From 048e3b7426a7cea3a0092b4e84e810a9e4bd7fcf Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Thu, 7 May 2020 20:24:14 -0400
Subject: [PATCH] TCP and TLS

---
 package/etc/go_templates/source_network.t | 8 ++++++--
 tests/docker-compose.yml                  | 3 ++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/package/etc/go_templates/source_network.t b/package/etc/go_templates/source_network.t
index fb59a33..adc09da 100644
--- a/package/etc/go_templates/source_network.t
+++ b/package/etc/go_templates/source_network.t
@@ -30,9 +30,10 @@ source s_{{ .port_id }} {
 {{- end}}
 {{- end}}
 {{- if or (getenv (print "SC4S_LISTEN_" .port_id "_TCP_PORT")) (eq .port_id "DEFAULT") }}
+        {{- range split (getenv (print "SC4S_LISTEN_" .port_id "_TCP_PORT") "514") "," }}                
             network (
-                transport("tcp")
-                port({{ getenv (print "SC4S_LISTEN_" .port_id "_TCP_PORT") "514" }})
+                transport("tcp")                
+                port({{ . }})
                 ip-protocol(4)
                 max-connections({{getenv "SC4S_SOURCE_TCP_MAX_CONNECTIONS" "2000"}})
                 log-iw-size({{getenv "SC4S_SOURCE_TCP_IW_SIZE" "20000000"}})
@@ -44,8 +45,10 @@ source s_{{ .port_id }} {
                 chain-hostnames(off)
                 flags(validate-utf8, no-parse {{- if (conv.ToBool (getenv "SC4S_SOURCE_STORE_RAWMSG" "no")) }} store-raw-message {{- end}})
             );
+        {{- end }}
 {{- end}}
 {{- if (conv.ToBool (getenv "SC4S_SOURCE_TLS_ENABLE" "no")) }}
+        {{- range split (getenv (print "SC4S_LISTEN_" .port_id "_TLS_PORT") "6514") "," }}                
             network(
                 transport("tls")
                 port({{ getenv (print "SC4S_LISTEN_" .port_id "_TLS_PORT") "6514" }})
@@ -66,6 +69,7 @@ source s_{{ .port_id }} {
                     cipher-suite("{{- getenv "SC4S_SOURCE_TLS_CIPHER_SUITE" "HIGH:!aNULL:!eNULL:!kECDH:!aDH:!RC4:!3DES:!CAMELLIA:!MD5:!PSK:!SRP:!KRB5:@STRENGTH" }}")
                     )
             );
+    {{- end }}            
 {{- end}}
         };
 {{ if eq .parser "rfc3164" }}
diff --git a/tests/docker-compose.yml b/tests/docker-compose.yml
index 0f070a0..c935baf 100644
--- a/tests/docker-compose.yml
+++ b/tests/docker-compose.yml
@@ -36,7 +36,8 @@ services:
       - SC4S_LISTEN_CISCO_IOS_TCP_PORT=5002
       - SC4S_LISTEN_CISCO_MERAKI_TCP_PORT=5003
       - SC4S_LISTEN_JUNIPER_IDP_TCP_PORT=5004
-      - SC4S_LISTEN_PALOALTO_PANOS_TCP_PORT=5005
+      - SC4S_LISTEN_PALOALTO_PANOS_TCP_PORT=5005,6005
+      - SC4S_LISTEN_PALOALTO_PANOS_UDP_PORT=5005,6005
       - SC4S_LISTEN_PFSENSE_TCP_PORT=5006
       - SC4S_LISTEN_CISCO_ASA_UDP_PORT=5001
       - SC4S_LISTEN_CISCO_IOS_UDP_PORT=5002