Firewall Module - Update Rules and apply them to SN

2026-02-22 15:05:27 +01:00 · 2018-10-10 14:03:39 -04:00
parent a44c3e62d2
commit bf229f65e3
3 changed files with 54 additions and 0 deletions
--- a/salt/firewall/init.sls
+++ b/salt/firewall/init.sls
@@ -114,6 +114,40 @@ enable_maternode_redis_6379_{{ip}}:
    - position: 1
    - save: True

+enable_masternode_kibana_5601_{{ip}}:
+  iptables.insert:
+    - table: filter
+    - chain: DOCKER-USER
+    - jump: ACCEPT
+    - proto: tcp
+    - source: {{ ip }}
+    - dport: 5601
+    - position: 1
+    - save: True
+
+enable_masternode_ES_9200_{{ip}}:
+  iptables.insert:
+    - table: filter
+    - chain: DOCKER-USER
+    - jump: ACCEPT
+    - proto: tcp
+    - source: {{ ip }}
+    - dport: 9200
+    - position: 1
+    - save: True
+
+enable_masternode_ES_9300_{{ip}}:
+  iptables.insert:
+    - table: filter
+    - chain: DOCKER-USER
+    - jump: ACCEPT
+    - proto: tcp
+    - source: {{ ip }}
+    - dport: 9300
+    - position: 1
+    - save: True
+
+
 {% endfor %}

 # Make it so all the minions can talk to salt and update etc.
@@ -237,6 +271,18 @@ enable_standard_analyst_443_{{ip}}:
    - position: 1
    - save: True

+#THIS IS TEMPORARY
+enable_standard_analyst_5601_{{ip}}:
+  iptables.insert:
+    - table: filter
+    - chain: DOCKER-USER
+    - jump: ACCEPT
+    - proto: tcp
+    - source: {{ ip }}
+    - dport: 5601
+    - position: 1
+    - save: True
+
 {% endfor %}

 # Rules for storage nodes connecting to master