source: trunk/test/testrun_1e.sh@ 139

Last change on this file since 139 was 128, checked in by rainer, 17 years ago

New option for portcheck to ignore selected ports. Released as 2.3.8.

  • Property svn:executable set to *
File size: 4.6 KB
Line 
1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22BUILDOPTS="--quiet $TRUST --enable-xml-log --enable-port-check --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
23export BUILDOPTS
24
25MAXTEST=3; export MAXTEST
26
27PORTPOLICY_3="
28[ReadOnly]
29file=${BASE}
30[PortCheck]
31PortCheckActive = yes
32PortCheckUDP = no
33"
34
35chk_portdata_3 () {
36 one_sec_sleep
37
38 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
39 if [ $? -eq 0 ]; then
40
41 [ -z "$verbose" ] || log_msg_fail "Open ports";
42 return 1
43 fi
44}
45
46refine_portpolicy_3 ()
47{
48 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port //' | awk '{ print $1 }' | \
49 while read line; do
50 echo "PortCheckIgnore=$line" >>"${RCFILE}"
51 done
52 echo "PortCheckIgnore=2026" >>"${RCFILE}"
53 echo "PortCheckIgnore=2027" >>"${RCFILE}"
54 echo "PortCheckIgnore=2028" >>"${RCFILE}"
55 echo "PortCheckIgnore=2029" >>"${RCFILE}"
56}
57
58
59PORTPOLICY_2="
60[ReadOnly]
61file=${BASE}
62[PortCheck]
63PortCheckActive = yes
64PortCheckUDP = no
65"
66
67chk_portdata_2 () {
68 one_sec_sleep
69
70 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
71 if [ $? -eq 0 ]; then
72
73 [ -z "$verbose" ] || log_msg_fail "Open ports";
74 return 1
75 fi
76}
77
78refine_portpolicy_2 ()
79{
80 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port //' | awk '{ print $1 }' | \
81 while read line; do
82 echo "PortCheckOptional=$line" >>"${RCFILE}"
83 done
84}
85
86PORTPOLICY_1="
87[ReadOnly]
88file=${BASE}
89[PortCheck]
90PortCheckActive = yes
91PortCheckUDP = no
92"
93
94chk_portdata_1 () {
95 one_sec_sleep
96
97 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
98 if [ $? -eq 0 ]; then
99
100 [ -z "$verbose" ] || log_msg_fail "Open ports";
101 return 1
102 fi
103}
104
105refine_portpolicy_1 ()
106{
107 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port //' | awk '{ print $1 }' | \
108 while read line; do
109 echo "PortCheckRequired=$line" >>"${RCFILE}"
110 done
111}
112
113prep_portpolicy ()
114{
115 test -f "${RCFILE}" || touch "${RCFILE}"
116 eval echo '"$'"PORTPOLICY_$1"'"' >>"${RCFILE}"
117}
118
119testrun_internal_1e ()
120{
121 [ -z "$verbose" ] || echo Working directory: $PW_DIR
122 [ -z "$verbose" ] || { echo MAKE is $MAKE; echo; }
123
124 #
125 # test standalone compilation
126 #
127 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
128
129 if test -r "Makefile"; then
130 $MAKE distclean >/dev/null
131 fi
132
133 tcount=1
134 ${TOP_SRCDIR}/configure ${BUILDOPTS}
135
136 #
137 if test x$? = x0; then
138 [ -z "$verbose" ] || log_msg_ok "configure...";
139 $MAKE >/dev/null 2>&1
140 if test x$? = x0; then
141 [ -z "$verbose" ] || log_msg_ok "make...";
142 else
143 [ -z "$quiet" ] && log_msg_fail "make...";
144 return 1
145 fi
146
147 else
148 [ -z "$quiet" ] && log_msg_fail "configure...";
149 return 1
150 fi
151
152 [ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; }
153
154 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
155
156 until [ -z "$POLICY" ]
157 do
158 prep_init
159 check_err $? ${tcount}; errval=$?
160 if [ $errval -eq 0 ]; then
161 prep_testdata
162 check_err $? ${tcount}; errval=$?
163 fi
164 if [ $errval -eq 0 ]; then
165 prep_portpolicy ${tcount}
166 check_err $? ${tcount}; errval=$?
167 fi
168 if [ $errval -eq 0 ]; then
169 run_init
170 check_err $? ${tcount}; errval=$?
171 fi
172 #
173 if [ $errval -eq 0 ]; then
174 eval refine_portpolicy_${tcount}
175 check_err $? ${tcount}; errval=$?
176 fi
177 #
178 rm -f "$LOGFILE"
179 #
180 if [ $errval -eq 0 ]; then
181 run_check
182 check_err $? ${tcount}; errval=$?
183 fi
184 if [ $errval -eq 0 ]; then
185 eval chk_portdata_${tcount}
186 check_err $? ${tcount}; errval=$?
187 fi
188 #
189 if [ $errval -eq 0 ]; then
190 [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
191 fi
192 let "tcount = tcount + 1" >/dev/null
193 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
194 done
195
196 return 0
197}
198
199testrun1e ()
200{
201 log_start "RUN STANDALONE W/PORTCHECK"
202 testrun_internal_1e
203 log_end "RUN STANDALONE W/PORTCHECK"
204 return 0
205}
206
207
Note: See TracBrowser for help on using the repository browser.