CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall Module - Add rules for hive

Browse Source
This commit is contained in:
Mike Reeves
2019-03-08 13:07:11 -05:00
parent 01ac51f2e4
commit 39ea1ad1ee
1 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
salt/firewall/init.sls
View File

@@ -173,6 +173,28 @@ enable_masternode_ES_9300_{{ip}}:
- position: 1 - position: 1
- save: True - save: True
enable_masternode_ES_9400_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 9400
- position: 1
- save: True
enable_masternode_ES_9500_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 9500
- position: 1
- save: True
enable_masternode_influxdb_8086_{{ip}}: enable_masternode_influxdb_8086_{{ip}}:
iptables.insert: iptables.insert:
- table: filter - table: filter
@@ -367,6 +389,28 @@ enable_standard_analyst_3000_{{ip}}:
- position: 1 - position: 1
- save: True - save: True
enable_standard_analyst_9000_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 9000
- position: 1
- save: True
enable_standard_analyst_9001_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 9001
- position: 1
- save: True
{% endfor %} {% endfor %}
# Rules for storage nodes connecting to master # Rules for storage nodes connecting to master