[2.0] Change docker ip ?
143 views
Skip to first unread message
Ibrahim Ibrahim
Sep 13, 2020, 9:27:39 AM9/13/20
to securit...@googlegroups.com
Hi,
I try to change docker bridge ip just like the so doccumentation add bip parameter in daemon.json but when restart if failed to start docker service
Wes Lambert
Sep 14, 2020, 8:17:01 AM9/14/20
to securit...@googlegroups.com
Try reversing what you have above to be:
Then try restarting Docker and see if that helps.
Thanks,
Wes
--
Follow Security Onion on Twitter!
https://twitter.com/securityonion
---
You received this message because you are subscribed to the Google Groups "security-onion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to security-onio...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/CAAVkS7JBCzA7VVnW%2BanKHZZ3N661PE%2B1vrh-BnTewTr9J9vqDg%40mail.gmail.com.
Ibrahim Ibrahim
Sep 14, 2020, 12:38:12 PM9/14/20
to security-onion
Hi Wes,
Thanks for the response, some docker service run and theres some container failed to start, where i can dig the log file for error ?
so-strelka-filestream
so-strelka-frontend
so-strelka-manager
so-elastalert
so-cortex
so-playbook
so-strelka-frontend
so-strelka-manager
so-elastalert
so-cortex
so-playbook
Thanks
Wes Lambert
Sep 14, 2020, 12:42:28 PM9/14/20
to securit...@googlegroups.com
You may first want to try running:
sudo salt "*" state.highstate first to see if it resolves the issue.
Thanks,
Wes
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/2488ad21-5cf2-4172-84da-a3336f9e87f2n%40googlegroups.com.
Message has been deleted
Ibrahim Ibrahim
Sep 15, 2020, 12:59:05 PM9/15/20
to security-onion
hi wes,
the so service still failed, check the logs in /opt/so/logs and sudo docker logs container_name
Hi,
Sorry about my last response, i can see the log in /opt/so/logs
Playbook log
== Playbook
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "playbook_play-sync.py", line 28, in <module>
response = requests.get(url, headers=playbook_headers, verify=False).json()
File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='172.16.97.15', port=3200): Max retries exceeded with url: /playbook/issues.json?offset=0&tracker_id=1&limit=100&status_id=3 (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f6caa36e550>: Failed to establish a new connection: [Errno 113] No route to host'))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "playbook_play-sync.py", line 28, in <module>
response = requests.get(url, headers=playbook_headers, verify=False).json()
File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.8/site-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPConnectionPool(host='172.16.97.15', port=3200): Max retries exceeded with url: /playbook/issues.json?offset=0&tracker_id=1&limit=100&status_id=3 (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f6caa36e550>: Failed to establish a new connection: [Errno 113] No route to host'))
=== sudo docker logs
so-strelka-gatekeeper
[xxxx @soc01 ~]$ sudo docker logs so-strelka-gatekeeper
1:C 15 Sep 2020 16:42:31.739 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 15 Sep 2020 16:42:31.739 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 15 Sep 2020 16:42:31.739 # Configuration loaded
1:M 15 Sep 2020 16:42:31.740 * Running mode=standalone, port=6379.
1:M 15 Sep 2020 16:42:31.741 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 15 Sep 2020 16:42:31.741 # Server initialized
1:M 15 Sep 2020 16:42:31.741 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 15 Sep 2020 16:42:31.741 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 15 Sep 2020 16:42:31.741 * Ready to accept connections
so-strelka-cordinator
[xxxx @soc01 ~]$ sudo docker logs so-strelka-coordinator
1:C 15 Sep 2020 16:42:30.086 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 15 Sep 2020 16:42:30.086 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 15 Sep 2020 16:42:30.086 # Configuration loaded
1:M 15 Sep 2020 16:42:30.089 * Running mode=standalone, port=6379.
1:M 15 Sep 2020 16:42:30.089 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 15 Sep 2020 16:42:30.089 # Server initialized
1:M 15 Sep 2020 16:42:30.089 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 15 Sep 2020 16:42:30.089 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 15 Sep 2020 16:42:30.089 * Ready to accept connections
[xxxx @soc01 ~]$ sudo docker logs so-strelka-gatekeeper
1:C 15 Sep 2020 16:42:31.739 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 15 Sep 2020 16:42:31.739 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 15 Sep 2020 16:42:31.739 # Configuration loaded
1:M 15 Sep 2020 16:42:31.740 * Running mode=standalone, port=6379.
