From 36a936d3d62181baab0e8c356c0049137a9562b7 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 21 Jul 2023 16:06:52 -0400
Subject: [PATCH 01/12] docker ips changes

---
 salt/docker/defaults.yaml   |  8 +++-----
 salt/docker/init.sls        |  4 ++--
 salt/docker/soc_docker.yaml | 10 +---------
 salt/podman/init.sls        |  4 ++--
 salt/vars/globals.map.jinja |  4 ++--
 setup/so-functions          | 19 +++----------------
 setup/so-whiptail           | 14 +-------------
 7 files changed, 14 insertions(+), 49 deletions(-)

diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml
index 2e5e28a6c..dcdc9e497 100644
--- a/salt/docker/defaults.yaml
+++ b/salt/docker/defaults.yaml
@@ -1,8 +1,6 @@
 docker:
-  bip: '172.17.0.1'
-  range: '172.17.0.0/24'
-  sorange: '172.17.1.0/24'
-  sobip: '172.17.1.1'
+  range: '172.17.1.0/24'
+  bip: '172.17.1.1'
   containers:
     'so-dockerregistry':
       final_octet: 20
@@ -202,4 +200,4 @@ docker:
       final_octet: 99
       custom_bind_mounts: []
       extra_hosts: []
-      extra_env: []
\ No newline at end of file
+      extra_env: []
diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 897af9b93..5f645a9a0 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -102,8 +102,8 @@ dockerreserveports:
 sos_docker_net:
   docker_network.present:
     - name: sobridge
-    - subnet: {{ DOCKER.sorange }}
-    - gateway: {{ DOCKER.sobip }}
+    - subnet: {{ DOCKER.range }}
+    - gateway: {{ DOCKER.bip }}
     - options:
         com.docker.network.bridge.name: 'sobridge'
         com.docker.network.driver.mtu: '1500'
diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml
index b6f5ca0ca..73e8063d9 100644
--- a/salt/docker/soc_docker.yaml
+++ b/salt/docker/soc_docker.yaml
@@ -7,14 +7,6 @@ docker:
     description: Default docker IP range for containers.
     helpLink: docker.html
     advanced: True
-  sobip:
-    description: Bind IP for the SO docker interface.
-    helpLink: docker.html
-    advanced: True
-  sorange:
-    description: IP range for the SO docker containers.
-    helpLink: docker.html
-    advanced: True
   containers:
     so-curator: &dockerOptions
       final_octet:
@@ -68,4 +60,4 @@ docker:
     so-strelka-filestream: *dockerOptions
     so-strelka-frontend: *dockerOptions
     so-strelka-gatekeeper: *dockerOptions
-    so-strelka-manager: *dockerOptions
\ No newline at end of file
+    so-strelka-manager: *dockerOptions
diff --git a/salt/podman/init.sls b/salt/podman/init.sls
index d5efa0fdb..119857840 100644
--- a/salt/podman/init.sls
+++ b/salt/podman/init.sls
@@ -44,8 +44,8 @@ podman_docker_symlink:
 sos_docker_net:
   docker_network.present:
     - name: sobridge
-    - subnet: {{ DOCKER.sorange }}
-    - gateway: {{ DOCKER.sobip }}
+    - subnet: {{ DOCKER.range }}
+    - gateway: {{ DOCKER.bip }}
     - options:
         com.docker.network.bridge.name: 'sobridge'
         com.docker.network.driver.mtu: '1500'
diff --git a/salt/vars/globals.map.jinja b/salt/vars/globals.map.jinja
index 70a702225..9ce509d7b 100644
--- a/salt/vars/globals.map.jinja
+++ b/salt/vars/globals.map.jinja
@@ -22,8 +22,8 @@
     'md_engine': INIT.PILLAR.global.mdengine,
     'pipeline': INIT.PILLAR.global.pipeline,
     'so_version': INIT.PILLAR.global.soversion,
-    'so_docker_bip': DOCKER.sobip,
-    'so_docker_range': DOCKER.sorange,
+    'so_docker_bip': DOCKER.bip,
+    'so_docker_range': DOCKER.range,
     'url_base': INIT.PILLAR.global.url_base,
     'so_model': INIT.GRAINS.get('sosmodel',''),
     'sensoroni_key': INIT.PILLAR.sensoroni.config.sensoronikey,
diff --git a/setup/so-functions b/setup/so-functions
index 62be1c31e..a088b7f8a 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -254,15 +254,10 @@ collect_dns_domain() {
 collect_dockernet() {
 	if ! whiptail_dockernet_check; then
 		whiptail_dockernet_sosnet "172.17.1.0"
-		whiptail_dockernet_nososnet "172.17.0.0"
 
