CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

2.4 fw changes

Browse Source
This commit is contained in:
m0duspwnens
2023-02-08 09:18:05 -05:00
parent e8a1e164aa
commit fb7ebcac7e
5 changed files with 14 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/firewall/hostgroups/anywhere Normal file
View File

@@ -0,0 +1 @@
0.0.0.0/0

2
salt/firewall/hostgroups/dockernet Normal file
View File

@@ -0,0 +1,2 @@
{% from 'docker/docker.map.jinja' import DOCKER -%}
{{ DOCKER.sorange }}

1
salt/firewall/hostgroups/localhost Normal file
View File

@@ -0,0 +1 @@
127.0.0.1

2
salt/firewall/hostgroups/self Normal file
View File

@@ -0,0 +1,2 @@
{% from 'vars/globals.map.jinja' import GLOBALS -%}
{{ GLOBALS.node_ip }}

32
salt/firewall/map.jinja
View File

@@ -3,7 +3,7 @@
{% import_yaml 'firewall/ports/ports.yaml' as default_portgroups %} {% import_yaml 'firewall/ports/ports.yaml' as default_portgroups %}
{% set default_portgroups = default_portgroups.firewall.ports %} {% set default_portgroups = default_portgroups.firewall.ports %}
{% import_yaml 'firewall/portgroups.local.yaml' as local_portgroups %} {% import_yaml 'firewall/ports/ports.local.yaml' as local_portgroups %}
{% if local_portgroups.firewall.ports %} {% if local_portgroups.firewall.ports %}
{% set local_portgroups = local_portgroups.firewall.ports %} {% set local_portgroups = local_portgroups.firewall.ports %}
{% else %} {% else %}
@@ -15,30 +15,14 @@
{% import_yaml 'firewall/hostgroups.yaml' as default_hostgroups %} {% import_yaml 'firewall/hostgroups.yaml' as default_hostgroups %}
{#% import_yaml 'firewall/hostgroups.local.yaml' as local_hostgroups %#} {#% import_yaml 'firewall/hostgroups.local.yaml' as local_hostgroups %#}
{% set local_hostgroups = {'firewall': {'hostgroups': {}}} %} {% set local_hostgroups = {'firewall': {'hostgroups': {}}} %}
{% set hostgroup_list = [
'analyst', {% set hostgroup_list = salt['cp.list_master'](prefix='firewall/hostgroups') %}
'analyst_workstations', {% do hostgroup_list.remove('firewall/hostgroups.local.yaml') %}
'eval', {% do hostgroup_list.remove('firewall/hostgroups.yaml') %}
'heavynodes',
'idh',
'manager',
'managersearch',
'receivers',
'searchnodes',
'sensors',
'standalone',
'beats_endpoint',
'beats_endpoint_ssl',
'elasticsearch_rest',
'elastic_agent_endpoint',
'endgame',
'strelka_frontend',
'syslog'
]
%}
{% for hg in hostgroup_list %} {% for hg in hostgroup_list %}
{% import_text 'firewall/hostgroups/' ~ hg as hg_ips %} {% import_text hg as hg_ips %}
{% do local_hostgroups.firewall.hostgroups.update({hg: {'ips': {'insert': hg_ips.split(), 'delete': []}}}) %} {% do local_hostgroups.firewall.hostgroups.update({hg.split('/')[2]: {'ips': {'insert': hg_ips.split(), 'delete': []}}}) %}
{% endfor %} {% endfor %}
{% set hostgroups = salt['defaults.merge'](default_hostgroups.firewall.hostgroups, local_hostgroups.firewall.hostgroups, in_place=False) %} {% set hostgroups = salt['defaults.merge'](default_hostgroups.firewall.hostgroups, local_hostgroups.firewall.hostgroups, in_place=False) %}