1:M 15 Sep 2020 16:42:31.741 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 15 Sep 2020 16:42:31.741 # Server initialized
1:M 15 Sep 2020 16:42:31.741 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 15 Sep 2020 16:42:31.741 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 15 Sep 2020 16:42:31.741 * Ready to accept connections
so-strelka-cordinator
[xxxx @soc01 ~]$ sudo docker logs so-strelka-coordinator
1:C 15 Sep 2020 16:42:30.086 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 15 Sep 2020 16:42:30.086 # Redis version=6.0.6, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 15 Sep 2020 16:42:30.086 # Configuration loaded
1:M 15 Sep 2020 16:42:30.089 * Running mode=standalone, port=6379.
1:M 15 Sep 2020 16:42:30.089 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 15 Sep 2020 16:42:30.089 # Server initialized
1:M 15 Sep 2020 16:42:30.089 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
1:M 15 Sep 2020 16:42:30.089 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled.
1:M 15 Sep 2020 16:42:30.089 * Ready to accept connections
Wes Lambert
Sep 15, 2020, 4:17:34 PM9/15/20
to securit...@googlegroups.com
Can you please reboot the box, then let me know what is running after waiting 15 minutes?
ex. sudo docker ps
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/91d2cfde-2fec-430c-931c-6a2c31cbb34an%40googlegroups.com.
Ibrahim Ibrahim
Sep 15, 2020, 11:23:46 PM9/15/20
to security-onion
thanx wes,
theres some container not running, i try to start the container still failed.
[xxx @soc01 ~]$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
602a98e76ee2 soc01:5000/securityonion/so-nginx:2.1.0-rc.2 "nginx -g 'daemon of…" 10 hours ago Up 2 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8090->8090/tcp so-nginx
6c01e071a907 soc01:5000/securityonion/so-playbook:2.1.0-rc.2 "/docker-entrypoint.…" 10 hours ago Exited (1) 23 seconds ago so-playbook
ea861013ff96 soc01:5000/securityonion/so-elastalert:2.1.0-rc.2 "/opt/elastalert/run…" 10 hours ago Exited (1) 29 seconds ago so-elastalert
bda838b14960 soc01:5000/securityonion/so-strelka-filestream:2.1.0-rc.2 "strelka-filestream" 11 hours ago Exited (1) 4 minutes ago so-strelka-filestream
ee4288f83a44 soc01:5000/securityonion/so-strelka-manager:2.1.0-rc.2 "strelka-manager" 11 hours ago Exited (1) 4 minutes ago so-strelka-manager
ac16dc580ede soc01:5000/securityonion/so-strelka-backend:2.1.0-rc.2 "strelka-backend" 11 hours ago Exited (0) 4 minutes ago so-strelka-backend
6e008116af3a soc01:5000/securityonion/so-strelka-frontend:2.1.0-rc.2 "strelka-frontend" 11 hours ago Exited (1) 5 seconds ago so-strelka-frontend
115f2877a11e soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server --save…" 11 hours ago Up 2 hours 0.0.0.0:6381->6379/tcp so-strelka-gatekeeper
ce57e734348e soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server --save…" 11 hours ago Up 2 hours 0.0.0.0:6380->6379/tcp so-strelka-coordinator
68436c42c182 soc01:5000/securityonion/so-wazuh:2.1.0-rc.2 "/entrypoint.sh" 24 hours ago Up 2 hours 0.0.0.0:1514-1515->1514-1515/tcp, 0.0.0.0:55000->55000/tcp, 0.0.0.0:1514->1514/udp so-wazuh
