CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

no more plural roles, update so-firewall-minion

Browse Source
This commit is contained in:
m0duspwnens
2023-05-01 17:28:16 -04:00
parent 6a501efa75
commit 80b40503fb
3 changed files with 97 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
salt/firewall/defaults.yaml
View File

@@ -11,18 +11,18 @@ firewall:
endgame: []
eval: []
fleet: []
heavynodes: []
heavynode: []
idh: []
import: []
localhost:
- 127.0.0.1
manager: []
managersearch: []
receivers: []
searchnodes: []
securityonion_desktops: []
receiver: []
searchnode: []
securityonion_desktop: []
self: []
sensors: []
sensor: []
standalone: []
strelka_frontend: []
syslog: []
@@ -181,15 +181,15 @@ firewall:
- influxdb
- elasticsearch_rest
- elasticsearch_node
sensors:
sensor:
portgroups:
- beats_5044
- beats_5644
searchnodes:
searchnode:
portgroups:
- redis
- elasticsearch_node
heavynodes:
heavynode:
portgroups:
- redis
- elasticsearch_node
@@ -273,7 +273,7 @@ firewall:
chain:
DOCKER-USER:
hostgroups:
sensors:
sensor:
portgroups:
- elastic_agent_control
- elastic_agent_data
@@ -315,13 +315,13 @@ firewall:
standalone:
portgroups:
- salt_manager
sensors:
sensor:
portgroups:
- salt_manager
searchnodes:
searchnode:
portgroups:
- salt_manager
heavynodes:
heavynode:
portgroups:
- salt_manager
customhostgroup0:
@@ -361,7 +361,7 @@ firewall:
- elastic_agent_control
- elastic_agent_data
- agrules
sensors:
sensor:
portgroups:
- beats_5044
- beats_5644
@@ -370,7 +370,7 @@ firewall:
- yum
- docker_registry
- influxdb
searchnodes:
searchnode:
portgroups:
- redis
- elasticsearch_rest
@@ -381,7 +381,7 @@ firewall:
- influxdb
- elastic_agent_control
- elastic_agent_data
heavynodes:
heavynode:
portgroups:
- redis
- elasticsearch_rest
@@ -448,13 +448,13 @@ firewall:
localhost:
portgroups:
- all
sensors:
sensor:
portgroups:
- salt_manager
searchnodes:
searchnode:
portgroups:
- salt_manager
heavynodes:
heavynode:
portgroups:
- salt_manager
customhostgroup0:
@@ -493,7 +493,7 @@ firewall:
- docker_registry
- elastic_agent_control
- elastic_agent_data
sensors:
sensor:
portgroups:
- beats_5044
- beats_5644
@@ -502,7 +502,7 @@ firewall:
- yum
- docker_registry
- influxdb
searchnodes:
searchnode:
portgroups:
- redis
- elasticsearch_rest
@@ -512,7 +512,7 @@ firewall:
- influxdb
- elastic_agent_control
- elastic_agent_data
heavynodes:
heavynode:
portgroups:
- redis
- elasticsearch_rest
@@ -578,13 +578,13 @@ firewall:
localhost:
portgroups:
- all
sensors:
sensor:
portgroups:
- salt_manager
searchnodes:
searchnode:
portgroups:
- salt_manager
heavynodes:
heavynode:
portgroups:
- salt_manager
customhostgroup0:
@@ -647,7 +647,7 @@ firewall:
- beats_5056
- elastic_agent_control
- elastic_agent_data
sensors:
sensor:
portgroups:
- docker_registry
- influxdb
@@ -658,7 +658,7 @@ firewall:
- beats_5056
- elastic_agent_control
- elastic_agent_data
searchnodes:
searchnode:
portgroups:
- docker_registry
- influxdb
@@ -667,7 +667,7 @@ firewall:
- redis
- elasticsearch_rest
- elasticsearch_node
heavynodes:
heavynode:
portgroups:
- docker_registry
- influxdb
@@ -741,13 +741,13 @@ firewall:
standalone:
portgroups:
- salt_manager
sensors:
sensor:
portgroups:
- salt_manager
searchnodes:
searchnode:
portgroups:
- salt_manager
heavynodes:
heavynode:
portgroups:
- salt_manager
customhostgroup0:
@@ -785,7 +785,7 @@ firewall:
elasticsearch_rest:
portgroups:
- elasticsearch_rest
searchnodes:
searchnode:
portgroups:
- elasticsearch_node
self:
@@ -989,11 +989,11 @@ firewall:
- elasticsearch_rest
- elasticsearch_node
- elastic_agent_control
sensors:
sensor:
portgroups:
- beats_5044
- beats_5644
searchnodes:
searchnode:
portgroups:
- redis
- elasticsearch_node
@@ -1068,10 +1068,10 @@ firewall:
chain:
DOCKER-USER:
hostgroups:
sensors:
sensor:
portgroups:
- beats_5644
searchnodes:
searchnode:
portgroups:
- redis
- beats_5644

