CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

adding ability to assign hostgroup to single minion - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/641

Browse Source
This commit is contained in:
m0duspwnens
2020-06-10 14:05:19 -04:00
parent 15fd4de669
commit f89baff3d7
5 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/firewall/init.sls
View File

@@ -1,7 +1,6 @@
# Firewall Magic for the grid
{% from 'firewall/map.jinja' import hostgroups with context %}
{% from 'firewall/map.jinja' import assigned_hostgroups with context %}
{% set role = grains.id.split('_') | last %}
# Quick Fix for Docker being difficult
iptables_fix_docker:
@@ -85,8 +84,8 @@ enable_docker_user_established:
- match: conntrack
- ctstate: 'RELATED,ESTABLISHED'
{% for chain, hg in assigned_hostgroups.role[role].chain.items() %}
{% for hostgroup, portgroups in assigned_hostgroups.role[role].chain[chain].hostgroups.items() %}
{% for chain, hg in assigned_hostgroups.chain.items() %}
{% for hostgroup, portgroups in assigned_hostgroups.chain[chain].hostgroups.items() %}
{% for action in ['insert', 'delete' ] %}
{% if hostgroups[hostgroup].ips[action] %}
{% for ip in hostgroups[hostgroup].ips[action] %}