 		while ! valid_ip4 "$DOCKERNET"; do
 			whiptail_invalid_input
-			whiptail_dockernet_nonsosnet "$DOCKERNET"
-		done
-		while ! valid_ip4 "$DOCKERNET2"; do
-			whiptail_invalid_input
-			whiptail_dockernet_sosnet "$DOCKERNET2"
+			whiptail_dockernet_sosnet "$DOCKERNET"
 		done
 	fi
 }
@@ -1105,10 +1100,7 @@ docker_registry() {
 	logCmd "mkdir -p /etc/docker"
 	# This will get applied so docker can attempt to start
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
-	fi
-	if [ -z "$DOCKERNET2" ]; then
-		DOCKERNET2=172.17.1.0
+		DOCKERNET=172.17.1.0
 	fi
 	# Make the host use the manager docker registry
 	DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
@@ -1491,13 +1483,10 @@ create_global() {
 	fi
 
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
-		DOCKERNET2=172.17.1.0
+		DOCKERNET=172.17.1.0
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-		DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
 	else
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-		DOCKER2BIP=$(echo $DOCKERNET2 | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
 	fi
 
 	if [ -f "$global_pillar_file" ]; then
@@ -1562,8 +1551,6 @@ docker_pillar() {
 	touch $adv_docker_pillar_file
 	printf '%s\n'\
 		"docker:"\
-		"  sorange: '$DOCKERNET2/24'"\
-		"  sobip: '$DOCKER2BIP'"\
 		"  range: '$DOCKERNET/24'"\
 		"  bip: '$DOCKERBIP'" > $docker_pillar_file
 }
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 86302ae08..428bfe702 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -329,20 +329,8 @@ whiptail_dockernet_sosnet() {
 
 	[ -n "$TESTING" ] && return
 
-	DOCKERNET2=$(whiptail --title "$whiptail_title" --inputbox \
-	"\nEnter a /24 size network range for SOS containers to use WITHOUT the /24 suffix. This range will be used on ALL nodes." 11 65 "$1" 3>&1 1>&2 2>&3)
-
-	local exitstatus=$?
-	whiptail_check_exitstatus $exitstatus
-
-}
-
-whiptail_dockernet_nososnet() {
-
-	[ -n "$TESTING" ] && return
-
 	DOCKERNET=$(whiptail --title "$whiptail_title" --inputbox \
-	"\nEnter a /24 size network range for NON SOS containers to use WITHOUT the /24 suffix. This range will be used on ALL nodes." 11 65 "$1" 3>&1 1>&2 2>&3)
+	"\nEnter a /24 size network range for SOS containers to use WITHOUT the /24 suffix. This range will be used on ALL nodes." 11 65 "$1" 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus

From 4c9d172721aefd621e40e7ad58ce02c58afcae36 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 21 Jul 2023 16:21:18 -0400
Subject: [PATCH 02/12] sorange to range

---
 salt/docker/docker.map.jinja | 2 +-
 salt/firewall/iptables.jinja | 2 +-
 salt/firewall/map.jinja      | 2 +-
 salt/playbook/config.sls     | 4 ++--
 salt/soc/defaults.map.jinja  | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/salt/docker/docker.map.jinja b/salt/docker/docker.map.jinja
index 299977d6e..61416f7a4 100644
--- a/salt/docker/docker.map.jinja
+++ b/salt/docker/docker.map.jinja
@@ -1,6 +1,6 @@
 {% import_yaml 'docker/defaults.yaml' as DOCKERDEFAULTS %}
 {% set DOCKER = salt['pillar.get']('docker', DOCKERDEFAULTS.docker, merge=True) %}
-{% set RANGESPLIT = DOCKER.sorange.split('.') %}
+{% set RANGESPLIT = DOCKER.range.split('.') %}
 {% set FIRSTTHREE = RANGESPLIT[0] ~ '.' ~ RANGESPLIT[1] ~ '.' ~ RANGESPLIT[2] ~ '.' %}
 
