CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move syslog to the INPUT chain where needed

Browse Source
This commit is contained in:
weslambert
2023-08-01 10:14:59 -04:00
committed by GitHub
parent f27ebc47c1
commit 4adaddf13f
1 changed files with 45 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
salt/firewall/defaults.yaml
View File

@@ -198,9 +198,6 @@ firewall:
portgroups:
- redis
- elasticsearch_node
self:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
@@ -218,9 +215,6 @@ firewall:
strelka_frontend:
portgroups:
- strelka_frontend
syslog:
portgroups:
- syslog
analyst:
portgroups:
- nginx
@@ -255,6 +249,12 @@ firewall:
localhost:
portgroups:
- all
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -425,12 +425,6 @@ firewall:
- elastic_agent_control
- elastic_agent_data
- elastic_agent_update
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
@@ -497,6 +491,12 @@ firewall:
receiver:
portgroups:
- salt_manager
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -588,9 +588,6 @@ firewall:
- elastic_agent_control
- elastic_agent_data
- elastic_agent_update
self:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
@@ -608,9 +605,6 @@ firewall:
endgame:
portgroups:
- endgame
syslog:
portgroups:
- syslog
analyst:
portgroups:
- nginx
@@ -660,6 +654,12 @@ firewall:
receiver:
portgroups:
- salt_manager
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -760,9 +760,6 @@ firewall:
- elastic_agent_control
- elastic_agent_data
- elastic_agent_update
self:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
@@ -783,9 +780,6 @@ firewall:
strelka_frontend:
portgroups:
- strelka_frontend
syslog:
portgroups:
- syslog
analyst:
portgroups:
- nginx
@@ -838,6 +832,12 @@ firewall:
receiver:
portgroups:
- salt_manager
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -884,9 +884,6 @@ firewall:
searchnode:
portgroups:
- elasticsearch_node
self:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -918,6 +915,12 @@ firewall:
localhost:
portgroups:
- all
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -942,9 +945,6 @@ firewall:
chain:
DOCKER-USER:
hostgroups:
self:
portgroups:
- syslog
strelka_frontend:
portgroups:
- strelka_frontend
@@ -979,6 +979,12 @@ firewall:
localhost:
portgroups:
- all
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -1030,6 +1036,9 @@ firewall:
strelka_frontend:
portgroups:
- strelka_frontend
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1:
@@ -1189,11 +1198,7 @@ firewall:
self:
portgroups:
- redis
- syslog
- beats_5644
syslog:
portgroups:
- syslog
beats_endpoint:
portgroups:
- beats_5044
@@ -1234,6 +1239,12 @@ firewall:
localhost:
portgroups:
- all
self:
portgroups:
- syslog
syslog:
portgroups:
- syslog
customhostgroup0:
portgroups: []
customhostgroup1: