From 3f264163d47d3dee99d2003b8b5711927f5993a2 Mon Sep 17 00:00:00 2001 From: William Wernert Date: Wed, 22 Apr 2020 13:12:57 -0400 Subject: [PATCH] [fix] Test if QUIET var is set, and convert whiptail output to arrays Also rewrite filter_unused_nics so it is the only source for list of nics --- setup/so-common-functions | 16 +- setup/so-whiptail | 328 ++++++++++++++++++++------------------ 2 files changed, 181 insertions(+), 163 deletions(-) diff --git a/setup/so-common-functions b/setup/so-common-functions index 3e815fc63..bba9ccd14 100644 --- a/setup/so-common-functions +++ b/setup/so-common-functions @@ -5,19 +5,27 @@ source './so-variables' # Helper functions filter_unused_nics() { - # Set the main NIC as the default grep search string - local grep_string="$MNIC" + + if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string if [[ $BNICS ]]; then + grep_string="$grep_string" for BONDNIC in "${BNICS[@]}"; do grep_string="$grep_string\|$BONDNIC" done fi # Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use) - filtered_nics=$(ip link | grep -vwe "$grep_string" | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}') - export filtered_nics + filtered_nics=$(ip link | grep -vwe "$grep_string" | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | sed 's/ //') + readarray -t filtered_nics <<< "$filtered_nics" + + nic_list=() + for nic in "${filtered_nics[@]}"; do + nic_list+=("$nic" "" "OFF") + done + + export nic_list } calculate_useable_cores() { diff --git a/setup/so-whiptail b/setup/so-whiptail index 9ccb8bafe..0ff3d5641 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -15,12 +15,13 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . -source "./so-variables" -source "./so-common-functions" +source ./so-variables +source ./so-common-functions + whiptail_basic_bro() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return BASICBRO=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter the number of bro processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3) @@ -31,7 +32,7 @@ whiptail_basic_bro() { whiptail_basic_suri() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return BASICSURI=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter the number of Suricata Processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3) @@ -43,18 +44,19 @@ whiptail_basic_suri() { whiptail_bro_pins() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return - BROPINS=$(whiptail --noitem --title "Pin Bro CPUS" --checklist "Please Select $lb_procs cores to pin Bro to:" 20 75 12 "${cpu_core_list[@]}" 3>&1 1>&2 2>&3 ) + BROPINS=$(whiptail --noitem --title "Pin Bro CPUS" --checklist "Please Select $lb_procs cores to pin Bro to:" 20 75 12 "${cpu_core_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"') local exitstatus=$? whiptail_check_exitstatus $exitstatus + IFS=' ' read -ra BROPINS <<< "$BROPINS" } whiptail_bro_version() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \ "SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3) @@ -66,29 +68,27 @@ whiptail_bro_version() { whiptail_bond_nics() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return - local nic_list=() - for filtered_nic in "${filtered_nics[@]}"; do - nic_list+=("$filtered_nic" "Interface" "OFF") - done + filter_unused_nics - BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) + BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"') local exitstatus=$? whiptail_check_exitstatus $exitstatus while [ -z "$BNICS" ] do - BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) + BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"') local exitstatus=$? whiptail_check_exitstatus $exitstatus done + IFS=' ' read -ra BNICS <<< "$BNICS" } whiptail_bond_nics_mtu() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # Set the MTU on the monitor interface MTU=$(whiptail --title "Security Onion Setup" --inputbox \ @@ -103,9 +103,11 @@ whiptail_cancel() { whiptail --title "Security Onion Setup" --msgbox "Cancelling Setup. No changes have been made." 8 75 if [ -d "/root/installtmp" ]; then - echo "/root/installtmp exists" >> $setup_log 2>&1 - install_cleanup >> $setup_log 2>&1 - echo "/root/installtmp removed" >> $setup_log 2>&1 + { + echo "/root/installtmp exists"; + install_cleanup; + echo "/root/installtmp removed"; + } >> $setup_log 2>&1 fi exit @@ -113,8 +115,7 @@ whiptail_cancel() { whiptail_check_exitstatus() { - if [ "$1" == '1' ]; then - echo "They hit cancel" + if [ "$1" != 0 ]; then whiptail_cancel fi @@ -122,7 +123,7 @@ whiptail_check_exitstatus() { whiptail_create_admin_user() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return ADMINUSER=$(whiptail --title "Security Onion Install" --inputbox \ "Please enter a username for your new admin user. The onion account will be disabled during this install" 10 60 3>&1 1>&2 2>&3) @@ -131,7 +132,7 @@ whiptail_create_admin_user() { whiptail_create_admin_user_password1() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return ADMINPASS1=$(whiptail --title "Security Onion Install" --passwordbox \ "Enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3) @@ -142,7 +143,7 @@ whiptail_create_admin_user_password1() { whiptail_create_admin_user_password2() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return ADMINPASS2=$(whiptail --title "Security Onion Install" --passwordbox \ "Re-enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3) @@ -154,7 +155,7 @@ whiptail_create_admin_user_password2() { whiptail_create_soremote_user() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Set a password for the soremote user. This account is used for adding sensors remotely." 8 75 @@ -162,7 +163,7 @@ whiptail_create_soremote_user() { whiptail_create_soremote_user_password1() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return SOREMOTEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \ "Enter a password for user soremote" 10 75 3>&1 1>&2 2>&3) @@ -174,7 +175,7 @@ whiptail_create_soremote_user_password1() { whiptail_create_soremote_user_password2() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return SOREMOTEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \ "Re-enter a password for user soremote" 10 75 3>&1 1>&2 2>&3) @@ -186,7 +187,7 @@ whiptail_create_soremote_user_password2() { whiptail_create_web_user() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \ "Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3) @@ -197,14 +198,14 @@ whiptail_create_web_user() { whiptail_invalid_user_warning() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75 } whiptail_create_web_user_password1() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return WEBPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \ "Enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3) @@ -215,7 +216,7 @@ whiptail_create_web_user_password1() { whiptail_create_web_user_password2() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return WEBPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \ "Re-enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3) @@ -227,14 +228,14 @@ whiptail_create_web_user_password2() { whiptail_invalid_pass_warning() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75 } whiptail_cur_close_days() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return CURCLOSEDAYS=$(whiptail --title "Security Onion Setup" --inputbox \ "Please specify the threshold (in days) at which Elasticsearch indices will be closed" 10 75 $CURCLOSEDAYS 3>&1 1>&2 2>&3) @@ -246,53 +247,47 @@ whiptail_cur_close_days() { whiptail_dhcp_or_static() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return address_type=$(whiptail --title "Security Onion Setup" --radiolist \ "Choose how to set up your management interface:" 20 78 4 \ "STATIC" "Set a static IPv4 address" ON \ "DHCP" "Use DHCP to configure the Management Interface" OFF 3>&1 1>&2 2>&3 ) - export address_type - local exitstatus=$? whiptail_check_exitstatus $exitstatus + + export address_type + } whiptail_enable_components() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \ "Select Components to install" 20 75 8 \ - "GRAFANA" "Enable Grafana for system monitoring" ON \ - "OSQUERY" "Enable Fleet with osquery" ON \ - "WAZUH" "Enable Wazuh" ON \ - "THEHIVE" "Enable TheHive" ON \ - "PLAYBOOK" "Enable Playbook" ON \ - "STRELKA" "Enable Strelka" ON 3>&1 1>&2 2>&3 ) - - # Init the environment variables - GRAFANA=0 - OSQUERY=0 - WAZUH=0 - THEHIVE=0 - PLAYBOOK=0 - STRELKA=0 + GRAFANA "Enable Grafana for system monitoring" ON \ + OSQUERY "Enable Fleet with osquery" ON \ + WAZUH "Enable Wazuh" ON \ + THEHIVE "Enable TheHive" ON \ + PLAYBOOK "Enable Playbook" ON \ + STRELKA "Enable