Audit status of application firewall and added test for Mac OS X (FIRE-4532)

include/consts

@@ -49,6 +49,7 @@ unset LANG
     AIDEBINARY=""
     AASTATUSBINARY=""
     AUDITD_RUNNING=0
+    APPLICATION_FIREWALL_ACTIVE=0
     BINARY_SCAN_FINISHED=0
     CHECK_BINARIES=1
     CHKROOTKITBINARY=""

include/tests_firewalls

@@ -299,6 +299,27 @@
     fi
 #
 #################################################################################
+#
+    # Test        : FIRE-4532
+    # Description : Check Application Firewall in Mac OS X
+    if [ -x /usr/libexec/ApplicationFirewall/socketfilterfw ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+    Register --test-no FIRE-4532 --weight L --os "MacOS" --preqs-met ${PREQS_MET} --network NO --description "Check Mac OS X application firewall"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FIND=`/usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate 2> /dev/null | grep "Enabled"`
+        if [ ! "${FIND}" = "" ]; then
+            Display --indent 2 --text "- Checking Mac OS X: Application Firewall" --result ENABLED --color GREEN
+            AddHP 3 3
+            logtext "Result: application firewall of Mac OS X is enabled"
+            APPLICATION_FIREWALL_ACTIVE=1
+            report "app_fw[]=macosx-app-fw"
+          else
+            Display --indent 2 --text "- Checking IPFW" --result DISABLED --color YELLOW
+            AddHP 1 3
+            logtext "Result: application firewall of Mac OS X is disabled"
+        fi
+    fi
+#
+#################################################################################
 #
     # Test        : FIRE-4590
     # Description : Check if at least one firewall if active