CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #788 from Security-Onion-Solutions/feature/filebeat-syslog-fw

Browse Source 
allow syslog
This commit is contained in:
weslambert
2020-05-28 09:58:15 -04:00
committed by GitHub
parent 2b4cfe2b02 b7d7747f65
commit c775e583dd
1 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
salt/firewall/init.sls
View File

@@ -136,6 +136,18 @@ enable_wazuh_manager_1514_udp_{{ip}}:
- position: 1 - position: 1
- save: True - save: True
# Allow syslog
enable_syslog_514_{{ip}}:
iptables.insert:
- table: filter
- chain: DOCKER-USER
- jump: ACCEPT
- proto: tcp
- source: {{ ip }}
- dport: 514
- position: 1
- save: True
# Rules if you are a Master # Rules if you are a Master
{% if grains['role'] in ['so-master', 'so-eval', 'so-helix', 'so-mastersearch', 'so-standalone'] %} {% if grains['role'] in ['so-master', 'so-eval', 'so-helix', 'so-mastersearch', 'so-standalone'] %}
#This should be more granular #This should be more granular