testing: addd inst/testing/nemo1/

inst/testing/nemo1/.gitignore

+
+freertr/
+
+nemo-*
+

inst/testing/nemo1/Dockerfile-nemo-all

+#FROM debian:latest
+FROM debian:stable
+RUN apt-get update -y -y; DEBIAN_FRONTEND="noninteractive" apt-get install -y -y systemd-sysv systemd
+RUN apt-get update -y -y; DEBIAN_FRONTEND="noninteractive" apt-get install -y -y docker.io docker-compose jq pwgen gawk
+RUN apt-get update -y -y; DEBIAN_FRONTEND="noninteractive" apt-get install -y -y curl lynx wget w3m
+RUN apt-get update -y -y; DEBIAN_FRONTEND="noninteractive" apt-get install -y -y git less man make gcc strace ltrace lsof file vim tshark tcpdump curl wget net-tools sudo psutils procps iptables iputils-ping iputils-tracepath hping3 iproute2 host tree
+
+#COPY . /nemo-all
+COPY . /nemo-all
+
+WORKDIR /nemo-all
+CMD [ "/sbin/init" ]
+

inst/testing/nemo1/README.txt

+
+= build+run nemo docker-in-docker container together with freertr+attack/victim-hosts docker-compose
+
+0)
+General pre-requisites: nemo-* dirs checked-out in this sub dir
+
+
+1) Freertr+attack/victim-hosts docker-compose:
+
+in this sub directory of git checkout run:
+
+docker network prune # to be sure old network definitions are not conflicting (stop dependent containers as necessary before)
+
+# + make sure no old, conflicting nat iptable rules are in POSTROUTING Table (iptables -t nat -L POSTROUTING)
+
+docker-compose -f docker-compose-freertr-ddos.yml build
+
+docker-compose -f docker-compose-freertr-ddos.yml down
+
+docker-compose -f docker-compose-freertr-ddos.yml up 
+
+./docker-compose/freertr_disable_offload.sh
+
+
+2) (outer) nemo docker-in-docker container:
+(pre-requisites: nemo-* dirs checked-out in this sub dir)
+
+in this sub dir of git checkout run:
+./mynemo-docker-dind --all1 
+
+nemo setup will be run inside the (outer) nemo docker-in-docker container. Answers:
+host = localhost
+...
+email address = test@localhost
+user name = test
+...
+
+# freertr is reachable via IP address 10.197.36.3 (via 10.197.36.2 on corresponding interface in (outer) nemo docker-in-docker container),,
+especially from (inside) nemo container nemo_nfcapd_1 (which sharing network namespace of its "host" = (outer) nemo docker-in-docker container)
+
+alternatively install flow generating software inside (outer) nemo docker-in-docker container directly,
+and, e.g., connect from (inside) nemo container nemo_nfcapd_1 to it using 10.197.36.2 as target address
+
+
+
+= for testing etc.
+
+# test attack traffic from host1 to host2
+docker exec -ti host2 ping 10.1.10.11
+docker exec -ti host1 ping 10.2.10.12
+
+# test connectivity between (outer) nemo docker-in-docker container to freertr container
+docker exec -ti nemo-all1 ping 10.197.36.2
+
+# investigate status on freertr
+docker exec -ti freertr telnet 127.1 2323
+
+# run show command
+docker exec -ti freertr sh -c '{ echo "show ipv4 bgp 1 flowspec database"; echo "show policy-map flowspec CORE ipv4"; echo exit; } | netcat 127.1 2323'
+
+
+= docker compose definitions and dependencyies:
+
+./docker-compose-freertr-ddos.yml :
+
+        - ./docker-compose/.env_freertr
+        - ./docker-compose/Dockerfile_FREERTR
+        - ./docker-compose/freertr.cfg : template for freertr config in freertr container
+
+        - ./docker-compose/.env_host1
+        - ./docker-compose/Dockerfile_HOST1
+
+        - ./docker-compose/.env_host2
+        - ./docker-compose/Dockerfile_HOST2
+
+
+= freertr docu general
+
+http://www.freertr.org/
+
+http://docs.freertr.org/
+
+
+= freertr container details
+
+template for freertr config in freetrt container: ./docker-compose/freertr.cfg
+FoD-relevant config sections: 
+  - interface ethernet3
+  - router bgp[46] 1
+
+./freertr/run docker volume to access/store freertr /run/rtr/ dir
+
+
+= nemo docker-in-docker container details
+
+connected by IP address 10.197.36.2 to freertr (IP address 10.197.36.3), used for BGP peering via exabgp to Freertr
+
+= attacker/victim host container details
+
+host1: interface IP address 10.1.10.11 (connected to freertr interface IP address 10.1.10.3)
+host2: interface IP address 10.2.10.12 (connected to freertr interface IP address 10.1.10.3)
+
+
+

