source: trunk/test/testrun_1e.sh@ 197

Last change on this file since 197 was 179, checked in by katerina, 16 years ago

Fix for broken port check regression test script (ticket #118).

  • Property svn:executable set to *
File size: 5.3 KB
RevLine 
[67]1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22BUILDOPTS="--quiet $TRUST --enable-xml-log --enable-port-check --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
23export BUILDOPTS
24
[149]25MAXTEST=4; export MAXTEST
[67]26
[149]27PORTPOLICY_4="
28[ReadOnly]
29file=${BASE}
30[PortCheck]
31PortCheckActive = yes
32PortCheckUDP = no
33"
34
35chk_portdata_4 () {
36 one_sec_sleep
37
38 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
39 if [ $? -eq 0 ]; then
40
41 [ -z "$verbose" ] || log_msg_fail "Open ports";
42 return 1
43 fi
44}
45
46refine_portpolicy_4 ()
47{
[179]48 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
[149]49 while read line; do
50 echo "PortCheckSkip=$line" >>"${RCFILE}"
51 done
52 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}"
53 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}"
54 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}"
55 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}"
56}
57
[128]58PORTPOLICY_3="
59[ReadOnly]
60file=${BASE}
61[PortCheck]
62PortCheckActive = yes
63PortCheckUDP = no
64"
65
66chk_portdata_3 () {
67 one_sec_sleep
68
69 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
70 if [ $? -eq 0 ]; then
71
72 [ -z "$verbose" ] || log_msg_fail "Open ports";
73 return 1
74 fi
75}
76
77refine_portpolicy_3 ()
78{
[179]79 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
[128]80 while read line; do
81 echo "PortCheckIgnore=$line" >>"${RCFILE}"
82 done
[149]83 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}"
84 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}"
85 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}"
86 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}"
[128]87}
88
89
[67]90PORTPOLICY_2="
91[ReadOnly]
92file=${BASE}
93[PortCheck]
94PortCheckActive = yes
95PortCheckUDP = no
96"
97
98chk_portdata_2 () {
99 one_sec_sleep
100
101 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
102 if [ $? -eq 0 ]; then
103
104 [ -z "$verbose" ] || log_msg_fail "Open ports";
105 return 1
106 fi
107}
108
109refine_portpolicy_2 ()
110{
[179]111 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
[67]112 while read line; do
113 echo "PortCheckOptional=$line" >>"${RCFILE}"
114 done
115}
116
117PORTPOLICY_1="
118[ReadOnly]
119file=${BASE}
120[PortCheck]
121PortCheckActive = yes
122PortCheckUDP = no
123"
124
125chk_portdata_1 () {
126 one_sec_sleep
127
128 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
129 if [ $? -eq 0 ]; then
130
131 [ -z "$verbose" ] || log_msg_fail "Open ports";
132 return 1
133 fi
134}
135
136refine_portpolicy_1 ()
137{
[179]138 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
[67]139 while read line; do
140 echo "PortCheckRequired=$line" >>"${RCFILE}"
141 done
142}
143
144prep_portpolicy ()
145{
146 test -f "${RCFILE}" || touch "${RCFILE}"
147 eval echo '"$'"PORTPOLICY_$1"'"' >>"${RCFILE}"
148}
149
150testrun_internal_1e ()
151{
152 [ -z "$verbose" ] || echo Working directory: $PW_DIR
153 [ -z "$verbose" ] || { echo MAKE is $MAKE; echo; }
154
155 #
156 # test standalone compilation
157 #
158 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
159
160 if test -r "Makefile"; then
161 $MAKE distclean >/dev/null
162 fi
163
164 tcount=1
165 ${TOP_SRCDIR}/configure ${BUILDOPTS}
166
167 #
168 if test x$? = x0; then
169 [ -z "$verbose" ] || log_msg_ok "configure...";
170 $MAKE >/dev/null 2>&1
171 if test x$? = x0; then
172 [ -z "$verbose" ] || log_msg_ok "make...";
173 else
174 [ -z "$quiet" ] && log_msg_fail "make...";
175 return 1
176 fi
177
178 else
179 [ -z "$quiet" ] && log_msg_fail "configure...";
180 return 1
181 fi
182
183 [ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; }
184
185 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
186
187 until [ -z "$POLICY" ]
188 do
189 prep_init
190 check_err $? ${tcount}; errval=$?
191 if [ $errval -eq 0 ]; then
192 prep_testdata
193 check_err $? ${tcount}; errval=$?
194 fi
195 if [ $errval -eq 0 ]; then
196 prep_portpolicy ${tcount}
197 check_err $? ${tcount}; errval=$?
198 fi
199 if [ $errval -eq 0 ]; then
200 run_init
201 check_err $? ${tcount}; errval=$?
202 fi
203 #
204 if [ $errval -eq 0 ]; then
205 eval refine_portpolicy_${tcount}
206 check_err $? ${tcount}; errval=$?
207 fi
208 #
209 rm -f "$LOGFILE"
210 #
211 if [ $errval -eq 0 ]; then
212 run_check
213 check_err $? ${tcount}; errval=$?
214 fi
215 if [ $errval -eq 0 ]; then
216 eval chk_portdata_${tcount}
217 check_err $? ${tcount}; errval=$?
218 fi
219 #
220 if [ $errval -eq 0 ]; then
221 [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
222 fi
223 let "tcount = tcount + 1" >/dev/null
224 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
225 done
226
227 return 0
228}
229
230testrun1e ()
231{
232 log_start "RUN STANDALONE W/PORTCHECK"
233 testrun_internal_1e
234 log_end "RUN STANDALONE W/PORTCHECK"
235 return 0
236}
237
238
Note: See TracBrowser for help on using the repository browser.