CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 01:02:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
securityonion/salt/firewall/portgroups.yaml

131 lines
2.3 KiB
YAML
Raw Permalink Blame History

{% if grains.role == 'so-idh' %}
{% from 'idh/opencanary_config.map.jinja' import OPENCANARYCONFIG %}
{% from 'idh/openssh/map.jinja' import openssh_map %}
{% set idh_services = salt['pillar.get']('idh:services', []) %}
{% set ssh_port = openssh_map.config.port %}
{% else %}
{% set ssh_port = 22 %}
{% endif %}
firewall:
aliases:
ports:
all:
tcp:
- '0:65535'
udp:
- '0:65535'
acng:
tcp:
- 3142
agrules:
tcp:
- 7788
beats_5044:
tcp:
- 5044
beats_5644:
tcp:
- 5644
beats_5066:
tcp:
- 5066
cortex:
tcp:
- 9001
cortex_es_node:
tcp:
- 9500
cortex_es_rest:
tcp:
- 9400
docker_registry:
tcp:
- 5000
elasticsearch_node:
tcp:
- 9300
elasticsearch_rest:
tcp:
- 9200
endgame:
tcp:
- 3765
fleet_api:
tcp:
- 8090
fleet_webui:
tcp:
- 443
influxdb:
tcp:
- 8086
kibana:
tcp:
- 5601
minio:
tcp:
- 9595
mysql:
tcp:
- 3306
nginx:
tcp:
- 80
- 443
osquery_8080:
tcp:
- 8080
playbook:
tcp:
- 3200
redis:
tcp:
- 6379
- 9696
salt_manager:
tcp:
- 4505
- 4506
sensoroni:
tcp:
- 443
ssh:
tcp:
- {{ ssh_port }}
strelka_frontend:
tcp:
- 57314
syslog:
tcp:
- 514
udp:
- 514
wazuh_agent:
tcp:
- 1514
udp:
- 1514
wazuh_api:
tcp:
- 55000
wazuh_authd:
tcp:
- 1515
yum:
tcp:
- 443
{% if idh_services is defined %}
{% for service in idh_services %}
{% if service in ["smnp","ntp", "tftp"] %}
{% set proto = 'udp' %}
{% else %}
{% set proto = 'tcp' %}
{% endif %}
idh_{{service}}:
{{proto}}:
- {{ OPENCANARYCONFIG[service~'.port'] }}
{% endfor %}
{% endif %}
Reference in New Issue View Git Blame Copy Permalink