inst/testing/nemo1/docker-compose-freertr-ddos.yml

+version: "3"
+services:
+
+  freertr:
+    build:
+        context: docker-compose
+        dockerfile: Dockerfile_FREERTR
+    container_name: freertr
+    privileged: true
+    expose:
+        - "23"
+    ports:
+        - "127.0.0.1:2323:2323"
+    env_file:
+        - ./docker-compose/.env_freertr
+    networks:
+      # order of theX interfaces inside freertr container will be depending on the alphanumeric string order of network names where ethX are attached to, so make sure that resulting order is: mgmt <= nhost1 <= nhost1 <= xnemo-flow-input
+      mgmt:
+      nhost1:
+              ipv4_address: 10.1.10.3
+      nhost2:
+              ipv4_address: 10.2.10.3
+      xnemo-flow-input:
+              ipv4_address: 10.197.36.3
+              #depends_on:
+              #- fod
+    volumes:
+        - freertr:/opt
+        - ./freertr/run:/rtr/run/
+
+  host1:
+    build:
+        context: docker-compose
+        dockerfile: Dockerfile_HOST1
+    container_name: host1
+    privileged: true
+    env_file:
+        - ./docker-compose/.env_host1
+    networks:
+      mgmt:
+      nhost1:
+             ipv4_address: 10.1.10.11
+             #depends_on:
+             #- fod
+    #volumes:
+    #    - freertr:/opt
+
+  host2:
+    build:
+        context: docker-compose
+        dockerfile: Dockerfile_HOST2
+    container_name: host2
+    privileged: true
+    env_file:
+        - ./docker-compose/.env_host2
+    networks:
+      mgmt:
+      nhost2:
+             ipv4_address: 10.2.10.12
+             #depends_on:
+             #- fod
+    #volumes:
+    #    - freertr:/opt
+
+networks:
+  mgmt:
+    driver: bridge
+    ipam:
+      driver: default
+      config:
+        - subnet: 11.11.11.0/24
+
+  xnemo-flow-input:
+    driver: bridge
+    driver_opts: 
+        com.docker.network.bridge.enable_ip_masquerade: 'false'
+    ipam:
+      driver: default
+      config:
+        - subnet: 10.197.36.0/24
+
+  nhost1:
+    driver: bridge
+    driver_opts: 
+        com.docker.network.bridge.enable_ip_masquerade: 'false'
+    ipam:
+      driver: default
+      config:
+              - subnet: 10.1.10.0/24
+
+  nhost2:
+    driver: bridge
+    driver_opts: 
+        com.docker.network.bridge.enable_ip_masquerade: 'false'
+    ipam:
+       driver: default
+       config:
+               - subnet: 10.2.10.0/24
+
+volumes:
+  freertr:

