CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

[feat] Verify that main ip = mngmt ip

Browse Source 
* Add a check to check whether the src ip in the routing table is also the ip assigned to the management nic
This commit is contained in:
William Wernert
2020-11-30 16:53:02 -05:00
parent 8e9458ca84
commit 8a8885e14f
1 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
setup/so-functions
View File

@@ -1710,6 +1710,17 @@ set_network_dev_status_list() {
set_main_ip() {
MAINIP=$(ip route get 1 | awk '{print $7;exit}')
MNIC_IP=$(ip a s "$MNIC" | grep -oE 'inet [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | cut -d' ' -f)
if [[ $MAINIP != $MNIC_IP ]]; then
read -r -d '' message <<- EOM
The IP being routed by Linux is not the IP address assigned to the management interface ($MNIC).
This is not a supported configuration, please remediate and rerun setup.
EOM
whiptail --title "Security Onion Setup" --msgbox "$message" 10 75
exit 1
fi
}
# Add /usr/sbin to everyone's path