tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Style improvements

This commit is contained in:
Michael Boelen 2016-10-26 12:58:51 +02:00
parent 4886054187
commit e96a31eab4
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
include/tests_networking
View File

@ -73,7 +73,7 @@
#fi
esac
done
else
else
IPV6_MODE="disabled"
fi
# Check if we are manually configured (not accepting automatic configuration)
@ -94,7 +94,7 @@
if [ ${IPV6_ONLY} -eq 1 ]; then STATUS="YES"; else STATUS="NO"; fi
LogText "Result: IPv6 only configuration: ${STATUS}"
Display --indent 6 --text "IPv6 only" --result "${STATUS}" --color WHITE
else
else
Display --indent 2 --text "- Checking IPv6 configuration" --result "${STATUS_DISABLED}" --color WHITE
fi
# Configuration errors
@ -143,14 +143,14 @@
LogText "Nameserver ${I} seems to respond to queries from this host."
# Count responsive nameservers
NUMBERACTIVENS=$((NUMBERACTIVENS + 1))
else
else
Display --indent 8 --text "Nameserver: ${I}" --result "NO RESPONSE" --color RED
LogText "Result: nameserver ${I} does NOT respond"
LogText "Exit-code from dig: ${DNSRESPONSE}"
ReportSuggestion ${TEST_NO} "Check connection to this nameserver and make sure no outbound DNS queries are blocked (port 53 UDP and TCP)."
ReportWarning ${TEST_NO} "Nameserver ${I} does not respond"
fi
else
else
LogText "Result: Nameserver test for ${I} skipped, 'dig' not installed"
Display --indent 6 --text "Nameserver: ${I}" --result "${STATUS_SKIPPED}" --color YELLOW
fi
@ -174,16 +174,16 @@
LogText "Note: Non responsive nameservers can give problems for your system(s). Like the lack of recursive lookups, bad connectivity to update servers etc."
ReportSuggestion ${TEST_NO} "Check your resolv.conf file and fill in a backup nameserver if possible"
AddHP 1 2
else
else
Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_OK}" --color GREEN
LogText "Result: found at least 2 responsive nameservers"
AddHP 3 3
fi
else
else
Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_SKIPPED}" --color YELLOW
LogText "Result: dig not installed, test can't be fully performed"
fi
else
else
LogText "Result: Test most likely skipped due having local resolver in /etc/resolv.conf"
fi
#
@ -203,7 +203,7 @@
Report "default_gateway[]=${I}"
done
Display --indent 2 --text "- Checking default gateway" --result "${STATUS_DONE}" --color GREEN
else
else
LogText "Result: No default gateway found"
Display --indent 2 --text "- Checking default gateway" --result "NONE FOUND" --color WHITE
fi
@ -379,7 +379,7 @@
if [ ! "${SOCKSTATBINARY}" = "" ]; then
FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*:\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u`
# To strip off IP's: ${SEDBINARY} 's/|.*:/|/'
else
else
FIND=""
fi
FIND2=""
@ -406,7 +406,7 @@
if [ ! "${LSOFBINARY}" = "" ]; then
# UDP and TCP combined
FIND=`${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME"`
else
else
FIND=""
fi
# Not needed as we have a combined test
@ -417,7 +417,7 @@
NetBSD)
if [ ! "${SOCKSTATBINARY}" = "" ]; then
FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*.\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u`
else
else
FIND=""
fi
FIND2=""
@ -428,7 +428,7 @@
FIND=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"||" }'`
# TCP
FIND2=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^tcp" | ${AWKBINARY} '{ if($6=="LISTEN") { print $4"|"$1"||" }}'`
else
else
ReportException "${TEST_NO}:3" "netstat missing to gather listening ports"
fi
;;
@ -456,10 +456,10 @@
done
fi
if [ "${FIND}" = "" -a "${FIND2}" = "" ]; then
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_SKIPPED}" --color YELLOW
else
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_DONE}" --color GREEN
Display --indent 6 --text "* Found ${N} ports"
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_SKIPPED}" --color YELLOW
else
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_DONE}" --color GREEN
Display --indent 6 --text "* Found ${N} ports"
fi
fi
#
@ -490,7 +490,7 @@
FOUNDPROMISC=1
ReportWarning ${TEST_NO} "Found promiscuous interface (${I})"
LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic"
else
else
LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)"
fi
done
@ -500,7 +500,7 @@
if [ ${FOUNDPROMISC} -eq 0 ]; then
Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_OK}" --color GREEN
LogText "Result: No promiscuous interfaces found"
else
else
Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_WARNING}" --color RED
fi
fi
@ -525,7 +525,7 @@
FOUNDPROMISC=1
ReportWarning ${TEST_NO} "Found promiscuous interface (${I})"
LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic"
else
else
LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)"
fi
fi