Dockernet Modifications

salt/firewall/hostgroups.yaml

@@ -1,3 +1,4 @@
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
 firewall:
   hostgroups:
     anywhere:
@@ -9,7 +10,7 @@ firewall:
       ips:
         delete:
         insert:
-          - 172.17.0.0/24
+          - {{ DNET }}/24
     localhost:
       ips:
         delete:

salt/fleet/init.sls

@@ -12,6 +12,8 @@
 {% else %}
   {% set MAINIP = salt['pillar.get']('global:managerip') %}
 {% endif %}
+{% set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+
 
 include:
   - mysql
@@ -71,7 +73,7 @@ fleetdb:
 
 fleetdbuser:
   mysql_user.present:
-    - host: 172.17.0.0/255.255.0.0
+    - host: {{ DNET }}/255.255.0.0
     - password: {{ FLEETPASS }}
     - connection_host: {{ MAINIP }}
     - connection_port: 3306
@@ -85,7 +87,7 @@ fleetdbpriv:
     - grant: all privileges
     - database: fleet.*
     - user: fleetdbuser
-    - host: 172.17.0.0/255.255.0.0
+    - host: {{ DNET }}/255.255.0.0
     - connection_host: {{ MAINIP }}
     - connection_port: 3306
     - connection_user: root

salt/playbook/init.sls

@@ -10,6 +10,8 @@
 {% set MAINIP = salt['grains.get']('ip_interfaces').get(salt['pillar.get']('sensor:mainint', salt['pillar.get']('manager:mainint', salt['pillar.get']('elasticsearch:mainint', salt['pillar.get']('host:mainint')))))[0] %}
 {%- set MYSQLPASS = salt['pillar.get']('secrets:mysql', None) -%}
 {%- set PLAYBOOKPASS = salt['pillar.get']('secrets:playbook_db', None) -%}
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+
 
 include:
   - mysql
@@ -19,7 +21,7 @@ create_playbookdbuser:
     - mysql.user_create:
       - user: playbookdbuser
       - password: {{ PLAYBOOKPASS }}
-      - host: 172.17.0.0/255.255.0.0
+      - host: {{ DNET }}/255.255.255.0
       - connection_host: {{ MAINIP }}
       - connection_port: 3306
       - connection_user: root
@@ -28,7 +30,7 @@ create_playbookdbuser:
 query_playbookdbuser_grants:
   mysql_query.run:
     - database: playbook
-    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'172.17.0.0/255.255.0.0';"
+    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DNET }}/255.255.255.0';"
     - connection_host: {{ MAINIP }}
     - connection_port: 3306
     - connection_user: root

salt/soc/files/soc/soc.json

@@ -9,6 +9,8 @@
 {%- import_json "soc/files/soc/hunt.queries.json" as hunt_queries %}
 {%- import_json "soc/files/soc/hunt.actions.json" as hunt_actions %}
 {%- import_json "soc/files/soc/hunt.eventfields.json" as hunt_eventfields %}
+{%- set DNET = salt['pillar.get']('global:dockernet', '172.17.0.0') %}
+
 {
   "logFilename": "/opt/sensoroni/logs/sensoroni-server.log",
   "server": {
@@ -49,7 +51,7 @@
       },
 {% endif %}
       "statickeyauth": {
-        "anonymousCidr": "172.17.0.0/24",
+        "anonymousCidr": "{{ DNET }}/24",
         "apiKey": "{{ SENSORONIKEY }}"
       }
     },

setup/so-whiptail

@@ -462,11 +462,11 @@ whiptail_dockernet_check(){
 	[ -n "$TESTING" ] && return
 
 	whiptail --title "Security Onion Setup" --yesno \
-	"Do you want to change the IP range Docker uses? (Choose no if you don't know what this means)" 8 75
+	"Do you want to keep the default Docker IP range? (Choose yes if you don't know what this means)" 8 75
 
 	local exitstatus=$?
 
-	if [[ $exitstatus == 0 ]]; then
+	if [[ $exitstatus == 1 ]]; then
 	whiptail_dockernet_net
 	fi
 }
@@ -476,7 +476,7 @@ whiptail_dockernet_net() {
 	[ -n "$TESTING" ] && return
 
 	DOCKERNET=$(whiptail --title "Security Onion Setup" --inputbox \
-	"\nEnter a network range for docker to use: \n \n(Default value is pre-populated)" 10 75 172.17.0.0/16 3>&1 1>&2 2>&3)
+	"\nEnter a /24 network range for docker to use: \n \n(Default value is pre-populated)" 10 75 172.17.0.0 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus