CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

[fix] Test if QUIET var is set, and convert whiptail output to arrays

Browse Source 
Also rewrite filter_unused_nics so it is the only source for list of nics
This commit is contained in:
William Wernert
2020-04-22 13:12:57 -04:00
parent 0250bf026a
commit 3f264163d4
2 changed files with 181 additions and 163 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
setup/so-common-functions
View File

@@ -5,19 +5,27 @@ source './so-variables'
# Helper functions # Helper functions
filter_unused_nics() { filter_unused_nics() {
# Set the main NIC as the default grep search string
local grep_string="$MNIC" if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi
# If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string # If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string
if [[ $BNICS ]]; then if [[ $BNICS ]]; then
grep_string="$grep_string"
for BONDNIC in "${BNICS[@]}"; do for BONDNIC in "${BNICS[@]}"; do
grep_string="$grep_string\|$BONDNIC" grep_string="$grep_string\|$BONDNIC"
done done
fi fi
# Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use) # Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use)
filtered_nics=$(ip link | grep -vwe "$grep_string" | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}') filtered_nics=$(ip link | grep -vwe "$grep_string" | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | sed 's/ //')
export filtered_nics readarray -t filtered_nics <<< "$filtered_nics"
nic_list=()
for nic in "${filtered_nics[@]}"; do
nic_list+=("$nic" "" "OFF")
done
export nic_list
} }
calculate_useable_cores() { calculate_useable_cores() {

328
setup/so-whiptail
View File

@@ -15,12 +15,13 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
source "./so-variables" source ./so-variables
source "./so-common-functions" source ./so-common-functions
whiptail_basic_bro() { whiptail_basic_bro() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
BASICBRO=$(whiptail --title "Security Onion Setup" --inputbox \ BASICBRO=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of bro processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3) "Enter the number of bro processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3)
@@ -31,7 +32,7 @@ whiptail_basic_bro() {
whiptail_basic_suri() { whiptail_basic_suri() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
BASICSURI=$(whiptail --title "Security Onion Setup" --inputbox \ BASICSURI=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of Suricata Processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3) "Enter the number of Suricata Processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3)
@@ -43,18 +44,19 @@ whiptail_basic_suri() {
whiptail_bro_pins() { whiptail_bro_pins() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
BROPINS=$(whiptail --noitem --title "Pin Bro CPUS" --checklist "Please Select $lb_procs cores to pin Bro to:" 20 75 12 "${cpu_core_list[@]}" 3>&1 1>&2 2>&3 ) BROPINS=$(whiptail --noitem --title "Pin Bro CPUS" --checklist "Please Select $lb_procs cores to pin Bro to:" 20 75 12 "${cpu_core_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS=' ' read -ra BROPINS <<< "$BROPINS"
} }
whiptail_bro_version() { whiptail_bro_version() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \ BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \
"SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3) "SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3)
@@ -66,29 +68,27 @@ whiptail_bro_version() {
whiptail_bond_nics() { whiptail_bond_nics() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
local nic_list=() filter_unused_nics
for filtered_nic in "${filtered_nics[@]}"; do
nic_list+=("$filtered_nic" "Interface" "OFF")
done
BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
while [ -z "$BNICS" ] while [ -z "$BNICS" ]
do do
BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 ) BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interface" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
done done
IFS=' ' read -ra BNICS <<< "$BNICS"
} }
whiptail_bond_nics_mtu() { whiptail_bond_nics_mtu() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# Set the MTU on the monitor interface # Set the MTU on the monitor interface
MTU=$(whiptail --title "Security Onion Setup" --inputbox \ MTU=$(whiptail --title "Security Onion Setup" --inputbox \
@@ -103,9 +103,11 @@ whiptail_cancel() {
whiptail --title "Security Onion Setup" --msgbox "Cancelling Setup. No changes have been made." 8 75 whiptail --title "Security Onion Setup" --msgbox "Cancelling Setup. No changes have been made." 8 75
if [ -d "/root/installtmp" ]; then if [ -d "/root/installtmp" ]; then
echo "/root/installtmp exists" >> $setup_log 2>&1 {
install_cleanup >> $setup_log 2>&1 echo "/root/installtmp exists";
echo "/root/installtmp removed" >> $setup_log 2>&1 install_cleanup;
echo "/root/installtmp removed";
} >> $setup_log 2>&1
fi fi
exit exit
@@ -113,8 +115,7 @@ whiptail_cancel() {
whiptail_check_exitstatus() { whiptail_check_exitstatus() {
if [ "$1" == '1' ]; then if [ "$1" != 0 ]; then
echo "They hit cancel"
whiptail_cancel whiptail_cancel
fi fi
@@ -122,7 +123,7 @@ whiptail_check_exitstatus() {
whiptail_create_admin_user() { whiptail_create_admin_user() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
ADMINUSER=$(whiptail --title "Security Onion Install" --inputbox \ ADMINUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter a username for your new admin user. The onion account will be disabled during this install" 10 60 3>&1 1>&2 2>&3) "Please enter a username for your new admin user. The onion account will be disabled during this install" 10 60 3>&1 1>&2 2>&3)