cb2a00d4da73 soc01:5000/securityonion/so-thehive:2.1.0-rc.2 "/opt/thehive/bin/so…" 24 hours ago Up 2 hours 0.0.0.0:9000->9000/tcp so-thehive
2cdb580e01be soc01:5000/securityonion/so-minio:2.1.0-rc.2 "/usr/bin/docker-ent…" 25 hours ago Up 2 hours 9000/tcp, 0.0.0.0:9595->9595/tcp so-minio
f5efcf83d551 soc01:5000/securityonion/so-grafana:2.1.0-rc.2 "/run.sh" 25 hours ago Up 2 hours 0.0.0.0:3000->3000/tcp so-grafana
7b202efe196c soc01:5000/securityonion/so-influxdb:2.1.0-rc.2 "/entrypoint.sh infl…" 25 hours ago Up 2 hours 0.0.0.0:8086->8086/tcp so-influxdb
f8b926fd6499 soc01:5000/securityonion/so-telegraf:2.1.0-rc.2 "/entrypoint.sh tele…" 25 hours ago Up 2 hours so-telegraf
25aa1900668f soc01:5000/securityonion/so-logstash:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 0.0.0.0:5044->5044/tcp, 0.0.0.0:5644->5644/tcp, 0.0.0.0:6050-6053->6050-6053/tcp, 0.0.0.0:9600->9600/tcp so-logstash
3398db65a253 soc01:5000/securityonion/so-thehive-cortex:2.1.0-rc.2 "/opt/cortex/bin/cor…" 25 hours ago Up 2 hours 0.0.0.0:9001->9001/tcp so-cortex
6cfb08eca307 soc01:5000/securityonion/so-thehive-es:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 9200/tcp, 0.0.0.0:9400->9400/tcp, 9300/tcp, 0.0.0.0:9500->9500/tcp so-thehive-es
e6e66ccb597b soc01:5000/securityonion/so-filebeat:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 0.0.0.0:514->514/udp so-filebeat
e2fca13579a8 soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server /usr/l…" 25 hours ago Up 2 hours 0.0.0.0:6379->6379/tcp, 0.0.0.0:9696->9696/tcp so-redis
d90661c83202 soc01:5000/securityonion/so-fleet:2.1.0-rc.2 "/startfleet.sh" 25 hours ago Up 4 minutes 0.0.0.0:8080->8080/tcp so-fleet
99bb2bd354ef soc01:5000/securityonion/so-mysql:2.1.0-rc.2 "/entrypoint.sh mysq…" 25 hours ago Up 2 hours (unhealthy) 0.0.0.0:3306->3306/tcp, 33060/tcp so-mysql
ec1252accacf soc01:5000/securityonion/so-soctopus:2.1.0-rc.2 "gunicorn -b 0.0.0.0…" 25 hours ago Up 2 hours 0.0.0.0:7000->7000/tcp so-soctopus
1c8e2e2b2053 soc01:5000/securityonion/so-kibana:2.1.0-rc.2 "/usr/local/bin/so-k…" 25 hours ago Up 2 hours 0.0.0.0:5601->5601/tcp so-kibana
a6853ffbb73a soc01:5000/securityonion/so-kratos:2.1.0-rc.2 "/start-kratos.sh" 25 hours ago Up 2 hours 0.0.0.0:4433-4434->4433-4434/tcp so-kratos
583ed008dd34 soc01:5000/securityonion/so-soc:2.1.0-rc.2 "/opt/sensoroni/sens…" 25 hours ago Up 2 hours 0.0.0.0:9822->9822/tcp so-soc
1d4c0a948cb1 soc01:5000/securityonion/so-curator:2.1.0-rc.2 "/entrypoint.sh" 25 hours ago Up 2 hours so-curator
fb5520c3155d soc01:5000/securityonion/so-zeek:2.1.0-rc.2 "/usr/local/sbin/zee…" 25 hours ago Up 2 hours so-zeek
b091a4d7090b soc01:5000/securityonion/so-suricata:2.1.0-rc.2 "/usr/local/sbin/so-…" 25 hours ago Up 2 hours so-suricata
6f016b816e49 soc01:5000/securityonion/so-soc:2.1.0-rc.2 "/opt/sensoroni/sens…" 25 hours ago Up 2 hours so-sensoroni
005b16f5be8a soc01:5000/securityonion/so-steno:2.1.0-rc.2 "/usr/local/sbin/so-…" 25 hours ago Up 2 hours so-steno
2ee917ac1341 soc01:5000/securityonion/so-elasticsearch:2.1.0-rc.2 "/tini -- /usr/local…" 25 hours ago Up 2 hours 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp so-elasticsearch
