tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-27 15:54:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve detection of pf on FreeBSD

Browse Source
This commit is contained in:
Michael Boelen 2016-10-15 15:26:15 +02:00
parent b6a9d294d8
commit 81024635aa
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
include/tests_firewalls
View File

@ -190,31 +190,30 @@
# #
# Test : FIRE-4518 # Test : FIRE-4518
# Description : Checking status of pf firewall components # Description : Checking status of pf firewall components
Register --test-no FIRE-4518 --weight L --network NO --category security --description "Check pf firewall components" # Notes : Use /dev/pf as first detection method if pf is available
if [ ! -e /dev/pf ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="No /dev/pf file"; fi
Register --test-no FIRE-4518 --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Check pf firewall components"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
PFFOUND=0; PFLOGDFOUND=0 PFFOUND=0; PFLOGDFOUND=0
# Check status with pfctl # Check status with pfctl
LogText "Test: checking pf status via pfctl" LogText "Test: checking pf status via pfctl"
if [ ! -z "${PFCTLBINARY}" ]; then if [ ! -z "${PFCTLBINARY}" ]; then
FIND=$(${PFCTLBINARY} -sa 2>&1 | ${GREPBINARY} "^Status" | ${HEADBINARY} -1 | ${AWKBINARY} '{ print $2 }') FIND=$(${PFCTLBINARY} -sa 2>&1 | ${GREPBINARY} "^Status" | ${HEADBINARY} -1 | ${AWKBINARY} '{ print $2 }')
if [ "${FIND}" = "Enabled" ]; then if [ "${FIND}" = "Disabled" ]; then
if IsVerbose; then Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_DISABLED}" --color RED; fi
LogText "Result: pf is disabled"
AddHP 0 3
elif [ "${FIND}" = "Enabled" ]; then
Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_ENABLED}" --color GREEN
LogText "Result: pf is enabled" LogText "Result: pf is enabled"
PFFOUND=1 PFFOUND=1
AddHP 3 3 AddHP 3 3
else
if [ "${FIND}" = "Disabled" ]; then
Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_DISABLED}" --color RED
LogText "Result: pf is disabled"
AddHP 0 3
else else
Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_UNKNOWN}" --color YELLOW Display --indent 2 --text "- Checking pf status (pfctl)" --result "${STATUS_UNKNOWN}" --color YELLOW
ReportException ${TEST_NO} "Unknown status of pf firewall" ReportException ${TEST_NO} "Unknown status of pf firewall"
fi fi
fi fi
fi
# If we didn't find the status to be enabled, stop searching # If we didn't find the status to be enabled, stop searching
if [ ${PFFOUND} -eq 0 ]; then if [ ${PFFOUND} -eq 0 ]; then