Adding Docker Container

docker/include/hog.vim

@@ -0,0 +1,208 @@
+" Vim syntax file
+" Language: hog (Snort.conf + .rules)
+" Maintainer: Victor Roemer, <vroemer@badsec.org>.
+" Last Change: 2015 Oct 24  -> Rename syntax items from Snort -> Hog
+"              2012 Oct 24  -> Originalish release
+
+" quit when a syntax file was already loaded
+if exists("b:current_syntax")
+    finish
+endif
+
+setlocal iskeyword-=:
+setlocal iskeyword+=-
+syn case ignore
+
+" Hog ruletype crap
+syn keyword     HogRuleType       ruletype nextgroup=HogRuleTypeName skipwhite
+syn match       HogRuleTypeName   "[[:alnum:]_]\+" contained nextgroup=HogRuleTypeBody skipwhite
+syn region      HogRuleTypeBody   start="{" end="}" contained contains=HogRuleTypeType,HogOutput fold
+syn keyword     HogRuleTypeType   type contained
+
+" Hog Configurables
+syn keyword     HogPreproc    preprocessor nextgroup=HogConfigName skipwhite
+syn keyword     HogConfig     config nextgroup=HogConfigName skipwhite
+syn keyword     HogOutput     output nextgroup=HogConfigName skipwhite
+syn match       HogConfigName "[[:alnum:]_-]\+" contained nextgroup=HogConfigOpts skipwhite
+syn region      HogConfigOpts start=":" skip="\\.\{-}$\|^\s*#.\{-}$\|^\s*$" end="$" fold keepend contained contains=HogSpecial,HogNumber,HogIPAddr,HogVar,HogComment
+
+" Event filter's and threshold's
+syn region      HogEvFilter         start="event_filter\|threshold" skip="\\.\{-}$\|^\s*#.\{-}$\|^\s*$" end="$" fold transparent keepend contains=HogEvFilterKeyword,HogEvFilterOptions,HogComment
+syn keyword     HogEvFilterKeyword  skipwhite event_filter threshold
+syn keyword     HogEvFilterOptions  skipwhite type nextgroup=HogEvFilterTypes
+syn keyword     HogEvFilterTypes    skipwhite limit threshold both contained
+syn keyword     HogEvFilterOptions  skipwhite track nextgroup=HogEvFilterTrack
+syn keyword     HogEvFilterTrack    skipwhite by_src by_dst contained
+syn keyword     HogEvFilterOptions  skipwhite gen_id sig_id count seconds nextgroup=HogNumber
+
+" Suppressions
+syn region      HogEvFilter         start="suppress" skip="\\.\{-}$\|^\s*#.\{-}$\|^\s*$" end="$" fold transparent keepend contains=HogSuppressKeyword,HogComment
+syn keyword     HogSuppressKeyword  skipwhite suppress
+syn keyword     HogSuppressOptions  skipwhite gen_id sig_id nextgroup=HogNumber
+syn keyword     HogSuppressOptions  skipwhite track nextgroup=HogEvFilterTrack
+syn keyword     HogSuppressOptions  skipwhite ip nextgroup=HogIPAddr
+
+" Attribute table
+syn keyword     HogAttribute        attribute_table nextgroup=HogAttributeFile
+syn match       HogAttributeFile    contained ".*$" contains=HogVar,HogAttributeType,HogComment
+syn keyword     HogAttributeType    filename
+
+" Hog includes
+syn keyword     HogInclude    include nextgroup=HogIncludeFile skipwhite
+syn match       HogIncludeFile ".*$" contained contains=HogVar,HogComment
+
+" Hog dynamic libraries
+syn keyword     HogDylib      dynamicpreprocessor dynamicengine dynamicdetection nextgroup=HogDylibFile skipwhite
+syn match       HogDylibFile  "\s.*$" contained contains=HogVar,HogDylibType,HogComment
+syn keyword     HogDylibType  directory file contained
+
+" Variable dereferenced with '$'
+syn match       HogVar        "\$[[:alnum:]_]\+"
+
+", Variables declared with 'var'
+syn keyword     HogVarType    var nextgroup=HogVarSet skipwhite
+syn match       HogVarSet     "[[:alnum:]_]\+" display contained nextgroup=HogVarValue skipwhite
