From e609f8eb50e935515a0d63ad85e9321404f8fd98 Mon Sep 17 00:00:00 2001 From: Marek Wolan Date: Fri, 24 Nov 2023 14:56:17 +0000 Subject: [PATCH] Fix misconfiguration in uc2 config and session --- .../config/_package_data/example_config.yaml | 18 +++++++++-- src/primaite/game/session.py | 31 ++++++++++++++++--- .../assets/configs/bad_primaite_session.yaml | 18 +++++++++-- .../configs/eval_only_primaite_session.yaml | 18 +++++++++-- .../assets/configs/test_primaite_session.yaml | 18 +++++++++-- .../configs/train_only_primaite_session.yaml | 18 +++++++++-- 6 files changed, 102 insertions(+), 19 deletions(-) diff --git a/src/primaite/config/_package_data/example_config.yaml b/src/primaite/config/_package_data/example_config.yaml index af872a01..6455272c 100644 --- a/src/primaite/config/_package_data/example_config.yaml +++ b/src/primaite/config/_package_data/example_config.yaml @@ -560,7 +560,7 @@ simulation: ip_address: 192.168.1.1 subnet_mask: 255.255.255.0 2: - ip_address: 192.168.1.1 + ip_address: 192.168.10.1 subnet_mask: 255.255.255.0 acl: 0: @@ -571,6 +571,14 @@ simulation: action: PERMIT src_port: DNS dst_port: DNS + 2: + action: PERMIT + src_port: FTP + dst_port: FTP + 3: + action: PERMIT + src_port: HTTP + dst_port: HTTP 22: action: PERMIT src_port: ARP @@ -607,7 +615,7 @@ simulation: hostname: web_server ip_address: 192.168.1.12 subnet_mask: 255.255.255.0 - default_gateway: 192.168.1.10 + default_gateway: 192.168.1.1 dns_server: 192.168.1.10 services: - ref: web_server_database_client @@ -628,6 +636,10 @@ simulation: services: - ref: database_service type: DatabaseService + options: + backup_server_ip: 192.168.1.16 + - ref: database_ftp_client + type: FTPClient - ref: backup_server type: server @@ -638,7 +650,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server diff --git a/src/primaite/game/session.py b/src/primaite/game/session.py index 7856cc9f..f0dcdd61 100644 --- a/src/primaite/game/session.py +++ b/src/primaite/game/session.py @@ -16,7 +16,7 @@ from primaite.game.agent.observations import ObservationManager from primaite.game.agent.rewards import RewardFunction from primaite.game.io import SessionIO, SessionIOSettings from primaite.game.policy.policy import PolicyABC -from primaite.simulator.network.hardware.base import Link, NIC, Node +from primaite.simulator.network.hardware.base import Link, NIC, Node, NodeOperatingState from primaite.simulator.network.hardware.nodes.computer import Computer from primaite.simulator.network.hardware.nodes.router import ACLAction, Router from primaite.simulator.network.hardware.nodes.server import Server @@ -30,6 +30,8 @@ from primaite.simulator.system.applications.web_browser import WebBrowser from primaite.simulator.system.services.database.database_service import DatabaseService from primaite.simulator.system.services.dns.dns_client import DNSClient from primaite.simulator.system.services.dns.dns_server import DNSServer +from primaite.simulator.system.services.ftp.ftp_client import FTPClient +from primaite.simulator.system.services.ftp.ftp_server import FTPServer from primaite.simulator.system.services.red_services.data_manipulation_bot import DataManipulationBot from primaite.simulator.system.services.service import Service from primaite.simulator.system.services.web_server.web_server import WebServer @@ -334,6 +336,7 @@ class PrimaiteSession: subnet_mask=node_cfg["subnet_mask"], default_gateway=node_cfg["default_gateway"], dns_server=node_cfg["dns_server"], + operating_state=NodeOperatingState.ON, ) elif n_type == "server": new_node = Server( @@ -342,16 +345,26 @@ class PrimaiteSession: subnet_mask=node_cfg["subnet_mask"], default_gateway=node_cfg["default_gateway"], dns_server=node_cfg.get("dns_server"), + operating_state=NodeOperatingState.ON, ) elif n_type == "switch": - new_node = Switch(hostname=node_cfg["hostname"], num_ports=node_cfg.get("num_ports")) + new_node = Switch( + hostname=node_cfg["hostname"], + num_ports=node_cfg.get("num_ports"), + operating_state=NodeOperatingState.ON, + ) elif n_type == "router": - new_node = Router(hostname=node_cfg["hostname"], num_ports=node_cfg.get("num_ports")) + new_node = Router( + hostname=node_cfg["hostname"], + num_ports=node_cfg.get("num_ports"), + operating_state=NodeOperatingState.ON, + ) if "ports" in node_cfg: for port_num, port_cfg in node_cfg["ports"].items(): new_node.configure_port( port=port_num, ip_address=port_cfg["ip_address"], subnet_mask=port_cfg["subnet_mask"] ) + # new_node.enable_port(port_num) if "acl" in node_cfg: for r_num, r_cfg in node_cfg["acl"].items(): # excuse the uncommon walrus operator ` := `. It's just here as a shorthand, to avoid repeating @@ -379,6 +392,8 @@ class PrimaiteSession: "DatabaseClient": DatabaseClient, "DatabaseService": DatabaseService, "WebServer": WebServer, + "FTPClient": FTPClient, + "FTPServer": FTPServer, } if service_type in service_types_mapping: print(f"installing {service_type} on node {new_node.hostname}") @@ -399,6 +414,12 @@ class PrimaiteSession: if "domain_mapping" in opt: for domain, ip in opt["domain_mapping"].items(): new_service.dns_register(domain, ip) + if service_type == "DatabaseService": + if "options" in service_cfg: + opt = service_cfg["options"] + if "backup_server_ip" in opt: + new_service.configure_backup(backup_server=IPv4Address(opt["backup_server_ip"])) + new_service.start() if "applications" in node_cfg: for application_cfg in node_cfg["applications"]: @@ -435,7 +456,7 @@ class PrimaiteSession: node_ref ] = ( new_node.uuid - ) # TODO: fix incosistency with service and link. Node gets added by uuid, but service by object + ) # TODO: fix inconsistency with service and link. Node gets added by uuid, but service by object # 2. create links between nodes for link_cfg in links_cfg: @@ -451,6 +472,8 @@ class PrimaiteSession: endpoint_b = node_b.ethernet_port[link_cfg["endpoint_b_port"]] new_link = net.connect(endpoint_a=endpoint_a, endpoint_b=endpoint_b) sess.ref_map_links[link_cfg["ref"]] = new_link.uuid + # endpoint_a.enable() + # endpoint_b.enable() # 3. create agents game_cfg = cfg["game_config"] diff --git a/tests/assets/configs/bad_primaite_session.yaml b/tests/assets/configs/bad_primaite_session.yaml index 6344eac0..4d8e4669 100644 --- a/tests/assets/configs/bad_primaite_session.yaml +++ b/tests/assets/configs/bad_primaite_session.yaml @@ -560,7 +560,7 @@ simulation: ip_address: 192.168.1.1 subnet_mask: 255.255.255.0 2: - ip_address: 192.168.1.1 + ip_address: 192.168.10.1 subnet_mask: 255.255.255.0 acl: 0: @@ -571,6 +571,14 @@ simulation: action: PERMIT src_port: DNS dst_port: DNS + 2: + action: PERMIT + src_port: FTP + dst_port: FTP + 3: + action: PERMIT + src_port: HTTP + dst_port: HTTP 22: action: PERMIT src_port: ARP @@ -607,7 +615,7 @@ simulation: hostname: web_server ip_address: 192.168.1.12 subnet_mask: 255.255.255.0 - default_gateway: 192.168.1.10 + default_gateway: 192.168.1.1 dns_server: 192.168.1.10 services: - ref: web_server_database_client @@ -628,6 +636,10 @@ simulation: services: - ref: database_service type: DatabaseService + options: + backup_server_ip: 192.168.1.16 + - ref: database_ftp_client + type: FTPClient - ref: backup_server type: server @@ -638,7 +650,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server diff --git