tyler.durden/harbian-audit
1
0
Fork 0
mirror of https://github.com/hardenedlinux/harbian-audit.git synced 2025-07-30 17:15:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add check iptables persistent function for 7.7.1

Browse Source
This commit is contained in:
Samson-W 2018-11-28 06:14:34 -05:00
parent 4a9704551a
commit 94c467485e
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
bin/hardening/7.7.1_enable_firewall.sh
View File

@ -19,6 +19,7 @@ HARDENING_LEVEL=2
# Do as you want, but this script does not handle this # Do as you want, but this script does not handle this
PACKAGES='iptables iptables-persistent' PACKAGES='iptables iptables-persistent'
SERVICENAME='netfilter-persistent'
# This function will be called if the script status is on enabled / audit mode # This function will be called if the script status is on enabled / audit mode
audit () { audit () {
@ -34,18 +35,30 @@ audit () {
FNRET=0 FNRET=0
fi fi
done done
if [ $FNRET = 0 ]; then
if [ $(systemctl status ${SERVICENAME} | grep -c "Active:.active") -ne 1 ]; then
crit "${SERVICENAME} service is not actived"
FNRET=2
else
ok "${SERVICENAME} service is actived"
FNRET=0
fi
fi
} }
# This function will be called if the script status is on enabled mode # This function will be called if the script status is on enabled mode
apply () { apply () {
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "$PACKAGES is installed" ok "$PACKAGES is installed"
else elif [ $FNRET = 1 ]; then
for PACKAGE in $PACKAGES for PACKAGE in $PACKAGES
do do
warn "$PACKAGE is absent, installing it" warn "$PACKAGE is absent, installing it"
apt_install $PACKAGE apt_install $PACKAGE
done done
elif [ $FNRET = 2 ]; then
warn "Enable ${SERVICENAME} service to actived"
systemctl start ${SERVICENAME}
fi fi
} }