diff options
author | mboelen <michael@cisofy.com> | 2014-10-30 20:09:47 +0300 |
---|---|---|
committer | mboelen <michael@cisofy.com> | 2014-10-30 20:09:47 +0300 |
commit | 9f1f006005cfca5dead25f12867330d112d6231e (patch) | |
tree | 873ff9968ad74e185044e34bb6eef2fb9e965c4a | |
parent | c8189d05e8c72f647bcdbe31acdbbf5da6db32e5 (diff) |
Check if Linux config file is set, before executing other tests
-rw-r--r-- | include/tests_firewalls | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/include/tests_firewalls b/include/tests_firewalls index 79a2a1f0..f9e6fc0c 100644 --- a/include/tests_firewalls +++ b/include/tests_firewalls @@ -64,26 +64,28 @@ # If we have a kernel configuration file, use it for testing # Do not perform test if we already found it in kernel module list, to avoid triggered it in the upcoming # tests, when using iptables --list - if [ ! "${LINUXCONFIGFILE}" = "" -a -f ${LINUXCONFIGFILE} -a ${IPTABLES_MODULE_ACTIVE} -eq 0 ]; then - logtext "Result: found kernel configuration file (${LINUXCONFIGFILE})" - FIND=`${tCATCMD} ${LINUXCONFIGFILE} | grep -v '^#' | grep "CONFIG_IP_NF_IPTABLES" | head -n 1` - if [ ! "${FIND}" = "" ]; then - HAVEMOD=`echo ${FIND} | cut -d '=' -f2` - # Do not use iptables if it's compiled as a module (=m), since we already tested for it in the - # active list. - if [ "${HAVEMOD}" = "y" ]; then - logtext "Result: iptables available as a module in the configuration" - IPTABLES_ACTIVE=1 - IPTABLES_INKERNEL_ACTIVE=1 - FIREWALL_ACTIVE=1 - FIREWALL_SOFTWARE="iptables" - Display --indent 2 --text "- Checking iptables in config file" --result FOUND --color GREEN + if [ ! "${LINUXCONFIGFILE}" = "" ]; then + if [ -f ${LINUXCONFIGFILE} -a ${IPTABLES_MODULE_ACTIVE} -eq 0 ]; then + logtext "Result: found kernel configuration file (${LINUXCONFIGFILE})" + FIND=`${tCATCMD} ${LINUXCONFIGFILE} | grep -v '^#' | grep "CONFIG_IP_NF_IPTABLES" | head -n 1` + if [ ! "${FIND}" = "" ]; then + HAVEMOD=`echo ${FIND} | cut -d '=' -f2` + # Do not use iptables if it's compiled as a module (=m), since we already tested for it in the + # active list. + if [ "${HAVEMOD}" = "y" ]; then + logtext "Result: iptables available as a module in the configuration" + IPTABLES_ACTIVE=1 + IPTABLES_INKERNEL_ACTIVE=1 + FIREWALL_ACTIVE=1 + FIREWALL_SOFTWARE="iptables" + Display --indent 2 --text "- Checking iptables in config file" --result FOUND --color GREEN + else + logtext "Result: no iptables found in Linux kernel config file" + fi else - logtext "Result: no iptables found in Linux kernel config file" + logtext "Result: no Linux configuration file found" + Display --indent 2 --text "- Checking iptables in config file" --result "NOT FOUND" --color WHITE fi - else - logtext "Result: no Linux configuration file found" - Display --indent 2 --text "- Checking iptables in config file" --result "NOT FOUND" --color WHITE fi fi fi |