diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2020-03-25 17:15:42 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2020-03-25 17:15:42 +0300 |
| commit | 04c969752a9a309f681e5da6ac2757488f3c39ff (patch) | |
| tree | ddd106b216cac07430cc05946aeaf5a9123169ae /include/tests_networking | |
| parent | 9b978a3581a0fed053c33b8ef1b4877d261cb1ce (diff) | |
[NETW-3200] corrected test
Diffstat (limited to 'include/tests_networking')
| -rw-r--r-- | include/tests_networking | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/include/tests_networking b/include/tests_networking index 7c288000..c19505c1 100644 --- a/include/tests_networking +++ b/include/tests_networking @@ -669,37 +669,39 @@ Register --test-no NETW-3200 --weight L --network YES --category security --description "Determine available network protocols" if [ ${SKIPTEST} -eq 0 ]; then TESTED=0 + FOUND_UNCOMMON_PROTOCOL_ENABLED=0 case ${OS} in Linux) TESTED=1 LogText "Test: checking the status of some network protocols that typically are not used" UNCOMMON_PROTOCOLS="dccp sctp rds tipc" for P in ${UNCOMMON_PROTOCOLS}; do + LogText "Test: now checking module '${P}'" if ! SkipAtomicTest "${TEST_NO}:${P}"; then - FOUND_UNCOMMON_PROTOCOL=0 + UNCOMMON_PROTOCOL_DISABLED=0 + # First check modprobe.conf if [ -f ${ROOTDIR}etc/modprobe.conf ]; then DATA=$(${GREPBINARY} "^install ${P} /bin/true" ${ROOTDIR}etc/modprobe.conf) if [ -n "${DATA}" ]; then - LogText "Result: found ${P} module loaded via modprobe.conf" - FOUND_UNCOMMON_PROTOCOL=1 + LogText "Result: found ${P} module disabled via modprobe.conf" + UNCOMMON_PROTOCOL_DISABLED=1 fi fi + # Then additional modprobe configuration files if [ -d ${ROOTDIR}etc/modprobe.d ]; then DATA=$(${GREPBINARY} --files-with-matches --no-messages "^install ${P} /bin/true" ${ROOTDIR}etc/modprobe.d/*) if [ -n "${DATA}" ]; then - FOUND_UNCOMMON_PROTOCOL=1 + UNCOMMON_PROTOCOL_DISABLED=1 for F in ${DATA}; do - LogText "Result: found ${P} module loaded via ${F}" + LogText "Result: found ${P} module disabled via ${F}" done fi fi - # Although a protocol may not been enabled using install, it can be loaded. This may be revealed using /proc - #/proc/sys/net/ - - if [ ${FOUND_UNCOMMON_PROTOCOL} -eq 1 ]; then - ReportSuggestion "${TEST_NO}" "Determine if network protocol ${P} needs to be used on this system" + if [ ${UNCOMMON_PROTOCOL_DISABLED} -eq 0 ]; then + ReportSuggestion "${TEST_NO}" "Determine if protocol '${P}' is really needed on this system" Report "uncommon_network_protocol_enabled=${P}" + FOUND_UNCOMMON_PROTOCOL_ENABLED=1 fi fi done @@ -711,7 +713,7 @@ ;; esac if [ ${TESTED} -eq 1 ]; then - if [ ${FOUND_UNCOMMON_PROTOCOL} -eq 1 ]; then + if [ ${FOUND_UNCOMMON_PROTOCOL_ENABLED} -eq 1 ]; then Display --indent 2 --text "- Uncommon network protocols" --result "${FOUND}" --color YELLOW else Display --indent 2 --text "- Uncommon network protocols" --result "${STATUS_NOT_FOUND}" --color GREEN |