diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:46:42 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-01-28 17:46:42 +0300 |
commit | 103ed2afb3a266a8173c3dcfb5d416bb0f3ba188 (patch) | |
tree | 02ee4613804ddd0eee1e4f6858e7d0b2a4dd1141 /include/tests_firewalls | |
parent | 7e5af7ae9c1da9b0539b1c67911dd94643c95742 (diff) |
Added FIRE-4586
Diffstat (limited to 'include/tests_firewalls')
-rw-r--r-- | include/tests_firewalls | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/include/tests_firewalls b/include/tests_firewalls index 25f95907..6c6ab28a 100644 --- a/include/tests_firewalls +++ b/include/tests_firewalls @@ -454,6 +454,23 @@ # ################################################################################# # + # Test : FIRE-4586 + # Description : Check firewall logging + if [ ${FIREWALL_ACTIVE} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no FIRE-4586 --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check firewall logging" + if [ ${SKIPTEST} -eq 0 ]; then + if [ ${IPTABLES_ACTIVE} -eq 1 ]; then + if [ ! -z "${IPTABLESSAVEBINARY}" ]; then + HAS_LOGGING=$(${IPTABLESSAVEBINARY} | ${GREPBINARY} "-j LOG") + if [ -z "${HAS_LOGGING}" ]; then + Report "firewall_no_logging[]=iptables" + fi + fi + fi + fi +# +################################################################################# +# # Test : FIRE-4590 # Description : Check if at least one firewall if active Register --test-no FIRE-4590 --weight L --network NO --category security --description "Check firewall status" |