CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Cleanup bash imports/sources, function definitions, and variables

Browse Source
This commit is contained in:
Jason Ertel
2020-12-11 15:33:27 -05:00
parent e4eea6a616
commit bb61c1f745
5 changed files with 59 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
setup/so-common-functions
View File

@@ -1,52 +0,0 @@
#!/bin/bash
source ./so-variables
source ../salt/common/tools/sbin/so-common
source ../salt/common/tools/sbin/so-image-common
# Helper functions
filter_unused_nics() {
if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi
# If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string
if [[ $BNICS ]]; then
grep_string="$grep_string"
for BONDNIC in "${BNICS[@]}"; do
grep_string="$grep_string\|$BONDNIC"
done
fi
# Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use)
filtered_nics=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "$grep_string" | sed 's/ //g')
readarray -t filtered_nics <<< "$filtered_nics"
nic_list=()
for nic in "${filtered_nics[@]}"; do
case $(cat "/sys/class/net/${nic}/carrier" 2>/dev/null) in
1)
nic_list+=("$nic" "Link UP " "OFF")
;;
0)
nic_list+=("$nic" "Link DOWN " "OFF")
;;
*)
nic_list+=("$nic" "Link UNKNOWN " "OFF")
;;
esac
done
export nic_list
}
calculate_useable_cores() {
# Calculate reasonable core usage
local cores_for_zeek=$(( (num_cpu_cores/2) - 1 ))
local lb_procs_round
lb_procs_round=$(printf "%.0f\n" $cores_for_zeek)
if [ "$lb_procs_round" -lt 1 ]; then lb_procs=1; else lb_procs=$lb_procs_round; fi
export lb_procs
}

53
setup/so-functions
View File

@@ -15,13 +15,7 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
source ./so-whiptail # README - DO NOT DEFINE GLOBAL VARIABLES IN THIS FILE. Instead use so-variables.
source ./so-variables
source ./so-common-functions
CONTAINER_REGISTRY=quay.io
SOVERSION=$(cat ../VERSION)
log() { log() {
msg=$1 msg=$1
@@ -48,6 +42,51 @@ logCmd() {
$cmd >> "$setup_log" 2>&1 $cmd >> "$setup_log" 2>&1
} }
filter_unused_nics() {
if [[ $MNIC ]]; then local grep_string="$MNIC\|bond0"; else local grep_string="bond0"; fi
# If we call this function and NICs have already been assigned to the bond interface then add them to the grep search string
if [[ $BNICS ]]; then
grep_string="$grep_string"
for BONDNIC in "${BNICS[@]}"; do
grep_string="$grep_string\|$BONDNIC"
done
fi
# Finally, set filtered_nics to any NICs we aren't using (and ignore interfaces that aren't of use)
filtered_nics=$(ip link | awk -F: '$0 !~ "lo|vir|veth|br|docker|wl|^[^0-9]"{print $2}' | grep -vwe "$grep_string" | sed 's/ //g')
readarray -t filtered_nics <<< "$filtered_nics"
nic_list=()
for nic in "${filtered_nics[@]}"; do
case $(cat "/sys/class/net/${nic}/carrier" 2>/dev/null) in
1)
nic_list+=("$nic" "Link UP " "OFF")
;;
0)
nic_list+=("$nic" "Link DOWN " "OFF")
;;
*)
nic_list+=("$nic" "Link UNKNOWN " "OFF")
;;
esac
done
export nic_list
}
calculate_useable_cores() {
# Calculate reasonable core usage
local cores_for_zeek=$(( (num_cpu_cores/2) - 1 ))
local lb_procs_round
lb_procs_round=$(printf "%.0f\n" $cores_for_zeek)
if [ "$lb_procs_round" -lt 1 ]; then lb_procs=1; else lb_procs=$lb_procs_round; fi
export lb_procs
}
airgap_rules() { airgap_rules() {
# Copy the rules for suricata if using Airgap # Copy the rules for suricata if using Airgap
mkdir -p /nsm/repo/rules mkdir -p /nsm/repo/rules

12
setup/so-setup
View File

@@ -24,9 +24,19 @@ fi
cd "$(dirname "$0")" || exit 255 cd "$(dirname "$0")" || exit 255
# Source the generic function libraries that are also used by the product after
# setup. These functions are intended to be reusable outside of the setup process.
source ../salt/common/tools/sbin/so-common
source ../salt/common/tools/sbin/so-image-common
# Setup bash functionality is divided into functions and user-facing prompts.
# Do not attempt to re-use any of this functionality outside of setup. Instead,
# if needed, migrated generic functions into so-common.
source ./so-functions source ./so-functions
source ./so-common-functions
source ./so-whiptail source ./so-whiptail
# Finally, source the default variable definitions, which require availability of
# functions source above.
source ./so-variables source ./so-variables
# Parse command line arguments # Parse command line arguments

2
setup/so-variables
View File

@@ -1,5 +1,7 @@
#!/bin/bash #!/bin/bash
SOVERSION=$(cat ../VERSION)
total_mem=$(grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//') total_mem=$(grep MemTotal /proc/meminfo | awk '{print $2}' | sed -r 's/.{3}$//')
export total_mem export total_mem

3
setup/so-whiptail
View File

@@ -15,9 +15,6 @@
# You should have received a copy of the GNU General Public License # You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
source ./so-variables
source ./so-common-functions
whiptail_airgap() { whiptail_airgap() {
[ -n "$TESTING" ] && return [ -n "$TESTING" ] && return