Strelka" ON 3>&1 1>&2 2>&3 | tr -d '"') + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + IFS=' ' read -ra COMPONENTS <<< "$COMPONENTS" # Set any variables to 1 if they exist in COMPONENTS for component in "${COMPONENTS[@]}"; do - component="$(echo -e "$component" | tr -d '"')" - eval "$component"="1" + declare "$component=1" done - local exitstatus=$? - whiptail_check_exitstatus $exitstatus } whiptail_eval_adv() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return EVALADVANCED=$(whiptail --title "Security Onion Setup" --radiolist \ "Choose your eval install:" 20 75 4 \ @@ -305,14 +300,14 @@ whiptail_eval_adv() { whiptail_components_adv_warning() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75 } whiptail_helix_apikey() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3) @@ -324,41 +319,43 @@ whiptail_helix_apikey() { whiptail_homenet_master() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return HNMASTER=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3) - export HNMASTER - local exitstatus=$? whiptail_check_exitstatus $exitstatus + export HNMASTER } whiptail_homenet_sensor() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # Ask to inherit from master whiptail --title "Security Onion Setup" --yesno "Do you want to inherit the HOME_NET from the Master?" 8 75 local exitstatus=$? + whiptail_check_exitstatus $exitstatus + if [ $exitstatus == 0 ]; then export HNSENSOR=inherit else HNSENSOR=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3) - export HNSENSOR - local exitstatus=$? whiptail_check_exitstatus $exitstatus + + export HNSENSOR + fi } whiptail_install_type() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # What kind of install are we doing? install_type=$(whiptail --title "Security Onion Setup" --radiolist \ @@ -376,16 +373,18 @@ whiptail_install_type() { "WAZUH" "TODO Stand Alone Wazuh Node" OFF \ "STRELKA" "TODO Stand Alone Strelka Node" OFF \ "PARSINGNODE" "TODO Add a dedicated Parsing Node" OFF 3>&1 1>&2 2>&3 ) - export install_type local exitstatus=$? whiptail_check_exitstatus $exitstatus + export install_type + + } whiptail_log_size_limit() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return log_size_limit=$(whiptail --title "Security Onion Setup" --inputbox \ "Please specify the amount of disk space (in GB) you would like to allocate for Elasticsearch data storage. \ @@ -398,7 +397,7 @@ whiptail_log_size_limit() { whiptail_management_interface_dns() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MDNS=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your DNS server using space between multiple" 10 60 8.8.8.8 8.8.4.4 3>&1 1>&2 2>&3) @@ -407,7 +406,7 @@ whiptail_management_interface_dns() { whiptail_management_interface_dns_search() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MSEARCH=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your DNS search domain" 10 60 searchdomain.local 3>&1 1>&2 2>&3) @@ -416,7 +415,7 @@ whiptail_management_interface_dns_search() { whiptail_management_interface_gateway() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MGATEWAY=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your gateway" 10 60 X.X.X.X 3>&1 1>&2 2>&3) @@ -425,7 +424,7 @@ whiptail_management_interface_gateway() { whiptail_management_interface_ip() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MIP=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your IP address" 10 60 X.X.X.X 3>&1 1>&2 2>&3) @@ -434,7 +433,7 @@ whiptail_management_interface_ip() { whiptail_management_interface_mask() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MMASK=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter the bit mask for your subnet" 10 60 24 3>&1 1>&2 2>&3) @@ -443,15 +442,17 @@ whiptail_management_interface_mask() { whiptail_management_nic() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return - MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${all_nics[@]}" 3>&1 1>&2 2>&3 ) + filter_unused_nics + + MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? whiptail_check_exitstatus $exitstatus while [ -z "$MNIC" ] do - MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${all_nics[@]}" 3>&1 1>&2 2>&3 ) + MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) local exitstatus=$? whiptail_check_exitstatus $exitstatus done @@ -460,7 +461,7 @@ whiptail_management_nic() { whiptail_nids() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NIDS=$(whiptail --title "Security Onion Setup" --radiolist \ "Choose which IDS to run:" 20 75 4 \ @@ -474,7 +475,7 @@ whiptail_nids() { whiptail_oinkcode() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3) @@ -486,7 +487,7 @@ whiptail_oinkcode() { whiptail_make_changes() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please hit YES to make changes or NO to cancel." 