rename analyst to workstation for fw rules. allow workstation to connect to salt_manager port on managers

2026-01-29 03:13:30 +01:00 · 2023-08-04 09:17:22 -04:00
parent 682289ef23
commit a51acfc314
3 changed files with 24 additions and 12 deletions
--- a/salt/firewall/defaults.yaml
+++ b/salt/firewall/defaults.yaml
@@ -1,6 +1,5 @@
 firewall:
  hostgroups:
-    analyst: []
    anywhere:
      - 0.0.0.0/0
    beats_endpoint: []
@@ -26,6 +25,7 @@ firewall:
    standalone: []
    strelka_frontend: []
    syslog: []
+    workstation: []
    customhostgroup0: []
    customhostgroup1: []
    customhostgroup2: []
@@ -215,9 +215,9 @@ firewall:
            strelka_frontend:
              portgroups:
                - strelka_frontend
-            analyst:
+            workstation:
              portgroups:
-                - nginx
+                - yum
            customhostgroup0:
              portgroups: []
            customhostgroup1:
@@ -458,9 +458,9 @@ firewall:
            endgame:
              portgroups:
                - endgame
-            analyst:
+            workstation:
              portgroups:
-                - nginx
+                - yum
            customhostgroup0:
              portgroups: []
            customhostgroup1:
@@ -507,6 +507,9 @@ firewall:
            receiver:
              portgroups:
                - salt_manager
+            workstation:
+              portgroups:
+                - salt_manager
            self:
              portgroups:
                - syslog
@@ -637,9 +640,9 @@ firewall:
            endgame:
              portgroups:
                - endgame
-            analyst:
+            workstation:
              portgroups:
-                - nginx
+                - yum
            customhostgroup0:
              portgroups: []
            customhostgroup1:
@@ -686,6 +689,9 @@ firewall:
            receiver:
              portgroups:
                - salt_manager
+            workstation:
+              portgroups:
+                - salt_manager
            self:
              portgroups:
                - syslog
@@ -824,9 +830,9 @@ firewall:
            strelka_frontend:
              portgroups:
                - strelka_frontend
-            analyst:
+            workstation:
              portgroups:
-                - nginx
+                - yum
            customhostgroup0:
              portgroups: []
            customhostgroup1:
@@ -876,6 +882,9 @@ firewall:
            receiver:
              portgroups:
                - salt_manager
+            workstation:
+              portgroups:
+                - salt_manager
            self:
              portgroups:
                - syslog
@@ -1169,9 +1178,9 @@ firewall:
                - elastic_agent_control
                - elastic_agent_data
                - elastic_agent_update
-            analyst:
+            workstation:
              portgroups:
-                - nginx
+                - yum
            customhostgroup0:
              portgroups: []
            customhostgroup1:
--- a/salt/firewall/soc_firewall.yaml
+++ b/salt/firewall/soc_firewall.yaml
@@ -1,6 +1,6 @@
 firewall:
  hostgroups:
-    analyst: &hostgroupsettings
+    workstation: &hostgroupsettings
      description: List of IP or CIDR blocks to allow access to this hostgroup.
      forcedType: "[]string"
      helplink: firewall.html
--- a/salt/manager/tools/sbin/so-firewall-minion
+++ b/salt/manager/tools/sbin/so-firewall-minion
@@ -79,4 +79,7 @@ fi
 		'RECEIVER')
 			so-firewall includehost receiver "$IP" --apply
 			;;
+		'WORKSTATION')
+			so-firewall includehost workstation "$IP" --apply
+			;;
    esac