diff --git a/setup/so-functions b/setup/so-functions index 3c056d23f..0cfb5ded2 100755 --- a/setup/so-functions +++ b/setup/so-functions @@ -845,6 +845,12 @@ docker_registry() { printf '%s\n'\ "{"\ " \"registry-mirrors\": [ \"$proxy:5000\" ]"\ + " \"default-address-pools\": ["\ + " {"\ + " \"base\" : \"$DOCKERNET\","\ + " \"size\" : 24"\ + " }"\ + " ]"\ "}" > /etc/docker/daemon.json echo "Docker Registry Setup - Complete" >> "$setup_log" 2>&1 @@ -1139,12 +1145,17 @@ manager_global() { fi fi + if [ -z "$DOCKERNET" ]; then + DOCKERNET=172.17.0.0/16 + fi + # Create a global file for global values printf '%s\n'\ "global:"\ " soversion: '$SOVERSION'"\ " hnmanager: '$HNMANAGER'"\ " ntpserver: '$NTPSERVER'"\ + " dockernet: '$DOCKERNET'"\ " proxy: '$PROXY'"\ " mdengine: '$ZEEKVERSION'"\ " ids: '$NIDS'"\ diff --git a/setup/so-setup b/setup/so-setup index 1c46a8bf9..9fe10ae3a 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -312,6 +312,7 @@ fi if [[ $is_helix || $is_manager || $is_import ]]; then whiptail_homenet_manager + whiptail_dockernet_check fi if [[ $is_helix || $is_manager || $is_node || $is_import ]]; then diff --git a/setup/so-whiptail b/setup/so-whiptail index 0401146af..a99d6a8c3 100755 --- a/setup/so-whiptail +++ b/setup/so-whiptail @@ -457,6 +457,31 @@ whiptail_dhcp_warn() { } +whiptail_dockernet_check(){ + + [ -n "$TESTING" ] && return + + whiptail --title "Security Onion Setup" --yesno \ + "Do you want to change the IP range Docker uses? (Choose no if you don't know what this means)" 8 75 + + local exitstatus=$? + + if [[ $exitstatus == 0 ]]; then + whiptail_dockernet_net + fi +} + +whiptail_dockernet_net() { + + [ -n "$TESTING" ] && return + + DOCKERNET=$(whiptail --title "Security Onion Setup" --inputbox \ + "\nEnter a network range for docker to use: \n \n(Default value is pre-populated)" 10 75 172.17.0.0/16 3>&1 1>&2 2>&3) + + local exitstatus=$? + whiptail_check_exitstatus $exitstatus + +} whiptail_enable_components() { [ -n "$TESTING" ] && return