CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Initial Firewall State Simplification

Browse Source
This commit is contained in:
Mike Reeves
2020-05-07 11:36:38 -04:00
parent a883af32e7
commit dd8627f9dd
5 changed files with 134 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pillar/firewall/addfirewall.sh
View File

@@ -8,6 +8,6 @@ IPADDRESS=$2
if grep -q $2 "/opt/so/saltstack/pillar/firewall/$1.sls"; then
echo "Firewall Rule Already There"
else
echo " - $2" >> /opt/so/saltstack/pillar/firewall/$1.sls
echo " - $2" >> /opt/so/saltstack/pillar/firewall/$1.sls
salt-call state.apply firewall queue=True
fi

62
pillar/firewall/ports.sls Normal file
View File

@@ -0,0 +1,62 @@
firewall:
analyst:
ports:
tcp:
- 80
- 443
udp:
beats_endpoint:
ports:
tcp:
- 5044
forward_nodes:
ports:
tcp:
- 443
- 5044
- 5644
- 9822
udp:
master:
ports:
tcp:
- 1514
- 3200
- 3306
- 4200
- 5601
- 6379
- 8086
- 8090
- 9001
- 9200
- 9300
- 9400
- 9500
udp:
- 1514
minions:
ports:
tcp:
- 3142
- 4505
- 4506
- 5000
- 8080
- 8086
- 55000
osquery_endpoint:
ports:
tcp:
- 8090
search_nodes:
ports:
tcp:
- 6379
- 9300
wazuh_endpoint:
ports:
tcp:
- 1514
udp:
-1514