CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5884 from Security-Onion-Solutions/feature/hl_eg

Browse Source 
Add EG firewall allowance via setup
This commit is contained in:
weslambert
2021-10-14 09:55:07 -04:00
committed by GitHub
parent f9001654bb 78e88e0765
commit 55c60f485c
4 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
files/firewall/hostgroups.local.yaml
View File

@@ -16,6 +16,10 @@ firewall:
ips:
delete:
insert:
endgame:
ips:
delete:
insert:
fleet:
ips:
delete:

11
salt/firewall/assigned_hostgroups.map.yaml
View File

@@ -162,6 +162,9 @@ role:
elasticsearch_rest:
portgroups:
- {{ portgroups.elasticsearch_rest }}
endgame:
portgroups:
- {{ portgroups.endgame }}
osquery_endpoint:
portgroups:
- {{ portgroups.fleet_api }}
@@ -248,6 +251,9 @@ role:
elasticsearch_rest:
portgroups:
- {{ portgroups.elasticsearch_rest }}
endgame:
portgroups:
- {{ portgroups.endgame }}
osquery_endpoint:
portgroups:
- {{ portgroups.fleet_api }}
@@ -337,6 +343,9 @@ role:
elasticsearch_rest:
portgroups:
- {{ portgroups.elasticsearch_rest }}
endgame:
portgroups:
- {{ portgroups.endgame }}
osquery_endpoint:
portgroups:
- {{ portgroups.fleet_api }}
@@ -594,4 +603,4 @@ role:
- {{ portgroups.all }}
minion:
portgroups:
- {{ portgroups.salt_manager }}
- {{ portgroups.salt_manager }}

3
salt/firewall/portgroups.yaml
View File

@@ -39,6 +39,9 @@ firewall:
elasticsearch_rest:
tcp:
- 9200
endgame:
tcp:
- 3765
fleet_api:
tcp:
- 8090

5
setup/so-setup
View File

@@ -967,6 +967,11 @@ else
so-learn enable logscan --apply >> $setup_log 2>&1
fi
if [[ -n $ENDGAME_SMP_IP ]]; then
set_progress_str 99 'Configuring firewall for Endgame SMP'
so-firewall --apply includehost endgame $ENDGAME_SMP_IP >> $setup_log 2>&1
fi
} | whiptail_gauge_post_setup "Running post-installation steps..."
whiptail_setup_complete