CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

Firewall Changes

Browse Source
This commit is contained in:
Mike Reeves
2022-09-22 16:54:57 -04:00
parent 81f79c3a02
commit f9c77900ae
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
setup/so-functions
View File

@@ -2180,6 +2180,12 @@ set_initial_firewall_policy() {
fi fi
} }
set_initial_firewall_access() {
if [[ ! -z "$ALLOW_CIDR" ]]
$default_salt_dir/salt/common/tools/sbin/so-firewall --role=analyst --ip=$ALLOW_CIDR --apply=true
fi
}
# Set up the management interface on the ISO # Set up the management interface on the ISO
set_management_interface() { set_management_interface() {
title "Setting up the main interface" title "Setting up the main interface"

1
setup/so-setup
View File

@@ -565,6 +565,7 @@ if ! [[ -f $install_opt_file ]]; then
title "Setting up Playbook" title "Setting up Playbook"
logCmd "so-playbook-reset" logCmd "so-playbook-reset"
checkin_at_boot checkin_at_boot
set_initial_firewall_access
whiptail_setup_complete whiptail_setup_complete
else else
es_heapsize es_heapsize

4
setup/so-whiptail
View File

@@ -1267,7 +1267,7 @@ whiptail_so_allow_yesno() {
[ -n "$TESTING" ] && return [ -n "$TESTING" ] && return
whiptail --title "$whiptail_title" \ whiptail --title "$whiptail_title" \
--yesno "Do you want to run so-allow to allow other machines to access this Security Onion installation via the web interface?" \ --yesno "Do you want to allow access to this Security Onion installation via the web interface?" \
8 75 8 75
} }
@@ -1280,7 +1280,7 @@ whiptail_so_allow() {
10 75 "$1" 3>&1 1>&2 2>&3) 10 75 "$1" 3>&1 1>&2 2>&3)
local exitstatus=$? local exitstatus=$?
export ALLOW_ROLE='a' export ALLOW_ROLE='analyst'
export ALLOW_CIDR export ALLOW_CIDR
whiptail_check_exitstatus $exitstatus whiptail_check_exitstatus $exitstatus