Allow multiple types of connections (TOR, inetsim)

[seanthegeek]

Add a feature that allows traffic to be sent through a selected gateway ((TOR, inetsim) on a per submission basis, with a default option.

[botherder]

I'm not sure I understand. How the traffic behaves with your virtual machines, depends on how you configured their virtual networking, it really has nothing to do with Cuckoo itself. Even if we were to prepare a script that tunnels things automatically through iptables (which would anyway require privileges that Cuckoo doesn't/shouldn't have), we don't know in advance what configuration the user chose.

I'll leave feedback open, but concretely I don't think this feature can be implemented. If more ideas come up, we'll open a more elaborate ticket and close this one.

[tyoism]

I was thinking of doing something similar but using iptables to forward one sandbox VM on let's say IP 192.168.56.101 to TOR, and another sandbox VM on IP 192.168.56.102 to inetsim or blackhole (no connection). Then you just name the vms accordingly "Win7_TOR" and "Win7_containted" and control it at time of submission using the --machine option.

As botherder said, this would eliminate the need for anything special in cuckoo.