Merge pull request #1583 from Security-Onion-Solutions/issue/1551

add firewall rules for syslog
2025-12-06 17:22:49 +01:00 · 2020-10-21 11:21:18 -04:00
parent e2d95e0deb 5f43380aa0
commit aafd365f2b
1 changed files with 23 additions and 0 deletions
--- a/salt/firewall/assigned_hostgroups.map.yaml
+++ b/salt/firewall/assigned_hostgroups.map.yaml
@@ -424,6 +424,12 @@ role:
          elasticsearch_rest:
            portgroups:
              - {{ portgroups.elasticsearch_rest }}
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
      INPUT:
        hostgroups:
          anywhere:
@@ -437,6 +443,14 @@ role:
              - {{ portgroups.all }}
  sensor:
    chain:
+      DOCKER-USER:
+        hostgroups:
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
      INPUT:
        hostgroups:
          anywhere:
@@ -463,6 +477,12 @@ role:
          elasticsearch_rest:
            portgroups:
              - {{ portgroups.elasticsearch_rest }}
+          self:
+            portgroups:
+              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
      INPUT:
        hostgroups:
          anywhere:
@@ -533,6 +553,9 @@ role:
          self:
            portgroups:
              - {{ portgroups.syslog}}
+          syslog:
+            portgroups:
+              - {{ portgroups.syslog }}
          beats_endpoint:
            portgroups:
              - {{ portgroups.beats_5044 }}