8 75 @@ -497,7 +498,7 @@ whiptail_make_changes() { whiptail_management_server() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MSRV=$(whiptail --title "Security Onion Setup" --inputbox \ "Enter your Master Server hostname. It is CASE SENSITIVE!" 10 75 XXXX 3>&1 1>&2 2>&3) @@ -506,9 +507,9 @@ whiptail_management_server() { whiptail_check_exitstatus $exitstatus # See if it resolves. Otherwise prompt to add to host file - TESTHOST=$(host $MSRV) + TESTHOST=$(host "$MSRV") - if [[ $TESTHOST = *"not found"* ]] || [ -z $TESTHOST ] || [[ $TESTHOST = *"connection timed out"* ]]; then + if [[ $TESTHOST = *"not found"* ]] || [ -z "$TESTHOST" ] || [[ $TESTHOST = *"connection timed out"* ]]; then add_master_hostfile fi @@ -517,7 +518,7 @@ whiptail_management_server() { # Ask if you want to do advanced setup of the Master whiptail_master_adv() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return MASTERADV=$(whiptail --title "Security Onion Setup" --radiolist \ "Choose what type of master install:" 20 75 4 \ @@ -532,7 +533,7 @@ whiptail_master_adv() { # Ask which additional components to install whiptail_master_adv_service_brologs() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return BLOGS=$(whiptail --title "Security Onion Setup" --checklist "Please Select Logs to Send:" 24 75 12 \ "conn" "Connection Logging" ON \ @@ -572,16 +573,18 @@ whiptail_master_adv_service_brologs() { "weird" "Zeek Weird Logs" ON \ "mysql" "MySQL Logs" ON \ "socks" "SOCKS Logs" ON \ - "x509" "x.509 Logs" ON 3>&1 1>&2 2>&3 ) + "x509" "x.509 Logs" ON 3>&1 1>&2 2>&3 | tr -d '"') local exitstatus=$? whiptail_check_exitstatus $exitstatus + IFS=' ' read -ra BLOGS <<< "$BLOGS" + } whiptail_network_notice() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --yesno "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. Hit YES to continue." 8 75 @@ -592,7 +595,7 @@ whiptail_network_notice() { whiptail_node_advanced() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \ "What type of config would you like to use?:" 20 75 4 \ @@ -606,7 +609,7 @@ whiptail_node_advanced() { whiptail_node_es_heap() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NODE_ES_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter ES Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $ES_HEAP_SIZE 3>&1 1>&2 2>&3) @@ -618,7 +621,7 @@ whiptail_node_es_heap() { whiptail_node_ls_heap() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NODE_LS_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter LogStash Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $LS_HEAP_SIZE 3>&1 1>&2 2>&3) @@ -630,10 +633,10 @@ whiptail_node_ls_heap() { whiptail_node_ls_pipeline_worker() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return LSPIPELINEWORKERS=$(whiptail --title "Security Onion Setup" --inputbox \ - "\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 "$cpu_cores" 3>&1 1>&2 2>&3) + "\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 "$num_cpu_cores" 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus @@ -642,7 +645,7 @@ whiptail_node_ls_pipeline_worker() { whiptail_node_ls_pipline_batchsize() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return LSPIPELINEBATCH=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter LogStash Pipeline Batch Size: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) @@ -654,7 +657,7 @@ whiptail_node_ls_pipline_batchsize() { whiptail_node_ls_input_threads() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return LSINPUTTHREADS=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter LogStash Input Threads: \n \n(Default value is pre-populated)" 10 75 1 3>&1 1>&2 2>&3) @@ -666,7 +669,7 @@ whiptail_node_ls_input_threads() { whiptail_node_ls_input_batch_count() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) @@ -689,7 +692,7 @@ whiptail_passwords_dont_match() { whiptail_patch_name_new_schedule() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \ "What name do you want to give this OS patch schedule? This schedule needs to be named uniquely. