Merge pull request #2545 from Security-Onion-Solutions/fix/wazuh_port_reservation

Reserve port for Wazuh API and check if port is already in use
2025-12-06 17:22:49 +01:00 · 2021-01-06 11:49:23 -05:00
parent 55344725e7 f2b677bfcb
commit 36ae09ac4a
1 changed files with 11 additions and 1 deletions
--- a/salt/wazuh/init.sls
+++ b/salt/wazuh/init.sls
@@ -96,6 +96,16 @@ wazuhmgrwhitelist:
    - mode: 755
    - template: jinja

+# Reserve OS port for Wazuh API
+wazuhreserveport:
+    cmd.run:
+      - name: grep -q 55000 /proc/sys/net/ipv4/ip_local_reserved_ports || sysctl -w net.ipv4.ip_local_reserved_ports="55000" > /dev/null && echo "55000" >> /proc/sys/net/ipv4/ip_local_reserved_ports
+
+# Check to see if Wazuh API port is available
+wazuhportavailable:
+    cmd.run:
+      - name: netstat -anp | grep 55000 | grep -qv docker && PROCESS=$(netstat -anp | grep 55000 | awk '{print $NF}' | uniq) && echo "Another process ($PROCESS) appears to be using port 55000.  Please terminate this process, or reboot to ensure a clean state so that the Wazuh API can start properly." && exit 1 || exit 0
+
 so-wazuh:
  docker_container.running:
    - image: {{ MANAGER }}:5000/{{ IMAGEREPO }}/so-wazuh:{{ VERSION }}
@@ -158,4 +168,4 @@ wazuh_state_not_allowed:
  test.fail_without_changes:
    - name: wazuh_state_not_allowed

-{% endif %}
+{% endif %}