inst/testing/nemo1/docker-compose/.env_freertr

+VARIABLE=test

inst/testing/nemo1/docker-compose/Dockerfile_FREERTR

+#FROM debian:sid
+FROM debian:latest
+LABEL maintainer="FOD"
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update -y && apt-get install -y locales wget netcat-openbsd less man vim iputils-ping strace ltrace
+#RUN apt-get update -y && apt-get install -y wget netcat-openbsd less man vim iputils-ping strace ltrace
+RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
+    dpkg-reconfigure --frontend=noninteractive locales && \
+    update-locale LANG=en_US.UTF-8
+ENV LANG en_US.UTF-8
+
+WORKDIR /opt
+RUN wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-deps.sh -O install-deps.sh && \
+    wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-rtr.sh -O install-rtr.sh && \
+    wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/install-clean.sh -O install-clean.sh && \
+    chmod +x /opt/*
+
+RUN ./install-deps.sh
+RUN ./install-rtr.sh
+RUN ./install-clean.sh
+
+RUN mkdir -p /rtr && \
+    wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/hwdet-init.sh -O /rtr/hwdet-init.sh && \
+    wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/hwdet-mgmt.sh -O /rtr/hwdet-mgmt.sh && \
+    wget https://raw.githubusercontent.com/rare-freertr/freeRtr-containerlab/main/start-rtr.sh -O /rtr/start-rtr.sh && \
+    chmod +x /rtr/*
+
+COPY freertr.cfg /rtr/rtr-sw.txt
+COPY freertr_setup_environment.sh /usr/local/bin/setup_environment.sh
+
+CMD /usr/local/bin/setup_environment.sh

inst/testing/nemo1/docker-compose/Dockerfile_HOST1

+
+#FROM floui/tiny-net-tools:latest
+FROM ubuntu:latest
+
+RUN apt-get update -yy && DEBIAN_FRONTEND="noninteractive" apt-get install -yy net-tools iputils-ping tcpdump tshark hping3 nmap iperf
+
+#RUN ifconfig -a
+
+#CMD /bin/sh -c 'route add default gw 10.1.10.3; while true; do sleep 1000000; done'
+CMD /bin/sh -c 'route add -net 10.2.10.0/24 gw 10.1.10.3; while true; do sleep 1000000; done'
+

inst/testing/nemo1/docker-compose/Dockerfile_HOST2

+
+#FROM floui/tiny-net-tools:latest
+FROM ubuntu:latest
+
+RUN apt-get update -yy && DEBIAN_FRONTEND="noninteractive" apt-get install -yy net-tools iputils-ping tcpdump tshark hping3 nmap iperf
+
+#RUN ifconfig -a
+
+#CMD /bin/sh -c 'route add default gw 10.2.10.3; while true; do sleep 1000000; done'
+CMD /bin/sh -c 'route add -net 10.1.10.0/24 gw 10.2.10.3; while true; do sleep 1000000; done'
+

