From 0858160be224b323f2e3b35f1d67990fb15bdff1 Mon Sep 17 00:00:00 2001 From: Josh Patterson Date: Wed, 27 Aug 2025 14:51:57 -0400 Subject: [PATCH] support for modifying nic channels --- salt/manager/tools/sbin/so-minion | 1 + salt/sensor/defaults.yaml | 4 ++++ salt/sensor/init.sls | 17 +++++++++++++++++ salt/sensor/map.jinja | 7 +++++++ salt/sensor/soc_sensor.yaml | 6 ++++++ .../{files => tools/sbin_jinja}/so-combine-bond | 4 +--- 6 files changed, 36 insertions(+), 3 deletions(-) create mode 100644 salt/sensor/defaults.yaml create mode 100644 salt/sensor/map.jinja rename salt/sensor/{files => tools/sbin_jinja}/so-combine-bond (94%) diff --git a/salt/manager/tools/sbin/so-minion b/salt/manager/tools/sbin/so-minion index 34ebdaeec..860faf445 100755 --- a/salt/manager/tools/sbin/so-minion +++ b/salt/manager/tools/sbin/so-minion @@ -454,6 +454,7 @@ function add_sensor_to_minion() { echo "sensor:" echo " interface: '$INTERFACE'" echo " mtu: 9000" + echo " channels: 1" echo "zeek:" echo " enabled: True" echo " config:" diff --git a/salt/sensor/defaults.yaml b/salt/sensor/defaults.yaml new file mode 100644 index 000000000..f071f04ba --- /dev/null +++ b/salt/sensor/defaults.yaml @@ -0,0 +1,4 @@ +sensor: + interface: bond0 + mtu: 9000 + channels: 1 diff --git a/salt/sensor/init.sls b/salt/sensor/init.sls index 9c7e52d62..1d7899b62 100644 --- a/salt/sensor/init.sls +++ b/salt/sensor/init.sls @@ -9,6 +9,8 @@ # in the software, and you may not remove or obscure any functionality in the # software that is protected by the license key." +{% from 'sensor/map.jinja' import SENSORMERGED %} + {% if 'vrt' in salt['pillar.get']('features') and salt['grains.get']('salt-cloud', {}) %} include: @@ -28,3 +30,18 @@ execute_checksum: - name: /etc/NetworkManager/dispatcher.d/pre-up.d/99-so-checksum-offload-disable - onchanges: - file: offload_script + +combine_bond_script: + file.managed: + - name: /usr/sbin/so-combine-bond + - source: salt://sensor/tools/sbin_jinja/so-combine-bond + - mode: 755 + - template: jinja + - defaults: + CHANNELS: {{ SENSORMERGED.channels }} + +execute_combine_bond: + cmd.run: + - name: /usr/sbin/so-combine-bond + - onchanges: + - file: combine_bond_script diff --git a/salt/sensor/map.jinja b/salt/sensor/map.jinja new file mode 100644 index 000000000..beabaa66e --- /dev/null +++ b/salt/sensor/map.jinja @@ -0,0 +1,7 @@ +{# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one + or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at + https://securityonion.net/license; you may not use this file except in compliance with the + Elastic License 2.0. #} + +{% import_yaml 'sensor/defaults.yaml' as SENSORDEFAULTS %} +{% set SENSORMERGED = salt['pillar.get']('sensor', SENSORDEFAULTS.sensor, merge=True) %} diff --git a/salt/sensor/soc_sensor.yaml b/salt/sensor/soc_sensor.yaml index 9ab0c236e..f97c8d849 100644 --- a/salt/sensor/soc_sensor.yaml +++ b/salt/sensor/soc_sensor.yaml @@ -7,3 +7,9 @@ sensor: description: Maximum Transmission Unit (MTU) of the sensor monitoring interface. helpLink: network.html readonly: True + channels: + description: Set the size of the nic channels. This is rarely changed from 1 + helpLink: network.html + forcedType: int + node: True + advanced: True diff --git a/salt/sensor/files/so-combine-bond b/salt/sensor/tools/sbin_jinja/so-combine-bond similarity index 94% rename from salt/sensor/files/so-combine-bond rename to salt/sensor/tools/sbin_jinja/so-combine-bond index fdb7dfd4c..0a8a2e66a 100644 --- a/salt/sensor/files/so-combine-bond +++ b/salt/sensor/tools/sbin_jinja/so-combine-bond @@ -5,10 +5,8 @@ . /usr/sbin/so-common -{% set NICCHANNELS = salt['pillar.get']('sensor:channels', '1') %} - # Number of channels to set -CHANNELS={{ NICCHANNELS }} +CHANNELS={{ CHANNELS }} # Exit on any error set -e