Can not add a firewall rule to receive syslog on a sensor. No such file or directory: '/opt/so/saltstack/local/salt/firewall/hostgroups.local.yaml' #10326
Replies: 2 comments
-
|
You would need to run that on the manager not the sensor. You would check iptables on the sensor to see if the allow is there. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks Chris. I reread the docs. They were clear and everything is working as expected. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I receive the following error with the so-firewall command: so-firewall listhostgroups
Traceback (most recent call last):
File "/sbin/so-firewall", line 410, in
main()
File "/sbin/so-firewall", line 400, in main
code = cmd(options, args[1:])
File "/sbin/so-firewall", line 303, in listhostgroups
return listHostGroups()
File "/sbin/so-firewall", line 99, in listHostGroups
content = loadYaml(hostgroupsFilename)
File "/sbin/so-firewall", line 77, in loadYaml
file = open(filename, "r")
FileNotFoundError: [Errno 2] No such file or directory: '/opt/so/saltstack/local/salt/firewall/hostgroups.local.yaml'
I have a distributed deployment soversion 2.3.240. The sensor node is on physical hardware. All nodes are updated, no salt errors, and no so-status errors.
I am following the documentation instructions here:
https://docs.securityonion.net/en/latest/firewall.html#allow-hosts-to-send-syslog-to-a-sensor-node
Am I missing something?
Thanks for any help,
John
Beta Was this translation helpful? Give feedback.
All reactions