33 lines
1.3 KiB
Desktop File
33 lines
1.3 KiB
Desktop File
[Unit]
|
|
Description=portspoof asyncio honeypot
|
|
After=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=/usr/bin/python3 -m portspoof_py \
|
|
-s /etc/portspoof/portspoof_signatures \
|
|
-c /etc/portspoof/portspoof.conf \
|
|
-l /var/log/portspoof/portspoof.jsonl \
|
|
--exclude 22 \
|
|
--admin-port 8080
|
|
User=root
|
|
TimeoutStopSec=30
|
|
KillMode=mixed
|
|
# Emergency cleanup if SIGKILL'd before graceful shutdown.
|
|
# Must mirror the exact rules added by add_rules() in iptables.py,
|
|
# including any --admin-port exempt rule (adjust ports if changed above).
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D PREROUTING -p tcp --dport 22 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D PREROUTING -p tcp --dport 8080 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D PREROUTING -p tcp --dport 4444 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D PREROUTING -p tcp -j REDIRECT --to-port 4444
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D OUTPUT -p tcp -d 127.0.0.0/8 --dport 22 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D OUTPUT -p tcp -d 127.0.0.0/8 --dport 8080 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D OUTPUT -p tcp -d 127.0.0.0/8 --dport 4444 -j RETURN
|
|
ExecStopPost=/usr/sbin/iptables -t nat -D OUTPUT -p tcp -d 127.0.0.0/8 -j REDIRECT --to-port 4444
|
|
Restart=on-failure
|
|
NoNewPrivileges=yes
|
|
ReadWritePaths=/var/log/portspoof
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|