CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-14 05:02:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

changes for soc firewall

Browse Source
This commit is contained in:
m0duspwnens
2023-02-24 15:24:02 -05:00
parent 29c68c1273
commit d502d95dba
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
salt/firewall/soc/soc.map.jinja
View File

@@ -1,2 +1,9 @@
{% import_yaml 'firewall/soc/defaults_soc_firewall.yaml' as DEFAULT_SOC_FIREWALL %}
{% set SOC_FIREWALL = salt['pillar.get']('firewall:custom_groups:groups', DEFAULT_SOC_FIREWALL.firewall.hostgroups, merge=True) %}
{% set PILLAR_SOC_FIREWALL_GROUPS = salt['pillar.get']('firewall:custom_groups:groups', {}) %}
{% set SOC_FIREWALL = DEFAULT_SOC_FIREWALL %}
{% for group in PILLAR_SOC_FIREWALL_GROUPS %}
{% set description = 'List of IP addresses or CIDR blocks to allow for ' ~ group ~ ' hostgroup.' %}
{% set title = group[0]|upper ~ group[1:] %}
{% do SOC_FIREWALL.firewall.hostgroups.update({group:{'description': description, 'file': 'True', 'global': 'True', 'title': title, 'helpLink': 'firewall.html#host-groups'}}) %}
{% endfor %}

3
salt/firewall/soc/soc_firewall.yaml.jinja
View File

@@ -1,3 +1,2 @@
{% from 'firewall/soc/soc.map.jinja' import SOC_FIREWALL %}
{% from 'firewall/soc/soc.map.jinja' import SOC_FIREWALL -%}
{{ SOC_FIREWALL | yaml(false) }}