987eaf3bcb05 soc01:5000/securityonion/so-idstools:2.1.0-rc.2 "./entrypoint.sh" 25 hours ago Up 2 hours so-idstools
6f5b3ae3c8dc soc01:5000/securityonion/so-acng:2.1.0-rc.2 "/sbin/so-entrypoint…" 25 hours ago Up 2 hours 0.0.0.0:3142->3142/tcp so-aptcacherng
b78ff2dea63f registry:latest "/entrypoint.sh /etc…" 25 hours ago Up 2 hours 0.0.0.0:5000->5000/tcp
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
602a98e76ee2 soc01:5000/securityonion/so-nginx:2.1.0-rc.2 "nginx -g 'daemon of…" 10 hours ago Up 2 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp, 0.0.0.0:8090->8090/tcp so-nginx
6c01e071a907 soc01:5000/securityonion/so-playbook:2.1.0-rc.2 "/docker-entrypoint.…" 10 hours ago Exited (1) 23 seconds ago so-playbook
ea861013ff96 soc01:5000/securityonion/so-elastalert:2.1.0-rc.2 "/opt/elastalert/run…" 10 hours ago Exited (1) 29 seconds ago so-elastalert
bda838b14960 soc01:5000/securityonion/so-strelka-filestream:2.1.0-rc.2 "strelka-filestream" 11 hours ago Exited (1) 4 minutes ago so-strelka-filestream
ee4288f83a44 soc01:5000/securityonion/so-strelka-manager:2.1.0-rc.2 "strelka-manager" 11 hours ago Exited (1) 4 minutes ago so-strelka-manager
ac16dc580ede soc01:5000/securityonion/so-strelka-backend:2.1.0-rc.2 "strelka-backend" 11 hours ago Exited (0) 4 minutes ago so-strelka-backend
6e008116af3a soc01:5000/securityonion/so-strelka-frontend:2.1.0-rc.2 "strelka-frontend" 11 hours ago Exited (1) 5 seconds ago so-strelka-frontend
115f2877a11e soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server --save…" 11 hours ago Up 2 hours 0.0.0.0:6381->6379/tcp so-strelka-gatekeeper
ce57e734348e soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server --save…" 11 hours ago Up 2 hours 0.0.0.0:6380->6379/tcp so-strelka-coordinator
68436c42c182 soc01:5000/securityonion/so-wazuh:2.1.0-rc.2 "/entrypoint.sh" 24 hours ago Up 2 hours 0.0.0.0:1514-1515->1514-1515/tcp, 0.0.0.0:55000->55000/tcp, 0.0.0.0:1514->1514/udp so-wazuh
cb2a00d4da73 soc01:5000/securityonion/so-thehive:2.1.0-rc.2 "/opt/thehive/bin/so…" 24 hours ago Up 2 hours 0.0.0.0:9000->9000/tcp so-thehive
2cdb580e01be soc01:5000/securityonion/so-minio:2.1.0-rc.2 "/usr/bin/docker-ent…" 25 hours ago Up 2 hours 9000/tcp, 0.0.0.0:9595->9595/tcp so-minio
f5efcf83d551 soc01:5000/securityonion/so-grafana:2.1.0-rc.2 "/run.sh" 25 hours ago Up 2 hours 0.0.0.0:3000->3000/tcp so-grafana
7b202efe196c soc01:5000/securityonion/so-influxdb:2.1.0-rc.2 "/entrypoint.sh infl…" 25 hours ago Up 2 hours 0.0.0.0:8086->8086/tcp so-influxdb
f8b926fd6499 soc01:5000/securityonion/so-telegraf:2.1.0-rc.2 "/entrypoint.sh tele…" 25 hours ago Up 2 hours so-telegraf
25aa1900668f soc01:5000/securityonion/so-logstash:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 0.0.0.0:5044->5044/tcp, 0.0.0.0:5644->5644/tcp, 0.0.0.0:6050-6053->6050-6053/tcp, 0.0.0.0:9600->9600/tcp so-logstash
3398db65a253 soc01:5000/securityonion/so-thehive-cortex:2.1.0-rc.2 "/opt/cortex/bin/cor…" 25 hours ago Up 2 hours 0.0.0.0:9001->9001/tcp so-cortex
6cfb08eca307 soc01:5000/securityonion/so-thehive-es:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 9200/tcp, 0.0.0.0:9400->9400/tcp, 9300/tcp, 0.0.0.0:9500->9500/tcp so-thehive-es
