2023-03-14 15:12:28 +01:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2023-03-15 15:30:29 +01:00
|
|
|
"fmt"
|
2023-03-22 14:01:08 +01:00
|
|
|
"net/netip"
|
2023-04-19 11:39:11 +02:00
|
|
|
"time"
|
2023-03-15 15:30:29 +01:00
|
|
|
|
2023-04-12 11:13:53 +02:00
|
|
|
"github.com/google/uuid"
|
2023-03-21 13:34:52 +01:00
|
|
|
"github.com/thefeli73/polemos/mtdaws"
|
2023-05-02 13:59:33 +02:00
|
|
|
"github.com/thefeli73/polemos/pcsdk"
|
2023-03-15 15:30:29 +01:00
|
|
|
"github.com/thefeli73/polemos/state"
|
2023-03-14 15:12:28 +01:00
|
|
|
)
|
2023-03-21 13:34:52 +01:00
|
|
|
|
2023-03-22 14:01:08 +01:00
|
|
|
// ConfigPath is a string of the location for the configfile
|
|
|
|
var ConfigPath string
|
|
|
|
|
2023-03-14 15:12:28 +01:00
|
|
|
func main() {
|
2023-03-15 15:30:29 +01:00
|
|
|
fmt.Println("Starting Polemos")
|
|
|
|
|
2023-03-22 14:01:08 +01:00
|
|
|
ConfigPath = "config.yaml"
|
|
|
|
|
2023-04-12 15:31:11 +02:00
|
|
|
// Initialize the config.Services map
|
|
|
|
var config state.Config
|
|
|
|
config.MTD.Services = make(map[state.CustomUUID]state.Service)
|
|
|
|
|
|
|
|
config = state.LoadConf(ConfigPath)
|
2023-03-22 14:01:08 +01:00
|
|
|
state.SaveConf(ConfigPath, config)
|
|
|
|
|
2023-04-12 15:31:11 +02:00
|
|
|
|
2023-03-28 16:09:30 +02:00
|
|
|
config = indexAllInstances(config)
|
2023-04-17 15:21:06 +02:00
|
|
|
state.SaveConf(ConfigPath, config)
|
2023-03-15 15:30:29 +01:00
|
|
|
|
2023-05-02 13:59:33 +02:00
|
|
|
// CREATE TUNNELS
|
|
|
|
createTunnels(config)
|
|
|
|
|
2023-04-18 11:08:31 +02:00
|
|
|
// START DOING MTD
|
2023-05-02 14:50:22 +02:00
|
|
|
mtdLoop(config)
|
2023-04-18 11:08:31 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func mtdLoop(config state.Config) {
|
|
|
|
for true {
|
|
|
|
//TODO: figure out migration (MTD)
|
|
|
|
config = movingTargetDefense(config)
|
|
|
|
state.SaveConf(ConfigPath, config)
|
2023-03-28 16:09:30 +02:00
|
|
|
|
2023-05-02 13:59:33 +02:00
|
|
|
fmt.Println("Sleeping for 1 minute")
|
|
|
|
time.Sleep(1*time.Minute)
|
2023-04-19 11:39:11 +02:00
|
|
|
|
2023-04-18 11:08:31 +02:00
|
|
|
//TODO: proxy commands
|
|
|
|
}
|
2023-03-21 13:34:52 +01:00
|
|
|
}
|
2023-03-22 14:01:08 +01:00
|
|
|
|
2023-03-28 16:09:30 +02:00
|
|
|
func movingTargetDefense(config state.Config) state.Config{
|
|
|
|
|
|
|
|
mtdaws.AWSMoveInstance(config)
|
|
|
|
return config
|
|
|
|
}
|
|
|
|
|
|
|
|
func indexAllInstances(config state.Config) state.Config {
|
2023-03-22 14:01:08 +01:00
|
|
|
fmt.Println("Indexing instances")
|
2023-04-19 11:39:11 +02:00
|
|
|
t := time.Now()
|
2023-03-22 14:01:08 +01:00
|
|
|
|
2023-04-18 15:03:34 +02:00
|
|
|
for _, service := range config.MTD.Services {
|
|
|
|
service.Active = false
|
|
|
|
}
|
|
|
|
|
2023-03-22 14:01:08 +01:00
|
|
|
//index AWS instances
|
2023-03-28 16:09:30 +02:00
|
|
|
awsNewInstanceCounter := 0
|
2023-04-19 11:39:11 +02:00
|
|
|
awsInactiveInstanceCounter := len(config.MTD.Services)
|
2023-03-28 16:09:30 +02:00
|
|
|
awsInstanceCounter := 0
|
2023-03-22 14:01:08 +01:00
|
|
|
awsInstances := mtdaws.GetInstances(config)
|
|
|
|
for _, instance := range awsInstances {
