anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
65d33bc61163893d19c7ff9e30824b11741c3fde
DECNET/.gitignore
anti 402c1ef7a2 feat(cloak): wire cloak into the deploy path for windows* deckies 
Base containers whose nmap_os has a mangle profile now build the cloak image
(FROM the per-decky distro), ship the light decnet subtree, and run
'python -m decnet.cloak' alongside holding the MACVLAN IP — netns-safe (cloak
backgrounded behind 'exec sleep infinity' so a cloak crash never tears down the
base/netns). composer injects build/command/NET_RAW/env (DECNET_NMAP_OS,
DECNET_OPEN_PORTS, DECKY_IP); deployer._sync_cloak_sources syncs the subtree;
non-windows deckies are unchanged. Mangler signal-guarded for thread use;
entry runs mangler in main thread, responder as daemon.

Verified live: real path makes nmap -O read 'Microsoft Windows Server 2012/2016'
with handshakes intact.
2026-06-20 00:22:38 -04:00

91 lines
2.2 KiB
Plaintext
Raw Blame History

.venv/
.venv*/
docker-compose.yaml
.311/
.3[0-9][0-9]/
logs/
.claude/*
CLAUDE.md
__pycache__/
*.pyc
*.pyo
*.egg-info/
dist/
build/
decnet-compose.yml
# Per-topology compose fragments emitted by `decnet topology deploy`.
decnet-topology-*-compose.yml
# Docker build context cache.
.docker/
decnet-state.json
*.ini
# tracked: Alembic CLI config (migrations live in decnet/web/db/migrations)
!alembic.ini
decnet.log*
*.loggy
*.nmap
linterfails.log
webmail
windows1
*.db
*.db-shm
*.db-wal
decnet.*.log
# Rotated copies (logrotate appends .1, .2, .gz...) — the existing
# decnet.*.log glob doesn't catch the suffix.
decnet.*.log.*
decnet.json
.env*
.env.local
.coverage
.hypothesis/
profiles/*
tests/test_decnet.db*
# Nested git clone of the wiki — not a submodule, just a local
# working copy so we can edit docs without a full round-trip.
wiki-checkout/
# Scratch test/debug outputs that leak from saved `pytest > hang.log`
# or `pytest > schem` redirections.
hang.log
schem
*.pytest.log
# pydeps-style dependency graph dumps from local analysis runs.
deps.txt
# Node modules vendored under decnet/canary/ for the obfuscator helper.
# The package.json is the source of truth; modules are reinstalled at
# build/deploy time.
node_modules/
package-lock.json
# TTP rule-precision corpus pulled from prod sqlite. Real attacker
# payloads — operator-only artifact. The synthetic ``seed_*.jsonl``
# files alongside ARE committed and exercise the harness in CI.
tests/ttp/rule_precision/corpus/*.jsonl
tests/ttp/rule_precision/corpus/seed_*.jsonl
threatfox-api.json
# MITRE ATT&CK STIX bundle — 50 MB, fetched at runtime via attack_stix.py
enterprise-attack-*.json
# pytest failure dump files
testfail
.phaseloop/
# Professional tier: proprietary, lives in a separate private repo
# (github.com/DECNET-Foundation/decnet-professional), mounted at decnet/pro/.
# Must NEVER be tracked by the open-core repo. src/pro-impl/ is where the pro
# build copies the pro frontend so the JS toolchain resolves it.
/decnet/pro/
/decnet_web/src/pro-impl/
# Internal design/dev notes — not for publication
/development/
decnet.tar
# cloak base-image build context: decnet subtree synced in at deploy time
decnet/templates/_shared/cloak/decnet/
Reference in New Issue View Git Blame Copy Permalink