Bridge pcap collector: opt-in per-episode wiring #6

New issue

Closed

opened 2026-04-30 00:10:54 -05:00 by max · 0 comments

max commented 2026-04-30 00:10:54 -05:00

Owner

Copy link

collectors/pcap.py + vm/setup_bridge.sh are in place but not yet wired into EpisodeRunner. The current launchers default to SLIRP usermode; bridge-mode is an unset env var on vm/launch_target.sh.

Needed for source 4 to actually populate network.pcap + netflow.jsonl per episode:

• EpisodeConfig.bridge_iface field (default None)
• Spawn pcap.run_capture() at run() start, pcap.stop_capture() at run() end, pcap.bucketize() post-stop
• Update vm/launch_target.sh (and optionally launch_demo.sh) to support BRIDGE=br-malware mode that creates a tap and attaches it
• Document the iptmonads + bridge prereqs

Goal: tools/run_fleet.py produces network.pcap + netflow.jsonl per episode automatically when br-malware exists.

`collectors/pcap.py` + `vm/setup_bridge.sh` are in place but not yet wired into `EpisodeRunner`. The current launchers default to SLIRP usermode; bridge-mode is an unset env var on `vm/launch_target.sh`. Needed for source 4 to actually populate `network.pcap` + `netflow.jsonl` per episode: - `EpisodeConfig.bridge_iface` field (default None) - Spawn `pcap.run_capture()` at run() start, `pcap.stop_capture()` at run() end, `pcap.bucketize()` post-stop - Update `vm/launch_target.sh` (and optionally `launch_demo.sh`) to support `BRIDGE=br-malware` mode that creates a tap and attaches it - Document the iptmonads + bridge prereqs Goal: `tools/run_fleet.py` produces network.pcap + netflow.jsonl per episode automatically when br-malware exists.

max referenced this issue from a commit 2026-04-30 00:11:36 -05:00

README + AGENTS.md: reflect fleet, driver v2, all 4 collectors

max referenced this issue from a commit 2026-04-30 00:17:51 -05:00

Close out the open issues: bridge pcap wiring, perf collector, Tier-4

max closed this issue 2026-04-30 00:17:56 -05:00

max referenced this issue from a commit 2026-04-30 00:37:02 -05:00

README: Tier 4 is shipped, source 3 is shipped — drop the stale 🚧 marks

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

Dev_REL3_050126

Dev_REL2_043026

Dev_REL1_043026

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: bolyai/CIS490#6

No description provided.