e6e66ccb597b soc01:5000/securityonion/so-filebeat:2.1.0-rc.2 "/usr/local/bin/dock…" 25 hours ago Up 2 hours 0.0.0.0:514->514/udp so-filebeat
e2fca13579a8 soc01:5000/securityonion/so-redis:2.1.0-rc.2 "redis-server /usr/l…" 25 hours ago Up 2 hours 0.0.0.0:6379->6379/tcp, 0.0.0.0:9696->9696/tcp so-redis
d90661c83202 soc01:5000/securityonion/so-fleet:2.1.0-rc.2 "/startfleet.sh" 25 hours ago Up 4 minutes 0.0.0.0:8080->8080/tcp so-fleet
99bb2bd354ef soc01:5000/securityonion/so-mysql:2.1.0-rc.2 "/entrypoint.sh mysq…" 25 hours ago Up 2 hours (unhealthy) 0.0.0.0:3306->3306/tcp, 33060/tcp so-mysql
ec1252accacf soc01:5000/securityonion/so-soctopus:2.1.0-rc.2 "gunicorn -b 0.0.0.0…" 25 hours ago Up 2 hours 0.0.0.0:7000->7000/tcp so-soctopus
1c8e2e2b2053 soc01:5000/securityonion/so-kibana:2.1.0-rc.2 "/usr/local/bin/so-k…" 25 hours ago Up 2 hours 0.0.0.0:5601->5601/tcp so-kibana
a6853ffbb73a soc01:5000/securityonion/so-kratos:2.1.0-rc.2 "/start-kratos.sh" 25 hours ago Up 2 hours 0.0.0.0:4433-4434->4433-4434/tcp so-kratos
583ed008dd34 soc01:5000/securityonion/so-soc:2.1.0-rc.2 "/opt/sensoroni/sens…" 25 hours ago Up 2 hours 0.0.0.0:9822->9822/tcp so-soc
1d4c0a948cb1 soc01:5000/securityonion/so-curator:2.1.0-rc.2 "/entrypoint.sh" 25 hours ago Up 2 hours so-curator
fb5520c3155d soc01:5000/securityonion/so-zeek:2.1.0-rc.2 "/usr/local/sbin/zee…" 25 hours ago Up 2 hours so-zeek
b091a4d7090b soc01:5000/securityonion/so-suricata:2.1.0-rc.2 "/usr/local/sbin/so-…" 25 hours ago Up 2 hours so-suricata
6f016b816e49 soc01:5000/securityonion/so-soc:2.1.0-rc.2 "/opt/sensoroni/sens…" 25 hours ago Up 2 hours so-sensoroni
005b16f5be8a soc01:5000/securityonion/so-steno:2.1.0-rc.2 "/usr/local/sbin/so-…" 25 hours ago Up 2 hours so-steno
2ee917ac1341 soc01:5000/securityonion/so-elasticsearch:2.1.0-rc.2 "/tini -- /usr/local…" 25 hours ago Up 2 hours 0.0.0.0:9200->9200/tcp, 0.0.0.0:9300->9300/tcp so-elasticsearch
987eaf3bcb05 soc01:5000/securityonion/so-idstools:2.1.0-rc.2 "./entrypoint.sh" 25 hours ago Up 2 hours so-idstools
6f5b3ae3c8dc soc01:5000/securityonion/so-acng:2.1.0-rc.2 "/sbin/so-entrypoint…" 25 hours ago Up 2 hours 0.0.0.0:3142->3142/tcp so-aptcacherng
b78ff2dea63f registry:latest "/entrypoint.sh /etc…" 25 hours ago Up 2 hours 0.0.0.0:5000->5000/tcp
Wes Lambert
Sep 16, 2020, 3:49:43 PM9/16/20
to securit...@googlegroups.com
There is likely some firewall configuration that would need to be changed for iptables. I'd have to check and get back with you.
To view this discussion on the web visit https://groups.google.com/d/msgid/security-onion/1243e6c2-01cc-4b57-97df-cab6dc624b0dn%40googlegroups.com.
Ibrahim Ibrahim
Sep 17, 2020, 3:44:06 AM9/17/20
to security-onion
nice wes,
one more things, if we change docker bip in the daemon.json and then restart docker service, and then delete again the new bip parameter(to assume it will change to default bip 172.17.0.1/16) it doesnt work it still retain the last bip we set in docker daemon.json, so we must set the default bip(172.17.0.1/16) in docker.json.
Reply all
Reply to author
Forward
0 new messages