# Egress-filtering proxy for RedRun's active-exploitation sandbox.
#
# All exploit-tool traffic is routed through this container as an HTTP/CONNECT
# proxy. The container's OWN egress is locked down with iptables to an allowlist
# of scope IPs (passed at runtime), so even a buggy or compromised tool cannot
# reach anything outside the authorized scope — the kernel drops it. This is the
# hard network boundary that the application-level scope check and the in-process
# egress guard cannot provide on their own.
#
# Intended to run on a Docker-capable host (VM / EC2 / dedicated worker), NOT on
# Railway (which doesn't grant the NET_ADMIN capability iptables needs).

FROM alpine:3.20

RUN apk add --no-cache tinyproxy iptables ca-certificates

COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# tinyproxy listens here; the host maps it to a random port per scan.
EXPOSE 8888

ENTRYPOINT ["/entrypoint.sh"]
