Fixup Airgap

2025-12-13 20:52:54 +01:00 · 2025-12-06 15:26:44 -05:00
parent bef85772e3
commit 271f545f4f
4 changed files with 36 additions and 19 deletions
--- a/salt/manager/init.sls
+++ b/salt/manager/init.sls
@@ -214,7 +214,7 @@ git_config_set_safe_dirs:

 surinsmrulesdir:
  file.directory:
-    - name: /nsm/rules/suricata
+    - name: /nsm/rules/suricata/etopen
    - user: 939
    - group: 939
    - makedirs: True
--- a/salt/manager/tools/sbin/soup
+++ b/salt/manager/tools/sbin/soup
@@ -1355,7 +1355,7 @@ unmount_update() {

 update_airgap_rules() {
  # Copy the rules over to update them for airgap.
-  rsync -a $UPDATE_DIR/agrules/suricata/* /nsm/rules/suricata/
+  rsync -a --delete $UPDATE_DIR/agrules/suricata/ /nsm/rules/suricata/etopen/
  rsync -a $UPDATE_DIR/agrules/detect-sigma/* /nsm/rules/detect-sigma/
  rsync -a $UPDATE_DIR/agrules/detect-yara/* /nsm/rules/detect-yara/
  # Copy the securityonion-resorces repo over for SOC Detection Summaries and checkout the published summaries branch