From 5f43380aa0cb665e681885cb271cbdb9ddd9238e Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 21 Oct 2020 11:20:34 -0400
Subject: [PATCH] add firewall rules for syslog

---
 salt/firewall/assigned_hostgroups.map.yaml | 23 ++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/salt/firewall/assigned_hostgroups.map.yaml b/salt/firewall/assigned_hostgroups.map.yaml
index 6d6a181ac..cfb774cd9 100644
--- a/salt/firewall/assigned_hostgroups.map.yaml
+++ b/salt/firewall/assigned_hostgroups.map.yaml
@@ -424,6 +424,12 @@ role:
           elasticsearch_rest:
             portgroups:
               - {{ portgroups.elasticsearch_rest }}
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
       INPUT:
         hostgroups:
           anywhere:
@@ -437,6 +443,14 @@ role:
               - {{ portgroups.all }}
   sensor:
     chain:
+      DOCKER-USER:
+        hostgroups:
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
       INPUT:
         hostgroups:
           anywhere:
@@ -463,6 +477,12 @@ role:
           elasticsearch_rest:
             portgroups:
               - {{ portgroups.elasticsearch_rest }}
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
       INPUT:
         hostgroups:
           anywhere:
@@ -533,6 +553,9 @@ role:
           self:
             portgroups:
               - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
           beats_endpoint:
             portgroups:
               - {{ portgroups.beats_5044 }}