digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-21 11:18:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

mirror_traffic_to_ids_iptables: rule update for IDS traffic mirroring

Browse Source
This commit is contained in:
thomashaw
2024-10-16 14:01:14 +01:00
parent 755cb57e41
commit 4ef7cc6890
1 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/utilities/unix/monitoring_ids/mirror_traffic_to_ids_iptables/manifests/install.pp
View File

@@ -5,11 +5,21 @@ class mirror_traffic_to_ids_iptables::install {
ensure_packages(['iptables-persistent'])
# force it to not be enabled because the interface in the config may be wrong
exec { 'save iptables':
exec { 'save iptables prerouting':
path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
command => "iptables -t mangle -A PREROUTING -i `ls /sys/class/net | grep lo -v | head -n1` -j TEE --gateway $ids_IP_address ; iptables-save > /etc/iptables/rules.v4",
provider => shell,
}->
exec { 'save iptables forward':
path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
command => "iptables -t mangle -A FORWARD -i `ls /sys/class/net | grep lo -v | head -n1` -j TEE --gateway $ids_IP_address ; iptables-save > /etc/iptables/rules.v4",
provider => shell,
}->
exec { 'save iptables output':
path => [ '/bin/', '/sbin/' , '/usr/bin/', '/usr/sbin/' ],
command => "iptables -t mangle -A OUTPUT -i `ls /sys/class/net | grep lo -v | head -n1` -j TEE --gateway $ids_IP_address ; iptables-save > /etc/iptables/rules.v4",
provider => shell,
}->
service { 'netfilter-persistent':
enable => true,
ensure => 'running',