CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-07 15:54:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

2.4 fw changes

Browse Source
This commit is contained in:
m0duspwnens
2023-02-08 11:01:26 -05:00
parent 342b9619b0
commit 31daeef30d
5 changed files with 1 additions and 646 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/firewall/map.jinja
View File

@@ -12,20 +12,16 @@
{% set portgroups = salt['defaults.merge'](default_portgroups, local_portgroups, in_place=False) %}
{% set defined_portgroups = portgroups %}
{% import_yaml 'firewall/hostgroups.yaml' as default_hostgroups %}
{#% import_yaml 'firewall/hostgroups.local.yaml' as local_hostgroups %#}
{% set local_hostgroups = {'firewall': {'hostgroups': {}}} %}
{% set hostgroup_list = salt['cp.list_master'](prefix='firewall/hostgroups') %}
{% do hostgroup_list.remove('firewall/hostgroups.local.yaml') %}
{% do hostgroup_list.remove('firewall/hostgroups.yaml') %}
{% for hg in hostgroup_list %}
{% import_text hg as hg_ips %}
{% do local_hostgroups.firewall.hostgroups.update({hg.split('/')[2]: {'ips': {'insert': hg_ips.split(), 'delete': []}}}) %}
{% endfor %}
{% set hostgroups = salt['defaults.merge'](default_hostgroups.firewall.hostgroups, local_hostgroups.firewall.hostgroups, in_place=False) %}
{% set hostgroups = local_hostgroups.firewall.hostgroups %}
{# This block translate the portgroups defined in the pillar to what is defined my portgroups.yaml and portgroups.local.yaml #}
{% if salt['pillar.get']('firewall:assigned_hostgroups:chain') %}