+syn match       HogVarValue   ".*$" contained contains=HogString,HogNumber,HogVar,HogComment
+
+" Variables declared with 'ipvar'
+syn keyword     HogIPVarType  ipvar nextgroup=HogIPVarSet skipwhite
+syn match       HogIPVarSet   "[[:alnum:]_]\+" display contained nextgroup=HogIPVarList,HogSpecial skipwhite
+syn region      HogIPVarList  start="\[" end="]" contains=HogIPVarList,HogIPAddr,HogVar,HogOpNot
+
+" Variables declared with 'portvar'
+syn keyword     HogPortVarType portvar nextgroup=HogPortVarSet skipwhite
+syn match       HogPortVarSet "[[:alnum:]_]\+" display contained nextgroup=HogPortVarList,HogPort,HogOpRange,HogOpNot,HogSpecial skipwhite
+syn region      HogPortVarList start="\[" end="]" contains=HogPortVarList,HogVar,HogOpNot,HogPort,HogOpRange,HogOpNot
+syn match       HogPort       "\<\%(\d\+\|any\)\>" display contains=HogOpRange nextgroup=HogOpRange
+
+" Generic stuff
+syn match       HogIPAddr     contained "\<\%(\d\{1,3}\(\.\d\{1,3}\)\{3}\|any\)\>" nextgroup=HogIPCidr
+syn match       HogIPAddr     contained "\<\d\{1,3}\(\.\d\{1,3}\)\{3}\>" nextgroup=HogIPCidr
+syn match       HogIPCidr     contained "\/\([0-2][0-9]\=\|3[0-2]\=\)"
+syn region      HogHexEsc     contained start='|' end='|' oneline
+syn region      HogString     contained start='"' end='"' extend oneline contains=HogHexEsc
+
+" XXX
+syn region      HogRegexStr   contained start='"' end='"' extend oneline
+
+syn match       HogNumber     contained display "\<\d\+\>"
+syn match       HogNumber     contained display "\<\d\+\>"
+syn match       HogNumber     contained display "0x\x\+\>"
+syn keyword     HogSpecial    contained true false yes no default all any
+syn keyword     HogSpecialAny contained any
+syn match       HogOpNot      "!" contained
+syn match       HogOpRange    ":" contained
+
+" Rules
+syn keyword     HogRuleAction     activate alert drop block dynamic log pass reject sdrop sblock skipwhite nextgroup=HogRuleProto,HogRuleBlock
+syn keyword     HogRuleProto      ip tcp udp icmp http skipwhite contained nextgroup=HogRuleSrcIP,HogRuleBlock
+syn match       HogRuleSrcIP      "\S\+" transparent skipwhite contained contains=HogIPVarList,HogIPAddr,HogVar,HogOpNot nextgroup=HogRuleSrcPort
+syn match       HogRuleSrcPort    "\S\+" transparent skipwhite contained contains=HogPortVarList,HogVar,HogPort,HogOpRange,HogOpNot nextgroup=HogRuleDir
+syn match       HogRuleDir        "->\|<>" skipwhite contained nextgroup=HogRuleDstIP
+syn match       HogRuleDstIP      "\S\+" transparent skipwhite contained contains=HogIPVarList,HogIPAddr,HogVar,HogOpNot nextgroup=HogRuleDstPort
+syn match       HogRuleDstPort    "\S\+" transparent skipwhite contained contains=HogPortVarList,HogVar,HogPort,HogOpRange,HogOpNot nextgroup=HogRuleBlock
+syn region      HogRuleBlock      start="(" end=")" transparent skipwhite contained contains=HogRuleOption,HogComment fold
+",HogString,HogComment,HogVar,HogOptNot
+"syn region      HogRuleOption     start="\<gid\|sid\|rev\|depth\|offset\|distance\|within\>" end="\ze;" skipwhite contained contains=HogNumber
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP msg gid sid rev classtype priority metadata service content nocase rawbytes
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP depth offset distance within http_client_body http_cookie http_raw_cookie http_header
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP http_raw_header http_method http_uri http_raw_uri http_raw_body http_stat_code http_stat_msg
