added TRBINARY + fix nftables check (#276)

fixes #273
author: BlueC0re <bluec0re@users.noreply.github.com> 2016-09-06 21:58:30 +0300
committer: Michael Boelen <michael.boelen@cisofy.com> 2016-09-06 21:58:30 +0300
commit: a596bdc3493ad611d330188e662d93efa6484497 (patch)
tree: 80a9c2ff6e866eff3bf92b3468ce780a5bde572a /include
parent: 8c811778ddb515846cb6d3aa13647b8a93534148 (diff)
2 files changed, 3 insertions, 1 deletions
diff --git a/include/binaries b/include/binaries
index 42859ce9..f4fd1ece 100644
--- a/include/binaries
+++ b/include/binaries
@@ -201,6 +201,7 @@
                             syslog-ng)              SYSLOGNGFOUND=1;       SYSLOGNGBINARY="${BINARY}"; SYSLOGNGVERSION=`${BINARY} -V 2>&1 | grep "^syslog-ng" | awk '{ print $2 }'`; LogText "Found ${BINARY} (version ${SYSLOGNGVERSION})"                         ;;
                             systemctl)              SYSTEMCTLFOUND=1;      SYSTEMCTLBINARY="${BINARY}"; SERVICE_MANAGER="systemd";                        LogText "  Found known binary: systemctl (client to systemd) - ${BINARY}"                                 ;;
                             timedatectl)            TIMEDATECTLFOUND=1;    TIMEDATECTL="${BINARY}";                                                       LogText "  Found known binary: timedatectl (timedate client) - ${BINARY}"                                 ;;
+                            tr)                     TRFOUND=1;             TRBINARY="${BINARY}";                                                          LogText "  Found known binary: tr (text transformation) - ${BINARY}"                                      ;;
                             tripwire)               TRIPWIREFOUND=1;       TRIPWIREBINARY="${BINARY}";                                                    LogText "  Found known binary: tripwire (file integrity) - ${BINARY}"                                     ;;
                             tune2fs)                TUNE2FSFOUND=1;        TUNE2FSBINARY="${BINARY}";                                                     LogText "  Found known binary: tune2fs (file system tool) - ${BINARY}"                                    ;;
                             vgdisplay)              VGDISPLAYFOUND=1;      VGDISPLAYBINARY="${BINARY}";                                                   LogText "  Found known binary: vgdisplay (LVM tool) - ${BINARY}"                                          ;;
diff --git a/include/tests_firewalls b/include/tests_firewalls
index dcb978ca..b84a97db 100644
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@@ -388,6 +388,7 @@
         if [ ! -z "${FIND}" ]; then
             LogText "Result: found nftables kernel module"
             FIREWALL_SOFTWARE="nftables"
+            FIREWALL_ACTIVE=1
             NFTABLES_ACTIVE=1
             Report "firewall_software[]=nftables"
         else
@@ -403,7 +404,7 @@
     Register --test-no FIRE-4538 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check nftables basic configuration"
     if [ ${SKIPTEST} -eq 0 ]; then
         # Retrieve nft version
-        NFT_VERSION=$(${NFTBINARY} --version 2> /dev/null | ${AWKBINARY} '{ if ($1=="nftables") { print $2 }}' | tr -d 'v')
+        NFT_VERSION=$(${NFTBINARY} --version 2> /dev/null | ${AWKBINARY} '{ if ($1=="nftables") { print $2 }}' | ${TRBINARY} -d 'v')
         Report "nft_version=${NFT_VERSION}"
         LogText "Result: found version ${NFT_VERSION} of nft"
     fi
author	BlueC0re <bluec0re@users.noreply.github.com>	2016-09-06 21:58:30 +0300
committer	Michael Boelen <michael.boelen@cisofy.com>	2016-09-06 21:58:30 +0300
commit	a596bdc3493ad611d330188e662d93efa6484497 (patch)
tree	80a9c2ff6e866eff3bf92b3468ce780a5bde572a /include
parent	8c811778ddb515846cb6d3aa13647b8a93534148 (diff)