Contributions to the documentation small type for "registered"

- Clarifications for basic install of the client
- Clarifications for basic install of the server
- Fix small types registered instead of registred
pull/50/head
Koen Van Impe 2023-12-22 18:31:40 +01:00
parent 2e8ddd490f
commit 27aa5b1df9
4 changed files with 52 additions and 9 deletions

View File

@ -64,10 +64,31 @@ git submodule init
git submodule update git submodule update
~~~~ ~~~~
Build the d4 client. This will create the `d4` binary.
~~~~
make
~~~~
Then register the sensor with the server. Replace `API_TOKEN`, `VALID_UUID4` (create a random UUID via [UUIDgenerator](https://www.uuidgenerator.net/)) and `VALID_HMAC_KEY`.
~~~~
curl -k https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization: API_TOKEN" -H "Content-Type: application/json" --data '{"uuid":"VALID_UUID4","hmac_key":"VALID_HMAC_KEY"}' -X POST
~~~~
If the registration went correctly the UUID is returned. Do not forget to approve the registration in the D4 server web interface.
Update the configuration file
~~~~
cp -r conf.sample conf
echo VALID_UUID4 > conf/uuid
echo VALID_HMAC_KEY > conf/key
~~~~
## D4 core server ## D4 core server
D4 core server is a complete server to handle clients (sensors) including the decapsulation of the [D4 protocol](https://github.com/D4-project/architecture/tree/master/format), control of D4 core server is a complete server to handle clients (sensors) including the decapsulation of the [D4 protocol](https://github.com/D4-project/architecture/tree/master/format), control of sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.
sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.
### Requirements ### Requirements
@ -76,7 +97,6 @@ sensor registrations, management of decoding protocols and dispatching to adequa
### Installation ### Installation
- [Install D4 Server](https://github.com/D4-project/d4-core/tree/master/server) - [Install D4 Server](https://github.com/D4-project/d4-core/tree/master/server)
### D4 core server Screenshots ### D4 core server Screenshots

View File

@ -15,11 +15,24 @@ sensor registrations, management of decoding protocols and dispatching to adequa
### Installation ### Installation
###### Install D4 server ###### Install D4 server
Clone the repository and install necessary packages. Installation requires *sudo* permissions.
~~~~ ~~~~
git clone https://github.com/D4-project/d4-core.git
cd d4-core
cd server cd server
./install_server.sh ./install_server.sh
~~~~ ~~~~
Create or add a pem in [d4-core/server](https://github.com/D4-project/d4-core/tree/master/server) :
When the installation is finished, scroll back to where `+ ./create_default_user.py` is displayed. The next lines contain the default generated user and should resemble the snippet below. Take a temporary note of the password, you are required to **change the password** on first login.
~~~~
new user created: admin@admin.test
password: <redacted>
token: <redacted>
~~~~
Then create or add a pem in [d4-core/server](https://github.com/D4-project/d4-core/tree/master/server) :
~~~~ ~~~~
cd gen_cert cd gen_cert
./gen_root.sh ./gen_root.sh
@ -27,7 +40,6 @@ cd gen_cert
cd .. cd ..
~~~~ ~~~~
###### Launch D4 server ###### Launch D4 server
~~~~ ~~~~
./LAUNCH.sh -l ./LAUNCH.sh -l
@ -35,6 +47,14 @@ cd ..
The web interface is accessible via `http://127.0.0.1:7000/` The web interface is accessible via `http://127.0.0.1:7000/`
If you cannot access the web interface on localhost (for example because the system is running on a remote host), then stop the server, change the listening host IP and restart the server. In the below example it's changed to `0.0.0.0` (all interfaces). Make sure that the IP is not unintentionally publicly exposed.
~~~~
./LAUNCH.sh -k
sed -i '/\[Flask_Server\]/{:a;N;/host = 127\.0\.0\.1/!ba;s/host = 127\.0\.0\.1/host = 0.0.0.0/}' configs/server.conf
./LAUNCH.sh -l
~~~~
### Updating web assets ### Updating web assets
To update javascript libs run: To update javascript libs run:
~~~~ ~~~~
@ -46,7 +66,6 @@ cd web
[API Documentation](https://github.com/D4-project/d4-core/tree/master/server/documentation/README.md) [API Documentation](https://github.com/D4-project/d4-core/tree/master/server/documentation/README.md)
### Notes ### Notes
- All server logs are located in ``d4-core/server/logs/`` - All server logs are located in ``d4-core/server/logs/``
@ -85,3 +104,7 @@ Run the following command as root:
~~~~ ~~~~
aa-complain /usr/sbin/tcpdump aa-complain /usr/sbin/tcpdump
~~~~ ~~~~
###### WARNING - Not registered UUID=UUID4, connection closed
This happens after you have registered a new sensor, but have not approved the registration. In order to approve the sensor, go in the web interface to **Server Management**, and click **Pending Sensors**.

View File

@ -90,7 +90,7 @@ def register_sensor(req_dict):
sensor_uuid = sensor_uuid.replace('-', '') sensor_uuid = sensor_uuid.replace('-', '')
# sensor already exist # sensor already exist
if r_serv_db.exists('metadata_uuid:{}'.format(sensor_uuid)): if r_serv_db.exists('metadata_uuid:{}'.format(sensor_uuid)):
return ({"status": "error", "reason": "Sensor already registred"}, 409) return ({"status": "error", "reason": "Sensor already registered"}, 409)
# hmac key # hmac key
if not hmac_key: if not hmac_key:

View File

@ -144,10 +144,10 @@ def extract_ip(ip_string):
return ip_string return ip_string
def server_mode_registration(header_uuid): def server_mode_registration(header_uuid):
# only accept registred uuid # only accept registered uuid
if server_mode == 'registration': if server_mode == 'registration':
if not redis_server_metadata.sismember('registered_uuid', header_uuid): if not redis_server_metadata.sismember('registered_uuid', header_uuid):
error_msg = 'Not registred UUID={}, connection closed'.format(header_uuid) error_msg = 'Not registered UUID={}, connection closed'.format(header_uuid)
print(error_msg) print(error_msg)
logger.warning(error_msg) logger.warning(error_msg)
#redis_server_metadata.hset('metadata_uuid:{}'.format(data_header['uuid_header']), 'Error', 'Error: This UUID is temporarily blacklisted') #redis_server_metadata.hset('metadata_uuid:{}'.format(data_header['uuid_header']), 'Error', 'Error: This UUID is temporarily blacklisted')