From 0b2fd1db43dd9ea730c8ceb2eca8ad5c8a88df47 Mon Sep 17 00:00:00 2001
From: Trinitor <git@trinitor.de>
Date: Fri, 6 Aug 2021 10:15:30 +0200
Subject: [PATCH] added router and disabled gui

---
 Vagrant/Vagrantfile | 92 ++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 87 insertions(+), 5 deletions(-)

diff --git a/Vagrant/Vagrantfile b/Vagrant/Vagrantfile
index 53f248b..e4f34ef 100644
--- a/Vagrant/Vagrantfile
+++ b/Vagrant/Vagrantfile
@@ -4,14 +4,87 @@ end
 
 Vagrant.configure("2") do |config|
 
+  config.vm.define "router" do |cfg|
+    cfg.vm.box = "ubuntu/focal64"
+    cfg.vm.hostname = "router"
+    cfg.vm.network :private_network, ip: "192.168.38.2", gateway: "192.168.38.1", dns: "8.8.8.8"
+    cfg.vm.provider "virtualbox" do |vb|
+      vb.gui = false
+      vb.name = "router"
+      vb.memory = "3072"
+      vb.customize ["modifyvm", :id, "--nicpromisc2", "allow-all"]
+    end
+    cfg.vm.provision "shell", inline: <<-SHELL
+      export DEBIAN_FRONTEND=noninteractive
+      rm -rf /var/lib/apt/lists/*
+      apt-get update
+      apt-get -y upgrade
+      apt-get -y autoremove
+      apt-get clean
+      cat <<-'EOF' >/opt/router.sh
+#!/bin/bash
+echo "1" > /proc/sys/net/ipv4/ip_forward
+modprobe ip_tables
+iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE
+EOF
+      cat <<-'EOF' >/etc/systemd/system/router.service
+[Unit]
+After=network.service
+Description=Router
+
+[Service]
+Type=simple
+ExecStart=/opt/router.sh
+
+[Install]
+WantedBy=multi-user.target
+EOF
+      chmod 744 /opt/router.sh
+      chmod 664 /etc/systemd/system/router.service
+      systemctl daemon-reload
+      systemctl enable router.service
+      systemctl start router.service
+    SHELL
+  end
+
   config.vm.define "logger" do |cfg|
     cfg.vm.box = "bento/ubuntu-18.04"
     cfg.vm.hostname = "logger"
-    cfg.vm.provision :shell, path: "logger_bootstrap.sh"
     cfg.vm.network :private_network, ip: "192.168.38.105", gateway: "192.168.38.1", dns: "8.8.8.8"
+    cfg.vm.provision :shell, path: "logger_bootstrap.sh"
+    cfg.vm.provision "shell", run: "always", inline: <<-SHELL
+      route del default gw 10.0.2.2
+      route add default gw 192.168.38.2
+    SHELL
+    cfg.vm.provision "shell", inline: <<-SHELL
+    export DEBIAN_FRONTEND=noninteractive
+    cat <<-'EOF' >/opt/default-gateway.sh
+#!/bin/bash
+route del default gw 10.0.2.2
+route add default gw 192.168.38.2
+EOF
+    cat <<-'EOF' >/etc/systemd/system/default-gateway.service
+[Unit]
+After=network.service
+Description=default-gateway
+
+[Service]
+Type=simple
+ExecStart=/opt/default-gateway.sh
+
+[Install]
+WantedBy=multi-user.target
+EOF
+    chmod 744 /opt/default-gateway.sh
+    chmod 664 /etc/systemd/system/default-gateway.service
+    systemctl daemon-reload
+    systemctl enable default-gateway.service
+    systemctl start default-gateway.service
+  SHELL
+
 
     cfg.vm.provider "virtualbox" do |vb, override|
-      vb.gui = true
+      vb.gui = false
       vb.name = "logger"
       vb.customize ["modifyvm", :id, "--memory", 4096]
       vb.customize ["modifyvm", :id, "--cpus", 2]
@@ -56,9 +129,12 @@ Vagrant.configure("2") do |config|
     cfg.vm.provision "shell", inline: 'wevtutil el | Select-String -notmatch "Microsoft-Windows-LiveId" | Foreach-Object {wevtutil cl "$_"}', privileged: false
     cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
     cfg.vm.provision "shell", inline: "Write-Host 'DC Provisioning Complete!'", privileged: false
+    cfg.vm.provision "shell", inline: "route delete -p 0.0.0.0 mask 0.0.0.0 10.0.2.2", privileged: true
+    cfg.vm.provision "shell", inline: "route add -p 0.0.0.0 mask 0.0.0.0 192.168.38.2", privileged: true
+    cfg.vm.provision "shell", inline: "netsh interface set interface \"Ethernet 2\" disable", privileged: true
 
     cfg.vm.provider "virtualbox" do |vb, override|
-      vb.gui = true
+      vb.gui = false
       vb.name = "dc.windomain.local"
       vb.default_nic_type = "82545EM"
       vb.customize ["modifyvm", :id, "--memory", 3072]
@@ -101,9 +177,12 @@ Vagrant.configure("2") do |config|
     cfg.vm.provision "shell", inline: "Set-SmbServerConfiguration -AuditSmb1Access $true -Force", privileged: false
     cfg.vm.provision "shell", path: "scripts/install-microsoft-ata.ps1", privileged: false
     cfg.vm.provision "shell", inline: "Write-Host 'WEF Provisioning Complete!'", privileged: false
+    cfg.vm.provision "shell", inline: "route delete -p 0.0.0.0 mask 0.0.0.0 10.0.2.2", privileged: true
+    cfg.vm.provision "shell", inline: "route add -p 0.0.0.0 mask 0.0.0.0 192.168.38.2", privileged: true
+    cfg.vm.provision "shell", inline: "netsh interface set interface \"Ethernet 2\" disable", privileged: true
 
     cfg.vm.provider "virtualbox" do |vb, override|
-      vb.gui = true
+      vb.gui = false
       vb.name = "wef.windomain.local"
       vb.default_nic_type = "82545EM"
       vb.customize ["modifyvm", :id, "--memory", 2048]
@@ -140,9 +219,12 @@ Vagrant.configure("2") do |config|
     cfg.vm.provision "shell", path: "scripts/install-velociraptor.ps1", privileged: false
     cfg.vm.provision "shell", path: "scripts/install-autorunstowineventlog.ps1", privileged: false
     cfg.vm.provision "shell", inline: "Write-Host 'Win10 Provisioning Complete!'", privileged: false
+    cfg.vm.provision "shell", inline: "route delete -p 0.0.0.0 mask 0.0.0.0 10.0.2.2", privileged: true
+    cfg.vm.provision "shell", inline: "route add -p 0.0.0.0 mask 0.0.0.0 192.168.38.2", privileged: true
+    cfg.vm.provision "shell", inline: "netsh interface set interface \"Ethernet 2\" disable", privileged: true
 
     cfg.vm.provider "virtualbox" do |vb, override|
-      vb.gui = true
+      vb.gui = false
       vb.name = "win10.windomain.local"
       vb.default_nic_type = "82545EM"
       vb.customize ["modifyvm", :id, "--memory", 2048]