diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:46:42 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:46:42 +0300 |
| commit | 103ed2afb3a266a8173c3dcfb5d416bb0f3ba188 (patch) | |
| tree | 02ee4613804ddd0eee1e4f6858e7d0b2a4dd1141 | |
| parent | 7e5af7ae9c1da9b0539b1c67911dd94643c95742 (diff) | |
Added FIRE-4586
| -rw-r--r-- | db/tests.db | 1 | ||||
| -rw-r--r-- | include/tests_firewalls | 17 |
2 files changed, 18 insertions, 0 deletions
diff --git a/db/tests.db b/db/tests.db index 438394f0..ef8448a6 100644 --- a/db/tests.db +++ b/db/tests.db @@ -139,6 +139,7 @@ FIRE-4534:test:security:firewalls:MacOS:Check Little Snitch firewall: FIRE-4536:test:security:firewalls:Linux:Check nftables status: FIRE-4538:test:security:firewalls:Linux:Check nftables basic configuration: FIRE-4540:test:security:firewalls:Linux:Test for empty nftables configuration: +FIRE-4586:test:security:firewalls::Check firewall logging: FIRE-4590:test:security:firewalls::Check firewall status: HOME-9302:test:security:homedirs::Create list with home directories: HOME-9310:test:security:homedirs::Checking for suspicious shell history files: diff --git a/include/tests_firewalls b/include/tests_firewalls index 25f95907..6c6ab28a 100644 --- a/include/tests_firewalls +++ b/include/tests_firewalls @@ -454,6 +454,23 @@ # ################################################################################# # + # Test : FIRE-4586 + # Description : Check firewall logging + if [ ${FIREWALL_ACTIVE} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no FIRE-4586 --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check firewall logging" + if [ ${SKIPTEST} -eq 0 ]; then + if [ ${IPTABLES_ACTIVE} -eq 1 ]; then + if [ ! -z "${IPTABLESSAVEBINARY}" ]; then + HAS_LOGGING=$(${IPTABLESSAVEBINARY} | ${GREPBINARY} "-j LOG") + if [ -z "${HAS_LOGGING}" ]; then + Report "firewall_no_logging[]=iptables" + fi + fi + fi + fi +# +################################################################################# +# # Test : FIRE-4590 # Description : Check if at least one firewall if active Register --test-no FIRE-4590 --weight L --network NO --category security --description "Check firewall status" |