PrimAITE/tests/assets/configs/basic_firewall.yaml

#  Basic Switched network
#
#  --------------      --------------      --------------
#  |  client_1  |------|  switch_1  |------|  client_2  |
#  --------------      --------------      --------------
#
metadata:
    version: 3.0

io_settings:
  save_step_metadata: false
  save_pcap_logs: true
  save_sys_logs: true


game:
  max_episode_length: 256
  ports:
    - ARP
    - DNS
    - HTTP
    - POSTGRES_SERVER
  protocols:
    - ICMP
    - TCP
    - UDP

agents:
  - ref: client_2_green_user
    team: GREEN
    type: probabilistic-agent

    action_space:
      action_map:
        0:
          action: do-nothing
          options: {}
        1:
          action: node-application-execute
          options:
            node_name: client_2
            application_name: web-browser

    agent_settings:
      action_probabilities:
        0: 0.4
        1: 0.6

simulation:
  network:
    nodes:

      - type: firewall
        hostname: firewall
        start_up_duration: 0
        shut_down_duration: 0
        ports:
          external_port: # port 1
            ip_address: 192.168.20.1
            subnet_mask: 255.255.255.0
          internal_port: # port 2
            ip_address: 192.168.1.2
            subnet_mask: 255.255.255.0
        acl:
          internal_inbound_acl:
            21:
              action: PERMIT
              protocol: TCP
            22:
              action: PERMIT
              protocol: UDP
            23:
              action: PERMIT
              protocol: ICMP
          internal_outbound_acl:
            21:
              action: PERMIT
              protocol: TCP
            22:
              action: PERMIT
              protocol: UDP
            23:
              action: PERMIT
              protocol: ICMP
          dmz_inbound_acl:
            21:
              action: PERMIT
              protocol: TCP
            22:
              action: PERMIT
              protocol: UDP
            23:
              action: PERMIT
              protocol: ICMP
          dmz_outbound_acl:
            21:
              action: PERMIT
              protocol: TCP
            22:
              action: PERMIT
              protocol: UDP
            23:
              action: PERMIT
              protocol: ICMP

      - type: switch
        hostname: switch_1
        num_ports: 8
      - type: switch
        hostname: switch_2
        num_ports: 8

      - type: computer
        hostname: client_1
        ip_address: 192.168.10.21
        subnet_mask: 255.255.255.0
        default_gateway: 192.168.10.1
        dns_server: 192.168.1.10
        # pre installed services and applications
      - type: computer
        hostname: client_2
        ip_address: 192.168.10.22
        subnet_mask: 255.255.255.0
        default_gateway: 192.168.10.1
        dns_server: 192.168.1.10
        # pre installed services and applications

    links:
      - endpoint_a_hostname: switch_1
        endpoint_a_port: 1
        endpoint_b_hostname: client_1
        endpoint_b_port: 1
      - endpoint_a_hostname: switch_2
        endpoint_a_port: 1
        endpoint_b_hostname: client_2
        endpoint_b_port: 1
      - endpoint_a_hostname: switch_1
        endpoint_a_port: 2
        endpoint_b_hostname: firewall
        endpoint_b_port: 1
      - endpoint_a_hostname: switch_2
        endpoint_a_port: 2
        endpoint_b_hostname: firewall
        endpoint_b_port: 2