 {% for container, vals in DOCKER.containers.items() %}
diff --git a/salt/firewall/iptables.jinja b/salt/firewall/iptables.jinja
index 6e91a9b93..c15a54e46 100644
--- a/salt/firewall/iptables.jinja
+++ b/salt/firewall/iptables.jinja
@@ -52,7 +52,7 @@
 :DOCKER - [0:0]
 -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
 -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
--A POSTROUTING -s {{DOCKER.sorange}} ! -o sobridge -j MASQUERADE
+-A POSTROUTING -s {{DOCKER.range}} ! -o sobridge -j MASQUERADE
 {%- for rule in PR %}
 {{ rule }}
 {%- endfor %}
diff --git a/salt/firewall/map.jinja b/salt/firewall/map.jinja
index 99296e0ab..74b3a66be 100644
--- a/salt/firewall/map.jinja
+++ b/salt/firewall/map.jinja
@@ -5,7 +5,7 @@
 {# add our ip to self #}
 {% do FIREWALL_DEFAULT.firewall.hostgroups.self.append(GLOBALS.node_ip) %}
 {# add dockernet range #}
-{% do FIREWALL_DEFAULT.firewall.hostgroups.dockernet.append(DOCKER.sorange) %}
+{% do FIREWALL_DEFAULT.firewall.hostgroups.dockernet.append(DOCKER.range) %}
 
 {% if GLOBALS.role == 'so-idh' %}
 {%   from 'idh/opencanary_config.map.jinja' import IDH_PORTGROUPS %}
diff --git a/salt/playbook/config.sls b/salt/playbook/config.sls
index 9c8444a56..7d37f8873 100644
--- a/salt/playbook/config.sls
+++ b/salt/playbook/config.sls
@@ -18,7 +18,7 @@ create_playbookdbuser:
   mysql_user.present:
     - name: playbookdbuser
     - password: {{ PLAYBOOKPASS }}
-    - host: "{{ DOCKER.sorange.split('/')[0] }}/255.255.255.0"
+    - host: "{{ DOCKER.range.split('/')[0] }}/255.255.255.0"
     - connection_host: {{ GLOBALS.manager }}
     - connection_port: 3306
     - connection_user: root
@@ -27,7 +27,7 @@ create_playbookdbuser:
 query_playbookdbuser_grants:
   mysql_query.run:
     - database: playbook
-    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DOCKER.sorange.split('/')[0] }}/255.255.255.0';"
+    - query:    "GRANT ALL ON playbook.* TO 'playbookdbuser'@'{{ DOCKER.range.split('/')[0] }}/255.255.255.0';"
     - connection_host: {{ GLOBALS.manager }}
     - connection_port: 3306
     - connection_user: root
diff --git a/salt/soc/defaults.map.jinja b/salt/soc/defaults.map.jinja
index d816752c0..7720e7027 100644
--- a/salt/soc/defaults.map.jinja
+++ b/salt/soc/defaults.map.jinja
@@ -30,7 +30,7 @@
 {%   endif %}
 {% endfor %}
 
-{% do SOCDEFAULTS.soc.config.server.modules.statickeyauth.update({'anonymousCidr': DOCKER.sorange, 'apiKey': pillar.sensoroni.config.sensoronikey}) %}
+{% do SOCDEFAULTS.soc.config.server.modules.statickeyauth.update({'anonymousCidr': DOCKER.range, 'apiKey': pillar.sensoroni.config.sensoronikey}) %}
 
 {% do SOCDEFAULTS.soc.config.server.client.case.update({'analyzerNodeId': GLOBALS.hostname}) %}
 

From c4d81a249a8c2616cbcaf9249244e3c911aee8e5 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 21 Jul 2023 16:36:03 -0400
Subject: [PATCH 03/12] remove /24 from DOCKERBIP

---
 setup/so-functions | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index a088b7f8a..d5845363a 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1484,9 +1484,9 @@ create_global() {
 
 	if [ -z "$DOCKERNET" ]; then
 		DOCKERNET=172.17.1.0
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
+		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
 	else
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
+		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
 	fi
 
 	if [ -f "$global_pillar_file" ]; then

From f55c1a40789a230960169eef229fc1ccea97995c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 21 Jul 2023 16:59:22 -0400
Subject: [PATCH 04/12] DOCKERBIP change

---
 salt/docker/init.sls | 2 +-
 setup/so-functions   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 5f645a9a0..8ebbcdb53 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -103,7 +103,7 @@ sos_docker_net:
   docker_network.present:
     - name: sobridge
     - subnet: {{ DOCKER.range }}
-    - gateway: {{ DOCKER.bip }}
+    - gateway: {{ DOCKER.bip | split("/")[0]}}
     - options:
         com.docker.network.bridge.name: 'sobridge'
         com.docker.network.driver.mtu: '1500'
diff --git a/setup/so-functions b/setup/so-functions
index d5845363a..a088b7f8a 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1484,9 +1484,9 @@ create_global() {
 
 	if [ -z "$DOCKERNET" ]; then
 		DOCKERNET=172.17.1.0
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
+		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
 	else
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
+		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
 	fi
 
 	if [ -f "$global_pillar_file" ]; then

From 4b0126a2e728b493a3b7ecbed9177284cf839b4b Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Fri, 21 Jul 2023 17:10:51 -0400
Subject: [PATCH 05/12] fix split

---
 salt/docker/init.sls | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 8ebbcdb53..61801d3a3 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -103,7 +103,7 @@ sos_docker_net:
   docker_network.present:
     - name: sobridge
     - subnet: {{ DOCKER.range }}
-    - gateway: {{ DOCKER.bip | split("/")[0]}}
+    - gateway: {{ DOCKER.bip.split("/")[0] }}
     - options:
         com.docker.network.bridge.name: 'sobridge'
         com.docker.network.driver.mtu: '1500'

From db09b465bdc2047a7c0ba7b7e4ec28164fb78ca6 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 09:23:13 -0400
Subject: [PATCH 06/12] change default docker net/range

---
 salt/docker/defaults.yaml | 4 ++--
 setup/so-functions        | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml
index dcdc9e497..522e194ec 100644
--- a/salt/docker/defaults.yaml
+++ b/salt/docker/defaults.yaml
@@ -1,6 +1,6 @@
 docker:
-  range: '172.17.1.0/24'
-  bip: '172.17.1.1'
+  range: '172.17.0.0/24'
+  bip: '172.17.0.1'
   containers:
     'so-dockerregistry':
       final_octet: 20
diff --git a/setup/so-functions b/setup/so-functions
index a088b7f8a..f4398a0a9 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -253,7 +253,7 @@ collect_dns_domain() {
 
 collect_dockernet() {
 	if ! whiptail_dockernet_check; then
-		whiptail_dockernet_sosnet "172.17.1.0"
+		whiptail_dockernet_sosnet "172.17.0.0"
 
 		while ! valid_ip4 "$DOCKERNET"; do
 			whiptail_invalid_input
@@ -1100,7 +1100,7 @@ docker_registry() {
 	logCmd "mkdir -p /etc/docker"
 	# This will get applied so docker can attempt to start
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.1.0
+		DOCKERNET=172.17.0.0
 	fi
 	# Make the host use the manager docker registry
 	DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
@@ -1483,7 +1483,7 @@ create_global() {
 	fi
 
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.1.0
+		DOCKERNET=172.17.0.0
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
 	else
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24

From 9bda01bd299bd62236c799fc421283eab725d84c Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 10:40:23 -0400
Subject: [PATCH 07/12] change ranges

---
 salt/common/files/daemon.json | 6 ++----
 salt/docker/defaults.yaml     | 4 ++--
 setup/so-functions            | 6 +++---
 3 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/salt/common/files/daemon.json b/salt/common/files/daemon.json
index ff6f930bf..32d1fc1fe 100644
--- a/salt/common/files/daemon.json
+++ b/salt/common/files/daemon.json
@@ -1,13 +1,11 @@
-{%- set DOCKERRANGE = salt['pillar.get']('docker:range', '172.17.0.0/24') %}
-{%- set DOCKERBIND = salt['pillar.get']('docker:bip', '172.17.0.1/24') %}
 {
   "registry-mirrors": [
     "https://:5000"
   ],
-  "bip": "{{ DOCKERBIND }}",
+  "bip": "172.17.0.1/24",
   "default-address-pools": [
     {
-      "base": "{{ DOCKERRANGE }}",
+      "base": "172.17.0.0/24",
       "size": 24
     }
   ]
diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml
index 522e194ec..dcdc9e497 100644
--- a/salt/docker/defaults.yaml
+++ b/salt/docker/defaults.yaml
@@ -1,6 +1,6 @@
 docker:
-  range: '172.17.0.0/24'
-  bip: '172.17.0.1'
+  range: '172.17.1.0/24'
+  bip: '172.17.1.1'
   containers:
     'so-dockerregistry':
       final_octet: 20
diff --git a/setup/so-functions b/setup/so-functions
index f4398a0a9..a088b7f8a 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -253,7 +253,7 @@ collect_dns_domain() {
 
 collect_dockernet() {
 	if ! whiptail_dockernet_check; then
-		whiptail_dockernet_sosnet "172.17.0.0"
+		whiptail_dockernet_sosnet "172.17.1.0"
 
 		while ! valid_ip4 "$DOCKERNET"; do
 			whiptail_invalid_input
@@ -1100,7 +1100,7 @@ docker_registry() {
 	logCmd "mkdir -p /etc/docker"
 	# This will get applied so docker can attempt to start
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
+		DOCKERNET=172.17.1.0
 	fi
 	# Make the host use the manager docker registry
 	DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
@@ -1483,7 +1483,7 @@ create_global() {
 	fi
 
 	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.0.0
+		DOCKERNET=172.17.1.0
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
 	else
 		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24

From 00483018ca2a666b248f0d533a927aa58658bda0 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 13:38:14 -0400
Subject: [PATCH 08/12] change docker bip to gateway

---
 salt/docker/defaults.yaml   | 2 +-
 salt/docker/init.sls        | 2 +-
 salt/docker/soc_docker.yaml | 4 ++--
 salt/mysql/enabled.sls      | 2 +-
 salt/vars/globals.map.jinja | 2 +-
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/salt/docker/defaults.yaml b/salt/docker/defaults.yaml
index dcdc9e497..e39feaf06 100644
--- a/salt/docker/defaults.yaml
+++ b/salt/docker/defaults.yaml
@@ -1,6 +1,6 @@
 docker:
   range: '172.17.1.0/24'
-  bip: '172.17.1.1'
+  gateway: '172.17.1.1'
   containers:
     'so-dockerregistry':
       final_octet: 20
diff --git a/salt/docker/init.sls b/salt/docker/init.sls
index 61801d3a3..45ba4a1ac 100644
--- a/salt/docker/init.sls
+++ b/salt/docker/init.sls
@@ -103,7 +103,7 @@ sos_docker_net:
   docker_network.present:
     - name: sobridge
     - subnet: {{ DOCKER.range }}
-    - gateway: {{ DOCKER.bip.split("/")[0] }}
+    - gateway: {{ DOCKER.gateway }}
     - options:
         com.docker.network.bridge.name: 'sobridge'
         com.docker.network.driver.mtu: '1500'
diff --git a/salt/docker/soc_docker.yaml b/salt/docker/soc_docker.yaml
index 73e8063d9..82f59e4dc 100644
--- a/salt/docker/soc_docker.yaml
+++ b/salt/docker/soc_docker.yaml
@@ -1,6 +1,6 @@
 docker:
-  bip:
-    description: Bind IP for the default docker interface.
+  gateway:
+    description: Gateway for the default docker interface.
     helpLink: docker.html
     advanced: True
   range:
diff --git a/salt/mysql/enabled.sls b/salt/mysql/enabled.sls
index c23d9bcad..1e1a3ca1e 100644
--- a/salt/mysql/enabled.sls
+++ b/salt/mysql/enabled.sls
@@ -43,7 +43,7 @@ so-mysql:
       - {{ BINDING }}
       {% endfor %}
     - environment:
-      - MYSQL_ROOT_HOST={{ GLOBALS.so_docker_bip }}
+      - MYSQL_ROOT_HOST={{ GLOBALS.so_docker_gateway }}
       - MYSQL_ROOT_PASSWORD=/etc/mypass
       {% if DOCKER.containers['so-mysql'].extra_env %}
         {% for XTRAENV in DOCKER.containers['so-mysql'].extra_env %}
diff --git a/salt/vars/globals.map.jinja b/salt/vars/globals.map.jinja
index 9ce509d7b..3265cde18 100644
--- a/salt/vars/globals.map.jinja
+++ b/salt/vars/globals.map.jinja
@@ -22,7 +22,7 @@
     'md_engine': INIT.PILLAR.global.mdengine,
     'pipeline': INIT.PILLAR.global.pipeline,
     'so_version': INIT.PILLAR.global.soversion,
-    'so_docker_bip': DOCKER.bip,
+    'so_docker_gateway': DOCKER.gateway,
     'so_docker_range': DOCKER.range,
     'url_base': INIT.PILLAR.global.url_base,
     'so_model': INIT.GRAINS.get('sosmodel',''),

From d71254ad29c6bbdc89ee05307a9b7c41e4816e3d Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 14:47:14 -0400
Subject: [PATCH 09/12] only add custom docker net to pillar

---
 setup/so-functions | 46 +++++++++-------------------------------------
 setup/so-whiptail  |  2 +-
 2 files changed, 10 insertions(+), 38 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index a088b7f8a..bf66a8aa8 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1094,32 +1094,6 @@ disable_ipv6() {
 	} >> /etc/sysctl.conf
 }
 
-docker_registry() {
-
-	title "Setting up Docker Registry"
-	logCmd "mkdir -p /etc/docker"
-	# This will get applied so docker can attempt to start
-	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.1.0
-	fi
-	# Make the host use the manager docker registry
-	DNETBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-	if [ -n "$TURBO" ]; then local proxy="$TURBO"; else local proxy="https://$MSRV"; fi
-	printf '%s\n'\
-		"{"\
-		"  \"registry-mirrors\": [ \"$proxy:5000\" ],"\
-		"  \"bip\": \"$DNETBIP\","\
-		"  \"default-address-pools\": ["\
-		"    {"\
-		"      \"base\" : \"$DOCKERNET/24\","\
-		"      \"size\" : 24"\
-		"    }"\
-		"  ]"\
-		"}" > /etc/docker/daemon.json
-	info "Docker Registry Setup - Complete"
-
-}
-
 docker_seed_update() {
 	local name=$1
 	local percent_delta=1
@@ -1482,13 +1456,6 @@ create_global() {
 		fi
 	fi
 
-	if [ -z "$DOCKERNET" ]; then
-		DOCKERNET=172.17.1.0
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-	else
-		DOCKERBIP=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')/24
-	fi
-
 	if [ -f "$global_pillar_file" ]; then
 		rm $global_pillar_file
 	fi
@@ -1549,10 +1516,15 @@ soctopus_pillar() {
 docker_pillar() {
 	title "Create the docker pillar file"
 	touch $adv_docker_pillar_file
-	printf '%s\n'\
-		"docker:"\
-		"  range: '$DOCKERNET/24'"\
-		"  bip: '$DOCKERBIP'" > $docker_pillar_file
+	touch $docker_pillar_file
+
+	if [ ! -z "$DOCKERNET" ]; then
+		DOCKERGATEWAY=$(echo $DOCKERNET | awk -F'.' '{print $1,$2,$3,1}' OFS='.')
+		printf '%s\n'\
+			"docker:"\
+			"  range: '$DOCKERNET/24'"\
+			"  gateway: '$DOCKERGATEWAY'" > $docker_pillar_file
+	fi
 }
 
 redis_pillar() {
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 428bfe702..74953f8c6 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -398,7 +398,7 @@ whiptail_end_settings() {
 
 	[[ -n $WEBUSER ]] && __append_end_msg "Web User: $WEBUSER"
 
-	[[ -n $DOCKERNET ]] && __append_end_msg "Docker network: $DOCKERNET"
+	[[ -n $DOCKERNET ]] && __append_end_msg "Docker network: $DOCKERNET/24"
 	if [[ ${#ntp_servers[@]} -gt 0 ]]; then
 		__append_end_msg "NTP Servers:"
 		for server in "${ntp_servers[@]}"; do

From 2545f9907f11871cef985efa5431d7e994267e97 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 17:00:20 -0400
Subject: [PATCH 10/12] dont allow 172.17.0.0/24 for custom dockernet

---
 setup/so-functions | 2 +-
 setup/so-whiptail  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index bf66a8aa8..8a5416e3d 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -245,7 +245,7 @@ collect_dns() {
 collect_dns_domain() {
 	whiptail_management_interface_dns_search "searchdomain.local"
 
-	while ! valid_fqdn "$MSEARCH"; do
+	while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]; do
 		whiptail_invalid_input
 		whiptail_management_interface_dns_search "$MSEARCH"
 	done
diff --git a/setup/so-whiptail b/setup/so-whiptail
index 74953f8c6..3c5a2504e 100755
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -330,7 +330,7 @@ whiptail_dockernet_sosnet() {
 	[ -n "$TESTING" ] && return
 
 	DOCKERNET=$(whiptail --title "$whiptail_title" --inputbox \
-	"\nEnter a /24 size network range for SOS containers to use WITHOUT the /24 suffix. This range will be used on ALL nodes." 11 65 "$1" 3>&1 1>&2 2>&3)
+	"\nEnter a /24 size network range for SOS containers to use WITHOUT the /24 suffix. This range will be used on ALL nodes. Any range within 172.17.0.0/24 cannot be used." 11 65 "$1" 3>&1 1>&2 2>&3)
 
 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus

From 16edca7834d0ea676cc4e5a98357ab8dfbbe81e7 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 17:06:49 -0400
Subject: [PATCH 11/12] fix failed copy paste

---
 setup/so-functions | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/so-functions b/setup/so-functions
index 8a5416e3d..db3973c27 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -245,7 +245,7 @@ collect_dns() {
 collect_dns_domain() {
 	whiptail_management_interface_dns_search "searchdomain.local"
 
-	while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]; do
+	while ! valid_fqdn "$MSEARCH"; do
 		whiptail_invalid_input
 		whiptail_management_interface_dns_search "$MSEARCH"
 	done
@@ -255,7 +255,7 @@ collect_dockernet() {
 	if ! whiptail_dockernet_check; then
 		whiptail_dockernet_sosnet "172.17.1.0"
 
-		while ! valid_ip4 "$DOCKERNET"; do
+		while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]
 			whiptail_invalid_input
 			whiptail_dockernet_sosnet "$DOCKERNET"
 		done

From b20fad2839bb100550bf476548d6c144dd817bf0 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Mon, 24 Jul 2023 17:08:01 -0400
Subject: [PATCH 12/12] add missing do

---
 setup/so-functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup/so-functions b/setup/so-functions
index db3973c27..41f566337 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -255,7 +255,7 @@ collect_dockernet() {
 	if ! whiptail_dockernet_check; then
 		whiptail_dockernet_sosnet "172.17.1.0"
 
-		while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]
+		while ! valid_ip4 "$DOCKERNET" || [[ $DOCKERNET =~ "172.17.0." ]]; do
 			whiptail_invalid_input
 			whiptail_dockernet_sosnet "$DOCKERNET"
 		done