securityonion/salt/manager/tools/sbin/so-firewall-minion

#!/bin/bash

# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
# https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0.


. /usr/sbin/so-common

if [[ $# -lt 1 ]]; then
  echo "Usage: $0 --role=<ROLE> --ip=<IP ADDRESS>"
  echo ""
  echo " Example: so-firewall-minion --role=manager --ip=192.168.254.100"
  echo ""
  exit 1
fi

for i in "$@"; do
	case $i in
		-r=*|--role=*)
			ROLE="${i#*=}"
			shift 
			;;
		-i=*|--ip=*)
			IP="${i#*=}"
			shift 
			;;
		-*|--*)
			echo "Unknown option $i"
			exit 1
			;;
		*)
		;;
	esac
done

ROLE=${ROLE^^}

if [ -z "$ROLE" ]; then
    echo "Please specify a role with --role="
    exit 1
fi
if [ -z "$IP" ]; then
    echo "Please specify an IP address with --ip="
    exit 1
fi

	case "$ROLE" in

        'MANAGER')
			so-firewall includehost manager "$IP"
			;;
		'MANAGERSEARCH')
			so-firewall includehost manager "$IP"
			so-firewall includehost searchnode "$IP" --apply
			;;
		'EVAL' | 'STANDALONE' | 'IMPORT')
			so-firewall includehost manager "$IP"
			so-firewall includehost sensor "$IP"
			so-firewall includehost searchnode "$IP" --apply
			;;
		'FLEET')
			so-firewall includehost fleet "$IP" --apply
			;;
		'SENSOR')
			so-firewall includehost sensor "$IP" --apply
			;;
		'SEARCHNODE')
			so-firewall includehost searchnode "$IP" --apply
			;;
		'HEAVYNODE')
			so-firewall includehost sensor "$IP"
			so-firewall includehost heavynode "$IP" --apply
			;;
		'IDH')
		    so-firewall includehost idh "$IP" --apply
			;;
		'RECEIVER')
			so-firewall includehost receiver "$IP" --apply
			;;
		'DESKTOP')
			so-firewall includehost desktop "$IP" --apply
			;;
    esac