CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10070 from Security-Onion-Solutions/fix/cloud_test

Browse Source 
Fix cloud sniffing interface configuration
This commit is contained in:
weslambert
2023-03-30 14:41:59 -04:00
committed by GitHub
parent bdae8d5017 3e08506c4e
commit 2cfbf30f05
3 changed files with 33 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/common/tools/sbin/so-common
View File

@@ -54,6 +54,8 @@ add_interface_bond0() {
ethtool -K "$BNIC" $i off &>/dev/null ethtool -K "$BNIC" $i off &>/dev/null
fi fi
done done
if ! [[ $is_cloud ]]; then
# Check if the bond slave connection has already been created # Check if the bond slave connection has already been created
nmcli -f name,uuid -p con | grep -q "bond0-slave-$BNIC" nmcli -f name,uuid -p con | grep -q "bond0-slave-$BNIC"
local found_int=$? local found_int=$?
@@ -71,16 +73,18 @@ add_interface_bond0() {
ethernet.mtu "$MTU" \ ethernet.mtu "$MTU" \
connection.autoconnect "yes" connection.autoconnect "yes"
fi fi
fi
ip link set dev "$BNIC" arp off multicast off allmulticast off promisc on ip link set dev "$BNIC" arp off multicast off allmulticast off promisc on
if ! [[ $is_cloud ]]; then
# Bring the slave interface up # Bring the slave interface up
if [[ $verbose == true ]]; then if [[ $verbose == true ]]; then
nmcli con up "bond0-slave-$BNIC" nmcli con up "bond0-slave-$BNIC"
else else
nmcli con up "bond0-slave-$BNIC" &>/dev/null nmcli con up "bond0-slave-$BNIC" &>/dev/null
fi fi
fi
if [ "$nic_error" != 0 ]; then if [ "$nic_error" != 0 ]; then
return "$nic_error" return "$nic_error"
fi fi

5
setup/so-functions
View File

@@ -803,8 +803,10 @@ configure_network_sensor() {
info "Setting up sensor interface" info "Setting up sensor interface"
if [[ $is_cloud ]]; then if [[ $is_cloud ]]; then
info "Configuring traditional interface settings, since this is a cloud installation..."
local nmcli_con_args=( "type" "ethernet" ) local nmcli_con_args=( "type" "ethernet" )
else else
info "Configuring bond interface settings, since this is a not a cloud installation..."
local nmcli_con_args=( "type" "bond" "mode" "0" ) local nmcli_con_args=( "type" "bond" "mode" "0" )
fi fi
@@ -909,7 +911,7 @@ create_repo() {
detect_cloud() { detect_cloud() {
info "Testing if setup is running on a cloud instance..." info "Testing if setup is running on a cloud instance..."
if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || ( dmidecode -s bios-vendor | grep -q Google > /dev/null) || [ -f /var/log/waagent.log ]; then export is_cloud="true"; fi if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || ( dmidecode -s bios-vendor | grep -q Google > /dev/null) || [ -f /var/log/waagent.log ]; then info "Detected a cloud installation..." && export is_cloud="true"; fi
} }
detect_os() { detect_os() {
@@ -1252,6 +1254,7 @@ generate_interface_vars() {
else else
INTERFACE='bond0' INTERFACE='bond0'
fi fi
info "Interface set to $INTERFACE"
export INTERFACE export INTERFACE
} }

2
setup/so-setup
View File

@@ -566,7 +566,7 @@ if ! [[ -f $install_opt_file ]]; then
export NODE_DESCRIPTION=$NODE_DESCRIPTION export NODE_DESCRIPTION=$NODE_DESCRIPTION
export MAINIP=$MAINIP export MAINIP=$MAINIP
export PATCHSCHEDULENAME=$PATCHSCHEDULENAME export PATCHSCHEDULENAME=$PATCHSCHEDULENAME
export INTERFACE="bond0" export INTERFACE=$INTERFACE
export CORECOUNT=$lb_procs export CORECOUNT=$lb_procs
export LSHOSTNAME=$HOSTNAME export LSHOSTNAME=$HOSTNAME
export LSHEAP=$LS_HEAP_SIZE export LSHEAP=$LS_HEAP_SIZE