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP fast_pattern uricontent urilen isdataat pkt_data file_data base64_decode base64_data
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP byte_test byte_jump byte_extract ftpbounce asn1 cvs dce_iface dce_opnum dce_stub_data
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP sip_method sip_stat_code sip_header sip_body gtp_type gtp_info gtp_version ssl_version
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP ssl_state fragoffset ttl tos id ipopts fragbits dsize flags flow flowbits seq ack window
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP itype icode icmp_id icmp_seq rpc ip_proto sameip stream_reassemble stream_size
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP logto session resp react tag activates activated_by count replace detection_filter
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleSROP threshold reference sd_pattern file_type file_group
+syn keyword     HogRuleOption   skipwhite contained nextgroup=HogRuleRegex pcre regex
+
+" XXX
+syn region      HogRuleRegex    start=':' end=";" transparent keepend contained contains=HogRegexStr
+
+syn region      HogRuleSROP     start=':' end=";" transparent keepend contained contains=HogRuleChars,HogString,HogNumber
+syn match       HogRuleChars    "\%(\k\|\.\|?\|=\|/\|%\|&\)\+" contained
+syn match       HogURLChars     "\%(\.\|?\|=\)\+" contained
+
+" Hog File Type Rules
+syn match       HogFileType   /^\s*file.*$/ transparent contains=HogFileTypeOpt,HogFileFROP
+syn keyword     HogFileTypeOpt  skipwhite contained nextgroup=HogRuleFROP file type ver category id rev content offset msg group 
+syn region      HogFileFROP  start=':' end=";" transparent keepend contained contains=NotASemicoln
+syn match       NotASemiColn   ".*$" contained
+
+
+" Comments
+syn keyword HogTodo   XXX TODO NOTE contained
+syn match   HogTodo   "Step\s\+#\=\d\+" contained
+syn region HogComment start="#" end="$" contains=HogTodo,@Spell
+
+syn case match
+
+if !exists("hog_minlines")
+    let hog_minlines = 100
+endif
+exec "syn sync minlines=" . hog_minlines
+
+hi link HogRuleType           Statement
+hi link HogRuleTypeName       Type
+hi link HogRuleTypeType       Keyword
+
+hi link HogPreproc            Statement
+hi link HogConfig             Statement
+hi link HogOutput             Statement
+hi link HogConfigName         Type
+
+"hi link HogEvFilter
+hi link HogEvFilterKeyword    Statement
+hi link HogSuppressKeyword    Statement
+hi link HogEvFilterTypes      Constant
+hi link HogEvFilterTrack      Constant
+
+hi link HogAttribute          Statement
+hi link HogAttributeFile      String
+hi link HogAttributeType      Statement
+
+hi link HogInclude            Statement
+hi link HogIncludeFile        String
+
+hi link HogDylib              Statement
+hi link HogDylibType          Statement
+hi link HogDylibFile          String
+
+" Variables
+" var
+hi link HogVar                Identifier
+hi link HogVarType            Keyword
+hi link HogVarSet             Identifier
+hi link HogVarValue           String
+" ipvar
+hi link HogIPVarType          Keyword
+hi link HogIPVarSet           Identifier
+" portvar
+hi link HogPortVarType         Keyword
+hi link HogPortVarSet          Identifier
+hi link HogPort                Constant
+
+hi link HogTodo               Todo
+hi link HogComment            Comment
+hi link HogString             String
+hi link HogRegexStr           String
+hi link HogHexEsc             PreProc
+hi link HogNumber             Number