@@ -131,7 +132,7 @@ whiptail_create_admin_user() {
whiptail_create_admin_user_password1() { whiptail_create_admin_user_password1() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
ADMINPASS1=$(whiptail --title "Security Onion Install" --passwordbox \ ADMINPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3) "Enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -142,7 +143,7 @@ whiptail_create_admin_user_password1() {
whiptail_create_admin_user_password2() { whiptail_create_admin_user_password2() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
ADMINPASS2=$(whiptail --title "Security Onion Install" --passwordbox \ ADMINPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3) "Re-enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -154,7 +155,7 @@ whiptail_create_admin_user_password2() {
whiptail_create_soremote_user() { whiptail_create_soremote_user() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Set a password for the soremote user. This account is used for adding sensors remotely." 8 75 whiptail --title "Security Onion Setup" --msgbox "Set a password for the soremote user. This account is used for adding sensors remotely." 8 75
@@ -162,7 +163,7 @@ whiptail_create_soremote_user() {
whiptail_create_soremote_user_password1() { whiptail_create_soremote_user_password1() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
SOREMOTEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \ SOREMOTEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for user soremote" 10 75 3>&1 1>&2 2>&3) "Enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -174,7 +175,7 @@ whiptail_create_soremote_user_password1() {
whiptail_create_soremote_user_password2() { whiptail_create_soremote_user_password2() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
SOREMOTEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \ SOREMOTEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for user soremote" 10 75 3>&1 1>&2 2>&3) "Re-enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -186,7 +187,7 @@ whiptail_create_soremote_user_password2() {
whiptail_create_web_user() { whiptail_create_web_user() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \ WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3) "Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3)
@@ -197,14 +198,14 @@ whiptail_create_web_user() {
whiptail_invalid_user_warning() { whiptail_invalid_user_warning() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75 whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75
} }
whiptail_create_web_user_password1() { whiptail_create_web_user_password1() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
WEBPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \ WEBPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3) "Enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -215,7 +216,7 @@ whiptail_create_web_user_password1() {
whiptail_create_web_user_password2() { whiptail_create_web_user_password2() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
WEBPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \ WEBPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3) "Re-enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -227,14 +228,14 @@ whiptail_create_web_user_password2() {
whiptail_invalid_pass_warning() { whiptail_invalid_pass_warning() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75 whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75
} }
whiptail_cur_close_days() { whiptail_cur_close_days() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
CURCLOSEDAYS=$(whiptail --title "Security Onion Setup" --inputbox \ CURCLOSEDAYS=$(whiptail --title "Security Onion Setup" --inputbox \
"Please specify the threshold (in days) at which Elasticsearch indices will be closed" 10 75 $CURCLOSEDAYS 3>&1 1>&2 2>&3) "Please specify the threshold (in days) at which Elasticsearch indices will be closed" 10 75 $CURCLOSEDAYS 3>&1 1>&2 2>&3)
@@ -246,53 +247,47 @@ whiptail_cur_close_days() {
whiptail_dhcp_or_static() { whiptail_dhcp_or_static() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
address_type=$(whiptail --title "Security Onion Setup" --radiolist \ address_type=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose how to set up your management interface:" 20 78 4 \ "Choose how to set up your management interface:" 20 78 4 \
"STATIC" "Set a static IPv4 address" ON \ "STATIC" "Set a static IPv4 address" ON \
"DHCP" "Use DHCP to configure the Management Interface" OFF 3>&1 1>&2 2>&3 ) "DHCP" "Use DHCP to configure the Management Interface" OFF 3>&1 1>&2 2>&3 )
export address_type
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
export address_type
} }
whiptail_enable_components() { whiptail_enable_components() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \ COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \
"Select Components to install" 20 75 8 \ "Select Components to install" 20 75 8 \
"GRAFANA" "Enable Grafana for system monitoring" ON \ GRAFANA "Enable Grafana for system monitoring" ON \
"OSQUERY" "Enable Fleet with osquery" ON \ OSQUERY "Enable Fleet with osquery" ON \
"WAZUH" "Enable Wazuh" ON \ WAZUH "Enable Wazuh" ON \
"THEHIVE" "Enable TheHive" ON \ THEHIVE "Enable TheHive" ON \
"PLAYBOOK" "Enable Playbook" ON \ PLAYBOOK "Enable Playbook" ON \
"STRELKA" "Enable Strelka" ON 3>&1 1>&2 2>&3 ) STRELKA "Enable Strelka" ON 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$?
