETWORK_NIC_ENABLE" options: - node_id: 6 - nic_id: 1 + node_id: 5 + nic_id: 0 52: action: "NETWORK_NIC_DISABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 53: action: "NETWORK_NIC_ENABLE" options: - node_id: 7 - nic_id: 1 + node_id: 6 + nic_id: 0 options: nodes: - - node_hostname: router_1 - - node_hostname: switch_1 - - node_hostname: switch_2 - - node_hostname: domain_controller - - node_hostname: web_server - - node_hostname: database_server - - node_hostname: backup_server - - node_hostname: security_suite - - node_hostname: client_1 - - node_hostname: client_2 + - node_name: domain_controller + - node_name: web_server + - node_name: database_server + - node_name: backup_server + - node_name: security_suite + - node_name: client_1 + - node_name: client_2 max_folders_per_node: 2 max_files_per_folder: 2 max_services_per_node: 2 max_nics_per_node: 8 max_acl_rules: 10 ip_address_order: - - node_ref: domain_controller + - node_name: domain_controller nic_num: 1 - - node_ref: web_server + - node_name: web_server nic_num: 1 - - node_ref: database_server + - node_name: database_server nic_num: 1 - - node_ref: backup_server + - node_name: backup_server nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 1 - - node_ref: client_1 + - node_name: client_1 nic_num: 1 - - node_ref: client_2 + - node_name: client_2 nic_num: 1 - - node_ref: security_suite + - node_name: security_suite nic_num: 2 reward_function: