Firewall Changes

setup/so-functions

@@ -2180,6 +2180,12 @@ set_initial_firewall_policy() {
 	fi
 }
 
+set_initial_firewall_access() {
+	if [[ ! -z "$ALLOW_CIDR" ]]
+		$default_salt_dir/salt/common/tools/sbin/so-firewall --role=analyst --ip=$ALLOW_CIDR --apply=true
+	fi
+}
+
 # Set up the management interface on the ISO
 set_management_interface() {
 	title "Setting up the main interface"

setup/so-setup

@@ -565,6 +565,7 @@ if ! [[ -f $install_opt_file ]]; then
 		title "Setting up Playbook"
 		logCmd "so-playbook-reset"
 		checkin_at_boot
+		set_initial_firewall_access
 		whiptail_setup_complete
 	else
 		es_heapsize

setup/so-whiptail

@@ -1267,7 +1267,7 @@ whiptail_so_allow_yesno() {
 	[ -n "$TESTING" ] && return
 
 	whiptail --title "$whiptail_title" \
-		--yesno "Do you want to run so-allow to allow other machines to access this Security Onion installation via the web interface?" \
+		--yesno "Do you want to allow access to this Security Onion installation via the web interface?" \
 		8 75
 }
 
@@ -1280,7 +1280,7 @@ whiptail_so_allow() {
 		10 75 "$1" 3>&1 1>&2 2>&3)
 	local exitstatus=$?
 	
-	export ALLOW_ROLE='a'
+	export ALLOW_ROLE='analyst'
 	export ALLOW_CIDR
 
 	whiptail_check_exitstatus $exitstatus