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/.yml" 10 75 3>&1 1>&2 2>&3) @@ -710,7 +713,7 @@ whiptail_patch_name_new_schedule() { whiptail_patch_schedule() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return local patch_schedule patch_schedule=$(whiptail --title "Security Onion Setup" --radiolist \ @@ -720,6 +723,10 @@ whiptail_patch_schedule() { "Import Schedule" "Import named schedule on following screen" OFF \ "New Schedule" "Configure and name new schedule on next screen" OFF 3>&1 1>&2 2>&3 ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + + case $patch_schedule in 'New Schedule') whiptail_patch_schedule_select_days @@ -738,14 +745,12 @@ whiptail_patch_schedule() { ;; esac - local exitstatus=$? - whiptail_check_exitstatus $exitstatus } whiptail_patch_schedule_import() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return unset PATCHSCHEDULENAME PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \ @@ -767,71 +772,75 @@ whiptail_patch_schedule_import() { whiptail_patch_schedule_select_days() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # Select the days to patch - mapfile -t PATCHSCHEDULEDAYS< <(whiptail --title "Security Onion Setup" --checklist \ + PATCHSCHEDULEDAYS=<(whiptail --title "Security Onion Setup" --checklist \ "Which days do you want to apply OS patches?" 15 75 8 \ - "Monday" "" OFF \ - "Tuesday" "" ON \ - "Wednesday" "" OFF \ - "Thursday" "" OFF \ - "Friday" "" OFF \ - "Saturday" "" OFF \ - "Sunday" "" OFF 3>&1 1>&2 2>&3 ) + Monday "" OFF \ + Tuesday "" ON \ + Wednesday "" OFF \ + Thursday "" OFF \ + Friday "" OFF \ + Saturday "" OFF \ + Sunday "" OFF 3>&1 1>&2 2>&3 | tr -d '"') local exitstatus=$? whiptail_check_exitstatus $exitstatus + + IFS=' ' read -ra PATCHSCHEDULEDAYS <<< "$PATCHSCHEDULEDAYS" + } whiptail_patch_schedule_select_hours() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # Select the hours to patch - mapfile -t PATCHSCHEDULEHOURS< <(whiptail --title "Security Onion Setup" --checklist \ + PATCHSCHEDULEHOURS=<(whiptail --title "Security Onion Setup" --checklist \ "At which time, UTC, do you want to apply OS patches on the selected days? Hours 12 through 23 can be selected on the next screen." 22 75 13 \ - "00:00" "" OFF \ - "01:00" "" OFF \ - "02:00" "" OFF \ - "03:00" "" OFF \ - "04:00" "" OFF \ - "05:00" "" OFF \ - "06:00" "" OFF \ - "07:00" "" OFF \ - "08:00" "" OFF \ - "09:00" "" OFF \ - "10:00" "" OFF \ - "11:00" "" OFF 3>&1 1>&2 2>&3 ) + 00:00 "" OFF \ + 01:00 "" OFF \ + 02:00 "" OFF \ + 03:00 "" OFF \ + 04:00 "" OFF \ + 05:00 "" OFF \ + 06:00 "" OFF \ + 07:00 "" OFF \ + 08:00 "" OFF \ + 09:00 "" OFF + 10:00 "" OFF \ + 11:00 "" OFF 3>&1 1>&2 2>&3 | tr -d '"' ) local exitstatus=$? whiptail_check_exitstatus $exitstatus # Select the hours to patch - mapfile -t second_half < <(whiptail --title "Security Onion Setup" --checklist \ + PATCHSCHEDULEHOURS+=<(whiptail --title "Security Onion Setup" --checklist \ "At which time, UTC, do you want to apply OS patches on the selected days?" 22 75 13 \ - "12:00" "" OFF \ - "13:00" "" OFF \ - "14:00" "" OFF \ - "15:00" "" ON \ - "16:00" "" OFF \ - "17:00" "" OFF \ - "18:00" "" OFF \ - "19:00" "" OFF \ - "20:00" "" OFF \ - "21:00" "" OFF \ - "22:00" "" OFF \ - "23:00" "" OFF 3>&1 1>&2 2>&3 ) - - PATCHSCHEDULEHOURS+=("${second_half[@]}") + 12:00 "" OFF \ + 13:00 "" OFF \ + 14:00 "" OFF \ + 15:00 "" ON \ + 16:00 "" OFF \ + 17:00 "" OFF \ + 18:00 "" OFF \ + 19:00 "" OFF \ + 20:00 "" OFF \ + 21:00 "" OFF \ + 22:00 "" OFF \ + 23:00 "" OFF 3>&1 1>&2 2>&3 | tr -d '"' ) local exitstatus=$? whiptail_check_exitstatus $exitstatus + + IFS=' ' read -ra PATCHSCHEDULEHOURS <<< "$PATCHSCHEDULEHOURS" + } whiptail_rule_setup() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return # Get pulled pork info RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \ @@ -849,7 +858,7 @@ whiptail_rule_setup() { whiptail_sensor_config() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \ "What type of configuration would you like to use?:" 20 75 4 \ @@ -863,10 +872,10 @@ whiptail_sensor_config() { whiptail_set_hostname() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter the Hostname you would like to set." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) + "Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus @@ -874,7 +883,7 @@ whiptail_set_hostname() { while [[ "$HOSTNAME" == *'localhost'* ]] ; do whiptail --title "Security Onion Setup" --msgbox "Please choose a hostname that doesn't contain localhost." 8 75 HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter the Hostname you would like to set." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) + "Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3) local exitstatus=$? whiptail_check_exitstatus $exitstatus done @@ -883,7 +892,7 @@ whiptail_set_hostname() { whiptail_set_redirect() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return REDIRECTINFO=$(whiptail --title "Security Onion Setup" --radiolist \ "Choose the access method for the web interface:" 20 75 4 \ @@ -896,17 +905,17 @@ whiptail_set_redirect() { whiptail_set_redirect_host() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return REDIRECTHOST=$(whiptail --title "Security Onion Setup" --inputbox \ - "Enter the Hostname or IP you would like to use for the web interface." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) - local exitstatus=$? - whiptail_check_exitstatus $exitstatus + "Enter the Hostname or IP you would like to use for the web interface." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus } whiptail_set_redirect_info() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "The following selection refers to accessing the web interface. \n For security reasons, we use strict cookie enforcement." 10 75 @@ -914,7 +923,7 @@ For security reasons, we use strict cookie enforcement." 10 75 whiptail_setup_complete() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Finished installing this as an $install_type. Press Enter to reboot." 8 75 install_cleanup >> $setup_log 2>&1 @@ -923,7 +932,7 @@ whiptail_setup_complete() { whiptail_setup_failed() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return whiptail --title "Security Onion Setup" --msgbox "Install had a problem. Please see $setup_log for details. Press Enter to reboot." 8 75 install_cleanup >> $setup_log 2>&1 @@ -932,7 +941,7 @@ whiptail_setup_failed() { whiptail_shard_count() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return SHARDCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \ "\nEnter ES Shard Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) @@ -944,44 +953,46 @@ whiptail_shard_count() { whiptail_suricata_pins() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return local filtered_cores filtered_cores=$(echo "${cpu_core_list[@]}" "${BROPINS[@]}" | tr -d '"' | tr ' ' '\n' | sort | uniq -u | awk '{print $1 " \"" "core" "\""}') - SURIPINS=$(whiptail --noitem --title "Pin Suricata CPUS" --checklist "Please Select $lb_procs cores to pin Suricata to:" 20 75 12 "${filtered_cores[@]}" 3>&1 1>&2 2>&3 ) + SURIPINS=$(whiptail --noitem --title "Pin Suricata CPUS" --checklist "Please Select $lb_procs cores to pin Suricata to:" 20 75 12 "${filtered_cores[@]}" 3>&1 1>&2 2>&3 | tr -d '"' ) local exitstatus=$? whiptail_check_exitstatus $exitstatus + IFS=' ' read -ra SURIPINS <<< "$SURIPINS" + } whiptail_master_updates() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return local update_string update_string=$(whiptail --title "Security Onion Setup" --radiolist \ "How would you like to download updates for your grid?:" 20 75 4 \ "MASTER" "Master node is proxy for OS/Docker updates." ON \ "OPEN" "Each node connect to the Internet for updates" OFF 3>&1 1>&2 2>&3 ) + local exitstatus=$? + whiptail_check_exitstatus $exitstatus case "$update_string" in 'MASTER') - MASTERUPDATES=1 + MASTERUPDATES='1' ;; *) - MASTERUPDATES=0 + MASTERUPDATES='0' ;; esac - local exitstatus=$? - whiptail_check_exitstatus $exitstatus } whiptail_node_updates() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return NODEUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \ "How would you like to download updates for this node?:" 20 75 4 \ @@ -995,9 +1006,8 @@ whiptail_node_updates() { whiptail_you_sure() { - [ -z "$QUIET" ] && return + [ -n "$QUIET" ] && return - echo "whiptail_you_sure called" >> $setup_log 2>&1 whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 75 local exitstatus=$?