# Init the environment variables whiptail_check_exitstatus $exitstatus
GRAFANA=0
OSQUERY=0 IFS=' ' read -ra COMPONENTS <<< "$COMPONENTS"
WAZUH=0
THEHIVE=0
PLAYBOOK=0
STRELKA=0
# Set any variables to 1 if they exist in COMPONENTS # Set any variables to 1 if they exist in COMPONENTS
for component in "${COMPONENTS[@]}"; do for component in "${COMPONENTS[@]}"; do
component="$(echo -e "$component" | tr -d '"')" declare "$component=1"
eval "$component"="1"
done done
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
} }
whiptail_eval_adv() { whiptail_eval_adv() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
EVALADVANCED=$(whiptail --title "Security Onion Setup" --radiolist \ EVALADVANCED=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose your eval install:" 20 75 4 \ "Choose your eval install:" 20 75 4 \
@@ -305,14 +300,14 @@ whiptail_eval_adv() {
whiptail_components_adv_warning() { whiptail_components_adv_warning() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75 whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75
} }
whiptail_helix_apikey() { whiptail_helix_apikey() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \ HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3) "Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3)
@@ -324,41 +319,43 @@ whiptail_helix_apikey() {
whiptail_homenet_master() { whiptail_homenet_master() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
HNMASTER=$(whiptail --title "Security Onion Setup" --inputbox \ HNMASTER=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3) "Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3)
export HNMASTER
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
export HNMASTER
} }
whiptail_homenet_sensor() { whiptail_homenet_sensor() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# Ask to inherit from master # Ask to inherit from master
whiptail --title "Security Onion Setup" --yesno "Do you want to inherit the HOME_NET from the Master?" 8 75 whiptail --title "Security Onion Setup" --yesno "Do you want to inherit the HOME_NET from the Master?" 8 75
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus
if [ $exitstatus == 0 ]; then if [ $exitstatus == 0 ]; then
export HNSENSOR=inherit export HNSENSOR=inherit
else else
HNSENSOR=$(whiptail --title "Security Onion Setup" --inputbox \ HNSENSOR=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3) "Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3)
export HNSENSOR
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
export HNSENSOR
fi fi
} }
whiptail_install_type() { whiptail_install_type() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# What kind of install are we doing? # What kind of install are we doing?
