CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '2.4/firewall' into 2.4createrepoinstall

Browse Source
This commit is contained in:
Josh Patterson
2023-01-10 11:38:31 -05:00
committed by GitHub
parent d2e623747d 3e9bddcd11
commit ab8f41ecb5
37 changed files with 413 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
setup/so-functions Executable file → Normal file
View File

@@ -254,11 +254,16 @@ collect_dns_domain() {
collect_dockernet() {
if ! whiptail_dockernet_check; then
whiptail_dockernet_net "172.17.0.0"
whiptail_dockernet_sosnet "172.17.1.0"
whiptail_dockernet_nososnet "172.17.0.0"
while ! valid_ip4 "$DOCKERNET"; do
whiptail_invalid_input
whiptail_dockernet_net "$DOCKERNET"
whiptail_dockernet_nonsosnet "$DOCKERNET"
done
while ! valid_ip4 "$DOCKERNET2"; do
whiptail_invalid_input
whiptail_dockernet_sosnet "$DOCKERNET2"
done
fi
}
@@ -996,6 +1001,9 @@ docker_registry() {
if [ -z "$DOCKERNET" ]; then
DOCKERNET=172.17.0.0
fi
if [ -z "$DOCKERNET2" ]; then
DOCKERNET2=172.17.1.0
fi
# Make the host use the manager docker registry
DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
if [ -n "$TURBO" ]; then local proxy="$TURBO"; else local proxy="https://$MSRV"; fi
@@ -1410,9 +1418,12 @@ create_global() {
if [ -z "$DOCKERNET" ]; then
DOCKERNET=172.17.0.0
DOCKERNET2=172.17.1.0
DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
else
DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
fi
if [ -f "$global_pillar_file" ]; then
@@ -1497,6 +1508,8 @@ docker_pillar() {
touch $adv_docker_pillar_file
printf '%s\n'\
"docker:"\
" sosrange: '$DOCKERNET2/24'"\
" sosbip: '$DOCKER2BIP'"\
" range: '$DOCKERNET/24'"\
" bip: '$DOCKERBIP'" > $docker_pillar_file
}
@@ -1953,6 +1966,15 @@ repo_sync_local() {
echo "gpgcheck=1" >> /root/repodownload.conf
echo "gpgkey=https://repo.securityonion.net/file/securityonion-repo/keys/securityonion.pub" >> /root/repodownload.conf
REPOSYNC=$(rpm -qa | grep createrepo | wc -l)
if [[ ! "$REPOSYNC" -gt 0 ]]; then
# Install reposync
info "Installing createrepo"
logCmd "yum -y install -c /root/repodownload.conf yum-utils createrepo"
else
info "We have what we need to sync"
fi
logCmd "reposync --norepopath -n -g -l -d -m -c /root/repodownload.conf -r securityonionsync --download-metadata -p /nsm/repo/"