Update tests_firewalls

2025-07-26 15:24:21 +02:00 · 2024-10-10 12:31:05 +02:00 · 2024-10-10 12:31:05 +02:00 · fa9082ab77
commit fa9082ab77
parent 5d50814f04
1 changed files with 118 additions and 106 deletions
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@ -112,7 +112,9 @@
        tables="filter nat mangle raw security"
        for t in ${tables}
        do
-            ${IPTABLESBINARY} -t "${t}" -S -v -w 1 2>/dev/zero | while read -r line
+            ${IPTABLESBINARY} -t "${t}" -S -v -w 1 2>/dev/zero |
+            {
+                while read -r line
                do
                    set -- ${line}
                    while [ $# -gt 0 ]
@ -203,13 +205,11 @@
                        then
                            if [ "${j}" = "ACCEPT" ]
                            then
-                            LogText "Result: Found ${j} for ${c} (table: ${t})"
-                            Display --indent 6 --text "- Checking chain ${c} (table: ${t}, chain ${c})" --result "${j}" --color YELLOW
+                                errqueue="${errqueue}\n${t} ${c} ${j} YELLOW"
                                AddHP 1 3
                            elif [ "${j}" = "DROP" ]
                            then
-                            LogText "Result: Found ${j} for ${c} (table: ${t})"
-                            Display --indent 6 --text "- Checking chain ${c} (table: ${t}, chain ${c})" --result "${j}" --color GREEN
+                                errqueue="${errqueue}\n${t} ${c} ${j} GREEN"
                                AddHP 3 3
                            fi
                        elif [ "${c}" = "FORWARD" ]
@ -223,16 +223,28 @@
                        then
                            if [ "${j}" = "NFQUEUE" ]
                            then
-                            LogText "Result: Found ${j} for ${c} (table: ${t})"
-                            Display --indent 6 --text "- Checking chain ${c} (table: ${t}, chain ${c})" --result "${j}" --color RED
-                            ReportSuggestion "${TEST_NO}" "Consider avoid ${j} target if possible (iptables chain ${c}, table: ${t})"
+                                errqueue="${errqueue}\n${t} ${c} ${j} RED"
                                AddHP 0 3
                            fi
                        fi
                    fi
                done
-        done
                # resume
+                echo ${errqueue} | ${SORTBINARY} -u | while read -r eq
+                do
+                    set -- ${eq}
+                    while [ $# -gt 0 ]
+                    do
+                        Display --indent 6 --text "Checking chain ${2} (table: ${1}, target: ${3})" --result "${3}" --color "${4}"
+                        if [ "${3}" = "NFQUEUE" ]
+                        then
+                            ReportSuggestion "${TEST_NO}" "Consider avoid ${3} target if possible (iptables chain ${2}, table: ${1})"
+                        fi
+                        shift 4
+                    done
+                done
+            }
+        done
    fi
 #
 #################################################################################