mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-02-21 14:35:27 +01:00
178 lines
2.7 KiB
YAML
178 lines
2.7 KiB
YAML
firewall:
|
|
rules:
|
|
analyst_workstations: []
|
|
standalone:
|
|
- 1.2.3.4
|
|
sensor:
|
|
- 1.2.3.3
|
|
- 2.3.4.5
|
|
searchnode:
|
|
- 3.4.5.6
|
|
- 7.8.9.10
|
|
manager:
|
|
- 1.33.2.11
|
|
hostgroups:
|
|
anywhere:
|
|
ips:
|
|
delete:
|
|
insert:
|
|
- 0.0.0.0/0
|
|
dockernet:
|
|
ips:
|
|
delete:
|
|
insert:
|
|
- 172.17.0.0/24
|
|
localhost:
|
|
ips:
|
|
delete:
|
|
insert:
|
|
- 127.0.0.1
|
|
self:
|
|
ips:
|
|
delete:
|
|
insert: []
|
|
analyst:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
beats_endpoint:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
beats_endpoint_ssl:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
elastic_agent_endpoint:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
elasticsearch_rest:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
endgame:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
fleet:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
heavy_node:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
idh:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
manager:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
minion:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
node:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
receiver:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
search_node:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
sensor:
|
|
ips:
|
|
delete: []
|
|
insert: [127.0.0.1]
|
|
strelka_frontend:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
syslog:
|
|
ips:
|
|
delete: []
|
|
insert: []
|
|
portgroups:
|
|
all:
|
|
tcp:
|
|
- '0:65535'
|
|
udp:
|
|
- '0:65535'
|
|
agrules:
|
|
tcp:
|
|
- 7788
|
|
beats_5044:
|
|
tcp:
|
|
- 5044
|
|
beats_5644:
|
|
tcp:
|
|
- 5644
|
|
beats_5066:
|
|
tcp:
|
|
- 5066
|
|
docker_registry:
|
|
tcp:
|
|
- 5000
|
|
elasticsearch_node:
|
|
tcp:
|
|
- 9300
|
|
elasticsearch_rest:
|
|
tcp:
|
|
- 9200
|
|
elastic_agent_control:
|
|
tcp:
|
|
- 8220
|
|
elastic_agent_data:
|
|
tcp:
|
|
- 5055
|
|
endgame:
|
|
tcp:
|
|
- 3765
|
|
influxdb:
|
|
tcp:
|
|
- 8086
|
|
kibana:
|
|
tcp:
|
|
- 5601
|
|
mysql:
|
|
tcp:
|
|
- 3306
|
|
nginx:
|
|
tcp:
|
|
- 80
|
|
- 443
|
|
playbook:
|
|
tcp:
|
|
- 3200
|
|
redis:
|
|
tcp:
|
|
- 6379
|
|
- 9696
|
|
salt_manager:
|
|
tcp:
|
|
- 4505
|
|
- 4506
|
|
sensoroni:
|
|
tcp:
|
|
- 443
|
|
ssh:
|
|
tcp:
|
|
- 22
|
|
strelka_frontend:
|
|
tcp:
|
|
- 57314
|
|
syslog:
|
|
tcp:
|
|
- 514
|
|
udp:
|
|
- 514
|
|
yum:
|
|
tcp:
|
|
- 443 |