Firewall Fun

2026-01-01 13:53:18 +01:00 · 2022-09-16 13:02:11 -04:00
parent f14a8f3d01
commit 384478836a
1 changed files with 89 additions and 0 deletions
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -1,4 +1,16 @@
 firewall:
+  rules:
+    analyst_workstations: []
+    standalone:
+      - 1.2.3.4
+    sensor:
+      - 1.2.3.3
+      - 2.3.4.5
+    searchnode:
+      - 3.4.5.6
+      - 7.8.9.10
+    manager:
+      - 1.33.2.11
  hostgroups:
    anywhere:
      ips:
@@ -87,3 +99,80 @@ firewall:
      ips: 
        delete: []
        insert: []
+  portgroups:
+    all:
+      tcp:
+        - '0:65535'
+      udp:
+        - '0:65535'
+    agrules:
+      tcp:
+        - 7788
+    beats_5044:
+      tcp:
+        - 5044
+    beats_5644:
+      tcp:
+        - 5644
+    beats_5066:
+      tcp:
+        - 5066
+    docker_registry:
+      tcp:
+        - 5000
+    elasticsearch_node:
+      tcp:
+        - 9300
+    elasticsearch_rest:
+      tcp:
+        - 9200
+    elastic_agent_control:
+      tcp:
+        - 8220
+    elastic_agent_data:
+      tcp:
+        - 5055
+    endgame:
+      tcp:
+        - 3765
+    influxdb:
+      tcp:
+        - 8086
+    kibana:
+      tcp:
+        - 5601
+    mysql:
+      tcp:
+        - 3306
+    nginx:
+      tcp:
+        - 80
+        - 443
+    playbook:
+      tcp:
+        - 3200
+    redis:
+      tcp:
+        - 6379
+        - 9696
+    salt_manager:
+      tcp:
+        - 4505
+        - 4506
+    sensoroni:
+      tcp:
+        - 443
+    ssh:
+      tcp:
+        - 22
+    strelka_frontend:
+      tcp:
+        - 57314
+    syslog:
+      tcp:
+        - 514
+      udp:
+        - 514
+    yum:
+      tcp:
+        - 443