|
|
|
|
cloudID := mtdaws.GetCloudID(instance)
|
|
|
|
ip, err := netip.ParseAddr(instance.PublicIP)
|
|
|
|
if err != nil {
|
2023-04-12 10:16:22 +02:00
|
|
|
fmt.Println("Error converting ip:\t", err)
|
2023-03-22 14:01:08 +01:00
|
|
|
continue
|
|
|
|
}
|
2023-04-17 15:21:06 +02:00
|
|
|
var found bool
|
|
|
|
config, found = indexInstance(config, cloudID, ip)
|
2023-04-19 11:39:11 +02:00
|
|
|
if !found {
|
|
|
|
awsNewInstanceCounter++
|
|
|
|
} else {
|
|
|
|
awsInactiveInstanceCounter--
|
|
|
|
}
|
2023-03-28 16:09:30 +02:00
|
|
|
awsInstanceCounter++
|
2023-03-22 14:01:08 +01:00
|
|
|
}
|
2023-04-11 12:55:38 +02:00
|
|
|
// TODO: Purge instances in config that are not found in the cloud
|
2023-04-19 11:39:11 +02:00
|
|
|
fmt.Printf("Found %d active AWS instances (%d newly added, %d inactive) (took %s)\n",
|
|
|
|
awsInstanceCounter, awsNewInstanceCounter, awsInactiveInstanceCounter, time.Since(t).Round(100*time.Millisecond).String())
|
2023-03-28 16:09:30 +02:00
|
|
|
|
|
|
|
|
2023-03-22 14:01:08 +01:00
|
|
|
return config
|
|
|
|
}
|
|
|
|
|
2023-05-02 13:59:33 +02:00
|
|
|
func createTunnels(config state.Config) {
|
|
|
|
for serviceUUID, service := range config.MTD.Services {
|
|
|
|
if service.AdminEnabled && service.Active {
|
|
|
|
s := pcsdk.NewCommandStatus()
|
|
|
|
err := s.Execute(netip.AddrPortFrom(service.EntryIP, config.MTD.ManagementPort))
|
|
|
|
if err != nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
// Reconfigure Proxy to new instance
|
2023-05-02 14:50:22 +02:00
|
|
|
c := pcsdk.NewCommandCreate(service.EntryPort, service.ServicePort, service.ServiceIP, serviceUUID)
|
2023-05-02 13:59:33 +02:00
|
|
|
err = c.Execute(netip.AddrPortFrom(service.EntryIP, config.MTD.ManagementPort))
|
|
|
|
if err != nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-04-17 15:21:06 +02:00
|
|
|
func indexInstance(config state.Config, cloudID string, serviceIP netip.Addr) (state.Config, bool) {
|
2023-03-22 14:12:12 +01:00
|
|
|
found := false
|
2023-04-18 15:03:34 +02:00
|
|
|
var foundUUID state.CustomUUID
|
|
|
|
for u, service := range config.MTD.Services {
|
2023-03-22 14:01:08 +01:00
|
|
|
if service.CloudID == cloudID {
|
2023-03-22 14:12:12 +01:00
|
|
|
found = true
|
2023-04-18 15:03:34 +02:00
|
|
|
foundUUID = u
|
2023-04-11 12:55:38 +02:00
|
|
|
break;
|
2023-03-22 14:01:08 +01:00
|
|
|
}
|
|
|
|
}
|
2023-04-17 15:21:06 +02:00
|
|
|
|
|
|
|
if !found {
|
|
|
|
fmt.Println("New instance found:\t", cloudID)
|
|
|
|
u := uuid.New()
|
2023-04-18 15:03:34 +02:00
|
|
|
config.MTD.Services[state.CustomUUID(u)] = state.Service{CloudID: cloudID, ServiceIP: serviceIP, Active: true, AdminEnabled: true}
|
2023-04-17 15:21:06 +02:00
|
|
|
state.SaveConf(ConfigPath, config)
|
|
|
|
|
2023-04-18 15:03:34 +02:00
|
|
|
} else {
|
2023-04-19 11:39:11 +02:00
|
|
|
s := config.MTD.Services[foundUUID]
|
|
|
|
s.Active = true
|
|
|
|
config.MTD.Services[foundUUID] = s
|
2023-04-18 15:03:34 +02:00
|
|
|
state.SaveConf(ConfigPath, config)
|
2023-04-17 15:21:06 +02:00
|
|
|
}
|
|
|
|
return config, found
|
2023-03-22 14:24:56 +01:00
|
|
|
}
|