install_type=$(whiptail --title "Security Onion Setup" --radiolist \ install_type=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -376,16 +373,18 @@ whiptail_install_type() {
"WAZUH" "TODO Stand Alone Wazuh Node" OFF \ "WAZUH" "TODO Stand Alone Wazuh Node" OFF \
"STRELKA" "TODO Stand Alone Strelka Node" OFF \ "STRELKA" "TODO Stand Alone Strelka Node" OFF \
"PARSINGNODE" "TODO Add a dedicated Parsing Node" OFF 3>&1 1>&2 2>&3 ) "PARSINGNODE" "TODO Add a dedicated Parsing Node" OFF 3>&1 1>&2 2>&3 )
export install_type
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
export install_type
} }
whiptail_log_size_limit() { whiptail_log_size_limit() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
log_size_limit=$(whiptail --title "Security Onion Setup" --inputbox \ log_size_limit=$(whiptail --title "Security Onion Setup" --inputbox \
"Please specify the amount of disk space (in GB) you would like to allocate for Elasticsearch data storage. \ "Please specify the amount of disk space (in GB) you would like to allocate for Elasticsearch data storage. \
@@ -398,7 +397,7 @@ whiptail_log_size_limit() {
whiptail_management_interface_dns() { whiptail_management_interface_dns() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MDNS=$(whiptail --title "Security Onion Setup" --inputbox \ MDNS=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS server using space between multiple" 10 60 8.8.8.8 8.8.4.4 3>&1 1>&2 2>&3) "Enter your DNS server using space between multiple" 10 60 8.8.8.8 8.8.4.4 3>&1 1>&2 2>&3)
@@ -407,7 +406,7 @@ whiptail_management_interface_dns() {
whiptail_management_interface_dns_search() { whiptail_management_interface_dns_search() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MSEARCH=$(whiptail --title "Security Onion Setup" --inputbox \ MSEARCH=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS search domain" 10 60 searchdomain.local 3>&1 1>&2 2>&3) "Enter your DNS search domain" 10 60 searchdomain.local 3>&1 1>&2 2>&3)
@@ -416,7 +415,7 @@ whiptail_management_interface_dns_search() {
whiptail_management_interface_gateway() { whiptail_management_interface_gateway() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MGATEWAY=$(whiptail --title "Security Onion Setup" --inputbox \ MGATEWAY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your gateway" 10 60 X.X.X.X 3>&1 1>&2 2>&3) "Enter your gateway" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -425,7 +424,7 @@ whiptail_management_interface_gateway() {
whiptail_management_interface_ip() { whiptail_management_interface_ip() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MIP=$(whiptail --title "Security Onion Setup" --inputbox \ MIP=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your IP address" 10 60 X.X.X.X 3>&1 1>&2 2>&3) "Enter your IP address" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -434,7 +433,7 @@ whiptail_management_interface_ip() {
whiptail_management_interface_mask() { whiptail_management_interface_mask() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MMASK=$(whiptail --title "Security Onion Setup" --inputbox \ MMASK=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the bit mask for your subnet" 10 60 24 3>&1 1>&2 2>&3) "Enter the bit mask for your subnet" 10 60 24 3>&1 1>&2 2>&3)
@@ -443,15 +442,17 @@ whiptail_management_interface_mask() {
whiptail_management_nic() { whiptail_management_nic() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${all_nics[@]}" 3>&1 1>&2 2>&3 ) filter_unused_nics
MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 )
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
while [ -z "$MNIC" ] while [ -z "$MNIC" ]
do do
MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${all_nics[@]}" 3>&1 1>&2 2>&3 ) MNIC=$(whiptail --title "NIC Setup" --radiolist "Please select your management NIC" 20 75 12 "${nic_list[@]}" 3>&1 1>&2 2>&3 )
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
done done
@@ -460,7 +461,7 @@ whiptail_management_nic() {
whiptail_nids() { whiptail_nids() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NIDS=$(whiptail --title "Security Onion Setup" --radiolist \ NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run:" 20 75 4 \ "Choose which IDS to run:" 20 75 4 \
@@ -474,7 +475,7 @@ whiptail_nids() {
whiptail_oinkcode() { whiptail_oinkcode() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \ OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3) "Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3)