70
salt/firewall/soc_firewall.yaml
View File

@@ -31,17 +31,17 @@ firewall:
endgame: *hostgroupsettingsadv
eval: *hostgroupsettings
fleet: *hostgroupsettings
heavynodes: *hostgroupsettings
heavynode: *hostgroupsettings
idh: *hostgroupsettings
import: *hostgroupsettings
localhost: *ROhostgroupsettingsadv
manager: *hostgroupsettings
managersearch: *hostgroupsettings
receivers: *hostgroupsettings
searchnodes: *hostgroupsettings
securityonion_desktops: *hostgroupsettings
receiver: *hostgroupsettings
searchnode: *hostgroupsettings
securityonion_desktop: *hostgroupsettings
self: *ROhostgroupsettingsadv
sensors: *hostgroupsettings
sensor: *hostgroupsettings
standalone: *hostgroupsettings
strelka_frontend: *hostgroupsettings
syslog: *hostgroupsettings
@@ -186,11 +186,11 @@ firewall:
advanced: True
multiline: True
helpLink: firewall.html
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
heavynodes:
heavynode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker
@@ -264,7 +264,7 @@ firewall:
chain:
DOCKER-USER:
hostgroups:
sensors:
sensor:
portgroups: *portgroupsdocker
elastic_agent_endpoint:
portgroups: *portgroupsdocker
@@ -298,11 +298,11 @@ firewall:
portgroups: *portgroupsdocker
standalone:
portgroups: *portgroupshost
sensors:
sensor:
portgroups: *portgroupshost
searchnodes:
searchnode:
portgroups: *portgroupshost
heavynodes:
heavynode:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
@@ -331,11 +331,11 @@ firewall:
hostgroups:
manager:
portgroups: *portgroupsdocker
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
heavynodes:
heavynode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker
@@ -381,11 +381,11 @@ firewall:
portgroups: *portgroupshost
localhost:
portgroups: *portgroupshost
sensors:
sensor:
portgroups: *portgroupshost
searchnodes:
searchnode:
portgroups: *portgroupshost
heavynodes:
heavynode:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
@@ -414,11 +414,11 @@ firewall:
hostgroups:
managersearch:
portgroups: *portgroupsdocker
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
heavynodes:
heavynode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker
@@ -464,11 +464,11 @@ firewall:
portgroups: *portgroupshost
localhost:
portgroups: *portgroupshost
sensors:
sensor:
portgroups: *portgroupshost
searchnodes:
searchnode:
portgroups: *portgroupshost
heavynodes:
heavynode:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
@@ -501,11 +501,11 @@ firewall:
portgroups: *portgroupsdocker
fleet:
portgroups: *portgroupsdocker
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
heavynodes:
heavynode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker
@@ -557,11 +557,11 @@ firewall:
portgroups: *portgroupshost
standalone:
portgroups: *portgroupshost
sensors:
sensor:
portgroups: *portgroupshost
searchnodes:
searchnode:
portgroups: *portgroupshost
heavynodes:
heavynode:
portgroups: *portgroupshost
customhostgroup0:
portgroups: *portgroupshost
@@ -594,7 +594,7 @@ firewall:
portgroups: *portgroupsdocker
elasticsearch_rest:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker
@@ -773,9 +773,9 @@ firewall:
hostgroups:
manager:
portgroups: *portgroupsdocker
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
beats_endpoint:
portgroups: *portgroupsdocker
@@ -840,9 +840,9 @@ firewall:
chain:
DOCKER-USER:
hostgroups:
sensors:
sensor:
portgroups: *portgroupsdocker
searchnodes:
searchnode:
portgroups: *portgroupsdocker
self:
portgroups: *portgroupsdocker