tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Increase default minimum amount of connections before alerting

This commit is contained in:
mboelen 2015-07-14 00:31:59 +02:00
parent 7d30538311
commit e8111a124f
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/tests_networking
View File

@ -447,16 +447,17 @@
# Test : NETW-3028 # Test : NETW-3028
# Description : Checking for many waiting connections # Description : Checking for many waiting connections
# Type : Performance # Type : Performance
# Notes : It is common to see a healthy web server seeing to have several thousands of TCP connections in WAIT state
if [ ! "${NETSTATBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi if [ ! "${NETSTATBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no NETW-3028 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking connections in WAIT state" Register --test-no NETW-3028 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking connections in WAIT state"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
logtext "Test: Using netstat for check for connections in WAIT state" logtext "Test: Using netstat for check for connections in WAIT state"
FIND=`${NETSTATBINARY} -an | grep WAIT | wc -l | awk '{ print $1 }'` FIND=`${NETSTATBINARY} -an | grep WAIT | wc -l | awk '{ print $1 }'`
if [ "${OPTIONS_CONN_MAX_WAIT_STATE}" = "" ]; then OPTIONS_CONN_MAX_WAIT_STATE="100"; fi if [ "${OPTIONS_CONN_MAX_WAIT_STATE}" = "" ]; then OPTIONS_CONN_MAX_WAIT_STATE="5000"; fi
logtext "Result: currently ${FIND} connections are in a waiting state (max configured: ${OPTIONS_CONN_MAX_WAIT_STATE})." logtext "Result: currently ${FIND} connections are in a waiting state (max configured: ${OPTIONS_CONN_MAX_WAIT_STATE})."
if [ ${FIND} -gt ${OPTIONS_CONN_MAX_WAIT_STATE} ]; then if [ ${FIND} -gt ${OPTIONS_CONN_MAX_WAIT_STATE} ]; then
Display --indent 2 --text "- Checking waiting connections" --result WARNING --color YELLOW Display --indent 2 --text "- Checking waiting connections" --result WARNING --color YELLOW
ReportWarning ${TEST_NO} "H" "Found too much connections in WAIT state (${FIND})" ReportSuggestion "${TEST_NO}" "Determine why system has many connections in WAIT state (${FIND})"
else else
Display --indent 2 --text "- Checking waiting connections" --result OK --color GREEN Display --indent 2 --text "- Checking waiting connections" --result OK --color GREEN
logtext "Result: ${FIND} connections are in WAIT state" logtext "Result: ${FIND} connections are in WAIT state"