apt firewall demo - michaelmworthington/codesamples GitHub Wiki
This page walks through the steps to set up NXRM and a Ubuntu Docker container to test Apt Firewall using http://archive.ubuntu.com/ubuntu/
See the official docs at https://help.sonatype.com/repomanager3/formats/apt-repositories
- Prerequisites
- Step 1. Create a new Proxy Repository in NXRM
- Step 2. Enable Firewall for the New Proxy Repo
- Step 3. Run Docker Image for the Dependency Manager
- Step 4. Set the environment to download packages from NXRM
- Step 5. Install a package
- Step 6. Browse NXRM to view it
- Step 7. View the Firewall Report
- Step 8. Test Quarantine
- Step 9. Notes
- IQ Server installed and running
- NXRM 3 installed and running and configured with the IQ Server
- Docker for Mac installed and running
Use http://archive.ubuntu.com/ubuntu/ as the Remote URL. Set the distribution to "bionic"
docker run -it --rm ubuntu:bionic
rm /etc/apt/sources.list
rm -f /var/lib/apt/lists/*
echo deb http://host.docker.internal:8083/nexus/repository/apt-ubuntu.com-proxy/ bionic main > /etc/apt/sources.list
apt-get update
apt-get instal vim
Repo List
IQ Server Report
wget 1.19.4 has CVE-2019-5953 with CVSS 9.8, so you'll need to have Quarantine enabled in the capability you created in step 2 and Proxy=Fail in your Security-Critical policy in IQ Server
apt-get install wget
Console Output
Repo List
IQ Server Report
You can reproduce the 403 - Quarantined error by clicking on the "Path" link: http://host.docker.internal:8083/nexus/repository/apt-ubuntu.com-proxy/pool/main/w/wget/wget_1.19.4-1ubuntu2_amd64.deb
| Not supported |
|---|
