cpan firewall demo - michaelmworthington/codesamples GitHub Wiki

Introduction

This page walks through the steps to set up NXRM and a Perl Docker container to test CPAN Firewall using https://www.cpan.org/

See the community docs at  https://github.com/sonatype-nexus-community/nexus-repository-cpan

Table of Contents

Prerequisites

  • IQ Server installed and running
  • NXRM 3 installed and running and configured with the IQ Server
  • Docker for Mac installed and running

Step 1. Create a new Proxy Repository in NXRM

Use https://www.cpan.org/ as the Remote URL. Accept default values for the remainder of the settings.

Step 2. Enable Firewall for the New Proxy Repo

Step 3. Run the Docker Image in Interactive Mode

docker run -it --rm cpan/perl-common bash

unlike the centos image used in the Yum Firewall Demo, this image runs the 'maven' command when starting the container, rather than plain 'bash'. since i want to run a couple maven commands, force docker to run bash.

Step 4. Use the cpan command line to set up the repo sources

cpan
o conf urllist
o conf urllist http://host.docker.internal:8081/repository/cpan.org-proxy/

Step 5. Use cpan to Install a package

install Log::Log4perl

Observe the inbound requests to NXRM in the request.log file:

172.17.0.1 - - [12/Nov/2020:22:26:12 +0000] "GET /repository/cpan.org-proxy/authors/01mailrc.txt.gz HTTP/1.1" 200 - 261030 2541 "libwww-perl/6.35" [qtp1704519059-161]
172.17.0.1 - - [12/Nov/2020:22:26:14 +0000] "GET /repository/cpan.org-proxy/modules/02packages.details.txt.gz HTTP/1.1" 200 - 2350397 1574 "libwww-perl/6.35" [qtp1704519059-47]
172.17.0.1 - - [12/Nov/2020:22:26:41 +0000] "GET /repository/cpan.org-proxy/modules/03modlist.data.gz HTTP/1.1" 200 - 248 2541 "libwww-perl/6.35" [qtp1704519059-161]
172.17.0.1 - - [12/Nov/2020:22:26:48 +0000] "GET /repository/cpan.org-proxy/authors/id/E/ET/ETJ/Log-Log4perl-1.53.tar.gz HTTP/1.1" 200 - 280026 3573 "libwww-perl/6.35" [qtp1704519059-161]
172.17.0.1 - - [12/Nov/2020:22:26:50 +0000] "GET /repository/cpan.org-proxy/authors/id/E/ET/ETJ/CHECKSUMS HTTP/1.1" 200 - 42325 2402 "libwww-perl/6.35" [qtp1704519059-50]
172.17.0.1 - - [12/Nov/2020:22:27:33 +0000] "GET /repository/cpan.org-proxy/authors/id/M/MS/MSCHOUT/Log-Dispatch-FileRotate-1.36.tar.gz HTTP/1.1" 200 - 29142 1308 "libwww-perl/6.35" [qtp1704519059-47]
172.17.0.1 - - [12/Nov/2020:22:27:34 +0000] "GET /repository/cpan.org-proxy/authors/id/M/MS/MSCHOUT/CHECKSUMS HTTP/1.1" 200 - 60727 1278 "libwww-perl/6.35" [qtp1704519059-161]
172.17.0.1 - - [12/Nov/2020:22:27:37 +0000] "GET /repository/cpan.org-proxy/authors/id/S/SB/SBECK/Date-Manip-6.82.tar.gz HTTP/1.1" 200 - 2015204 1754 "libwww-perl/6.35" [qtp1704519059-47]
172.17.0.1 - - [12/Nov/2020:22:27:38 +0000] "GET /repository/cpan.org-proxy/authors/id/S/SB/SBECK/CHECKSUMS HTTP/1.1" 200 - 13858 1226 "libwww-perl/6.35" [qtp1704519059-169]
172.17.0.1 - - [12/Nov/2020:22:27:47 +0000] "GET /repository/cpan.org-proxy/authors/id/S/SB/SBECK/Test-Inter-1.09.tar.gz HTTP/1.1" 200 - 44460 1548 "libwww-perl/6.35" [qtp1704519059-169]

Step 6. Browse the Proxy Repo

Step 7. Go to the Firewall Report

Repo List

IQ Server Report

Step 8. Test Quarantine

Not Supported

Step 9. Notes

You can view the component information panel (CIP) right in NXRM

Not Supported

Home | Copyright © 2020.

⚠️ **GitHub.com Fallback** ⚠️