CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

[fix] Add TESTING flag to resolve merge conflicts

Browse Source
This commit is contained in:
William Wernert
2020-05-05 09:06:46 -04:00
parent fc2de5a384
commit aa00309f00
2 changed files with 69 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
setup/so-functions
View File

@@ -44,6 +44,9 @@ add_admin_user() {
}
add_master_hostfile() {
[ -n "$TESTING" ] && return
echo "Checking if I can resolve master. If not add to hosts file" >> "$setup_log" 2>&1
# Pop up an input to get the IP address
MSRVIP=$(whiptail --title "Security Onion Setup" --inputbox \

132
setup/so-whiptail
View File

@@ -21,7 +21,7 @@ source ./so-common-functions
whiptail_basic_bro() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
BASICBRO=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of bro processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3)
@@ -32,7 +32,7 @@ whiptail_basic_bro() {
whiptail_basic_suri() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
BASICSURI=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the number of Suricata processes:" 10 75 "$lb_procs" 3>&1 1>&2 2>&3)
@@ -44,7 +44,7 @@ whiptail_basic_suri() {
whiptail_bro_pins() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
local cpu_core_list_whiptail=()
for item in "${cpu_core_list[@]}"; do
@@ -62,7 +62,7 @@ whiptail_bro_pins() {
whiptail_bro_version() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
BROVERSION=$(whiptail --title "Security Onion Setup" --radiolist "What tool would you like to use to generate meta data?" 20 75 4 "ZEEK" "Install Zeek (aka Bro)" ON \
"SURICATA" "SUPER EXPERIMENTAL" OFF 3>&1 1>&2 2>&3)
@@ -74,7 +74,7 @@ whiptail_bro_version() {
whiptail_bond_nics() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
filter_unused_nics
@@ -96,7 +96,7 @@ whiptail_bond_nics() {
whiptail_bond_nics_mtu() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# Set the MTU on the monitor interface
MTU=$(whiptail --title "Security Onion Setup" --inputbox \
@@ -135,7 +135,7 @@ whiptail_check_exitstatus() {
whiptail_create_admin_user() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
ADMINUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter a username for your new admin user. The onion account will be disabled during this install" 10 60 3>&1 1>&2 2>&3)
@@ -144,7 +144,7 @@ whiptail_create_admin_user() {
whiptail_create_admin_user_password1() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
ADMINPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -155,7 +155,7 @@ whiptail_create_admin_user_password1() {
whiptail_create_admin_user_password2() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
ADMINPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $ADMINUSER" 10 60 3>&1 1>&2 2>&3)
@@ -167,7 +167,7 @@ whiptail_create_admin_user_password2() {
whiptail_create_soremote_user() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Set a password for the soremote user. This account is used for adding sensors remotely." 8 75
@@ -175,7 +175,7 @@ whiptail_create_soremote_user() {
whiptail_create_soremote_user_password1() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
SOREMOTEPASS1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -187,7 +187,7 @@ whiptail_create_soremote_user_password1() {
whiptail_create_soremote_user_password2() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
SOREMOTEPASS2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for user soremote" 10 75 3>&1 1>&2 2>&3)
@@ -199,7 +199,7 @@ whiptail_create_soremote_user_password2() {
whiptail_create_web_user() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
WEBUSER=$(whiptail --title "Security Onion Install" --inputbox \
"Please enter an email address to create an administrator account for the web interface." 10 60 3>&1 1>&2 2>&3)
@@ -210,14 +210,14 @@ whiptail_create_web_user() {
whiptail_invalid_user_warning() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please enter a valid email address." 8 75
}
whiptail_create_web_user_password1() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
WEBPASSWD1=$(whiptail --title "Security Onion Install" --passwordbox \
"Enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -228,7 +228,7 @@ whiptail_create_web_user_password1() {
whiptail_create_web_user_password2() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
WEBPASSWD2=$(whiptail --title "Security Onion Install" --passwordbox \
"Re-enter a password for $WEBUSER" 10 60 3>&1 1>&2 2>&3)
@@ -244,7 +244,7 @@ whiptail_requirements_error() {
local current_val=$2
local needed_val=$3
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" \
--yesno "This machine currently has $current_val $requirement_needed, but needs $needed_val to meet minimum requirements. Press YES to continue anyway, or press NO to cancel." 8 75
@@ -255,14 +255,14 @@ whiptail_requirements_error() {
whiptail_invalid_pass_warning() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please choose a more secure password." 8 75
}
whiptail_cur_close_days() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
CURCLOSEDAYS=$(whiptail --title "Security Onion Setup" --inputbox \
"Please specify the threshold (in days) at which Elasticsearch indices will be closed" 10 75 $CURCLOSEDAYS 3>&1 1>&2 2>&3)
@@ -274,7 +274,7 @@ whiptail_cur_close_days() {
whiptail_dhcp_or_static() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
address_type=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose how to set up your management interface:" 20 78 4 \
@@ -289,7 +289,7 @@ whiptail_dhcp_or_static() {
whiptail_enable_components() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
COMPONENTS=$(whiptail --title "Security Onion Setup" --checklist \
"Select Components to install" 20 75 8 \
@@ -314,7 +314,7 @@ whiptail_enable_components() {
whiptail_eval_adv() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
EVALADVANCED=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose your eval install:" 20 75 4 \
@@ -327,14 +327,14 @@ whiptail_eval_adv() {
whiptail_components_adv_warning() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Please keep in mind the more services that you enable the more RAM that is required." 8 75
}
whiptail_helix_apikey() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
HELIXAPIKEY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Helix API Key: \n \nThis can be set later using so-helix-apikey" 10 75 3>&1 1>&2 2>&3)
@@ -346,7 +346,7 @@ whiptail_helix_apikey() {
whiptail_homenet_master() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
HNMASTER=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your HOME_NET separated by ," 10 75 10.0.0.0/8,192.168.0.0/16,172.16.0.0/12 3>&1 1>&2 2>&3)
@@ -358,7 +358,7 @@ whiptail_homenet_master() {
whiptail_homenet_sensor() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# Ask to inherit from master
whiptail --title "Security Onion Setup" --yesno "Do you want to inherit the HOME_NET from the Master?" 8 75
@@ -381,7 +381,7 @@ whiptail_homenet_sensor() {
whiptail_install_type() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# What kind of install are we doing?
install_type=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -410,7 +410,7 @@ whiptail_install_type() {
whiptail_log_size_limit() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
set_defaul_log_size
@@ -425,7 +425,7 @@ whiptail_log_size_limit() {
whiptail_management_interface_dns() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MDNS=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS server using space between multiple" 10 60 8.8.8.8 8.8.4.4 3>&1 1>&2 2>&3)
@@ -434,7 +434,7 @@ whiptail_management_interface_dns() {
whiptail_management_interface_dns_search() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MSEARCH=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your DNS search domain" 10 60 searchdomain.local 3>&1 1>&2 2>&3)
@@ -443,7 +443,7 @@ whiptail_management_interface_dns_search() {
whiptail_management_interface_gateway() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MGATEWAY=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your gateway" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -452,7 +452,7 @@ whiptail_management_interface_gateway() {
whiptail_management_interface_ip() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MIP=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your IP address" 10 60 X.X.X.X 3>&1 1>&2 2>&3)
@@ -461,7 +461,7 @@ whiptail_management_interface_ip() {
whiptail_management_interface_mask() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MMASK=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the bit mask for your subnet" 10 60 24 3>&1 1>&2 2>&3)
@@ -470,7 +470,7 @@ whiptail_management_interface_mask() {
whiptail_management_nic() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
filter_unused_nics
@@ -489,7 +489,7 @@ whiptail_management_nic() {
whiptail_nids() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run:" 20 75 4 \
@@ -503,7 +503,7 @@ whiptail_nids() {
whiptail_oinkcode() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
OINKCODE=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your oinkcode" 10 75 XXXXXXX 3>&1 1>&2 2>&3)
@@ -515,7 +515,7 @@ whiptail_oinkcode() {
whiptail_make_changes() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "We are going to set this machine up as a $install_type. Please press YES to make changes or NO to cancel." 8 75
@@ -526,7 +526,7 @@ whiptail_make_changes() {
whiptail_management_server() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MSRV=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter your Master Server hostname. It is CASE SENSITIVE!" 10 75 XXXX 3>&1 1>&2 2>&3)
@@ -543,7 +543,7 @@ whiptail_management_server() {
# Ask if you want to do advanced setup of the Master
whiptail_master_adv() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
MASTERADV=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose what type of master install:" 20 75 4 \
@@ -558,7 +558,7 @@ whiptail_master_adv() {
# Ask which additional components to install
whiptail_master_adv_service_brologs() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
BLOGS=$(whiptail --title "Security Onion Setup" --checklist "Please select Logs to Send:" 24 75 12 \
"conn" "Connection Logging" ON \
@@ -611,7 +611,7 @@ whiptail_master_adv_service_brologs() {
whiptail_network_notice() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "Since this is a network install we assume the management interface, DNS, Hostname, etc are already set up. Press YES to continue." 8 75
@@ -622,7 +622,7 @@ whiptail_network_notice() {
whiptail_node_advanced() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NODESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of config would you like to use?:" 20 75 4 \
@@ -636,7 +636,7 @@ whiptail_node_advanced() {
whiptail_node_es_heap() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NODE_ES_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $ES_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -648,7 +648,7 @@ whiptail_node_es_heap() {
whiptail_node_ls_heap() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NODE_LS_HEAP_SIZE=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Heap Size: \n \n(Recommended value is pre-populated)" 10 75 $LS_HEAP_SIZE 3>&1 1>&2 2>&3)
@@ -660,7 +660,7 @@ whiptail_node_ls_heap() {
