diff --git a/architecture.svg b/architecture.svg
index 333a16f..23b6137 100644
--- a/architecture.svg
+++ b/architecture.svg
@@ -23,9 +23,9 @@
inkscape:pagecheckerboard="0"
inkscape:deskcolor="#d1d1d1"
inkscape:document-units="mm"
- inkscape:zoom="0.75664674"
- inkscape:cx="-35.683759"
- inkscape:cy="385.91325"
+ inkscape:zoom="15.269661"
+ inkscape:cx="335.40364"
+ inkscape:cy="310.74691"
inkscape:window-width="1792"
inkscape:window-height="1051"
inkscape:window-x="0"
@@ -68,335 +68,373 @@
x="116.86908"
y="129.75937"
id="tspan37" />Guard10.2.0.3Victim10.2.0.2Proxy10.2.0.4Relay #3<random>Relay #2<random>Public Site150.230.150.148Experiment10.2.0.NTOR NetworkGuard10.2.0.3Dummy10.2.0.6VPN for the ExperimentVictim10.2.0.2Host: rsca.vanrissenbeck.comProxyProxy-To: 10.2.0.4:808010.2.0.4Relay #3<random>Ports a forwarded from the proxy to the device running the experiment via ssh, avoiding complex deploy steps.
+ style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:3.88056px;line-height:1;font-family:'Noto Sans';-inkscape-font-specification:'Noto Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;stroke-width:0.3;stroke-linecap:round;paint-order:stroke markers fill"
+ x="104.66725"
+ y="92.119621"
+ id="text1741-7-9-54">Relay #2<random>Public Site150.230.150.148Experiment10.2.0.NTOR NetworkVPN for the ExperimentHost: rsca.vanrissenbeck.comProxy-To: 10.2.0.4:8080Ports a forwarded from the proxy to the device running the experiment via ssh, avoiding complex deploy steps.
diff --git a/experiment-infra/guard/Dockerfile b/experiment-infra/guard/Dockerfile
index 8c63871..b9c48b8 100644
--- a/experiment-infra/guard/Dockerfile
+++ b/experiment-infra/guard/Dockerfile
@@ -1,4 +1,6 @@
FROM debian:bookworm
RUN apt update && apt -y install tor
+ARG BIND_ADDRESS="10.2.0.3"
COPY ./torrc /etc/tor/torrc
-CMD [ "tor" ]
\ No newline at end of file
+RUN sed -i "s/{bind-address}/${BIND_ADDRESS}/" /etc/tor/torrc
+CMD [ "bash", "-c", "sleep 5; tor" ]
\ No newline at end of file
diff --git a/experiment-infra/guard/docker-compose.yml b/experiment-infra/guard/docker-compose.yml
index adc875c..2862092 100644
--- a/experiment-infra/guard/docker-compose.yml
+++ b/experiment-infra/guard/docker-compose.yml
@@ -1,17 +1,41 @@
services:
- wireguard:
+ wg-target:
build: ../wireguard
cap_add:
- NET_ADMIN
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
secrets:
- - wg-config
+ - source: wg-target
+ target: wg-config
+
+ wg-dummy:
+ build: ../wireguard
+ cap_add:
+ - NET_ADMIN
+ sysctls:
+ - net.ipv4.conf.all.src_valid_mark=1
+ secrets:
+ - source: wg-dummy
+ target: wg-config
- guard:
- build: ./
- network_mode: "service:wireguard"
+ target:
+ build:
+ dockerfile: ./Dockerfile
+ args:
+ BIND_ADDRESS: "10.2.0.3"
+ network_mode: "service:wg-target"
+
+ dummy:
+ build:
+ dockerfile: ./Dockerfile
+ args:
+ BIND_ADDRESS: "10.2.0.6"
+ network_mode: "service:wg-dummy"
secrets:
- wg-config:
- file: ./wireguard.conf
+ wg-target:
+ file: ./wg-target.conf
+
+ wg-dummy:
+ file: ./wg-dummy.conf
diff --git a/experiment-infra/guard/torrc b/experiment-infra/guard/torrc
index e7cbb42..b1b5c15 100644
--- a/experiment-infra/guard/torrc
+++ b/experiment-infra/guard/torrc
@@ -1,8 +1,6 @@
AssumeReachable 1
PublishServerDescriptor 0
-ORPort 10.2.0.3:443
+ORPort {bind-address}:443
Nickname localtestrelay
RelayBandwidthRate 1 MB
RelayBandwidthBurst 2 MB
-# ORPort 10.2.0.3:443 NoAdvertise
-# Address 10.2.0.3
diff --git a/experiment-infra/guard/wg-dummy.conf b/experiment-infra/guard/wg-dummy.conf
new file mode 100644
index 0000000..9e74b34
--- /dev/null
+++ b/experiment-infra/guard/wg-dummy.conf
@@ -0,0 +1,10 @@
+[Interface]
+Address = 10.2.0.6/24
+PrivateKey =
+MTU = 1000
+
+[Peer]
+PublicKey =
+AllowedIps = 10.2.0.0/24
+Endpoint = vanrissenbeck.com:41415
+PersistentKeepalive = 10
\ No newline at end of file
diff --git a/experiment-infra/guard/wireguard.conf b/experiment-infra/guard/wg-target.conf
similarity index 100%
rename from experiment-infra/guard/wireguard.conf
rename to experiment-infra/guard/wg-target.conf