CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

changes for soc firewall

Browse Source
This commit is contained in:
m0duspwnens
2023-02-24 15:24:02 -05:00
parent 29c68c1273
commit d502d95dba
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
pillar/top.sls
View File

@@ -60,6 +60,8 @@ base:
- elasticsearch.adv_elasticsearch - elasticsearch.adv_elasticsearch
- backup.soc_backup - backup.soc_backup
- backup.adv_backup - backup.adv_backup
- firewall.soc_firewall
- firewall.adv_firewall
- minions.{{ grains.id }} - minions.{{ grains.id }}
- minions.adv_{{ grains.id }} - minions.adv_{{ grains.id }}
@@ -94,6 +96,8 @@ base:
- influxdb.adv_influxdb - influxdb.adv_influxdb
- backup.soc_backup - backup.soc_backup
- backup.adv_backup - backup.adv_backup
- firewall.soc_firewall
- firewall.adv_firewall
- minions.{{ grains.id }} - minions.{{ grains.id }}
- minions.adv_{{ grains.id }} - minions.adv_{{ grains.id }}
@@ -125,6 +129,8 @@ base:
- soc.soc_soc - soc.soc_soc
- backup.soc_backup - backup.soc_backup
- backup.adv_backup - backup.adv_backup
- firewall.soc_firewall
- firewall.adv_firewall
- minions.{{ grains.id }} - minions.{{ grains.id }}
- minions.adv_{{ grains.id }} - minions.adv_{{ grains.id }}
@@ -197,6 +203,8 @@ base:
- redis.adv_redis - redis.adv_redis
- influxdb.soc_influxdb - influxdb.soc_influxdb
- influxdb.adv_influxdb - influxdb.adv_influxdb
- firewall.soc_firewall
- firewall.adv_firewall
- minions.{{ grains.id }} - minions.{{ grains.id }}
- minions.adv_{{ grains.id }} - minions.adv_{{ grains.id }}

9
salt/firewall/soc/soc.map.jinja
View File

@@ -1,2 +1,9 @@
{% import_yaml 'firewall/soc/defaults_soc_firewall.yaml' as DEFAULT_SOC_FIREWALL %} {% import_yaml 'firewall/soc/defaults_soc_firewall.yaml' as DEFAULT_SOC_FIREWALL %}
{% set SOC_FIREWALL = salt['pillar.get']('firewall:custom_groups:groups', DEFAULT_SOC_FIREWALL.firewall.hostgroups, merge=True) %} {% set PILLAR_SOC_FIREWALL_GROUPS = salt['pillar.get']('firewall:custom_groups:groups', {}) %}
{% set SOC_FIREWALL = DEFAULT_SOC_FIREWALL %}
{% for group in PILLAR_SOC_FIREWALL_GROUPS %}
{% set description = 'List of IP addresses or CIDR blocks to allow for ' ~ group ~ ' hostgroup.' %}
{% set title = group[0]|upper ~ group[1:] %}
{% do SOC_FIREWALL.firewall.hostgroups.update({group:{'description': description, 'file': 'True', 'global': 'True', 'title': title, 'helpLink': 'firewall.html#host-groups'}}) %}
{% endfor %}

3
salt/firewall/soc/soc_firewall.yaml.jinja
View File

@@ -1,3 +1,2 @@
{% from 'firewall/soc/soc.map.jinja' import SOC_FIREWALL %} {% from 'firewall/soc/soc.map.jinja' import SOC_FIREWALL -%}
{{ SOC_FIREWALL | yaml(false) }} {{ SOC_FIREWALL | yaml(false) }}