tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update tests_firewalls

This commit is contained in:
nser77 2024-10-08 12:02:07 +02:00 committed by GitHub
parent 13ced756cd
commit d90413e243
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/tests_firewalls
View File

@ -138,18 +138,18 @@
# logics
if ( [ "${table}" = "filter" ] || [ "${table}" = "security" ] ) && [ "${chain}" = "INPUT" ] && [ "${target}" = "ACCEPT" ] ; then
LogText "Result: Found ACCEPT for ${chain} (table: ${table})"
LogText "Result: Found ${target} for ${chain} (table: ${table})"
Display --indent 6 --text "- Checking chain ${chain} (table: ${table}, chain ${chain})" --result "${target}" --color YELLOW
AddHP 1 3
fi
if ( [ "${table}" = "filter" ] || [ "${table}" = "security" ] ) && [ "${chain}" = "INPUT" ] && [ "${target}" = "DROP" ] ; then
LogText "Result: Found DROP for ${chain} (table: ${table})"
LogText "Result: Found ${target} for ${chain} (table: ${table})"
Display --indent 6 --text "- Checking chain ${chain} (table: ${table}, chain ${chain})" --result "${target}" --color GREEN
AddHP 3 3
fi
if ( [ "${table}" = "filter" ] || [ "${table}" = "security" ] ) && ( [ "${chain}" = "INPUT" ] || [ "${chain}" = "FORWARD" ] || [ "${chain}" = "OUTPUT" ] ) && [ "${target}" = "NFQUEUE" ] ; then
LogText "Result: Found DROP for ${chain} (table: ${table})"
Display --indent 6 --text "- Checking chain ${chain} (table: ${table}, chain ${chain})" --result "NFQUEUE" --color RED
LogText "Result: Found ${target} for ${chain} (table: ${table})"
Display --indent 6 --text "- Checking chain ${chain} (table: ${table}, chain ${chain})" --result "${target}" --color RED
ReportSuggestion "${TEST_NO}" "Consider avoid ${target} target if possible (iptables chain ${chain}, table: ${table})"
AddHP 0 3
fi