CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 15:33:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fleet Modules

Browse Source
This commit is contained in:
Mike Reeves
2018-12-05 19:50:59 -05:00
parent e9d97286c3
commit 24cb7f4a14
2 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
salt/firewall/init.sls
View File

@@ -357,6 +357,17 @@ enable_standard_analyst_5601_{{ip}}:
- dport: 5601 - dport: 5601
- position: 1 - position: 1
- save: True - save: True
#THIS IS TEMPORARY
enable_standard_analyst_8080_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 8080
- position: 1
- save: True
{% endfor %} {% endfor %}

1
salt/fleet/init.sls
View File

@@ -24,6 +24,7 @@ so-fleet:
- KOLIDE_SERVER_CERT=/ssl/server.cert - KOLIDE_SERVER_CERT=/ssl/server.cert
- KOLIDE_SERVER_KEY=/ssl/server.key - KOLIDE_SERVER_KEY=/ssl/server.key
- KOLIDE_LOGGING_JSON=true - KOLIDE_LOGGING_JSON=true
- KOLIDE_AUTH_JWT_KEY=thisisatest
- binds: - binds:
- /etc/pki/fleet.key:/ssl/server.key:ro - /etc/pki/fleet.key:/ssl/server.key:ro
- /etc/pki/fleet.crt:/ssl/server.cert - /etc/pki/fleet.crt:/ssl/server.cert