tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-27 07:44:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Style improvements

Browse Source
This commit is contained in:
Michael Boelen 2016-10-26 12:58:51 +02:00
parent 4886054187
commit e96a31eab4
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
include/tests_networking
View File

@ -73,7 +73,7 @@
#fi #fi
esac esac
done done
else else
IPV6_MODE="disabled" IPV6_MODE="disabled"
fi fi
# Check if we are manually configured (not accepting automatic configuration) # Check if we are manually configured (not accepting automatic configuration)
@ -94,7 +94,7 @@
if [ ${IPV6_ONLY} -eq 1 ]; then STATUS="YES"; else STATUS="NO"; fi if [ ${IPV6_ONLY} -eq 1 ]; then STATUS="YES"; else STATUS="NO"; fi
LogText "Result: IPv6 only configuration: ${STATUS}" LogText "Result: IPv6 only configuration: ${STATUS}"
Display --indent 6 --text "IPv6 only" --result "${STATUS}" --color WHITE Display --indent 6 --text "IPv6 only" --result "${STATUS}" --color WHITE
else else
Display --indent 2 --text "- Checking IPv6 configuration" --result "${STATUS_DISABLED}" --color WHITE Display --indent 2 --text "- Checking IPv6 configuration" --result "${STATUS_DISABLED}" --color WHITE
fi fi
# Configuration errors # Configuration errors
@ -143,14 +143,14 @@
LogText "Nameserver ${I} seems to respond to queries from this host." LogText "Nameserver ${I} seems to respond to queries from this host."
# Count responsive nameservers # Count responsive nameservers
NUMBERACTIVENS=$((NUMBERACTIVENS + 1)) NUMBERACTIVENS=$((NUMBERACTIVENS + 1))
else else
Display --indent 8 --text "Nameserver: ${I}" --result "NO RESPONSE" --color RED Display --indent 8 --text "Nameserver: ${I}" --result "NO RESPONSE" --color RED
LogText "Result: nameserver ${I} does NOT respond" LogText "Result: nameserver ${I} does NOT respond"
LogText "Exit-code from dig: ${DNSRESPONSE}" LogText "Exit-code from dig: ${DNSRESPONSE}"
ReportSuggestion ${TEST_NO} "Check connection to this nameserver and make sure no outbound DNS queries are blocked (port 53 UDP and TCP)." ReportSuggestion ${TEST_NO} "Check connection to this nameserver and make sure no outbound DNS queries are blocked (port 53 UDP and TCP)."
ReportWarning ${TEST_NO} "Nameserver ${I} does not respond" ReportWarning ${TEST_NO} "Nameserver ${I} does not respond"
fi fi
else else
LogText "Result: Nameserver test for ${I} skipped, 'dig' not installed" LogText "Result: Nameserver test for ${I} skipped, 'dig' not installed"
Display --indent 6 --text "Nameserver: ${I}" --result "${STATUS_SKIPPED}" --color YELLOW Display --indent 6 --text "Nameserver: ${I}" --result "${STATUS_SKIPPED}" --color YELLOW
fi fi
@ -174,16 +174,16 @@
LogText "Note: Non responsive nameservers can give problems for your system(s). Like the lack of recursive lookups, bad connectivity to update servers etc." LogText "Note: Non responsive nameservers can give problems for your system(s). Like the lack of recursive lookups, bad connectivity to update servers etc."
