Suricata Airgap

2025-12-14 13:12:49 +01:00 · 2023-05-24 15:47:07 -04:00
parent 11d7e66ea0
commit edf531739c
3 changed files with 6 additions and 5 deletions
--- a/salt/idstools/etc/rulecat.conf
+++ b/salt/idstools/etc/rulecat.conf
@@ -1,12 +1,12 @@
-{%- from 'vars/globals.map.jinja' import GLOBALS %}
+{%- from 'vars/globals.map.jinja' import GLOBALS -%}
-{%- from 'idstools/map.jinja' import IDSTOOLSMERGED %}
+{%- from 'idstools/map.jinja' import IDSTOOLSMERGED -%}
 --merged=/nsm/rules/suricata/all.rules
 --local=/nsm/rules/local/local.rules
 {%-   if GLOBALS.md_engine == "SURICATA" %}
 --local=/nsm/rules/sorules/ids/extraction.rules
 --local=/nsm/rules/sorules/filters.rules
 {%-   endif %}
--url=http://{{ GLOBALS.manager }}:7788/rules/emerging-all.rules
+--url=http://{{ GLOBALS.manager }}:7788/suricata/emerging-all.rules
 --disable=/opt/so/idstools/etc/disable.conf
 --enable=/opt/so/idstools/etc/enable.conf
 --modify=/opt/so/idstools/etc/modify.conf
--- a/salt/nginx/enabled.sls
+++ b/salt/nginx/enabled.sls
@@ -42,6 +42,7 @@ so-nginx:
      - /opt/so/conf/navigator/enterprise-attack.json:/opt/socore/html/navigator/assets/enterprise-attack.json:ro
      - /opt/so/conf/navigator/pre-attack.json:/opt/socore/html/navigator/assets/pre-attack.json:ro
      - /nsm/repo:/opt/socore/html/repo:ro
      - /nsm/rules:/nsm/rules:ro
      {% endif %}
      {% if DOCKER.containers['so-nginx'].custom_bind_mounts %}
        {% for BIND in DOCKER.containers['so-nginx'].custom_bind_mounts %}
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -84,8 +84,8 @@ http {
 	server {
 		listen 7788;
 		server_name {{ GLOBALS.url_base }};
-		root /opt/socore/html/repo;
+		root /nsm/rules;
-		location /rules/ {
+		location / {
 			allow all;
 			sendfile on;
 			sendfile_max_chunk 1m;