inst/testing/nemo1/docker-compose/freertr.cfg

+hostname router
+buggy
+!
+!
+crypto rsakey rsa import $v10$TUlJRW9nSUJBQUtDQVFCNUcxQjJGd216Ly9rTDJKN0xjdTZHckxmVGdjOEJ6aHpnNHVteEhJaVFrdFZ4U2xnQmFFSDBlQmhFdlhJMzA4d2ZNaUVvcWEzNnBMdFlKN3pmK0pGekIrRWJtdDJNZUc2ZURxc3IreGhsSmMzYkozTzhvNVRjZEIxblhKbEV2T0RlOTdycTJnT0xPSjJGaFdwbVBBd3dYTStLVXMxR05iL1hWR09tQUJrMzhlNXpYMU9XU01Oa0dEUXV1MEt3WUNub2pvbXBQdnMvZktVNW13b3ZCeXk3MjNTakdOQ3BYTEQweGRnTUord1ZSQ2NkV1huejk4bUNzRVBtKzJlbTJQbDMrVWU0WnNSVFJQb1JWTHdmVWdNcnViZ21BdFE1QWJtSTdDejdWZmQzRHVpbkVuZFJLSzl0N3dWeEVpcUZkN2Z2c2pYc0hoNVQrK2hqSnJ3TVc3UWxBZ01CQUFFQ2dnRUFSVWlvRm5jRm1SR204KzBBbzVuajllNFgySXZaMXNtSTRldFBFSUVuYTdabEg4UU5adml6U3QzdDNGMlpXM0R5eFNJVHNFU3FnTXIvVnVhYytuRWxITzcwREt2amRYcHNwa1gwRFZ4QVQ1VjZHSmVRY2VvUHZyTTdJeWZwazFhUE8xLzBjbWs1UDh1cTZua3lMcnpKcUYxZ2FsMEdqTlV4SkVwbUc5RFFuSjBrbkw1Vkp4WmQzSTMvOStPZFVtOWJWM3NrdTVBTXk2YnhQOCtSOTJ5QzVFdThvTFoxMUxUVXk2TXNBb3FsalhIcWhIOVlTQ2RLaEtpenFKVEpOSVI3WVVQK0FOb0E0aWwrZXlzSFFQaS94L3dEVGdRY2czZ1N5SFpNYXNIRW51d1VCV2pGOWdYZ2R1VEVtc3VQVGdKdCtZZG4zcXJIMWkxamcxbDlGSGUxWVFLQmdRREJNNjBNUFNkL1pqZU9nQW5MUS94VlBnN2V6NnlnOENweHdsbWNwL25YbWM2TDdJa3dVUXJ0OGlMREN2clZ2dUZYVS9jell1Q2ZYVUc2MVVnNENMQldSM05LcXFuYVJSQ2hNdTBNV2JGd01wVHRHcjN3NXFlbXVtdU1VYWp5Z0pmK2Y2RFNtU01nbG5sR1E3M2FsVkx4bHl6TlE3RGVNdGd6eThyV1lhSytpUUtCZ1FDZ2VKblFuVDN2dkVhT3RzWUdKQVFYUXBFNk5ocjl0OW9TSjJ5dGMyWGpoL0pDbGhSMTBjYndnRzJ0SWhHVHE2WnQxSWNzNCtxVWxsdUxkUDBrRWRjQTErTXBKa3FLand1UE9MTjVUL1JaQ2pxSUJVL3lGR2xkeDlaN29tNGVLUFBPRDROdGZTKzdHRmdqTHB5ajFEOGFldDZ4OFJRVXV6bGRvNksycnlLQnZRS0JnUUNidmVwN2VUakR6RVJ3ek9vWVB6L0QvM2pCU0N2aXVIZWVxSXJRYStCTldxRlR6bU53M1lPditJYnBMNHF3ajJUYm5zWWhXRTIyYWRpNG9ZSE1HY1Q4YURDYU9pVWQzSnJoTjBvN3NIb0c5ZDl6bXlFT2R3RWl1QmhHVHZXZ051VlB0TmFScmZ6UklqdTAxcHJPLzV5VFA4aFAxNGRXTnlwdDVwUW1hU0psOFFLQmdFbVlCYkxPNm1EUUQrdlRsdTJxQnRaRUNTYVJPYit5V2FpSnZDV3dEc0pTenFBTEJFY2tkZ0JHWmdaSTRaYS8yZ3YwdENtNlBSTDRBZlBySzAwbmdWczVwMHh2Nnkrd2VyU3NaR0wyY0RHRnAySktUV2ZRUktKbHk4L1hwbmplZnpHNW02VFRETmpaU1ZLWlJlMDhvZFFiRlphMTRXZkFsWWFFVFZOSzdxQmhBb0dBVmIyZmduRlM1ZWJjZUx5cXY1ZHFwYU9iUVljZC9vV0FaWVJBQ1BGNGNHZHk0cE85QWV2ejd5UHN4OXB6SUNsS0hNNU9DQmtXMHNLNkt2ZHI3TUR1NFVVenR5SnNXOURMUmFuSUg4OCtaZ0hYZnk3TThyNmJzTklrVlMyQml6SExXRmVZNW5kOWt2WFZMOHNQY3dVN2dvM29VUEZlVkRFdm1ZanpsVkZFcm1NPQ==
+!
+crypto dsakey dsa import $v10$TUlJQnVRSUJBQUtCZ0Rxa3VCZldzSW5TdW8zMkJ1N1FIS1lrSUczQ1pnS1BvT2NXK0NqNUY5ODNXNkFmV1h3RUpMZnNPWVM0OWpKUVh2RW9HUzJHM1lOb01tQm9kM3NEbUUrZFhCQjNTbjloTWdjdGhFS3FhOWNuR054ZG5nLzdwejBQYXJUbHdmYXpxeVNwL3RHeE9FTDNrNWFBRk91MUxNbXpEY1dlTTk3cEU0c2tVTnFyRmUrckFoVUF1YVMzdi8yWGpsMDM3U3VMZWFOR21POVNqQ0VDZ1lBTjU1dHlaNi9tL05VMHdWdy95ZnM2N3QxcWJ5dkp3MHFnZWRST2RSZEYyUzlXdjZmK3VRb0hzWEZDZVJibXIxdXZtUXFINVZTVEcrUzc3cDB4SEEraVR0cm1KU0JaREZLR2lLYzJDYWVzakNPZHJ4a2NVeEJTeG9jT0FUVVJId1UvSXJXbkxxSVlXTkFDcEJlQjJBTmVVcW9xaXdUMjVqQWhlM3lXTGZtTGFRS0JnQ25YNC9tdzZZUDArY1l4Q3RhbnJPcWNZeDR6bDlXSmtmSjJ6NENhL0lGSmxxeVJIUUhMNmxEWnprSTJBWmlMUmUzNksxUHVYT3E0NXlibkM3RlJKVGRvUSs3RWxydmdlUTlvT2M1blRzckk5UXRGdmJLVjVTa3RleFNtS0Z3RXRNbk9nUkdZems1VzIwb3lWOU5lU1lsNi9ZRkdFdGZKa0pzdHpkU3Y1YWI5QWhRM0ZFaW5XdFNnM2Y2S0pNSHN3WlZvd3IrRjZRPT0=
+!
+crypto ecdsakey ecdsa import $v10$TUhRQ0FRRUVJQURQR2VsOVU5ZndGNFRGOXNja1JoYWFFWUVYSHJEem5VV1lxVHh5ZHJNNW9BY0dCU3VCQkFBS29VUURRZ0FFdTN3TENSVVVzekFEWTlXOG0wbXhDMTJhQWMxUnpOWGh4bUFwRE9PUVlEWGFzRUtDNmdnVFYvUzNZUHFYdGd1Z3BEZ013WVpack5oNFVMQ1hTUTFhYVE9PQ==
+!
+aaa list auth1
+ exit
+!
+aaa userlist netconfusr
+ username netconf
+ username netconf password $v10$bmV0Y29uZg==
+ exit
+!
+access-list access-all
+ sequence 10 permit all any all any all
+ exit
+!
+access-list rule1
+ !sequence 10 deny 6 15.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
+ !sequence 20 deny 6 16.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
+ !sequence 30 deny 7 16.10.10.1 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
