CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall Module - Allow Minions to connect to salt

Browse Source
This commit is contained in:
Mike Reeves
2018-06-19 10:43:55 -04:00
parent 73841b0bc3
commit dc3a1c9aa1
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pillar/firewall/minions.sls
View File

@@ -1,2 +1,2 @@
minion_ips: minions:
- 127.0.0.1 - 127.0.0.1

8
salt/firewall/init.sls
View File

@@ -52,10 +52,10 @@ enable_reject_policy:
# Rules if you are a Master # Rules if you are a Master
{% if grains['role'] == 'so-master' %} {% if grains['role'] == 'so-master' %}
{% set minions = salt['pillar.get']('firewall.minions', {}) %}
{% for ip in minions.get('minion_ips', []) %}
enable_salt_minions_4505: {% for ip in pillar.get('minions') %}
enable_salt_minions_4505_{{ip}}:
iptables.append: iptables.append:
- table: filter - table: filter
- chain: INPUT - chain: INPUT
@@ -65,7 +65,7 @@ enable_salt_minions_4505:
- dport: 4505 - dport: 4505
- save: True - save: True
enable_salt_minions_4506: enable_salt_minions_4506_{{ip}}:
iptables.append: iptables.append:
- table: filter - table: filter
- chain: INPUT - chain: INPUT