Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

~ioc2rpz failed to build~ What outbound firewall rules are needed? #1

Open
dmgeurts opened this issue Nov 14, 2023 · 1 comment
Open

Comments

@dmgeurts
Copy link

Migrating to docker compose from images deployed two years ago, I get the following error during the ioc2rpz build:

Building ioc2rpz
Step 1/16 : FROM erlang:alpine
alpine: Pulling from library/erlang
96526aa774ef: Already exists
f1a0e614ce79: Pull complete
Digest: sha256:3a4a46200b33df3f81e214c5350fc1e4895650e81387da20613380f5e30ed092
Status: Downloaded newer image for erlang:alpine
 ---> 5ef3b4778c19
Step 2/16 : MAINTAINER Vadim Pavlov<[email protected]>
 ---> Running in b09acddf1cf3
Removing intermediate container b09acddf1cf3
 ---> 008919ee1ced
Step 3/16 : WORKDIR /opt/ioc2rpz
 ---> Running in cb88e9078832
Removing intermediate container cb88e9078832
 ---> ce860c8368f0
Step 4/16 : RUN mkdir -p /opt/ioc2rpz/cfg /opt/ioc2rpz/ssl /opt/ioc2rpz/db /opt/ioc2rpz/include /opt/ioc2rpz/src /opt/ioc2rpz/log && apk add bind-tools curl python3 gawk php lftp ripgrep
 ---> Running in befc5cee7b1c
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/37) Installing fstrm (0.6.1-r2)
(2/37) Installing krb5-conf (1.0-r2)
(3/37) Installing libcom_err (1.47.0-r2)
(4/37) Installing keyutils-libs (1.6.3-r3)
(5/37) Installing libverto (0.3.2-r2)
(6/37) Installing krb5-libs (1.20.1-r1)
(7/37) Installing nghttp2-libs (1.57.0-r0)
(8/37) Installing protobuf-c (1.4.1-r2)
(9/37) Installing libuv (1.44.2-r2)
(10/37) Installing xz-libs (5.4.3-r0)
(11/37) Installing libxml2 (2.11.4-r0)
(12/37) Installing bind-libs (9.18.19-r0)
(13/37) Installing bind-tools (9.18.19-r0)
(14/37) Installing brotli-libs (1.0.9-r14)
(15/37) Installing libunistring (1.1-r1)
(16/37) Installing libidn2 (2.3.4-r1)
(17/37) Installing libcurl (8.4.0-r0)
(18/37) Installing curl (8.4.0-r0)
(19/37) Installing gawk (5.2.2-r0)
(20/37) Installing lftp (4.9.2-r5)
(21/37) Installing php81-common (8.1.25-r0)
(22/37) Installing argon2-libs (20190702-r4)
(23/37) Installing libedit (20221030.3.1-r1)
(24/37) Installing pcre2 (10.42-r1)
(25/37) Installing php81 (8.1.25-r0)
(26/37) Installing libbz2 (1.0.8-r5)
(27/37) Installing libexpat (2.5.0-r1)
(28/37) Installing libffi (3.4.4-r2)
(29/37) Installing gdbm (1.23-r1)
(30/37) Installing mpdecimal (2.5.1-r2)
(31/37) Installing libpanelw (6.4_p20230506-r0)
(32/37) Installing sqlite-libs (3.41.2-r2)
(33/37) Installing python3 (3.11.6-r0)
(34/37) Installing python3-pycache-pyc0 (3.11.6-r0)
(35/37) Installing pyc (0.1-r0)
(36/37) Installing python3-pyc (3.11.6-r0)
(37/37) Installing ripgrep (13.0.0-r3)
Executing busybox-1.36.1-r2.trigger
OK: 77 MiB in 62 packages
Removing intermediate container befc5cee7b1c
 ---> d18fde43597c
Step 5/16 : ADD src/* /opt/ioc2rpz/src/
 ---> 0836cfd86dc1
Step 6/16 : ADD include/* /opt/ioc2rpz/include/
 ---> ac042404ab26
Step 7/16 : ADD config/* /opt/ioc2rpz/config/
 ---> cb7ec1bef182
Step 8/16 : ADD rebar.config /opt/ioc2rpz/
 ---> 062f9a086d55
Step 9/16 : RUN rebar3 eunit && rebar3 release -d false
 ---> Running in 8bdfb1fd88ed
===> Verifying dependencies...
===> Failed to update package cowboy from repo hexpm
===> Package not found in any repo: cowboy 2.9.0
ERROR: Service 'ioc2rpz' failed to build: The command '/bin/sh -c rebar3 eunit && rebar3 release -d false' returned a non-zero code: 1
@dmgeurts
Copy link
Author

This turned out to be a firewall permission issue.

From the logs I couldn't see what access was required. For ioc2rpz.gui I found the following targets:

  • dl-cdn.alpinelinux.org
  • unpkg.com
  • cdn.jsdelivr.net
  • use.fontawesome.com

But I've been unable to work out which targets the ioc2rpz build uses.

@dmgeurts dmgeurts changed the title ioc2rpz failed to build ~ioc2rpz failed to build~ What outbound firewall rules are needed? Nov 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant