Firewall Changes

salt/common/tools/sbin/so-firewall

@@ -43,7 +43,7 @@ APPLY=${APPLY,,}
 
 function rolecall() {
 	THEROLE=$1
-	THEROLES="analyst analyst_workstation heavynode idhnode receiver searchnode sensor"
+	THEROLES="analyst analyst_workstations beats_endpoint beats_endpoint_ssl elastic_agent_endpoint elasticsearch_rest endgame eval heavynodes idh manager receivers searchnodes sensors standalone strelka_frontend syslog"
 
 	for AROLE in $THEROLES; do
 		if [ "$AROLE" = "$THEROLE" ]; then

setup/so-functions

@@ -2171,16 +2171,13 @@ set_initial_firewall_policy() {
 
 		case "$install_type" in
 			'MANAGER')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost manager "$MAINIP"
+				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=manager --ip=$MAINIP --apply=true
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost minion "$MAINIP"
 				;;
 			'EVAL' | 'MANAGERSEARCH' | 'STANDALONE' | 'IMPORT')
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost manager "$MAINIP"
+				$default_salt_dir/salt/common/tools/sbin/so-firewall --role=$install_type --ip=$MAINIP --apply=true
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost minion "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
-				$default_salt_dir/salt/common/tools/sbin/so-firewall --apply includehost search_node "$MAINIP"
 				;;
 		esac
+	fi
 }
 
 # Set up the management interface on the ISO