Merge pull request #74 from TOoSmOotH/master

1.1.2

README.md

@@ -1,3 +1,9 @@
+## Hybrid Hunter Alpha 1.1.2
+
+- Quick firewall fix to address latest docker version.
+- Added the option to install playbook from the initial install.
+- Fixed an issue with multiple monitor interfaces not working properly.  
+
 ## Hybrid Hunter Alpha 1.1.1
 
 ### Changes:

salt/common/init.sls

@@ -116,13 +116,13 @@ nginxtmp:
 # Start the core docker
 so-coreimage:
  cmd.run:
-   - name: docker pull --disable-content-trust=false soshybridhunter/so-core:HH1.1.1
+   - name: docker pull --disable-content-trust=false soshybridhunter/so-core:HH1.1.2
 
 so-core:
   docker_container.running:
     - require:
       - so-coreimage
-    - image: soshybridhunter/so-core:HH1.1.1
+    - image: soshybridhunter/so-core:HH1.1.2
     - hostname: so-core
     - user: socore
     - binds:

salt/firewall/init.sls

@@ -6,6 +6,21 @@
 {%- elif grains['role'] == 'so-sensor' %}
 {%- set ip = salt['pillar.get']('sensor:mainip', '') %}
 {%- endif %}
+# Quick Fix for Docker being difficult
+iptables_fix_docker:
+  iptables.chain_present:
+    - name: DOCKER-USER
+    - table: filter
+
+# Add the Forward Rule since Docker ripped it out
+iptables_fix_fwd:
+  iptables.insert:
+    - table: filter
+    - chain: FORWARD
+    - jump: ACCEPT
+    - position: 1
+    - target: DOCKER-USER
+    
 # Keep localhost in the game
 iptables_allow_localhost:
   iptables.append:

so-setup-network.sh

@@ -556,7 +556,7 @@ master_pillar() {
   echo "  osquery: $OSQUERY" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
   echo "  wazuh: $WAZUH" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
   echo "  thehive: $THEHIVE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
-  echo "  playbook: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
+  echo "  playbook: $PLAYBOOK" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
   }
 
 master_static() {
@@ -620,6 +620,7 @@ process_components() {
   OSQUERY=0
   WAZUH=0
   THEHIVE=0
+  PLAYBOOK=0
 
   IFS=$' '
   for item in $(echo "$CLEAN"); do
@@ -1178,7 +1179,8 @@ whiptail_enable_components() {
   "GRAFANA" "Enable Grafana for system monitoring" ON \
   "OSQUERY" "Enable Fleet with osquery" ON \
   "WAZUH" "Enable Wazuh" ON \
-  "THEHIVE" "Enable TheHive" ON 3>&1 1>&2 2>&3 )
+  "THEHIVE" "Enable TheHive" ON \
+  "PLAYBOOK" "Enable Playbook" ON 3>&1 1>&2 2>&3 )
 }
 
 whiptail_eval_adv() {
@@ -1741,6 +1743,10 @@ if (whiptail_you_sure); then
         echo -e "XXX\n87\nInstalling TheHive... \nXXX"
         salt-call state.apply hive >> $SETUPLOG 2>&1
       fi
+      if [[ $PLAYBOOK == '1' ]]; then
+        echo -e "XXX\n89\nInstalling Playbook... \nXXX"
+        salt-call state.apply playbook >> $SETUPLOG 2>&1
+      fi
       echo -e "XXX\n75\nEnabling Checking at Boot... \nXXX"
       checkin_at_boot >> $SETUPLOG 2>&1
       echo -e "XXX\n95\nVerifying Install... \nXXX"
@@ -1969,9 +1975,13 @@ if (whiptail_you_sure); then
       salt-call state.apply schedule >> $SETUPLOG 2>&1
       salt-call state.apply soctopus >> $SETUPLOG 2>&1
       if [[ $THEHIVE == '1' ]]; then
-        echo -e "XXX\n97\nInstalling The Hive... \nXXX"
+        echo -e "XXX\n96\nInstalling The Hive... \nXXX"
         salt-call state.apply hive >> $SETUPLOG 2>&1
       fi
+      if [[ $PLAYBOOK == '1' ]]; then
+        echo -e "XXX\n97\nInstalling Playbook... \nXXX"
+        salt-call state.apply playbook >> $SETUPLOG 2>&1
+      fi
       echo -e "XXX\n98\nSetting checkin to run on boot... \nXXX"
       checkin_at_boot >> $SETUPLOG 2>&1
       echo -e "XXX\n99\nVerifying Setup... \nXXX"