fix: TLS capture end-to-end in integration tests

- Add traffic-gen container (curlimages/curl) to send HTTPS traffic
  across Docker network so sentinel (pcap on eth0) captures ClientHello
- Seed anubis_ua_rules with catch-all rule (REGEXP_TREE needs ≥1 entry)
  so MV mv_http_logs processes raw logs without errors
- Add JA4/JA3 fingerprint verification in Phase 5 tests
- Dashboard healthcheck via python urllib (no curl in image)

Results: 59 raw logs, 59 parsed, 53 with JA4+JA3 fingerprints (TLS 1.3)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

tests/integration/docker-compose.yml

@@ -141,6 +141,21 @@ services:
     networks:
       - ja4net
 
+  # ---------------------------------------------------------------------------
+  # Traffic generator — lightweight container with curl for sending external
+  # HTTPS requests to platform. Traffic must cross the Docker network so
+  # sentinel (pcap on eth0) can capture TLS ClientHello packets.
+  # ---------------------------------------------------------------------------
+  traffic-gen:
+    image: curlimages/curl:latest
+    hostname: traffic-gen
+    entrypoint: ["sleep", "infinity"]
+    depends_on:
+      platform:
+        condition: service_healthy
+    networks:
+      - ja4net
+
 networks:
   ja4net:
     driver: bridge