From 3549bb351e6d070ddd29819b829b94d16d580dcc Mon Sep 17 00:00:00 2001 From: daniel goldberg Date: Wed, 21 Sep 2016 11:35:41 +0300 Subject: [PATCH] Issue #35 - Added option for blocked IPs. --- chaos_monkey/config.py | 3 ++- chaos_monkey/example.conf | 1 + chaos_monkey/network/network_scanner.py | 5 +++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/chaos_monkey/config.py b/chaos_monkey/config.py index a7c4abadb..addb9fd54 100644 --- a/chaos_monkey/config.py +++ b/chaos_monkey/config.py @@ -172,6 +172,8 @@ class Configuration(object): range_size = 1 range_fixed = ['',] + blocked_ips = ['', ] + # TCP Scanner HTTP_PORTS = [80, 8080, 443, 8008, # HTTP alternate @@ -210,7 +212,6 @@ class Configuration(object): smb_download_timeout = 300 # timeout in seconds smb_service_name = "InfectionMonkey" - # system info collection collect_system_info = True diff --git a/chaos_monkey/example.conf b/chaos_monkey/example.conf index 671eca8e2..33503b3da 100644 --- a/chaos_monkey/example.conf +++ b/chaos_monkey/example.conf @@ -10,6 +10,7 @@ "range_fixed": [ "" ], + "blocked_ips": [""], "current_server": "41.50.73.31:5000", "psexec_passwords": [ "Password1!", diff --git a/chaos_monkey/network/network_scanner.py b/chaos_monkey/network/network_scanner.py index 143057974..5a9037184 100644 --- a/chaos_monkey/network/network_scanner.py +++ b/chaos_monkey/network/network_scanner.py @@ -52,6 +52,11 @@ class NetworkScanner(object): if victim.ip_addr in self._ip_addresses: continue + # skip IPs marked as blocked + if victim.ip_addr in WormConfiguration.blocked_ips: + LOG.info("Skipping %s due to blacklist" % victim) + continue + LOG.debug("Scanning %r...", victim) # if scanner detect machine is up, add it to victims list