CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: syntax error in reserved ports configuration; ensure ports are reserved prior to setup

Browse Source
This commit is contained in:
Jason Ertel
2021-03-05 10:54:01 -05:00
parent 39d4f077b4
commit 61a7efeeab
3 changed files with 13 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/common/files/99-reserved-ports.conf
View File

@@ -1 +1 @@
net.ipv4.ip_local_reserved_ports="55000,57314" net.ipv4.ip_local_reserved_ports=55000,57314

10
setup/so-functions
View File

@@ -1792,6 +1792,16 @@ reserve_group_ids() {
groupadd -g 946 cyberchef groupadd -g 946 cyberchef
} }
reserve_ports() {
# These are also set via salt but need to be set pre-install to avoid conflicts before salt runs
if ! sysctl net.ipv4.ip_local_reserved_ports | grep 55000 | grep 57314; then
echo "Reserving ephemeral ports used by Security Onion components to avoid collisions"
sysctl -w net.ipv4.ip_local_reserved_ports="55000,57314"
else
echo "Ephemeral ports already reserved"
fi
}
reinstall_init() { reinstall_init() {
info "Putting system in state to run setup again" info "Putting system in state to run setup again"

2
setup/so-setup
View File

@@ -550,6 +550,8 @@ set_redirect >> $setup_log 2>&1
# Show initial progress message # Show initial progress message
set_progress_str 0 'Running initial configuration steps' set_progress_str 0 'Running initial configuration steps'
reserve_ports
set_path set_path
if [[ $is_reinstall ]]; then if [[ $is_reinstall ]]; then