CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Adjust portgroup yaml

Browse Source
This commit is contained in:
Mike Reeves
2022-09-20 13:45:29 -04:00
parent b622940f3f
commit 0ade4d7847
1 changed files with 552 additions and 611 deletions
Download Patch File Download Diff File Expand all files Collapse all files

177
salt/firewall/portgroups/portgroups.yaml
View File

@@ -1,23 +1,65 @@
firewall:
portgroups:
role:
role:
eval:
ports:
chain:
DOCKER-USER:
hostgroups:
manager:
portgroups:
- playbook
- mysql
- kibana
- redis
- minio
- influxdb
- cortex
- elasticsearch_rest
- elasticsearch_node
- cortex_es_rest
- cortex_es_node
minion:
portgroups:
- acng
- docker_registry
- influxdb
- sensoroni
sensor:
portgroups:
- beats_5044
- beats_5644
search_node:
portgroups:
- redis
- minio
- elasticsearch_node
heavy_node:
portgroups:
- redis
- minio
- elasticsearch_node
self:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
beats_endpoint_ssl:
portgroups:
- beats_5644
elasticsearch_rest:
portgroups:
- elasticsearch_rest
elastic_agent_endpoint:
portgroups:
- elastic_agent_control
- elastic_agent_data
strelka_frontend:
portgroups:
- strelka_frontend
syslog:
portgroups:
- syslog
analyst:
portgroups:
- nginx
INPUT:
hostgroups:
@@ -39,16 +81,12 @@ firewall:
hostgroups:
manager:
portgroups:
- wazuh_agent
- wazuh_api
- wazuh_authd
- playbook
- mysql
- kibana
- redis
- minio
- influxdb
- fleet_api
- cortex
- elasticsearch_rest
- elasticsearch_node
@@ -58,10 +96,7 @@ firewall:
portgroups:
- acng
- docker_registry
- osquery_8080
- influxdb
- wazuh_api
- fleet_api
- sensoroni
- yum
sensor:
@@ -82,7 +117,7 @@ firewall:
- beats_5644
self:
portgroups:
- syslog}}
- syslog
syslog:
portgroups:
- syslog
@@ -98,18 +133,6 @@ firewall:
endgame:
portgroups:
- endgame
osquery_endpoint:
portgroups:
- fleet_api
wazuh_agent:
portgroups:
- wazuh_agent
wazuh_api:
portgroups:
- wazuh_api
wazuh_authd:
portgroups:
- wazuh_authd
analyst:
portgroups:
- nginx
@@ -133,16 +156,12 @@ firewall:
hostgroups:
manager:
portgroups:
- wazuh_agent
- wazuh_api
- wazuh_authd
- playbook
- mysql
- kibana
- redis
- minio
- influxdb
- fleet_api
- cortex
- elasticsearch_rest
- elasticsearch_node
@@ -152,10 +171,7 @@ firewall:
portgroups:
- acng
- docker_registry
- osquery_8080
- influxdb
- wazuh_api
- fleet_api
- sensoroni
- yum
sensor:
@@ -184,24 +200,16 @@ firewall:
elasticsearch_rest:
portgroups:
- elasticsearch_rest
elastic_agent_endpoint:
portgroups:
- elastic_agent_control
- elastic_agent_data
endgame:
portgroups:
- endgame
osquery_endpoint:
portgroups:
- fleet_api
syslog:
portgroups:
- syslog
wazuh_agent:
portgroups:
- wazuh_agent
wazuh_api:
portgroups:
- wazuh_api
wazuh_authd:
portgroups:
- wazuh_authd
analyst:
portgroups:
- nginx
@@ -225,16 +233,12 @@ firewall:
hostgroups:
manager:
portgroups:
- wazuh_agent
- wazuh_api
- wazuh_authd
- playbook
- mysql
- kibana
- redis
- minio
- influxdb
- fleet_api
- cortex
- elasticsearch_rest
- elasticsearch_node
@@ -244,10 +248,7 @@ firewall:
portgroups:
- acng
- docker_registry
- osquery_8080
- influxdb
- wazuh_api
- fleet_api
- sensoroni
- yum
sensor:
@@ -276,27 +277,19 @@ firewall:
elasticsearch_rest:
portgroups:
- elasticsearch_rest
elastic_agent_endpoint:
portgroups:
- elastic_agent_control
- elastic_agent_data
endgame:
portgroups:
- endgame
osquery_endpoint:
portgroups:
- fleet_api
strelka_frontend:
portgroups:
- strelka_frontend
syslog:
portgroups:
- syslog
wazuh_agent:
portgroups:
- wazuh_agent
wazuh_api:
portgroups:
- wazuh_api
wazuh_authd:
portgroups:
- wazuh_authd
analyst:
portgroups:
- nginx
@@ -320,13 +313,11 @@ firewall:
hostgroups:
manager:
portgroups:
- wazuh_agent
- playbook
- mysql
- kibana
- redis
- influxdb
- fleet_api
- cortex
- elasticsearch_rest
- elasticsearch_node
@@ -336,9 +327,7 @@ firewall:
portgroups:
- acng
- docker_registry
- osquery_8080
- influxdb
- wazuh_api
- sensoroni
sensor:
portgroups:
@@ -354,12 +343,6 @@ firewall:
beats_endpoint:
portgroups:
- beats_5044
osquery_endpoint:
portgroups:
- fleet_api
wazuh_agent:
portgroups:
- wazuh_agent
analyst:
portgroups:
- nginx
@@ -397,7 +380,7 @@ firewall:
- elasticsearch_node
self:
portgroups:
- syslog}}
- syslog
INPUT:
hostgroups:
anywhere:
@@ -447,7 +430,7 @@ firewall:
- elasticsearch_rest
self:
portgroups:
- syslog}}
- syslog
strelka_frontend:
portgroups:
- strelka_frontend
@@ -462,39 +445,6 @@ firewall:
localhost:
portgroups:
- all
fleet:
chain:
DOCKER-USER:
hostgroups:
self:
portgroups:
- redis
- mysql
- osquery_8080
localhost:
portgroups:
- mysql
- osquery_8080
analyst:
portgroups:
- fleet_webui
minion:
portgroups:
- fleet_api
osquery_endpoint:
portgroups:
- fleet_api}}
INPUT:
hostgroups:
anywhere:
portgroups:
- ssh
dockernet:
portgroups:
- all
localhost:
portgroups:
- all
import:
chain:
DOCKER-USER:
@@ -559,7 +509,7 @@ firewall:
self:
portgroups:
- redis
- syslog}}
- syslog
- beats_5644
syslog:
portgroups:
@@ -573,15 +523,6 @@ firewall:
endgame:
portgroups:
- endgame
wazuh_agent:
portgroups:
- wazuh_agent
wazuh_api:
portgroups:
- wazuh_api
wazuh_authd:
portgroups:
- wazuh_authd
INPUT:
hostgroups:
anywhere:
@@ -599,7 +540,7 @@ firewall:
hostgroups:
anywhere:
portgroups:
- idh
- ssh
dockernet:
portgroups:
- all