whiptail_node_ls_pipeline_worker() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
LSPIPELINEWORKERS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Workers: \n \n(Recommended value is pre-populated)" 10 75 "$num_cpu_cores" 3>&1 1>&2 2>&3)
@@ -672,7 +672,7 @@ whiptail_node_ls_pipeline_worker() {
whiptail_node_ls_pipline_batchsize() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
LSPIPELINEBATCH=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Pipeline Batch Size: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -684,7 +684,7 @@ whiptail_node_ls_pipline_batchsize() {
whiptail_node_ls_input_threads() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
LSINPUTTHREADS=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Threads: \n \n(Default value is pre-populated)" 10 75 1 3>&1 1>&2 2>&3)
@@ -696,7 +696,7 @@ whiptail_node_ls_input_threads() {
whiptail_node_ls_input_batch_count() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
LSINPUTBATCHCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter LogStash Input Batch Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -718,7 +718,7 @@ whiptail_passwords_dont_match() {
whiptail_patch_name_new_schedule() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
"What name do you want to give this OS patch schedule? This schedule needs to be named uniquely. Available schedules can be found on the master under /opt/so/salt/patch/os/schedules/<schedulename>.yml" 10 75 3>&1 1>&2 2>&3)
@@ -739,7 +739,7 @@ whiptail_patch_name_new_schedule() {
whiptail_patch_schedule() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
local patch_schedule
patch_schedule=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -776,7 +776,7 @@ whiptail_patch_schedule() {
whiptail_patch_schedule_import() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
unset PATCHSCHEDULENAME
PATCHSCHEDULENAME=$(whiptail --title "Security Onion Setup" --inputbox \
@@ -798,7 +798,7 @@ whiptail_patch_schedule_import() {
whiptail_patch_schedule_select_days() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# Select the days to patch
PATCHSCHEDULEDAYS=$(whiptail --title "Security Onion Setup" --checklist \
@@ -822,7 +822,7 @@ whiptail_patch_schedule_select_days() {
whiptail_patch_schedule_select_hours() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# Select the hours to patch
PATCHSCHEDULEHOURS=$(whiptail --title "Security Onion Setup" --checklist \
@@ -870,7 +870,7 @@ whiptail_patch_schedule_select_hours() {
whiptail_rule_setup() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
# Get pulled pork info
RULESETUP=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -888,7 +888,7 @@ whiptail_rule_setup() {
whiptail_sensor_config() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of configuration would you like to use?:" 20 75 4 \
@@ -902,7 +902,7 @@ whiptail_sensor_config() {
whiptail_set_hostname() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
HOSTNAME=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname you would like to set." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
@@ -922,7 +922,7 @@ whiptail_set_hostname() {
whiptail_set_redirect() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
REDIRECTINFO=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose the access method for the web interface:" 20 75 4 \
@@ -935,7 +935,7 @@ whiptail_set_redirect() {
whiptail_set_redirect_host() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
REDIRECTHOST=$(whiptail --title "Security Onion Setup" --inputbox \
"Enter the Hostname or IP you would like to use for the web interface." 10 75 "$HOSTNAME" 3>&1 1>&2 2>&3)
@@ -945,7 +945,7 @@ whiptail_set_redirect_host() {
whiptail_set_redirect_info() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "The following selection refers to accessing the web interface. \n
For security reasons, we use strict cookie enforcement." 10 75
@@ -953,7 +953,7 @@ For security reasons, we use strict cookie enforcement." 10 75
whiptail_setup_complete() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Finished installing this as an $install_type. Press Enter to reboot." 8 75
install_cleanup >> $setup_log 2>&1
@@ -962,7 +962,7 @@ whiptail_setup_complete() {
whiptail_setup_failed() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --msgbox "Install had a problem. Please see $setup_log for details. Press Enter to reboot." 8 75
install_cleanup >> $setup_log 2>&1
@@ -971,7 +971,7 @@ whiptail_setup_failed() {
whiptail_shard_count() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
SHARDCOUNT=$(whiptail --title "Security Onion Setup" --inputbox \
"\nEnter ES Shard Count: \n \n(Default value is pre-populated)" 10 75 125 3>&1 1>&2 2>&3)
@@ -983,7 +983,7 @@ whiptail_shard_count() {
whiptail_suricata_pins() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
local filtered_core_list
readarray -t filtered_core_list <<< "$(echo "${cpu_core_list[@]}" "${BROPINS[@]}" | xargs -n1 | sort | uniq -u | awk '{print $1}')"
@@ -1005,7 +1005,7 @@ whiptail_suricata_pins() {
whiptail_master_updates() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
local update_string
update_string=$(whiptail --title "Security Onion Setup" --radiolist \
@@ -1029,7 +1029,7 @@ whiptail_master_updates() {
whiptail_node_updates() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
NODEUPDATES=$(whiptail --title "Security Onion Setup" --radiolist \
"How would you like to download updates for this node?:" 20 75 4 \
@@ -1043,7 +1043,7 @@ whiptail_node_updates() {
whiptail_you_sure() {
[ -n "$QUIET" ] && return
[ -n "$TESTING" ] && return
whiptail --title "Security Onion Setup" --yesno "Are you sure you want to install Security Onion over the internet?" 8 75