Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into issue/5809

salt/common/tools/sbin/so-common

@@ -390,20 +390,30 @@ has_uppercase() {
 }
 
 valid_cidr() {
-	# Verify there is a backslash in the string
-	echo "$1" | grep -qP "^[^/]+/[^/]+$" || return 1
-	
-	local cidr
-	local ip
+	local cidr=$1
 
-	cidr=$(echo "$1" | sed 's/.*\///')
-	ip=$(echo "$1" | sed 's/\/.*//' )
-	
-	if valid_ip4 "$ip"; then
-		[[ $cidr =~ ([0-9]|[1-2][0-9]|3[0-2]) ]] && return 0 || return 1
-	else
-		return 1
-	fi
+	read -r -d '' cidr_python <<- EOM
+	import ipaddress
+	import sys
+
+	def validate_cidr(cidr: str) -> bool:
+	  # We want the string to be a cidr block and not a single ip
+	  if '/' not in cidr:
+	  	return False
+	  try:
+	    ipaddress.ip_network(cidr)
+	  except ValueError:
+	    return False
+	  return True
+
+	if validate_cidr('$cidr'):
+	  sys.exit(0)
+	else:
+	  sys.exit(1)
+	EOM
+
+	python3 -c "$cidr_python"
+	return $?
 }
 
 valid_cidr_list() {
@@ -447,7 +457,26 @@ valid_hostname() {
 valid_ip4() {
 	local ip=$1
 
-	echo "$ip" | grep -qP '^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$' && return 0 || return 1
+	local ip_python
+	read -r -d '' ip_python <<- EOM
+	import ipaddress
+	import sys
+
+	def validate_ip(ip: str) -> bool:
+	  try:
+	    ipaddress.ip_address(ip)
+	  except ValueError:
+	    return False
+	  return True
+
+	if validate_ip('$ip'):
+	  sys.exit(0)
+	else:
+	  sys.exit(1)
+	EOM
+
+	python3 -c "$ip_python"
+	return $?
 }
 
 valid_int() {

salt/common/tools/sbin/soup

@@ -690,9 +690,12 @@ up_2.3.5X_to_2.3.80() {
 }
 
 up_2.3.80_to_2.3.90() {
-
+  for i in manager eval standalone; do
+        echo "soc:" >> /opt/so/saltstack/local/pillar/minions/*$i*.sls
+        sed -i "/^soc:/a \\  es_index_patterns: '*:so-*,*:endgame-*'" /opt/so/saltstack/local/pillar/minions/*$i*.sls
+  done
+  
   INSTALLEDVERSION=2.3.90
-
 }
 
 verify_upgradespace() {