tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-04-08 17:15:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update tests_firewalls -> FIRE-4508

Browse Source 
Include #1554
Fix FIND variable (remove "\n" and -z)
Add sort + uniq while read line from FIND
This commit is contained in:
teoberi 2024-10-04 21:46:30 +03:00 committed by GitHub
parent f08fadb7f9
commit c51b066131
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/tests_firewalls
View File

@ -109,13 +109,13 @@
Register --test-no FIRE-4508 --preqs-met ${PREQS_MET} --os Linux --weight L --network NO --root-only YES --category security --description "Check used policies of iptables chains"
if [ ${SKIPTEST} -eq 0 ]; then
Display --indent 4 --text "- Checking iptables policies of chains" --result "${STATUS_FOUND}" --color GREEN
TABLES="filter"
TABLES="filter nat mangle raw security"
for TABLE in ${TABLES}; do
LogText "Test: gathering information from table ${TABLE}"
FIND="$FIND""\n"$(${IPTABLESBINARY} -t ${TABLE} --numeric --list | ${GREPBINARY} -E -z -o -w '[A-Z]+' | tr -d '\0' | ${AWKBINARY} -v t=${TABLE} 'NR%2 {printf "%s %s ",t, $0 ; next;}1')
FIND="$FIND"(${IPTABLESBINARY} -t ${TABLE} --numeric --list | ${GREPBINARY} -E -o -w '[A-Z]+' | tr -d '\0' | ${AWKBINARY} -v t=${TABLE} 'NR%2 {printf "%s %s ",t, $0 ; next;}1')
done
echo "${FIND}" | while read -r line; do
echo "${FIND}" | sort | uniq | while read -r line; do
table=$(echo ${line} | ${AWKBINARY} '{ print $1 }')
chainname=$(echo ${line} | ${AWKBINARY} '{ print $2 }')
policy=$(echo ${line} | ${AWKBINARY} '{ print $3 }')