diff --git a/Dockerfile b/Dockerfile index a04d23b..f829356 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ #Building main conteiner FROM python:slim-buster -RUN apt-get update && apt-get -y install build-essential libboost-system-dev libboost-thread-dev libpcre2-dev git +RUN apt-get update && apt-get -y install build-essential libpcre2-dev python-dev git iptables libnetfilter-queue-dev WORKDIR /tmp/ -RUN git clone --branch release https://github.com/jpcre2/jpcre2 -WORKDIR /tmp/jpcre2 -RUN ./configure; make; make install +RUN git clone https://github.com/gpfei/python-pcre2.git +WORKDIR /tmp/python-pcre2/ +RUN python3 setup.py install WORKDIR / RUN mkdir /execute @@ -15,16 +15,9 @@ WORKDIR /execute ADD ./backend/requirements.txt /execute/requirements.txt RUN pip install --no-cache-dir -r /execute/requirements.txt -ARG GCC_PARAMS -RUN mkdir proxy -ADD ./backend/proxy/proxy.cpp /execute/proxy/proxy.cpp -RUN c++ -O3 -march=native $GCC_PARAMS -o proxy/proxy proxy/proxy.cpp -pthread -lboost_system -lboost_thread -lpcre2-8 - COPY ./backend/ /execute/ COPY ./frontend/build/ ./frontend/ -RUN chmod ug+x /execute/proxy/proxy - ENTRYPOINT ["python3", "app.py", "DOCKER"] diff --git a/backend/requirements.txt b/backend/requirements.txt index 649a99d..9ab6b99 100755 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -2,4 +2,5 @@ fastapi[all] httpx uvicorn[standard] passlib[bcrypt] -python-jose[cryptography] \ No newline at end of file +python-jose[cryptography] +NetfilterQueue diff --git a/start.py b/start.py index 1b5bb7d..6f07dbf 100755 --- a/start.py +++ b/start.py @@ -22,8 +22,6 @@ def sep(): puts("-----------------------------------", is_bold=True) parser = argparse.ArgumentParser() parser.add_argument('--port', "-p", type=int, required=False, help='Port where open the web service of the firewall', default=4444) parser.add_argument('--no-autostart', "-n", required=False, action="store_true", help='Auto-execute "docker-compose up -d --build"', default=False) -parser.add_argument('--single-thread', "-s", required=False, action="store_true", help='Disable multi-threaded proxy"', default=False) -parser.add_argument('--thread-num', "-t", type=int, required=False, help='Number of threads to use', default=None) args = parser.parse_args() sep() @@ -33,8 +31,6 @@ puts(f"{args.port}", color=colors.cyan) os.chdir(os.path.dirname(os.path.realpath(__file__))) -gcc_params = "-D MULTI_THREAD" if not args.single_thread else "" -gcc_params+= f" -D THREAD_NUM={args.thread_num}" if args.thread_num else "" with open("docker-compose.yml","wt") as compose: if "linux" in sys.platform and not 'microsoft-standard' in platform.uname().release: #Check if not is a wsl also @@ -44,15 +40,14 @@ version: '3.9' services: firewall: restart: unless-stopped - build: - context: . - args: - - GCC_PARAMS={gcc_params} + build: . network_mode: "host" environment: - PORT={args.port} volumes: - /execute/db + cap_add: + - NET_ADMIN """) #print("Done! You can start firegex with docker-compose up -d --build") else: @@ -65,10 +60,7 @@ version: '3.9' services: firewall: restart: unless-stopped - build: - context: . - args: - - GCC_PARAMS={gcc_params} + build: . ports: - {args.port}:{args.port} environment: @@ -78,6 +70,8 @@ services: - /execute/db extra_hosts: - host.docker.internal:host-gateway + cap_add: + - NET_ADMIN """) # sep()