+ !sequence 80 deny 7 16.10.10.2 255.255.255.255 123-129 20.20.20.1 255.255.255.255 200-400
+ exit
+!
+policy-map flowspec-v4
+ sequence 1 action drop
+ sequence 1 match access-group rule1
+ !
+ exit
+!
+vrf definition CORE
+ rd 1:1
+ exit
+!
+vrf definition inet
+ exit
+!
+router uni2flow4 1
+ vrf CORE
+ distance 10
+ justadvert loopback1
+ exit
+!
+router uni2flow6 1
+ vrf CORE
+ distance 10
+ justadvert loopback1
+ exit
+!
+interface loopback0
+ vrf forwarding CORE
+ ipv4 address 2.2.2.1 255.255.255.255
+ ipv6 address 4321::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+ no shutdown
+ no log-link-change
+ exit
+!
+!interface loopback1
+! vrf forwarding CORE
+! ipv4 address 2.2.2.101 255.255.255.255
+! ipv6 address 4321::101 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+! no shutdown
+! no log-link-change
+! exit
+!!
+!interface loopback2
+! vrf forwarding CORE
+! ipv4 address 2.2.2.201 255.255.255.255
+! ipv6 address 4321::201 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+! no shutdown
+! no log-link-change
+! exit
+!
+interface ethernet255
+ mgmt interface
+ vrf forwarding OOB
+ no shutdown
+ no log-link-change
+ exit
+!
+!
+interface ethernet1
+ description link to host1
+ vrf forwarding CORE
+ ipv4 address 10.1.10.3 255.255.255.0
+ no shutdown
+ no log-link-change
+ exit
+!
+interface ethernet2
+ description link to host2
+ vrf forwarding CORE
+ ipv4 address 10.2.10.3 255.255.255.0
+ no shutdown
+ no log-link-change
+ exit
+!
+interface ethernet3
+ interface to FoD
+ vrf forwarding CORE
+ ipv4 address 10.197.36.3 255.255.255.0
+ no shutdown
+ no log-link-change
+ exit
+!
+!interface ethernet1
+! description veth pair end point to crian testbed
+! lldp enable
+! vrf forwarding CORE
+! ipv4 address 12.12.12.2 255.255.255.0
+! mpls enable
+! mpls ldp4
+! no shutdown
+! no log-link-change
+! exit
+!
+!interface ethernet2
+! description tap1 to exabgp
+! lldp enable
+! vrf forwarding CORE
+! ipv4 address 14.0.0.2 255.255.255.0
+! mpls enable
+! mpls ldp4
+! no shutdown
+! no log-link-change
+! exit
+!
+router bgp4 1
+ vrf CORE
+ !vrf OOB
+ local-as 1
+ router-id 4.4.4.1
+ no safe-ebgp
+ address-family unicast flowspec
+ flowspec-install
+ flowspec-advert flowspec-v4
+ !
+ neighbor 10.197.36.2 remote-as 1001
+ neighbor 10.197.36.2 local-as 2001
+ neighbor 10.197.36.2 address-family unicast flowspec
+ neighbor 10.197.36.2 distance 30
+ neighbor 10.197.36.2 send-community standard extended
+ !
+ !
+ !
+ redistribute connected
+ redistribute uni2flow4 1
+ exit
+!
+router bgp6 1
+ vrf CORE
+ local-as 1
+ router-id 6.6.6.1
+ no safe-ebgp
+ address-family unicast flowspec
+ !
+ neighbor 1234:1::2 remote-as 2
+ neighbor 1234:1::2 local-as 1
+ neighbor 1234:1::2 address-family unicast flowspec
+ neighbor 1234:1::2 distance 20
+ neighbor 1234:1::2 send-community standard extended
+ !
+ !
+ redistribute connected
+ redistribute uni2flow6 1
+ exit
+!
+console0
+ no exec authorization
+ no login authentication
+ exit
+!
+proxy-profile OOB
+ vrf CORE
+ exit
+!
+!
+ipv4 route CORE 10.0.3.1 255.255.255.0 14.0.0.1
+ipv4 route CORE 10.3.0.1 255.255.255.255 14.0.0.1
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+!
+server telnet netconf1
+ security protocol ssh
+ security authentication netconfusr
+ security rsakey rsa
+ security dsakey dsa
+ security ecdsakey ecdsa
+ port 830
+ second-port 829
+ exec autocommand netconf
+ no exec authorization
+ no login authentication
+ vrf inet
+ exit
+!
+server telnet tel1
+ security protocol telnet
+ exec height -1
+ exec monitor
+ no exec authorization
+ no login authentication
+ vrf inet
+ exit
+!
+server telnet teloob
+ security protocol telnet
+ exec height -1
+ exec monitor
+ no exec authorization
+ no login authentication
+ vrf OOB
+ exit
+!
+client capture-path /rtr/run/pcap/
+!
+end

