PLC/config.toml · obfsucator

[0000000000000001]

#Hide obfuscator
[[0000000000000001.firewall_rules]]
name = "block h2"
priority = 1
block = true
[0000000000000001.firewall_rules.match]
eth_dst="00:00:00:00:00:02"

#PLCs
[[0000000000000001.hidden_node]] #h3
mac_address = "00:0c:29:26:7d:1e"
ipv4_address = "172.16.235.128"

#bypass the obfuscator
[[0000000000000001.bypass]] #port 502
eth_type = 2048
ip_proto = 6
tcp_dst = 502

#Redirect any IP traffic heading to any of the protected nodes redirect to the honeypot
#Higher priority comes first (e.g. 2 then 1)
[[0000000000000001.rule]] #ip to h4
id = 1
name = "redirect ip"
priority = 1
[0000000000000001.rule.match]
eth_type = 2048
[0000000000000001.rule.honeypot]
mac_address = "00:0c:29:71:a6:a9"
ipv4_address = "172.16.235.130"

[[0000000000000001.rule]] #ssh to honeypot
id = 2
name = "redirect HTTP"
priority = 2
[0000000000000001.rule.match]
eth_type = 2048
ip_proto = 6
tcp_dst = 80
[0000000000000001.rule.honeypot]
mac_address = "00:0c:29:71:a6:a9"
ipv4_address = "172.16.235.130"