tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Wrap ipfw test in SKIPTEST block.

This commit is contained in:
Roland Smith 2015-04-27 18:26:39 +02:00
parent ded7e95a14
commit a0b20fcfe3
1 changed files with 22 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
include/tests_firewalls
View File

@ -276,29 +276,31 @@
# Test : FIRE-4530 # Test : FIRE-4530
# Description : Check ipfw (FreeBSD) # Description : Check ipfw (FreeBSD)
Register --test-no FIRE-4530 --os FreeBSD --weight L --network NO --description "Check ipfw status" Register --test-no FIRE-4530 --os FreeBSD --weight L --network NO --description "Check ipfw status"
if [ ! "${SYSCTLBINARY}" = "" ]; then if [ ${SKIPTEST} -eq 0 ]; then
# For now, only check for IPv4. if [ ! "${SYSCTLBINARY}" = "" ]; then
FIND=`${SYSCTLBINARY} net.inet.ip.fw.enable | awk '{ print $2 }'` # For now, only check for IPv4.
if [ "${FIND}" = "1" ]; then FIND=`${SYSCTLBINARY} net.inet.ip.fw.enable | awk '{ print $2 }'`
Display --indent 2 --text "- Checking ipfw status" --result RUNNING --color GREEN if [ "${FIND}" = "1" ]; then
logtext "Result: ipfw is running for IPv4" Display --indent 2 --text "- Checking ipfw status" --result RUNNING --color GREEN
FIREWALL_ACTIVE=1 logtext "Result: ipfw is running for IPv4"
FIREWALL_SOFTWARE="ipfw" FIREWALL_ACTIVE=1
IPFW_ENABLED=`service -e | grep -o ipfw` FIREWALL_SOFTWARE="ipfw"
if [ "${IPFW_ENABLED}" = "ipfw" ]; then IPFW_ENABLED=`service -e | grep -o ipfw`
Display --indent 4 --text "- ipfw enabled in /etc/rc.conf" --result YES --color GREEN if [ "${IPFW_ENABLED}" = "ipfw" ]; then
logtext "Result: ipfw is enabled at start-up for IPv4" Display --indent 4 --text "- ipfw enabled in /etc/rc.conf" --result YES --color GREEN
logtext "Result: ipfw is enabled at start-up for IPv4"
else
Display --indent 4 --text "- ipfw enabled in /etc/rc.conf" --result NO --color YELLOW
logtext "Result: ipfw is disabled at start-up for IPv4"
fi
else else
Display --indent 4 --text "- ipfw enabled in /etc/rc.conf" --result NO --color YELLOW Display --indent 2 --text "- Checking ipfw status" --result "NOT RUNNING" --color YELLOW
logtext "Result: ipfw is disabled at start-up for IPv4" logtext "Result: ipfw is not running for IPv4"
fi fi
else else
Display --indent 2 --text "- Checking ipfw status" --result "NOT RUNNING" --color YELLOW Display --indent 2 --text "- Checking ipfw" --result SKIPPED --color YELLOW
logtext "Result: ipfw is not running for IPv4" ReportException "${TEST_NO}:4" "No IPFW test available (sysctl missing)"
fi fi
else
Display --indent 2 --text "- Checking ipfw" --result SKIPPED --color YELLOW
ReportException "${TEST_NO}:4" "No IPFW test available (sysctl missing)"
fi fi
# #
################################################################################# #################################################################################