wazuh · myu1d157h0u54nd · Feb 1, 2022 · Feb 2, 2022 · Feb 2, 2022 · Feb 2, 2022
diff --git a/unattended_installer/install_functions/checks.sh b/unattended_installer/install_functions/checks.sh
@@ -147,6 +147,71 @@ function checkArguments() {
 
 }
 
+function checkFirewalls() {
+
+
+    firewallsList=( "iptables"
+                    "nft"
+                    "ufw"
+                    "firewall-cmd")
+
+    portsTCPLists=( "1514"
+                    "1515"
+                    "1516"
+                    "514"
+                    "55000"
+                    "9200"
+                    "9300"
+                    "9400"
+                    "443")
+
+    for command in "${firewallsList[@]}"; do
+
+        if [ -n "$(command -v $command)" ]; then
+            logger_cert "The $command command is present on this system. This could affect the correct communication between Wazuh components. We will proceed to try to validate firewall rules that may affect the processes and report what is found."
+            firewallstatus='true'
+
+            if [ $command == "iptables" ]; then
+                logger "iptables report:"
+                for port in "${portsTCPLists[@]}"; do
+                    if [ -n "$($command -L -n | grep DROP | grep $port)" ]; then
+                        logger "                 ...port $port must be open in your firewall rules."
+                    fi
+                done
+
+            elif [ $command == "nft" ]; then
+                logger "nft report:"
+                for port in "${portsTCPLists[@]}"; do
+                    if [ -n "$($command list ruleset | grep drop | grep $port)" ]; then
+                        logger "                 ...port $port must be open in your firewall rules."
+                    fi
+                done
+
+            elif [ $command == "ufw" ]; then
+                logger "ufw report:"
+                for port in "${portsTCPLists[@]}"; do
+                    if [ -n "$(cat /etc/ufw/user.rules | grep DROP | grep $port)" ]; then
+                        logger "                 ...port $port must be open in your firewall rules."
+                    fi
+                done
+
+            elif [ $command == "firewall-cmd" ]; then
+                logger "firewall-cmd report:"
+                for port in "${portsTCPLists[@]}"; do
+                    if [ -n "$($command --list-all | grep $port)" ]; then
+                        logger "                 ...port $port must be open in your firewall rules."
+                    fi
+                done
+            fi
+        fi
+    done
+
+    if [ -n "${firewallstatus}" ]; then
+        logger -w "Please check your firewall. And make the recommended fixes. To then repeat the installation of Wazuh."
+        exit 1
+    fi
+}
+
 function checkHealth() {
 
     checkSpecs

diff --git a/unattended_installer/wazuh_install.sh b/unattended_installer/wazuh_install.sh
@@ -330,6 +330,11 @@ function main() {
 
     logger "Starting Wazuh unattended installer. Wazuh version: ${wazuh_version}. Wazuh installer version: ${wazuh_install_vesion}"
 
+    if [ -z "${configurations}" ] && [ -z "${start_elastic_cluster}" ] ; then
+        logger "---------------------------------- Check firewalls -----------------------------------"
+        checkFirewalls
+    fi
+
 # -------------- Uninstall case  ------------------------------------
 
     checkIfInstalled