a/tests/assets/configs/eval_only_primaite_session.yaml b/tests/assets/configs/eval_only_primaite_session.yaml index aa8c8b1f..27a18d9f 100644 --- a/tests/assets/configs/eval_only_primaite_session.yaml +++ b/tests/assets/configs/eval_only_primaite_session.yaml @@ -560,7 +560,7 @@ simulation: ip_address: 192.168.1.1 subnet_mask: 255.255.255.0 2: - ip_address: 192.168.1.1 + ip_address: 192.168.10.1 subnet_mask: 255.255.255.0 acl: 0: @@ -571,6 +571,14 @@ simulation: action: PERMIT src_port: DNS dst_port: DNS + 2: + action: PERMIT + src_port: FTP + dst_port: FTP + 3: + action: PERMIT + src_port: HTTP + dst_port: HTTP 22: action: PERMIT src_port: ARP @@ -607,7 +615,7 @@ simulation: hostname: web_server ip_address: 192.168.1.12 subnet_mask: 255.255.255.0 - default_gateway: 192.168.1.10 + default_gateway: 192.168.1.1 dns_server: 192.168.1.10 services: - ref: web_server_database_client @@ -628,6 +636,10 @@ simulation: services: - ref: database_service type: DatabaseService + options: + backup_server_ip: 192.168.1.16 + - ref: database_ftp_client + type: FTPClient - ref: backup_server type: server @@ -638,7 +650,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server diff --git a/tests/assets/configs/test_primaite_session.yaml b/tests/assets/configs/test_primaite_session.yaml index 8133c5d9..64be5488 100644 --- a/tests/assets/configs/test_primaite_session.yaml +++ b/tests/assets/configs/test_primaite_session.yaml @@ -560,7 +560,7 @@ simulation: ip_address: 192.168.1.1 subnet_mask: 255.255.255.0 2: - ip_address: 192.168.1.1 + ip_address: 192.168.10.1 subnet_mask: 255.255.255.0 acl: 0: @@ -571,6 +571,14 @@ simulation: action: PERMIT src_port: DNS dst_port: DNS + 2: + action: PERMIT + src_port: FTP + dst_port: FTP + 3: + action: PERMIT + src_port: HTTP + dst_port: HTTP 22: action: PERMIT src_port: ARP @@ -607,7 +615,7 @@ simulation: hostname: web_server ip_address: 192.168.1.12 subnet_mask: 255.255.255.0 - default_gateway: 192.168.1.10 + default_gateway: 192.168.1.1 dns_server: 192.168.1.10 services: - ref: web_server_database_client @@ -628,6 +636,10 @@ simulation: services: - ref: database_service type: DatabaseService + options: + backup_server_ip: 192.168.1.16 + - ref: database_ftp_client + type: FTPClient - ref: backup_server type: server @@ -638,7 +650,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server diff --git a/tests/assets/configs/train_only_primaite_session.yaml b/tests/assets/configs/train_only_primaite_session.yaml index f1e317d3..4cfe4df4 100644 --- a/tests/assets/configs/train_only_primaite_session.yaml +++ b/tests/assets/configs/train_only_primaite_session.yaml @@ -560,7 +560,7 @@ simulation: ip_address: 192.168.1.1 subnet_mask: 255.255.255.0 2: - ip_address: 192.168.1.1 + ip_address: 192.168.10.1 subnet_mask: 255.255.255.0 acl: 0: @@ -571,6 +571,14 @@ simulation: action: PERMIT src_port: DNS dst_port: DNS + 2: + action: PERMIT + src_port: FTP + dst_port: FTP + 3: + action: PERMIT + src_port: HTTP + dst_port: HTTP 22: action: PERMIT src_port: ARP @@ -607,7 +615,7 @@ simulation: hostname: web_server ip_address: 192.168.1.12 subnet_mask: 255.255.255.0 - default_gateway: 192.168.1.10 + default_gateway: 192.168.1.1 dns_server: 192.168.1.10 services: - ref: web_server_database_client @@ -628,6 +636,10 @@ simulation: services: - ref: database_service type: DatabaseService + options: + backup_server_ip: 192.168.1.16 + - ref: database_ftp_client + type: FTPClient - ref: backup_server type: server @@ -638,7 +650,7 @@ simulation: dns_server: 192.168.1.10 services: - ref: backup_service - type: DatabaseBackup + type: FTPServer - ref: security_suite type: server