@@ -486,7 +487,7 @@ whiptail_oinkcode() {
whiptail_make_changes() { whiptail_make_changes() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please hit YES to make changes or NO to cancel." 8 75 whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please hit YES to make changes or NO to cancel." 8 75
@@ -497,7 +498,7 @@ whiptail_make_changes() {
whiptail_management_server() { whiptail_management_server() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MSRV=$(whiptail --title "Security Onion Setup" --inputbox \ MSRV=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Master Server hostname. It is CASE SENSITIVE!" 10 75 XXXX 3>&1 1>&2 2>&3) "Enter your Master Server hostname. It is CASE SENSITIVE!" 10 75 XXXX 3>&1 1>&2 2>&3)
@@ -506,9 +507,9 @@ whiptail_management_server() {
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
# See if it resolves. Otherwise prompt to add to host file # See if it resolves. Otherwise prompt to add to host file
TESTHOST=$(host $MSRV) TESTHOST=$(host "$MSRV")
if [[ $TESTHOST = *"not found"* ]] || [ -z $TESTHOST ] || [[ $TESTHOST = *"connection timed out"* ]]; then if [[ $TESTHOST = *"not found"* ]] || [ -z "$TESTHOST" ] || [[ $TESTHOST = *"connection timed out"* ]]; then
add_master_hostfile add_master_hostfile
fi fi
@@ -517,7 +518,7 @@ whiptail_management_server() {
# Ask if you want to do advanced setup of the Master # Ask if you want to do advanced setup of the Master
whiptail_master_adv() { whiptail_master_adv() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
MASTERADV=$(whiptail --title "Security Onion Setup" --radiolist \ MASTERADV=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose what type of master install:" 20 75 4 \ "Choose what type of master install:" 20 75 4 \
@@ -532,7 +533,7 @@ whiptail_master_adv() {
# Ask which additional components to install # Ask which additional components to install
whiptail_master_adv_service_brologs() { whiptail_master_adv_service_brologs() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
BLOGS=$(whiptail --title "Security Onion Setup" --checklist "Please Select Logs to Send:" 24 75 12 \ BLOGS=$(whiptail --title "Security Onion Setup" --checklist "Please Select Logs to Send:" 24 75 12 \
"conn" "Connection Logging" ON \ "conn" "Connection Logging" ON \
@@ -572,16 +573,18 @@ whiptail_master_adv_service_brologs() {
"weird" "Zeek Weird Logs" ON \ "weird" "Zeek Weird Logs" ON \
"mysql" "MySQL Logs" ON \ "mysql" "MySQL Logs" ON \
"socks" "SOCKS Logs" ON \ "socks" "SOCKS Logs" ON \
"x509" "x.509 Logs" ON 3>&1 1>&2 2>&3 ) "x509" "x.509 Logs" ON 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS=' ' read -ra BLOGS <<< "$BLOGS"
} }
whiptail_network_notice() { whiptail_network_notice() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --yesno "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. Hit YES to continue." 8 75 whiptail --title "Security Onion Setup" --yesno "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. Hit YES to continue." 8 75
@@ -592,7 +595,7 @@ whiptail_network_notice() {
whiptail_node_advanced() { whiptail_node_advanced() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \ NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of config would you like to use?:" 20 75 4 \ "What type of config would you like to use?:" 20 75 4 \
@@ -606,7 +609,7 @@ whiptail_node_advanced() {
whiptail_node_es_heap() { whiptail_node_es_heap() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NODE_ES_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \ NODE_ES_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $ES_HEAP_SIZE 3>&1 1>&2 2>&3) "\nEnter ES Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $ES_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -618,7 +621,7 @@ whiptail_node_es_heap() {
whiptail_node_ls_heap() { whiptail_node_ls_heap() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NODE_LS_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \ NODE_LS_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $LS_HEAP_SIZE 3>&1 1>&2 2>&3) "\nEnter LogStash Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $LS_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -630,10 +633,10 @@ whiptail_node_ls_heap() {
whiptail_node_ls_pipeline_worker() { whiptail_node_ls_pipeline_worker() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
