Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unify unatteded check firewalls #1224

Open
wants to merge 14 commits into
base: unify-unattended
Choose a base branch
from
Open

Unify unatteded check firewalls #1224

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
7cb3a6f
Add function checkFirewalls
myu1d157h0u54nd Feb 1, 2022
ce106c4
Fix logger
myu1d157h0u54nd Feb 2, 2022
1b41410
Fix logger
myu1d157h0u54nd Feb 2, 2022
3a718a5
Fix logger
myu1d157h0u54nd Feb 2, 2022
9615fcb
Fix check firewalls stage flow, and if(condition)
myu1d157h0u54nd Feb 2, 2022
34b4c13
Add ufw to function checkFirewalls
myu1d157h0u54nd Feb 2, 2022
b85494a
Re work in checkFirewalls
myu1d157h0u54nd Feb 4, 2022
7ea004d
Fix logger
myu1d157h0u54nd Feb 4, 2022
e2bc053
Fix logger
myu1d157h0u54nd Feb 4, 2022
1299bd8
Fix logger level, and change if to case
myu1d157h0u54nd Feb 11, 2022
50b194b
Fix resolve conflic with unify-unattended
myu1d157h0u54nd Feb 11, 2022
0324b6f
Fix resolve conflic with unify-unattended
myu1d157h0u54nd Feb 11, 2022
75bebe7
Merge branch 'unify-unattended' into unify-unatteded-check-firewalls
myu1d157h0u54nd Feb 11, 2022
223d3ec
Merge branch 'unify-unattended' into unify-unatteded-check-firewalls
alberpilot Feb 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 82 additions & 1 deletion unattended_installer/install_functions/checks.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,8 @@ function checks_arguments() {

# -------------- Overwrite --------------------------------------

if [ -n "${overwrite}" ] && [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ]; then

if [ -n "${overwrite}" ] && [ -z "${AIO}" ] && [ -z "${indexer}" ] && [ -z "${dashboard}" ] && [ -z "${wazuh}" ]; then
logger -e "The argument -o|--overwrite must be used with -a, -k, -e or -w. If you want to uninstall all the components use -u|--uninstall"
exit 1
fi
Expand Down Expand Up @@ -147,6 +148,86 @@ function checks_arguments() {

}

function checkFirewalls() {


firewallsList=( "iptables"
"nft"
"ufw"
"firewall-cmd")

portsTCPLists=( "1514"
"1515"
"1516"
"55000"
"9200"
"9300"
"9400"
"443")

iptablesBlockedPortList=()
nftBlockedPortList=()
ufwBlockedPortList=()
firewall_cmdBlockedPortList=()

for command in "${firewallsList[@]}"; do

if [ -n "$(command -v ${command})" ]; then
logger -d "The $command command is present on this system. This could affect the correct communication between Wazuh components. We will proceed to try to validate firewall rules that may affect the processes and report what is found."

case ${command} in
iptables )
for port in "${portsTCPLists[@]}"; do
if [ -n "$(${command} -L -n | grep DROP | grep "^$port$" )" ]; then
iptablesBlockedPortList+="${port}, "
fi
done
;;
nft )
for port in "${portsTCPLists[@]}"; do
if [ -n "$(${command} list ruleset | grep drop | grep "^$port$" )" ]; then
nftBlockedPortList+="${port}, "
fi
done
;;
ufw )
for port in "${portsTCPLists[@]}"; do
if [ -n "$(cat /etc/ufw/user.rules | grep DROP | grep "^$port$" )" ]; then
ufwBlockedPortList+="${port}, "
fi
done
;;
firewall-cmd )
for port in "${portsTCPLists[@]}"; do
if [ -n "$(${command} --list-all | grep "^$port$" )" ]; then
firewall_cmdBlockedPortList+="${port}, "
fi
done
;;
esac

fi
done

if [ -n "${iptablesBlockedPortList}" ]; then
logger "iptables blocked port report: ${iptablesBlockedPortList} this ports must be opened."
fi
if [ -n "${nftBlockedPortList}" ]; then
logger "nft blocked port report: ${nftBlockedPortList} this ports must be opened."
fi
if [ -n "${ufwBlockedPortList}" ]; then
logger "ufw blocked port report: ${ufwBlockedPortList} this ports must be opened."
fi
if [ -n "${firewall_cmdBlockedPortList}" ]; then
logger "firewall-cmd blocked port report: ${firewall_cmdBlockedPortList} this ports must be opened."
fi

if [ -n "${iptablesBlockedPortList}" ] || [ -n "${firewallstatus}" ] || [ -n "${firewallstatus}" ] || [ -n "${firewallstatus}" ]; then
logger -e "Please check your firewall. To then repeat the installation of Wazuh."
exit 1
fi
}

function checks_health() {

checks_specifications
Expand Down
5 changes: 5 additions & 0 deletions unattended_installer/wazuh_install.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -330,6 +330,11 @@ function main() {

logger "Starting Wazuh unattended installer. Wazuh version: ${wazuh_version}. Wazuh installer version: ${wazuh_install_vesion}"

if [ -z "${configurations}" ] && [ -z "${start_elastic_cluster}" ] ; then
logger "---------------------------------- Check firewalls -----------------------------------"
checkFirewalls
fi

# -------------- Uninstall case ------------------------------------

checks_installed
Expand Down