+hi link HogSpecial            Constant
+hi link HogSpecialAny         Constant
+hi link HogIPAddr             Constant
+hi link HogIPCidr             Constant
+hi link HogOpNot              Operator
+hi link HogOpRange            Operator
+
+hi link HogRuleAction         Statement
+hi link HogRuleProto          Identifier
+hi link HogRuleDir            Operator
+hi link HogRuleOption         Keyword
+hi link HogRuleChars           String 
+
+hi link HogFileType    HogRuleAction
+hi link HogFileTypeOpt HogRuleOption
+hi link NotASemiColn     HogRuleChars
+
+let b:current_syntax = "hog"

docker/include/ir_black.vim

@@ -0,0 +1,87 @@
+" ir_black color scheme
+set background=dark
+hi clear
+
+if exists("syntax_on")
+  syntax reset
+endif
+
+let colors_name = "ir_black"
+
+"hi Example         guifg=NONE        guibg=NONE        gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+
+" General colors
+hi Normal           guifg=#f6f3e8     guibg=black       gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+hi NonText          guifg=#070707     guibg=black       gui=NONE      ctermfg=black       ctermbg=NONE        cterm=NONE
+
+hi Cursor           guifg=black       guibg=white       gui=NONE      ctermfg=black       ctermbg=white       cterm=reverse
+hi LineNr           guifg=#3D3D3D     guibg=black       gui=NONE      ctermfg=darkgray    ctermbg=NONE        cterm=NONE
+
+hi VertSplit        guifg=#202020     guibg=#202020     gui=NONE      ctermfg=darkgray    ctermbg=234         cterm=NONE
+hi StatusLine       guifg=#CCCCCC     guibg=#202020     gui=italic    ctermfg=white       ctermbg=234         cterm=NONE
+hi StatusLineNC     guifg=black       guibg=#202020     gui=NONE      ctermfg=blue        ctermbg=234         cterm=NONE  
+
+hi Folded           guifg=#a0a8b0     guibg=#384048     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+hi Title            guifg=#f6f3e8     guibg=NONE        gui=bold      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+hi Visual           guifg=NONE        guibg=#262D51     gui=NONE      ctermfg=NONE        ctermbg=17          cterm=NONE
+
+hi SpecialKey       guifg=#808080     guibg=#343434     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+
+hi WildMenu         guifg=green       guibg=yellow      gui=NONE      ctermfg=black       ctermbg=yellow      cterm=NONE
+hi PmenuSbar        guifg=black       guibg=white       gui=NONE      ctermfg=black       ctermbg=white       cterm=NONE
+"hi Ignore           guifg=gray        guibg=black       gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+
+hi Error            guifg=NONE        guibg=NONE        gui=undercurl ctermfg=white       ctermbg=red         cterm=NONE
+hi ErrorMsg         guifg=white       guibg=#FF6C60     gui=BOLD      ctermfg=white       ctermbg=red         cterm=NONE
+hi WarningMsg       guifg=white       guibg=#FF6C60     gui=BOLD      ctermfg=white       ctermbg=red         cterm=NONE
+
+" Message displayed in lower left, such as --INSERT--
+hi ModeMsg          guifg=black       guibg=#C6C5FE     gui=BOLD      ctermfg=black       ctermbg=cyan        cterm=BOLD
+
+if version >= 700 " Vim 7.x specific colors
+  hi CursorLine     guifg=NONE        guibg=#121212     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=BOLD
+  hi CursorColumn   guifg=NONE        guibg=#121212     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=BOLD
+  hi MatchParen     guifg=#f6f3e8     guibg=#857b6f     gui=BOLD      ctermfg=white       ctermbg=darkgray    cterm=NONE
