CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

2.4/firewall

Browse Source
This commit is contained in:
m0duspwnens
2022-09-22 13:39:10 -04:00
parent c77fcc74c1
commit 06d3681cec
8 changed files with 32 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
salt/firewall/assigned_hostgroups.map.yaml
+3 -35
View File
@@ -1,7 +1,7 @@
{% set ISAIRGAP = salt['pillar.get']('global:airgap', 'False') %}
{% import_yaml 'firewall/portgroups.yaml' as portgroups %}
{% set portgroups = portgroups.firewall.aliases.ports %}
{% set TRUE_CLUSTER = salt['pillar.get']('elasticsearch:true_cluster', False) %}
{% import_yaml 'firewall/ports/ports.yaml' as portgroups %}
{% set portgroups = portgroups.firewall.ports %}
{% set TRUE_CLUSTER = salt['pillar.get']('elasticsearch:true_cluster', True) %}
role:
eval:
@@ -14,16 +14,11 @@ role:
- {{ portgroups.mysql }}
- {{ portgroups.kibana }}
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.influxdb }}
- {{ portgroups.cortex }}
- {{ portgroups.elasticsearch_rest }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.cortex_es_rest }}
- {{ portgroups.cortex_es_node }}
minion:
portgroups:
- {{ portgroups.acng }}
- {{ portgroups.docker_registry }}
- {{ portgroups.influxdb }}
- {{ portgroups.sensoroni }}
@@ -34,12 +29,10 @@ role:
searchnodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
heavynodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
self:
portgroups:
@@ -90,19 +83,14 @@ role:
- {{ portgroups.mysql }}
- {{ portgroups.kibana }}
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.influxdb }}
- {{ portgroups.cortex }}
- {{ portgroups.elasticsearch_rest }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.cortex_es_rest }}
- {{ portgroups.cortex_es_node }}
{% if ISAIRGAP is sameas true %}
- {{ portgroups.agrules }}
{% endif %}
minion:
portgroups:
- {{ portgroups.acng }}
- {{ portgroups.docker_registry }}
- {{ portgroups.influxdb }}
- {{ portgroups.sensoroni }}
@@ -116,13 +104,11 @@ role:
searchnodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.beats_5644 }}
heavynodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.beats_5644 }}
self:
@@ -170,16 +156,11 @@ role:
- {{ portgroups.mysql }}
- {{ portgroups.kibana }}
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.influxdb }}
- {{ portgroups.cortex }}
- {{ portgroups.elasticsearch_rest }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.cortex_es_rest }}
- {{ portgroups.cortex_es_node }}
minion:
portgroups:
- {{ portgroups.acng }}
- {{ portgroups.docker_registry }}
- {{ portgroups.influxdb }}
- {{ portgroups.sensoroni }}
@@ -191,12 +172,10 @@ role:
searchnodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
heavynodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
self:
portgroups:
@@ -247,16 +226,11 @@ role:
- {{ portgroups.mysql }}
- {{ portgroups.kibana }}
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.influxdb }}
- {{ portgroups.cortex }}
- {{ portgroups.elasticsearch_rest }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.cortex_es_rest }}
- {{ portgroups.cortex_es_node }}
minion:
portgroups:
- {{ portgroups.acng }}
- {{ portgroups.docker_registry }}
- {{ portgroups.influxdb }}
- {{ portgroups.sensoroni }}
@@ -268,12 +242,10 @@ role:
searchnodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
heavynodes:
portgroups:
- {{ portgroups.redis }}
- {{ portgroups.minio }}
- {{ portgroups.elasticsearch_node }}
self:
portgroups:
@@ -328,14 +300,10 @@ role:
- {{ portgroups.kibana }}
- {{ portgroups.redis }}
- {{ portgroups.influxdb }}
- {{ portgroups.cortex }}
- {{ portgroups.elasticsearch_rest }}
- {{ portgroups.elasticsearch_node }}
- {{ portgroups.cortex_es_rest }}
- {{ portgroups.cortex_es_node }}
minion:
portgroups:
- {{ portgroups.acng }}
- {{ portgroups.docker_registry }}
- {{ portgroups.influxdb }}
- {{ portgroups.sensoroni }}