Merge pull request #501 from Security-Onion-Solutions/2.4/dev

Merge 2.4/dev
Security-Onion-Solutions · Jan 23, 2024 · 84ea7b5 · 84ea7b5
2 parents 8bd5d34 + 2567234
commit 84ea7b5
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 26 deletions.
diff --git a/.github/workflows/contrib.yml b/.github/workflows/contrib.yml
@@ -11,7 +11,7 @@ jobs:
     steps:
       - name: "Contributor Check"
         if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
-        uses: cla-assistant/github-action@v2.1.3-beta
+        uses: cla-assistant/github-action@v2.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           PERSONAL_ACCESS_TOKEN : ${{ secrets.PERSONAL_ACCESS_TOKEN }}

diff --git a/so-logstash/bin/docker-entrypoint.old b/so-logstash/bin/docker-entrypoint.old
diff --git a/so-nginx/Dockerfile b/so-nginx/Dockerfile
@@ -16,7 +16,7 @@
 # Navigator build stage
 FROM ghcr.io/security-onion-solutions/node:16-alpine as navigator-builder
 
-ARG NAVIGATOR_VERSION=4.8.2
+ARG NAVIGATOR_VERSION=4.9.1
 
 RUN apk add git && \
     git config --global advice.detachedHead false && \
@@ -27,7 +27,7 @@ WORKDIR /attack-navigator/nav-app/
 RUN npm ci && npx ng build
 
 # Delete base href line from index html to fix url path issues
-RUN sed -i '/<base href="\/">/d' ./dist/index.html
+RUN sed -i '/<base href="\/"\/>/d' ./dist/index.html
 
 ###################################
 

diff --git a/so-soctopus/so-soctopus/playbook.py b/so-soctopus/so-soctopus/playbook.py
@@ -206,7 +206,7 @@ def navigator_update():
             if custom_field['id'] == 15 and (custom_field['value']):
                 technique_id = custom_field['value'][0]
                 technique_payload.append(
-                    {"techniqueID": technique_id, "color": "#5AADFF", "comment": "", "enabled": True, "metadata": []})
+                    {"techniqueID": technique_id, "score": 100, "comment": "", "enabled": True, "metadata": []})
 
     try:
         with open('/etc/playbook/nav_layer_playbook.json') as nav_layer_r:
@@ -233,7 +233,7 @@ def navigator_update():
                 "hideDisabled": False,
                 "techniques": technique_payload,
                 "gradient": {
-                    "colors": ["#ff6666", "#ffe766", "#8ec843"],
+                    "colors": ["#ffffff00", "#66b1ffff"],
                     "minValue": 0,
                     "maxValue": 100
                 },

diff --git a/so-suricata/Dockerfile b/so-suricata/Dockerfile
@@ -22,7 +22,7 @@ RUN dnf -y install oraclelinux-developer-release-el9
 RUN dnf repolist
 RUN dnf -y install autoconf automake diffutils file-devel gcc gcc-c++ git \
                jansson-devel jq libcap-ng-devel libevent-devel \
-               libmaxminddb-devel libnet-devel libnetfilter_queue-devel \
+               libmaxminddb-devel libmaxminddb libnet-devel libnetfilter_queue-devel \
                libnfnetlink-devel libpcap-devel libtool libyaml-devel \
                lua-devel lz4-devel make nss-devel pcre-devel pcre2-devel pkgconfig \
                python3-devel python3-sphinx python3-yaml sudo which cargo \
@@ -33,7 +33,7 @@ RUN mkdir /suricata
 WORKDIR /suricata
 
 RUN curl -vO https://www.openinfosecfoundation.org/download/suricata-$SURIVERSION.tar.gz && tar zxvf suricata-$SURIVERSION.tar.gz && \
-    cd suricata-$SURIVERSION && ./configure --enable-rust --enable-luajit --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var && make -j4
+    cd suricata-$SURIVERSION && ./configure --enable-rust --enable-luajit --prefix=/opt/suricata --sysconfdir=/etc --disable-gccmarch-native --localstatedir=/var --enable-geoip && make -j4
 RUN mkdir suriinstall && cd suricata-$SURIVERSION && make install DESTDIR=/suricata/suriinstall && make install-conf DESTDIR=/suricata/suriinstall && rm -rf /suricata/suriinstall/var/run
 
 FROM ghcr.io/security-onion-solutions/oraclelinux:9
@@ -44,7 +44,7 @@ LABEL description="Suricata running in a docker with AF_Packet for use with Secu
 COPY --from=builder /suricata/suriinstall/ /
 
 RUN yum -y install epel-release bash libpcap iproute && \
-    yum -y install luajit libnet jansson libyaml cargo rustc nss nss-devel && \
+    yum -y install luajit libnet jansson libyaml cargo rustc nss nss-devel libmaxminddb && \
     yum -y erase epel-release && yum clean all && rm -rf /var/cache/yum && \
     groupadd --gid 940 suricata && \
     adduser --uid 940 --gid 940 --home-dir /etc/suricata --no-create-home suricata && \