From edf531739cf6ae3bca5919a5230976a5e8737140 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Wed, 24 May 2023 15:47:07 -0400
Subject: [PATCH] Suricata Airgap

---
 salt/idstools/etc/rulecat.conf | 6 +++---
 salt/nginx/enabled.sls         | 1 +
 salt/nginx/etc/nginx.conf      | 4 ++--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/salt/idstools/etc/rulecat.conf b/salt/idstools/etc/rulecat.conf
index b95d0c463..50ac14674 100644
--- a/salt/idstools/etc/rulecat.conf
+++ b/salt/idstools/etc/rulecat.conf
@@ -1,12 +1,12 @@
-{%- from 'vars/globals.map.jinja' import GLOBALS %}
-{%- from 'idstools/map.jinja' import IDSTOOLSMERGED %}
+{%- from 'vars/globals.map.jinja' import GLOBALS -%}
+{%- from 'idstools/map.jinja' import IDSTOOLSMERGED -%}
 --merged=/nsm/rules/suricata/all.rules
 --local=/nsm/rules/local/local.rules
 {%-   if GLOBALS.md_engine == "SURICATA" %}
 --local=/nsm/rules/sorules/ids/extraction.rules
 --local=/nsm/rules/sorules/filters.rules
 {%-   endif %}
---url=http://{{ GLOBALS.manager }}:7788/rules/emerging-all.rules
+--url=http://{{ GLOBALS.manager }}:7788/suricata/emerging-all.rules
 --disable=/opt/so/idstools/etc/disable.conf
 --enable=/opt/so/idstools/etc/enable.conf
 --modify=/opt/so/idstools/etc/modify.conf
diff --git a/salt/nginx/enabled.sls b/salt/nginx/enabled.sls
index 602c7d33d..923299e57 100644
--- a/salt/nginx/enabled.sls
+++ b/salt/nginx/enabled.sls
@@ -42,6 +42,7 @@ so-nginx:
       - /opt/so/conf/navigator/enterprise-attack.json:/opt/socore/html/navigator/assets/enterprise-attack.json:ro
       - /opt/so/conf/navigator/pre-attack.json:/opt/socore/html/navigator/assets/pre-attack.json:ro
       - /nsm/repo:/opt/socore/html/repo:ro
+      - /nsm/rules:/nsm/rules:ro
       {% endif %}
       {% if DOCKER.containers['so-nginx'].custom_bind_mounts %}
         {% for BIND in DOCKER.containers['so-nginx'].custom_bind_mounts %}
diff --git a/salt/nginx/etc/nginx.conf b/salt/nginx/etc/nginx.conf
index 7a8a24a1f..4aeb894dd 100644
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -84,8 +84,8 @@ http {
 	server {
 		listen 7788;
 		server_name {{ GLOBALS.url_base }};
-		root /opt/socore/html/repo;
-		location /rules/ {
+		root /nsm/rules;
+		location / {
 			allow all;
 			sendfile on;
 			sendfile_max_chunk 1m;