From fcb26bdaed9740bd07cf7f189460939fc63b4863 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Wed, 10 Jun 2020 15:03:34 -0400
Subject: [PATCH] change how ips are added during setup -
 https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/641

---
 pillar/top.sls     | 1 -
 setup/so-functions | 7 ++++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/pillar/top.sls b/pillar/top.sls
index 6569209ef..b0576c6eb 100644
--- a/pillar/top.sls
+++ b/pillar/top.sls
@@ -44,7 +44,6 @@ base:
     - logstash
     - logstash.master
     - logstash.search
-    - firewall.*
     - data.*
     - brologs
     - secrets
diff --git a/setup/so-functions b/setup/so-functions
index 16b7ef9a0..6dd0f5793 100755
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1382,11 +1382,16 @@ set_initial_firewall_policy() {
 			printf "  - %s\n" "$MAINIP" | tee -a $local_salt_dir/pillar/firewall/minions.sls $local_salt_dir/pillar/firewall/masterfw.sls
 			$default_salt_dir/pillar/data/addtotab.sh mastertab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm"
 			;;
-		'EVAL' | 'MASTERSEARCH')
+		'EVAL' | 'MASTERSEARCH' | 'STANDALONE')
 			printf "  - %s\n" "$MAINIP" | tee -a $local_salt_dir/pillar/firewall/minions.sls\
 				$local_salt_dir/pillar/firewall/masterfw.sls\
 				$local_salt_dir/pillar/firewall/forward_nodes.sls\
 				$local_salt_dir/pillar/firewall/search_nodes.sls
+				$default_salt_dir/salt/common/tools/sbin/so-firewall includehost master "$MAINIP"
+                $default_salt_dir/salt/common/tools/sbin/so-firewall includehost sensor "$MAINIP"
+                $default_salt_dir/salt/common/tools/sbin/so-firewall includehost search_node "$MAINIP"
+				salt-call -l info  state.apply firewall >> $setup_log 2>&1
+			
 			case "$install_type" in 
 				'EVAL')
 					$default_salt_dir/pillar/data/addtotab.sh evaltab "$MINION_ID" "$MAINIP" "$num_cpu_cores" "$random_uid" "$MNIC" "$filesystem_root" "$filesystem_nsm" bond0 True