LSPIPELINEWORKERS=$(whiptail --title "Security Onion Setup" --inputbox \ LSPIPELINEWORKERS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 "$cpu_cores" 3>&1 1>&2 2>&3) "\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 "$num_cpu_cores" 3>&1 1>&2 2>&3)
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
@@ -642,7 +645,7 @@ whiptail_node_ls_pipeline_worker() {
whiptail_node_ls_pipline_batchsize() { whiptail_node_ls_pipline_batchsize() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
LSPIPELINEBATCH=$(whiptail --title "Security Onion Setup" --inputbox \ LSPIPELINEBATCH=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Batch Size: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) "\nEnter LogStash Pipeline Batch Size: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -654,7 +657,7 @@ whiptail_node_ls_pipline_batchsize() {
whiptail_node_ls_input_threads() { whiptail_node_ls_input_threads() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
LSINPUTTHREADS=$(whiptail --title "Security Onion Setup" --inputbox \ LSINPUTTHREADS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Threads: \n \n(Default value is pre-populated)" 10 75 1 3>&1 1>&2 2>&3) "\nEnter LogStash Input Threads: \n \n(Default value is pre-populated)" 10 75 1 3>&1 1>&2 2>&3)
@@ -666,7 +669,7 @@ whiptail_node_ls_input_threads() {
whiptail_node_ls_input_batch_count() { whiptail_node_ls_input_batch_count() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \ LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) "\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -689,7 +692,7 @@ whiptail_passwords_dont_match() {
whiptail_patch_name_new_schedule() { whiptail_patch_name_new_schedule() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \ PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
"What name do you want to give this OS patch schedule? This schedule needs to be named uniquely. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/<schedulename>.yml" 10 75 3>&1 1>&2 2>&3) "What name do you want to give this OS patch schedule? This schedule needs to be named uniquely. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/<schedulename>.yml" 10 75 3>&1 1>&2 2>&3)
@@ -710,7 +713,7 @@ whiptail_patch_name_new_schedule() {
whiptail_patch_schedule() { whiptail_patch_schedule() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
local patch_schedule local patch_schedule
patch_schedule=$(whiptail --title "Security Onion Setup" --radiolist \ patch_schedule=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -720,6 +723,10 @@ whiptail_patch_schedule() {
"Import Schedule" "Import named schedule on following screen" OFF \ "Import Schedule" "Import named schedule on following screen" OFF \
"New Schedule" "Configure and name new schedule on next screen" OFF 3>&1 1>&2 2>&3 ) "New Schedule" "Configure and name new schedule on next screen" OFF 3>&1 1>&2 2>&3 )
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
case $patch_schedule in case $patch_schedule in
'New Schedule') 'New Schedule')
whiptail_patch_schedule_select_days whiptail_patch_schedule_select_days
@@ -738,14 +745,12 @@ whiptail_patch_schedule() {
;; ;;
esac esac
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
} }
whiptail_patch_schedule_import() { whiptail_patch_schedule_import() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
unset PATCHSCHEDULENAME unset PATCHSCHEDULENAME
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \ PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
@@ -767,71 +772,75 @@ whiptail_patch_schedule_import() {
whiptail_patch_schedule_select_days() { whiptail_patch_schedule_select_days() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# Select the days to patch # Select the days to patch
mapfile -t PATCHSCHEDULEDAYS< <(whiptail --title "Security Onion Setup" --checklist \ PATCHSCHEDULEDAYS=<(whiptail --title "Security Onion Setup" --checklist \
"Which days do you want to apply OS patches?" 15 75 8 \ "Which days do you want to apply OS patches?" 15 75 8 \
"Monday" "" OFF \ Monday "" OFF \
"Tuesday" "" ON \ Tuesday "" ON \
"Wednesday" "" OFF \ Wednesday "" OFF \
"Thursday" "" OFF \ Thursday "" OFF \
"Friday" "" OFF \ Friday "" OFF \
"Saturday" "" OFF \ Saturday "" OFF \
"Sunday" "" OFF 3>&1 1>&2 2>&3 ) Sunday "" OFF 3>&1 1>&2 2>&3 | tr -d '"')
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS=' ' read -ra PATCHSCHEDULEDAYS <<< "$PATCHSCHEDULEDAYS"
} }
