From c67f15414eb6594013f0c473604b6e8230d8e02c Mon Sep 17 00:00:00 2001 From: Christian Kreibich Date: Wed, 17 Sep 2025 03:12:53 -0700 Subject: [PATCH] Management framework: don't hardwire controller IP in agent This changes the default IP address for the agent to connect to the controller from a hardwired 127.0.0.1 to going through a cascade of considering a configured Management::Controller::listen_address, then Management::default_address, and falling back to 127.0.0.1. --- .../frameworks/management/agent/config.zeek | 3 ++- .../management/controller/config.zeek | 20 +++++++++++-------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/scripts/policy/frameworks/management/agent/config.zeek b/scripts/policy/frameworks/management/agent/config.zeek index e6cd13bb9d..7fb6e03926 100644 --- a/scripts/policy/frameworks/management/agent/config.zeek +++ b/scripts/policy/frameworks/management/agent/config.zeek @@ -76,7 +76,8 @@ export { ## like to use that mode, make sure to set ## :zeek:see:`Management::Agent::listen_address` and ## :zeek:see:`Management::Agent::listen_port` as needed. - const controller = Broker::NetworkInfo($address="127.0.0.1", + const controller = Broker::NetworkInfo( + $address=Management::Controller::network_info("127.0.0.1")$address, $bound_port=Management::Controller::network_info()$bound_port) &redef; ## An optional working directory for the agent. Agent and controller diff --git a/scripts/policy/frameworks/management/controller/config.zeek b/scripts/policy/frameworks/management/controller/config.zeek index 0f202ccc78..a5b7a99bbe 100644 --- a/scripts/policy/frameworks/management/controller/config.zeek +++ b/scripts/policy/frameworks/management/controller/config.zeek @@ -106,12 +106,16 @@ export { global get_name: function(): string; ## Returns a :zeek:see:`Broker::NetworkInfo` record describing the - ## controller's Broker connectivity. - global network_info: function(): Broker::NetworkInfo; + ## controller's Broker listening address and port. When the function + ## cannot determine a configured listening address, it uses the provided + ## fallback. + global network_info: function(fallback_address: string &default="0.0.0.0"): Broker::NetworkInfo; ## Returns a :zeek:see:`Broker::NetworkInfo` record describing the - ## controller's websocket connectivity. - global network_info_websocket: function(): Broker::NetworkInfo; + ## controller's websocket listening address and port. When the function + ## cannot determine a configured listening address, it uses the provided + ## fallback. + global network_info_websocket: function(fallback_address: string &default="0.0.0.0"): Broker::NetworkInfo; ## Returns a :zeek:see:`Broker::EndpointInfo` record describing the ## controller's Broker connectivity. @@ -130,7 +134,7 @@ function get_name(): string return fmt("controller-%s", gethostname()); } -function network_info(): Broker::NetworkInfo +function network_info(fallback_address: string &default="0.0.0.0"): Broker::NetworkInfo { local ni: Broker::NetworkInfo; @@ -139,7 +143,7 @@ function network_info(): Broker::NetworkInfo else if ( Management::default_address != "" ) ni$address = Management::default_address; else - ni$address = "0.0.0.0"; + ni$address = fallback_address; if ( Management::Controller::listen_port != "" ) ni$bound_port = to_port(Management::Controller::listen_port); @@ -149,7 +153,7 @@ function network_info(): Broker::NetworkInfo return ni; } -function network_info_websocket(): Broker::NetworkInfo +function network_info_websocket(fallback_address: string &default="0.0.0.0"): Broker::NetworkInfo { local ni: Broker::NetworkInfo; @@ -158,7 +162,7 @@ function network_info_websocket(): Broker::NetworkInfo else if ( Management::default_address != "" ) ni$address = Management::default_address; else - ni$address = "0.0.0.0"; + ni$address = fallback_address; if ( Management::Controller::listen_port_websocket != "" ) ni$bound_port = to_port(Management::Controller::listen_port_websocket);