d4-core/server
ljaqueme 91500ba460 that works 2019-06-11 16:37:11 -06:00
..
configs chg: [server + workers] add config file + add option to specify save directory 2019-03-26 15:21:36 +01:00
documentation fix: [server] fix extended-types connection (allow concurrent 2/254) + fix extended types metadata + save connected types/extended in DB 2019-06-03 17:29:20 +02:00
gen_cert non interacting 2019-03-22 09:50:02 +01:00
web make it docker compliance 2019-06-11 12:27:39 -06:00
workers make it docker compliance 2019-06-11 12:27:39 -06:00
.gitignore chg: [server + workers] add config file + add option to specify save directory 2019-03-26 15:21:36 +01:00
Dockerfile.analyzer-d4-passivedns that works 2019-06-11 16:37:11 -06:00
Dockerfile.d4-server that works 2019-06-11 16:37:11 -06:00
LAUNCH.sh chg: [server + workers] add config file + add option to specify save directory 2019-03-26 15:20:06 +01:00
README.md chg: [Readme] add troubleshooting 2019-04-01 16:16:37 +02:00
docker-compose.yml that works 2019-06-11 16:37:11 -06:00
install_server.sh chg: [server] support both IPv4 and IPv6 2019-02-14 11:17:50 +01:00
requirement.txt chg: [server launcher] add launcher 2019-01-18 12:02:20 +01:00
server.py make it docker compliance 2019-06-11 12:27:39 -06:00

README.md

D4 core

D4 core server

D4 core server is a complete server to handle clients (sensors) including the decapsulation of the D4 protocol, control of sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers.

Requirements

  • Python 3.6
  • GNU/Linux distribution

Installation

Install D4 server
cd server
./install_server.sh

Create or add a pem in d4-core/server :

cd gen_cert
./gen_root.sh
./gen_cert.sh
cd ..
Launch D4 server
./LAUNCH.sh -l

The web interface is accessible via http://127.0.0.1:7000/

Updating web assets

To update javascript libs run:

cd web
./update_web.sh

Notes

  • All server logs are located in d4-core/server/logs/
  • Close D4 Server: ./LAUNCH.sh -k

Screenshots of D4 core server management

Troubleshooting

Worker 1, tcpdump: Permission denied

Could be related to AppArmor:

sudo cat /var/log/syslog | grep denied

Run the following command as root:

aa-complain /usr/sbin/tcpdump