From 11d7e66ea0f3115e65039bf78c5ea12632565979 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 24 May 2023 15:30:52 -0400
Subject: [PATCH] Suricata Airgap

---
 salt/idstools/enabled.sls                     | 3 ++-
 salt/idstools/tools/sbin_jinja/so-rule-update | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/salt/idstools/enabled.sls b/salt/idstools/enabled.sls
index 70e52453c..a51dd7a88 100644
--- a/salt/idstools/enabled.sls
+++ b/salt/idstools/enabled.sls
@@ -46,8 +46,9 @@ so-idstools:
       - {{ BIND }}
       {% endfor %}
     {% endif %}
-    {% if DOCKER.containers['so-idstools'].extra_hosts %}
     - extra_hosts:
+      - {{ GLOBALS.manager }}:{{ GLOBALS.manager_ip }}
+    {% if DOCKER.containers['so-idstools'].extra_hosts %}
       {% for XTRAHOST in DOCKER.containers['so-idstools'].extra_hosts %}
       - {{ XTRAHOST }}
       {% endfor %}
diff --git a/salt/idstools/tools/sbin_jinja/so-rule-update b/salt/idstools/tools/sbin_jinja/so-rule-update
index e5802440b..7e08f0e6d 100755
--- a/salt/idstools/tools/sbin_jinja/so-rule-update
+++ b/salt/idstools/tools/sbin_jinja/so-rule-update
@@ -23,9 +23,9 @@ docker exec so-idstools idstools-rulecat -v --suricata-version 6.0 -o /nsm/rules
 {%- endif %}
 
 
-#argstr=""
-#for arg in "$@"; do
-#    argstr="${argstr} \"${arg}\""
-#done
+argstr=""
+for arg in "$@"; do
+    argstr="${argstr} \"${arg}\""
+done
 
 docker exec so-idstools /bin/bash -c "cd /opt/so/idstools/etc && idstools-rulecat --force ${argstr}"