CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall Module - Add Storage Node

Browse Source
This commit is contained in:
Mike Reeves
2018-08-07 18:51:21 -04:00
parent 08b72ca779
commit a998f970cf
1 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
salt/firewall/init.sls
View File

@@ -166,6 +166,21 @@ enable_forwardnode_beats_5044_{{ip}}:
{% endfor %} {% endfor %}
{% for ip in pillar.get('storage_nodes') %}
enable_storagenode_redis_6379_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 6379
- position: 1
- save: True
{% endfor %}
# Allow Beats Endpoints to send their beats traffic # Allow Beats Endpoints to send their beats traffic
{% for ip in pillar.get('beats_endpoint') %} {% for ip in pillar.get('beats_endpoint') %}