whiptail_patch_schedule_select_hours() { whiptail_patch_schedule_select_hours() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# Select the hours to patch # Select the hours to patch
mapfile -t PATCHSCHEDULEHOURS< <(whiptail --title "Security Onion Setup" --checklist \ PATCHSCHEDULEHOURS=<(whiptail --title "Security Onion Setup" --checklist \
"At which time, UTC, do you want to apply OS patches on the selected days? Hours 12 through 23 can be selected on the next screen." 22 75 13 \ "At which time, UTC, do you want to apply OS patches on the selected days? Hours 12 through 23 can be selected on the next screen." 22 75 13 \
"00:00" "" OFF \ 00:00 "" OFF \
"01:00" "" OFF \ 01:00 "" OFF \
"02:00" "" OFF \ 02:00 "" OFF \
"03:00" "" OFF \ 03:00 "" OFF \
"04:00" "" OFF \ 04:00 "" OFF \
"05:00" "" OFF \ 05:00 "" OFF \
"06:00" "" OFF \ 06:00 "" OFF \
"07:00" "" OFF \ 07:00 "" OFF \
"08:00" "" OFF \ 08:00 "" OFF \
"09:00" "" OFF \ 09:00 "" OFF
"10:00" "" OFF \ 10:00 "" OFF \
"11:00" "" OFF 3>&1 1>&2 2>&3 ) 11:00 "" OFF 3>&1 1>&2 2>&3 | tr -d '"' )
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
# Select the hours to patch # Select the hours to patch
mapfile -t second_half < <(whiptail --title "Security Onion Setup" --checklist \ PATCHSCHEDULEHOURS+=<(whiptail --title "Security Onion Setup" --checklist \
"At which time, UTC, do you want to apply OS patches on the selected days?" 22 75 13 \ "At which time, UTC, do you want to apply OS patches on the selected days?" 22 75 13 \
"12:00" "" OFF \ 12:00 "" OFF \
"13:00" "" OFF \ 13:00 "" OFF \
"14:00" "" OFF \ 14:00 "" OFF \
"15:00" "" ON \ 15:00 "" ON \
"16:00" "" OFF \ 16:00 "" OFF \
"17:00" "" OFF \ 17:00 "" OFF \
"18:00" "" OFF \ 18:00 "" OFF \
"19:00" "" OFF \ 19:00 "" OFF \
"20:00" "" OFF \ 20:00 "" OFF \
"21:00" "" OFF \ 21:00 "" OFF \
"22:00" "" OFF \ 22:00 "" OFF \
"23:00" "" OFF 3>&1 1>&2 2>&3 ) 23:00 "" OFF 3>&1 1>&2 2>&3 | tr -d '"' )
PATCHSCHEDULEHOURS+=("${second_half[@]}")
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS=' ' read -ra PATCHSCHEDULEHOURS <<< "$PATCHSCHEDULEHOURS"
} }
whiptail_rule_setup() { whiptail_rule_setup() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
# Get pulled pork info # Get pulled pork info
RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \ RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -849,7 +858,7 @@ whiptail_rule_setup() {
whiptail_sensor_config() { whiptail_sensor_config() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \ NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of configuration would you like to use?:" 20 75 4 \ "What type of configuration would you like to use?:" 20 75 4 \
@@ -863,10 +872,10 @@ whiptail_sensor_config() {
whiptail_set_hostname() { whiptail_set_hostname() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \ HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname you would like to set." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) "Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
@@ -874,7 +883,7 @@ whiptail_set_hostname() {
while [[ "$HOSTNAME" == *'localhost'* ]] ; do while [[ "$HOSTNAME" == *'localhost'* ]] ; do
whiptail --title "Security Onion Setup" --msgbox "Please choose a hostname that doesn't contain localhost." 8 75 whiptail --title "Security Onion Setup" --msgbox "Please choose a hostname that doesn't contain localhost." 8 75
HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \ HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname you would like to set." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) "Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
done done
@@ -883,7 +892,7 @@ whiptail_set_hostname() {
whiptail_set_redirect() { whiptail_set_redirect() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
REDIRECTINFO=$(whiptail --title "Security Onion Setup" --radiolist \ REDIRECTINFO=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose the access method for the web interface:" 20 75 4 \ "Choose the access method for the web interface:" 20 75 4 \
@@ -896,17 +905,17 @@ whiptail_set_redirect() {
whiptail_set_redirect_host() { whiptail_set_redirect_host() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
REDIRECTHOST=$(whiptail --title "Security Onion Setup" --inputbox \ REDIRECTHOST=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname or IP you would like to use for the web interface." 10 75 $HOSTNAME 3>&1 1>&2 2>&3) "Enter the Hostname or IP you would like to use for the web interface." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
