CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 16:03:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c73cd78f0819b7e3b2001c110fb6be1ff379b616
securityonion/salt/firewall/soc_firewall.yaml
doug fee5a7bea9 initial quick OCD pass
2022-09-23 16:29:55 -04:00

129 lines
4.0 KiB
YAML
Raw Blame History

firewall:
hostgroups:
analyst_workstations:
description: List of IP addresses or CIDR blocks to allow analyst workstations.
file: True
global: True
title: Analyst Workstations
helpLink: firewall.html#host-groups
analyst:
description: List of IP addresses or CIDR blocks to allow analyst connections.
file: True
global: True
title: Analyst
helpLink: firewall.html#host-groups
beats_endpoint:
description: List of IP addresses or CIDR blocks of standard beats without encryption.
file: True
global: True
title: Beats Endpoints
helpLink: firewall.html#host-groups
beats_endpoint_ssl:
description: List of IP addresses or CIDR blocks of standard beats with encryption.
file: True
global: True
title: Beats Endpoints SSL
helplink: firewall.html#host-groups
elastic_agent_endpoint:
description: List of IP addresses or CIDR blocks for Elastic Agent connections.
file: True
global: True
title: Elastic Agents
helplink: firewall.html#host-groups
elasticsearch_rest:
description: List of IP addresses or CIDR blocks to allow access directly to Elasticsearch.
file: True
global: True
title: Elasticsearch Rest
advanced: True
helplink: firewall.html#host-groups
endgame:
description: List of IP addresses or CIDR blocks to allow Endgame access.
file: True
global: True
title: Endgame
advanced: True
helplink: firewall.html#host-groups
strelka_frontend:
description: List of IP addresses or CIDR blocks to allow access to the Strelka front end.
file: True
global: True
title: Strelka Frontend
advanced: True
helplink: firewall.html#host-groups
syslog:
description: List of IP addresses or CIDR blocks to allow syslog.
file: True
global: True
title: Syslog Endpoint Traffic
helplink: firewall.html#host-groups
standalone:
description: List of IP addresses or CIDR blocks to allow standalone connections.
file: True
global: True
title: Standalone
advanced: True
helpLink: firewall.html#host-groups
eval:
description: List of IP addresses or CIDR blocks to allow eval connections.
file: True
global: True
title: Eval
advanced: True
helpLink: firewall.html#host-groups
idh:
description: List of IP addresses or CIDR blocks to allow idh connections.
file: True
global: True
title: IDH Nodes
helpLink: firewall.html#host-groups
manager:
description: List of IP addresses or CIDR blocks to allow manager connections.
file: True
global: True
title: Manager
advanced: True
helpLink: firewall.html#host-groups
heavynodes:
description: List of IP addresses or CIDR blocks to allow heavynode connections.
file: True
global: True
title: Heavy Nodes
helpLink: firewall.html#host-groups
searchnodes:
description: List of IP addresses or CIDR blocks to allow searchnode connections.
file: True
global: True
title: Search Nodes
helpLink: firewall.html#host-groups
sensors:
description: List of IP addresses or CIDR blocks to allow Sensor connections.
file: True
global: True
title: Sensors
helpLink: firewall.html#host-groups
receivers:
description: List of IP addresses or CIDR blocks to allow receiver connections.
file: True
global: True
title: Receivers
helpLink: firewall.html#host-groups
portgroups:
portgroups__yaml:
description: Port Groups
file: True
global: True
advanced: True
title: Port Groups
syntax: yaml
helpLink: firewall.html#function
ports:
ports__yaml:
description: Ports in YAML.
file: True
global: True
advanced: True
title: Ports
syntax: yaml
helpLink: firewall.html#port-groups
Reference in New Issue View Git Blame Copy Permalink