From c8a8236401959a8fabb5ec19aa8b8bc7ea05c535 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Tue, 13 Aug 2024 15:44:08 -0400
Subject: [PATCH] handle suricata network and port vars as string or list

---
 salt/suricata/map.jinja | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/salt/suricata/map.jinja b/salt/suricata/map.jinja
index a5012317a..a2c7072e0 100644
--- a/salt/suricata/map.jinja
+++ b/salt/suricata/map.jinja
@@ -101,20 +101,20 @@
 
 {# change address-groups vars from list to comma seperated string #}
 {% for k, v in SURICATAMERGED.config.vars['address-groups'].items() %}
+{%   if v is string %}
+{%     do SURICATAMERGED.config.vars['address-groups'].update({k: '[' ~ v ~ ']'}) %}
 {#   if address-group value is a list #}
-{%   if v is iterable and (v is not string and v is not mapping and v | length > 1) %}
+{%   elif v is iterable and v is not mapping %}
 {%     do SURICATAMERGED.config.vars['address-groups'].update({k: '[' ~ v | join(',') ~ ']'}) %}
-{%   else %}
-{%     do SURICATAMERGED.config.vars['address-groups'].update({k: v[0]}) %}
 {%   endif %}
 {% endfor %}
 
 {# change port-groups vars from list to comma seperated string #}
 {% for k, v in SURICATAMERGED.config.vars['port-groups'].items() %}
+{%   if v is string %}
+{%     do SURICATAMERGED.config.vars['port-groups'].update({k: '[' ~ v ~ ']'}) %}
 {#   if address-group value is a list #}
-{%   if v is iterable and (v is not string and v is not mapping and v | length > 1) %}
+{%   elif v is iterable and v is not mapping %}
 {%     do SURICATAMERGED.config.vars['port-groups'].update({k: '[' ~ v | join(',') ~ ']'}) %}
-{%   else %}
-{%     do SURICATAMERGED.config.vars['port-groups'].update({k: v[0]}) %}
 {%   endif %}
 {% endfor %}