CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Network Install Script updates

Browse Source
This commit is contained in:
Mike Reeves
2018-02-05 16:04:58 -05:00
parent 61cd13690d
commit b551ba1ee2
1 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
so-setup-network.sh
View File

@@ -31,6 +31,7 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
FNICS=$(ip link | grep -vw $MNIC | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}') FNICS=$(ip link | grep -vw $MNIC | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2 " \"" "Interface" "\"" " OFF"}')
BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interfave" 20 78 12 ${FNICS[@]} 3>&1 1>&2 2>&3 ) BNICS=$(whiptail --title "NIC Setup" --checklist "Please add NICs to the Monitor Interfave" 20 78 12 ${FNICS[@]} 3>&1 1>&2 2>&3 )
fi fi
if [ $INSTALLTYPE == 'SENSORONLY' ]; then if [ $INSTALLTYPE == 'SENSORONLY' ]; then
# Get the master server for the install # Get the master server for the install
@@ -40,7 +41,30 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Time to get asnwers to questions so we can fill out the pillar file # Time to get asnwers to questions so we can fill out the pillar file
if [ $INSTALLTYPE != 'MASTERONLY' ]; then if [ $INSTALLTYPE != 'MASTERONLY' ]; then
# Ask what IDS to use NIDS=$(whiptail --title "Security Onion Setup" --radiolist \
"Choose which IDS to run:" 20 78 4 \
"Suricata" "Evaluate all the things" ON 3>&1 1>&2 2>&3 )
# Commented out until Snort releases 3.x Duke Nukem Edition
#"Snort" "Sensor join existing grid" OFF 3>&1 1>&2 2>&3 )
NSMSETUP=$(whiptail --title "Security Onion Setup" --radiolist \
"What type of config would you like to use?:" 20 78 4 \
"BASIC" "Install NSM components with recommended settings" ON \
"ADVANCED" "Configure each component individually" OFF 3>&1 1>&2 2>&3 )
if [ $NSMSETUP == 'BASIC' ]; then
# Calculate LB_Procs
$LBPROCS=some math
# Calculate Suricata stuff
fi
if [ $NSMSETUP == 'ADVANCED' ]; then
# Display CPU list for pinning
$LBPROCS=Add the pins together that bro is using
# Pin steno
# Pin Bro
# Pin Suricata
fi
# Ask how many CPUs to use for bro # Ask how many CPUs to use for bro
fi fi
@@ -134,8 +158,8 @@ if (whiptail --title "Security Onion Setup" --yesno "Are you sure you want to in
# Create the pillar file for the sensor # Create the pillar file for the sensor
touch /tmp/$HOSTNAME.sls touch /tmp/$HOSTNAME.sls
echo "sensor:" > /tmp/$HOSTNAME.sls echo "sensor:" > /tmp/$HOSTNAME.sls
echo " interface: bond0" >> /tmp/$HOSTNAME echo " interface: bond0" >> /tmp/$HOSTNAME.sls
echo " lbprocs: $LBPROCS" >> /tmp/$HOSTNAME echo " lbprocs: $LBPROCS" >> /tmp/$HOSTNAME.sls
# SCP the pillar file to the master # SCP the pillar file to the master
scp /tmp/$HOSTNAME.sls socore@$MASTERSRV:/opt/so/saltstack/pillar/sensors/ scp /tmp/$HOSTNAME.sls socore@$MASTERSRV:/opt/so/saltstack/pillar/sensors/