ReportSuggestion ${TEST_NO} "Check your resolv.conf file and fill in a backup nameserver if possible" ReportSuggestion ${TEST_NO} "Check your resolv.conf file and fill in a backup nameserver if possible"
AddHP 1 2 AddHP 1 2
else else
Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_OK}" --color GREEN Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_OK}" --color GREEN
LogText "Result: found at least 2 responsive nameservers" LogText "Result: found at least 2 responsive nameservers"
AddHP 3 3 AddHP 3 3
fi fi
else else
Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_SKIPPED}" --color YELLOW Display --indent 4 --text "- Minimal of 2 responsive nameservers" --result "${STATUS_SKIPPED}" --color YELLOW
LogText "Result: dig not installed, test can't be fully performed" LogText "Result: dig not installed, test can't be fully performed"
fi fi
else else
LogText "Result: Test most likely skipped due having local resolver in /etc/resolv.conf" LogText "Result: Test most likely skipped due having local resolver in /etc/resolv.conf"
fi fi
# #
@ -203,7 +203,7 @@
Report "default_gateway[]=${I}" Report "default_gateway[]=${I}"
done done
Display --indent 2 --text "- Checking default gateway" --result "${STATUS_DONE}" --color GREEN Display --indent 2 --text "- Checking default gateway" --result "${STATUS_DONE}" --color GREEN
else else
LogText "Result: No default gateway found" LogText "Result: No default gateway found"
Display --indent 2 --text "- Checking default gateway" --result "NONE FOUND" --color WHITE Display --indent 2 --text "- Checking default gateway" --result "NONE FOUND" --color WHITE
fi fi
@ -379,7 +379,7 @@
if [ ! "${SOCKSTATBINARY}" = "" ]; then if [ ! "${SOCKSTATBINARY}" = "" ]; then
FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*:\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u` FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*:\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u`
# To strip off IP's: ${SEDBINARY} 's/|.*:/|/' # To strip off IP's: ${SEDBINARY} 's/|.*:/|/'
else else
FIND="" FIND=""
fi fi
FIND2="" FIND2=""
@ -406,7 +406,7 @@
if [ ! "${LSOFBINARY}" = "" ]; then if [ ! "${LSOFBINARY}" = "" ]; then
# UDP and TCP combined # UDP and TCP combined
FIND=`${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME"` FIND=`${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME"`
else else
FIND="" FIND=""
fi fi
# Not needed as we have a combined test # Not needed as we have a combined test
@ -417,7 +417,7 @@
NetBSD) NetBSD)
if [ ! "${SOCKSTATBINARY}" = "" ]; then if [ ! "${SOCKSTATBINARY}" = "" ]; then
FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*.\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u` FIND=`${SOCKSTATBINARY} | ${AWKBINARY} '{ if ($7 ~ /\*.\*/) print $5"|"$6"|"$2"|" }' | ${SORTBINARY} -u`
else else
FIND="" FIND=""
fi fi
FIND2="" FIND2=""
@ -428,7 +428,7 @@
FIND=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"||" }'` FIND=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^udp" | ${AWKBINARY} '{ print $4"|"$1"||" }'`
# TCP # TCP
FIND2=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^tcp" | ${AWKBINARY} '{ if($6=="LISTEN") { print $4"|"$1"||" }}'` FIND2=`${NETSTATBINARY} -an 2> /dev/null | ${GREPBINARY} "^tcp" | ${AWKBINARY} '{ if($6=="LISTEN") { print $4"|"$1"||" }}'`
else else
ReportException "${TEST_NO}:3" "netstat missing to gather listening ports" ReportException "${TEST_NO}:3" "netstat missing to gather listening ports"
fi fi
;; ;;
@ -456,10 +456,10 @@
done done
fi fi
if [ "${FIND}" = "" -a "${FIND2}" = "" ]; then if [ "${FIND}" = "" -a "${FIND2}" = "" ]; then
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_SKIPPED}" --color YELLOW Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_SKIPPED}" --color YELLOW
else else
Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_DONE}" --color GREEN Display --indent 2 --text "- Getting listening ports (TCP/UDP)" --result "${STATUS_DONE}" --color GREEN
Display --indent 6 --text "* Found ${N} ports" Display --indent 6 --text "* Found ${N} ports"
fi fi
fi fi
# #
@ -490,7 +490,7 @@
FOUNDPROMISC=1 FOUNDPROMISC=1
ReportWarning ${TEST_NO} "Found promiscuous interface (${I})" ReportWarning ${TEST_NO} "Found promiscuous interface (${I})"
LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic" LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic"
else else
LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)" LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)"
fi fi
done done
@ -500,7 +500,7 @@
if [ ${FOUNDPROMISC} -eq 0 ]; then if [ ${FOUNDPROMISC} -eq 0 ]; then
Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_OK}" --color GREEN Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_OK}" --color GREEN
LogText "Result: No promiscuous interfaces found" LogText "Result: No promiscuous interfaces found"
else else
Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_WARNING}" --color RED Display --indent 2 --text "- Checking promiscuous interfaces" --result "${STATUS_WARNING}" --color RED
fi fi
fi fi
@ -525,7 +525,7 @@
FOUNDPROMISC=1 FOUNDPROMISC=1
ReportWarning ${TEST_NO} "Found promiscuous interface (${I})" ReportWarning ${TEST_NO} "Found promiscuous interface (${I})"
LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic" LogText "Note: some tools put an interface into promiscuous mode, to capture/log network traffic"
else else
LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)" LogText "Result: Found promiscuous interface ${I} (*whitelisted via profile*)"
fi fi
fi fi