inst/testing/nemo1/docker-compose/freertr_disable_offload.sh

+#!/bin/bash
+
+set -x
+
+for container_interface in 0 1 2 3; do
+  #IFINDEX=$(docker exec freertr cat /sys/class/net/eth0/iflink)
+  IFINDEX=$(docker exec freertr cat "/sys/class/net/eth$container_interface/iflink")
+  IFNAME=$(ip a | grep ^${IFINDEX} | awk -F\: '{print $2}' | awk -F\@ '{print $1}')
+  ethtool -k $IFNAME | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K $IFNAME "$key" off; done
+done
+

inst/testing/nemo1/docker-compose/freertr_setup_environment.sh

+#!/bin/bash
+
+ethtool -k eth0 | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K eth0 "$key" off; done
+ethtool -k eth1 | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K eth1 "$key" off; done
+ethtool -k eth2 | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K eth2 "$key" off; done
+ethtool -k eth3 | awk '$2=="on" { sub(/:$/, "", $1); print $1; }' | while read key; do ethtool -K eth3 "$key" off; done
+
+/rtr/hwdet-init.sh
+
+/rtr/hwdet-mgmt.sh
+
+ip addr flush dev eth1
+ip addr flush dev eth2
+ip addr flush dev eth3
+
+exec java -Xmx1024m -jar /rtr/rtr.jar routerc /rtr/run/conf/rtr-