+  hi Pmenu          guifg=#f6f3e8     guibg=#444444     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+  hi PmenuSel       guifg=#000000     guibg=#cae682     gui=NONE      ctermfg=NONE        ctermbg=NONE        cterm=NONE
+  hi Search         guifg=NONE        guibg=NONE        gui=underline ctermfg=NONE        ctermbg=NONE        cterm=underline
+endif
+
+" Syntax highlighting
+hi Comment          guifg=#7C7C7C     guibg=NONE        gui=NONE      ctermfg=darkgray    ctermbg=NONE        cterm=NONE
+hi String           guifg=#A8FF60     guibg=NONE        gui=NONE      ctermfg=green       ctermbg=NONE        cterm=NONE
+hi Number           guifg=#FF73FD     guibg=NONE        gui=NONE      ctermfg=magenta     ctermbg=NONE        cterm=NONE
+
+hi Keyword          guifg=#96CBFE     guibg=NONE        gui=NONE      ctermfg=blue        ctermbg=NONE        cterm=NONE
+hi PreProc          guifg=#96CBFE     guibg=NONE        gui=NONE      ctermfg=blue        ctermbg=NONE        cterm=NONE
+hi Conditional      guifg=#6699CC     guibg=NONE        gui=NONE      ctermfg=blue        ctermbg=NONE        cterm=NONE
+
+hi Todo             guifg=#8f8f8f     guibg=NONE        gui=NONE      ctermfg=red         ctermbg=NONE        cterm=NONE
+hi Constant         guifg=#99CC99     guibg=NONE        gui=NONE      ctermfg=cyan        ctermbg=NONE        cterm=NONE
+
+hi Identifier       guifg=#C6C5FE     guibg=NONE        gui=NONE      ctermfg=cyan        ctermbg=NONE        cterm=NONE
+hi Function         guifg=#FFD2A7     guibg=NONE        gui=NONE      ctermfg=brown       ctermbg=NONE        cterm=NONE
+hi Type             guifg=#FFFFB6     guibg=NONE        gui=NONE      ctermfg=yellow      ctermbg=NONE        cterm=NONE
+hi Statement        guifg=#6699CC     guibg=NONE        gui=NONE      ctermfg=lightblue   ctermbg=NONE        cterm=NONE
+
+hi Special          guifg=#E18964     guibg=NONE        gui=NONE      ctermfg=white       ctermbg=NONE        cterm=NONE
+hi Delimiter        guifg=#00A0A0     guibg=NONE        gui=NONE      ctermfg=cyan        ctermbg=NONE        cterm=NONE
+hi Operator         guifg=white       guibg=NONE        gui=NONE      ctermfg=white       ctermbg=NONE        cterm=NONE
+
+hi link Character       Constant
+hi link Boolean         Constant
+hi link Float           Number
+hi link Repeat          Statement
+hi link Label           Statement
+hi link Exception       Statement
+hi link Include         PreProc
+hi link Define          PreProc
+hi link Macro           PreProc
+hi link PreCondit       PreProc
+hi link StorageClass    Type
+hi link Structure       Type
+hi link Typedef         Type
+hi link Tag             Special
+hi link SpecialChar     Special
+hi link SpecialComment  Special
+hi link Debug           Special

docker/include/vimrc

@@ -0,0 +1,41 @@
+" syntax highlighting
+syntax on
+
+" no welcome msg
+set shortmess+=I
+
+" numbered lines
+set number
+
+" fix slow escape
+set ttimeoutlen=0
+
+" spend more time on syntax highlight
+" set synmaxcol=10000
+autocmd BufEnter * :syntax sync fromstart
+
+" send more characters for redraws
+set ttyfast
+
+" search highlight
+set incsearch
+
+" set colorscheme
+if &t_Co >= 256 || has("gui_running")
+   colorscheme ir_black
+endif
+
+" show status line
+set laststatus=2
+
+" show status line suggestions
+set wildmenu
+
+" netrw
+let g:netrw_banner = 0
+
+" spelling toggle
+nnoremap <F5> :set nospell!<CR>
+
+" spelling suggestion
+nnoremap <F6> z=