} }
whiptail_set_redirect_info() { whiptail_set_redirect_info() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "The following selection refers to accessing the web interface. \n whiptail --title "Security Onion Setup" --msgbox "The following selection refers to accessing the web interface. \n
For security reasons, we use strict cookie enforcement." 10 75 For security reasons, we use strict cookie enforcement." 10 75
@@ -914,7 +923,7 @@ For security reasons, we use strict cookie enforcement." 10 75
whiptail_setup_complete() { whiptail_setup_complete() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Finished installing this as an $install_type. Press Enter to reboot." 8 75 whiptail --title "Security Onion Setup" --msgbox "Finished installing this as an $install_type. Press Enter to reboot." 8 75
install_cleanup >> $setup_log 2>&1 install_cleanup >> $setup_log 2>&1
@@ -923,7 +932,7 @@ whiptail_setup_complete() {
whiptail_setup_failed() { whiptail_setup_failed() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
whiptail --title "Security Onion Setup" --msgbox "Install had a problem. Please see $setup_log for details. Press Enter to reboot." 8 75 whiptail --title "Security Onion Setup" --msgbox "Install had a problem. Please see $setup_log for details. Press Enter to reboot." 8 75
install_cleanup >> $setup_log 2>&1 install_cleanup >> $setup_log 2>&1
@@ -932,7 +941,7 @@ whiptail_setup_failed() {
whiptail_shard_count() { whiptail_shard_count() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
SHARDCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \ SHARDCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Shard Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3) "\nEnter ES Shard Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -944,44 +953,46 @@ whiptail_shard_count() {
whiptail_suricata_pins() { whiptail_suricata_pins() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
local filtered_cores local filtered_cores
filtered_cores=$(echo "${cpu_core_list[@]}" "${BROPINS[@]}" | tr -d '"' | tr ' ' '\n' | sort | uniq -u | awk '{print $1 " \"" "core" "\""}') filtered_cores=$(echo "${cpu_core_list[@]}" "${BROPINS[@]}" | tr -d '"' | tr ' ' '\n' | sort | uniq -u | awk '{print $1 " \"" "core" "\""}')
SURIPINS=$(whiptail --noitem --title "Pin Suricata CPUS" --checklist "Please Select $lb_procs cores to pin Suricata to:" 20 75 12 "${filtered_cores[@]}" 3>&1 1>&2 2>&3 ) SURIPINS=$(whiptail --noitem --title "Pin Suricata CPUS" --checklist "Please Select $lb_procs cores to pin Suricata to:" 20 75 12 "${filtered_cores[@]}" 3>&1 1>&2 2>&3 | tr -d '"' )
local exitstatus=$? local exitstatus=$?
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus
IFS=' ' read -ra SURIPINS <<< "$SURIPINS"
} }
whiptail_master_updates() { whiptail_master_updates() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
local update_string local update_string
update_string=$(whiptail --title "Security Onion Setup" --radiolist \ update_string=$(whiptail --title "Security Onion Setup" --radiolist \
"How would you like to download updates for your grid?:" 20 75 4 \ "How would you like to download updates for your grid?:" 20 75 4 \
"MASTER" "Master node is proxy for OS/Docker updates." ON \ "MASTER" "Master node is proxy for OS/Docker updates." ON \
"OPEN" "Each node connect to the Internet for updates" OFF 3>&1 1>&2 2>&3 ) "OPEN" "Each node connect to the Internet for updates" OFF 3>&1 1>&2 2>&3 )
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
case "$update_string" in case "$update_string" in
'MASTER') 'MASTER')
MASTERUPDATES=1 MASTERUPDATES='1'
;; ;;
*) *)
MASTERUPDATES=0 MASTERUPDATES='0'
;; ;;
esac esac
local exitstatus=$?
whiptail_check_exitstatus $exitstatus
} }
whiptail_node_updates() { whiptail_node_updates() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
NODEUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \ NODEUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \
"How would you like to download updates for this node?:" 20 75 4 \ "How would you like to download updates for this node?:" 20 75 4 \
@@ -995,9 +1006,8 @@ whiptail_node_updates() {
whiptail_you_sure() { whiptail_you_sure() {
[ -z "$QUIET" ] && return [ -n "$QUIET" ] && return
echo "whiptail_you_sure called" >> $setup_log 2>&1
whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 75 whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 75
local exitstatus=$? local exitstatus=$?