Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature Request - Ability to dynamically map network ports to docker containers #97

Open
zoomequipd opened this issue Jun 10, 2019 · 1 comment

Comments

@zoomequipd
Copy link

My use case is enabling a platform to test with metasploit, but catching reverse shells present a problem. Would it be possible to set a master range of ports (say 10000-2000) and then configure a "ports per container" setting (say 5). Each time a new user signs up, they are assigned a static range of 5 ports selected from "available" ports.

There'd have to be some process to keep track of which ports are assigned/released (when the container expires?)

Just thinking out loud a bit.

@jschipp-r7
Copy link

jschipp-r7 commented Jun 10, 2019

Hey @zoomequipd,

You could keep track of them by writing support in theisletd script, it runs in the background as a daemon and is meant for doing tasks where you need to keep track of things.

Docker has the ability to set a range of ports, so the training env config file and container generation code could be updated to allow a custom or dynamically generated range. If Docker doesn't have a master list of ports (haven't checked), you could change the non-privileged range in Linux across the OS, or you can could probably do some iptables magic to only forward or allow a specific range.

I think what you're trying to achieve is doable though it might not be elegant.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants