wazuh-packages icon indicating copy to clipboard operation
wazuh-packages copied to clipboard

Published 20 hours ago verified publisher icon wazuh

Unattended script should be able to check if firewall exists

Open myu1d157h0u54nd opened this issue 3 years ago • 3 comments

Work on the following branch:

  • https://github.com/wazuh/wazuh-packages/tree/unattended-unify-indexer-dashboard

Check if firewalld, ufw or iptables exists. If they exist, check if there is any rule that prevents another component from connecting to it. For example, where a manager is installed, these packages must not contain any rules that block the ports used.

myu1d157h0u54nd avatar Jan 28 '22 14:01 myu1d157h0u54nd

Simulation of an environment with all firewalls installed, and all Wazuh ports blocked.

03/02/2022 17:54:23 INFO: Starting Wazuh unattended installer. Wazuh version: 4.3.0. Wazuh installer version: 0.1
03/02/2022 17:54:23 INFO: ---------------------------------- Check firewalls -----------------------------------
03/02/2022 17:54:26 INFO: iptables blocked port report: 1514, 1515, 1516, 55000, 9200, 9300, 9400, 443,  open the recommended ports.
03/02/2022 17:54:26 INFO: nft blocked port report: 1514, 1515, 1516, 55000, 9200, 9300, 9400, 443,  open the recommended ports.
03/02/2022 17:54:26 INFO: ufw blocked port report: 1514, 1515, 1516, 55000, 9200, 9300, 9400, 443,  open the recommended ports.
03/02/2022 17:54:26 INFO: firewall-cmd blocked port report: 1514, 1515, 1516, 55000, 9200, 9300, 9400, 443,  open the recommended ports.
03/02/2022 17:54:26 WARNING: Please check your firewall. To then repeat the installation of Wazuh.

myu1d157h0u54nd avatar Feb 04 '22 21:02 myu1d157h0u54nd

It seems like this issue is not solved but closed. I was about to start to implement this myself. Because it is needed especially during cluster initialization. It is not obvious if there is an issue with elasticsearch/opensearch cluster or a firewall blocking it. Therefore, this is a great improvement.

zbalkan avatar Aug 05 '22 15:08 zbalkan

Hello @zbalkan

Related to your request, we have included this development https://github.com/wazuh/wazuh-packages/issues/1656. It is not the same, so we will need to review this issue target and include it in a future release. Don't hesitate to add some of your use cases to get more context and design a better solution. Thanks!

okynos avatar Aug 08 '22 09:08 okynos

This will be resolved with this issue: https://github.com/wazuh/wazuh-packages/issues/2539.

teddytpc1 avatar Oct 25 '23 11:10 teddytpc1