broker/test-client.sh at main · ZeroPathAI/broker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
#!/bin/sh
set -e

IMAGE_NAME="broker-client-test"

SERVER_ADDR="${BROKER_SERVER:-}"
if [ -z "$SERVER_ADDR" ]; then
    echo -n "Enter broker server address (host:port): "
    read SERVER_ADDR
fi

if [ -z "$SERVER_ADDR" ]; then
    echo "ERROR: Broker server address is required." >&2
    exit 1
fi

if [ -z "${CHISEL_AUTH:-}" ]; then
    echo -n "Enter CHISEL_AUTH credential (username:password): "
    read -r CHISEL_AUTH
fi

if [ -z "$CHISEL_AUTH" ]; then
    echo "ERROR: CHISEL_AUTH credential is required." >&2
    exit 1
fi

echo "========================================="
echo "     ZeroPath Broker Client Test"
echo "========================================="
echo "© 2025 ZeroPath Corp. - zeropath.com"
echo ""

# Build the image
echo "[ZeroPath] Building client image: ${IMAGE_NAME}"
docker build -t "${IMAGE_NAME}" -f Dockerfile.client . > /dev/null 2>&1
echo "[ZeroPath] ✓ Image built successfully"
echo ""

# Choose test mode
echo "Select test mode:"
echo "1) Full network proxy (unrestricted)"
echo "2) Network/IP restricted proxy"
echo "3) Specific port forwarding only"
echo "4) Proxy with blocked ports"
echo ""
echo -n "Enter choice (1-4) [default: 1]: "
read CHOICE

case "${CHOICE:-1}" in
    1)
        echo ""
        echo "[ZeroPath] Running: Full network proxy (unrestricted)"
        echo "========================================="
        docker run --rm \
            -e BROKER_SERVER="${SERVER_ADDR}" \
            -e CHISEL_AUTH="${CHISEL_AUTH}" \
            -e BROKER_MODE="socks" \
            "${IMAGE_NAME}"
        ;;

    2)
        echo ""
        echo "[ZeroPath] Running: Network/IP restricted proxy"
        echo "[ZeroPath] Allowed: 192.168.1.0/24, 10.0.0.0/16, 10.0.137.151"
        echo "========================================="
        docker run --rm \
            --cap-add=NET_ADMIN \
            -e BROKER_SERVER="${SERVER_ADDR}" \
            -e CHISEL_AUTH="${CHISEL_AUTH}" \
            -e BROKER_MODE="socks" \
            -e ALLOWED_NETWORKS="192.168.1.0/24,10.0.0.0/16,10.0.137.151" \
            "${IMAGE_NAME}"
        ;;

    3)
        echo ""
        echo "[ZeroPath] Running: Specific port forwarding mode"
        echo "[ZeroPath] Only forwarding:"
        echo "  • Port 8080 → 192.168.1.126:80 (Pi-hole)"
        echo "  • Port 8443 → 192.168.1.126:443 (Pi-hole HTTPS)"
        echo "  • Port 3306 → 192.168.1.100:3306 (MySQL)"
        echo "========================================="
        docker run --rm \
            -e BROKER_SERVER="${SERVER_ADDR}" \
            -e CHISEL_AUTH="${CHISEL_AUTH}" \
            -e BROKER_MODE="ports" \
            -e ALLOWED_TARGETS="8080:192.168.1.126:80,8443:192.168.1.126:443,3306:192.168.1.100:3306" \
            "${IMAGE_NAME}"
        ;;

    4)
        echo ""
        echo "[ZeroPath] Running: Proxy with blocked ports"
        echo "[ZeroPath] Blocking ports: 22 (SSH), 3389 (RDP), 445 (SMB)"
        echo "========================================="
        docker run --rm \
            --cap-add=NET_ADMIN \
            -e BROKER_SERVER="${SERVER_ADDR}" \
            -e CHISEL_AUTH="${CHISEL_AUTH}" \
            -e BROKER_MODE="socks" \
            -e BLOCKED_PORTS="22,3389,445" \
            "${IMAGE_NAME}"
        ;;

    *)
        echo "[ZeroPath] Invalid choice. Using default (full proxy)."
        docker run --rm \
            -e BROKER_SERVER="${SERVER_ADDR}" \
            -e CHISEL_AUTH="${CHISEL_AUTH}" \
            "${IMAGE_NAME}"
        ;;
esac