mrva/mrva-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use lima to trace all traffic without container modifications

Browse Source 
Results are in work-gh/mrva/gh-mrva,  ls trace-*
This commit is contained in:
Michael Hohn
2025-07-28 22:33:54 -07:00
committed by =Michael Hohn
parent 654ea40520
commit c1b3a90ebd
3 changed files with 59 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
README.org
View File

@@ -49,7 +49,7 @@
newgrp docker
ln -s /Users/hohn/work-gh /home/hohn.linux/
sudo apt install golang-go
sudo apt-get install ngrep golang-go tshark postgresql-client-common
#+END_SRC
@@ -62,7 +62,7 @@
cd ~/work-gh/mrva/mrva-docker/containers/ghmrva/
sudo docker build -t client-ghmrva-container:0.4.0 .
docker build -t client-ghmrva-container:0.4.0 .
cd ~/work-gh/mrva/mrva-docker/containers/vscode/
@@ -137,7 +137,50 @@
#+END_SRC
** set up traffic tracing
In a separate terminal:
#+BEGIN_SRC sh
limactl shell ubu
# in vm
# capture traffic
ip link show | grep br-
# form:
export BR1=br-442ef935d9f8
export BR2=br-e2ebd32bfe66
sudo tcpdump -i $BR1 -w trace-$BR1.pcap &
sudo tcpdump -i $BR2 -w trace-$BR2.pcap &
# Note docker0 is DOWN
# send requests elsewhere
# view full content:
cp trace-$BR1.pcap /tmp/foo
tshark -r /tmp/foo -Y 'http.request' -T fields -e http.request.method \
-e http.host -e http.request.uri | grep '/repositories/'
tshark -r /tmp/foo -Y http -V | less
cp trace-$BR2.pcap /tmp/foo
tshark -r /tmp/foo -Y 'http.request' -T fields -e http.request.method \
-e http.host -e http.request.uri | grep '/repositories/'
tshark -r /tmp/foo -Y http -V | less
tshark -r /tmp/foo -Y 'http.request' -T fields -e http.request.full_uri |\
grep '/repositories/'
# should find these
tshark -r /tmp/foo \
-Y 'http.request.uri contains "/repos/"' \
-T fields -e http.request.uri
# should not find these
tshark -r /tmp/foo \
-Y 'http.request.uri contains "/repositories/"' \
-T fields -e http.request.uri
#+END_SRC
** send requests
In [[./bin/ma.send-request]]
* TODO lima vm
** intro
@@ -512,7 +555,6 @@
#+END_SRC
** Send request via gui, using vs code
The following sequence works when run from a local vs code with the custom
codeql plugin.

8
bin/ma.send-request
View File

@@ -59,19 +59,19 @@ eof
# Submit the MRVA job with the first query
cd ~/work-gh/mrva/gh-mrva/
gh-mrva submit --language cpp --session mirva-session-3482 \
gh-mrva submit --language cpp --session mirva-session-4111 \
--list mirva-list \
--query ~/work-gh/mrva/gh-mrva/FlatBuffersFunc.ql
# Check the status of the submitted session
gh-mrva status --session mirva-session-3482
gh-mrva status --session mirva-session-4111
# Download SARIF files and databases if there are results. For the current
# query / database combination there are zero result hence no downloads
cd ~/work-gh/mrva/gh-mrva/
gh-mrva download --session mirva-session-3482 \
gh-mrva download --session mirva-session-4111 \
--download-dbs \
--output-dir mirva-session-3482
--output-dir mirva-session-4111
#* Set up QLPack for the next query

11
docker-compose-demo.yml
View File

@@ -50,9 +50,12 @@ services:
# ./containers/ghmrva/Dockerfile
container_name: mrva-ghmrva
image: client-ghmrva-container:0.4.0
network_mode: "service:server" # Share the 'server' network namespace
# network_mode: "service:server" # Share the 'server' network namespace
networks:
- mrva-net
environment:
- SERVER_URL=http://localhost:8080 # 'localhost' now refers to 'server'
- SERVER_URL=http://server:8080
- MRVA_SERVER_URL=http://server:8080
code-server:
# ./containers/vscode/Dockerfile
@@ -122,6 +125,7 @@ services:
SERVER_PORT: "8080"
networks:
- backend
- mrva-net
postgres:
image: postgres:15
@@ -155,7 +159,8 @@ services:
networks:
backend:
driver: bridge
mrva-net:
driver: bridge
volumes:
pgdata: