source: trunk/test/testrun_1e.sh@ 208

Last change on this file since 208 was 206, checked in by katerina, 16 years ago

Fix for ticket #133 (improve port checking and its reporting to prelude).

  • Property svn:executable set to *
File size: 8.6 KB
Line 
1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22BUILDOPTS="--quiet $TRUST --enable-xml-log --enable-port-check --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$LOGFILE --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
23export BUILDOPTS
24
25MAXTEST=5; export MAXTEST
26
27PORTPOLICY_5="
28[ReadOnly]
29file=${BASE}
30[PortCheck]
31PortCheckActive = yes
32PortCheckUDP = no
33PortCheckInterface = 127.0.0.1
34"
35
36chk_portdata_5 () {
37 one_sec_sleep
38
39 if [ -z "$PM" ]; then
40 log_skip 5 $MAXTEST 'prelude-manager not found in $PATH'
41 elif [ -z "$doall" ]; then
42 log_skip 5 $MAXTEST 'logging to prelude (or use --really-all)'
43 else
44 tmp=`egrep 'Service: port=5500 .unknown. protocol=tcp' test_log_prelude 2>/dev/null | wc -l`
45 if [ $tmp -lt 1 ]; then
46 [ -z "$verbose" ] || log_msg_fail "port 5500";
47 [ -z "$quiet" ] && log_fail 5 ${MAXTEST};
48 return 1
49 fi
50 #
51 [ -z "$quiet" ] && log_ok 5 ${MAXTEST};
52 fi
53 return 0
54}
55
56refine_portpolicy_5 ()
57{
58 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}"
59 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}"
60 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}"
61 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}"
62}
63
64PORTPOLICY_4="
65[ReadOnly]
66file=${BASE}
67[PortCheck]
68PortCheckActive = yes
69PortCheckUDP = no
70"
71
72chk_portdata_4 () {
73 one_sec_sleep
74
75 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
76 if [ $? -eq 0 ]; then
77
78 [ -z "$verbose" ] || log_msg_fail "Open ports";
79 return 1
80 fi
81}
82
83refine_portpolicy_4 ()
84{
85 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
86 while read line; do
87 echo "PortCheckSkip=$line" >>"${RCFILE}"
88 done
89 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}"
90 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}"
91 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}"
92 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}"
93}
94
95PORTPOLICY_3="
96[ReadOnly]
97file=${BASE}
98[PortCheck]
99PortCheckActive = yes
100PortCheckUDP = no
101"
102
103chk_portdata_3 () {
104 one_sec_sleep
105
106 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
107 if [ $? -eq 0 ]; then
108
109 [ -z "$verbose" ] || log_msg_fail "Open ports";
110 return 1
111 fi
112}
113
114refine_portpolicy_3 ()
115{
116 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
117 while read line; do
118 echo "PortCheckIgnore=$line" >>"${RCFILE}"
119 done
120 echo "PortCheckIgnore=2026/tcp" >>"${RCFILE}"
121 echo "PortCheckIgnore=2027/udp" >>"${RCFILE}"
122 echo "PortCheckIgnore=2028/tcp" >>"${RCFILE}"
123 echo "PortCheckIgnore=2029/udp" >>"${RCFILE}"
124}
125
126
127PORTPOLICY_2="
128[ReadOnly]
129file=${BASE}
130[PortCheck]
131PortCheckActive = yes
132PortCheckUDP = no
133"
134
135chk_portdata_2 () {
136 one_sec_sleep
137
138 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
139 if [ $? -eq 0 ]; then
140
141 [ -z "$verbose" ] || log_msg_fail "Open ports";
142 return 1
143 fi
144}
145
146refine_portpolicy_2 ()
147{
148 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
149 while read line; do
150 echo "PortCheckOptional=$line" >>"${RCFILE}"
151 done
152}
153
154PORTPOLICY_1="
155[ReadOnly]
156file=${BASE}
157[PortCheck]
158PortCheckActive = yes
159PortCheckUDP = no
160"
161
162chk_portdata_1 () {
163 one_sec_sleep
164
165 egrep 'CRIT.*POLICY \[ServiceNew\]' $LOGFILE >/dev/null 2>&1
166 if [ $? -eq 0 ]; then
167
168 [ -z "$verbose" ] || log_msg_fail "Open ports";
169 return 1
170 fi
171}
172
173refine_portpolicy_1 ()
174{
175 cat "$LOGFILE" | grep ServiceNew | sed 's/.*port: //' | awk '{ print $1 }' | \
176 while read line; do
177 echo "PortCheckRequired=$line" >>"${RCFILE}"
178 done
179}
180
181prep_portpolicy ()
182{
183 test -f "${RCFILE}" || touch "${RCFILE}"
184 eval echo '"$'"PORTPOLICY_$1"'"' >>"${RCFILE}"
185}
186
187run_check_prelude()
188{
189 ./samhain -t check -p none -l info --set-prelude-severity=info --prelude --server-addr 127.0.0.1:5500 >/dev/null
190
191 if test x$? = x0; then
192
193 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
194
195 if [ $? -ne 0 ]; then
196 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
197 return 1
198 fi
199 [ -z "$verbose" ] || log_msg_ok "check...";
200 else
201 [ -z "$quiet" ] && log_msg_fail "check...";
202 return 1
203 fi
204}
205
206
207testrun_internal_1e ()
208{
209 [ -z "$verbose" ] || echo Working directory: $PW_DIR
210 [ -z "$verbose" ] || { echo MAKE is $MAKE; echo; }
211
212 #
213 # test standalone compilation
214 #
215 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
216
217 if test -r "Makefile"; then
218 $MAKE distclean >/dev/null
219 fi
220
221 tcount=1
222 ${TOP_SRCDIR}/configure ${BUILDOPTS}
223
224 #
225 if test x$? = x0; then
226 [ -z "$verbose" ] || log_msg_ok "configure...";
227 $MAKE >/dev/null 2>&1
228 if test x$? = x0; then
229 [ -z "$verbose" ] || log_msg_ok "make...";
230 else
231 [ -z "$quiet" ] && log_msg_fail "make...";
232 return 1
233 fi
234
235 else
236 [ -z "$quiet" ] && log_msg_fail "configure...";
237 return 1
238 fi
239
240 [ -z "$verbose" ] || { echo; echo "${S}Running test suite${E}"; echo; }
241
242 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
243
244 until [ -z "$POLICY" ]
245 do
246 prep_init
247 check_err $? ${tcount}; errval=$?
248 if [ $errval -eq 0 ]; then
249 prep_testdata
250 check_err $? ${tcount}; errval=$?
251 fi
252 if [ $errval -eq 0 ]; then
253 prep_portpolicy ${tcount}
254 check_err $? ${tcount}; errval=$?
255 fi
256 if [ $errval -eq 0 ]; then
257 run_init
258 check_err $? ${tcount}; errval=$?
259 fi
260 #
261 if [ $errval -eq 0 ]; then
262 eval refine_portpolicy_${tcount}
263 check_err $? ${tcount}; errval=$?
264 fi
265 #
266 rm -f "$LOGFILE"
267 #
268 PRELUDEPID=0
269 #
270 if test ${tcount} -eq 5;
271 then
272
273 PM=`find_path prelude-manager`
274
275 if [ -z "$PM" ]; then
276 if [ $errval -eq 0 ]; then
277 run_check
278 check_err $? ${tcount}; errval=$?
279 fi
280 elif [ -z "$doall" ]; then
281 if [ $errval -eq 0 ]; then
282 run_check
283 check_err $? ${tcount}; errval=$?
284 fi
285 else
286 #
287 #
288 ${TOP_SRCDIR}/configure ${BUILDOPTS} --with-prelude
289 #
290 #
291 if test x$? = x0; then
292 [ -z "$verbose" ] || log_msg_ok "configure...";
293 $MAKE >/dev/null 2>&1
294 if test x$? = x0; then
295 [ -z "$verbose" ] || log_msg_ok "make...";
296 else
297 [ -z "$quiet" ] && log_msg_fail "make...";
298 return 1
299 fi
300
301 else
302 [ -z "$quiet" ] && log_msg_fail "configure...";
303 return 1
304 fi
305 #
306 #
307 if ! test -d /var/run/prelude-manager
308 then
309 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
310 sudo mkdir /var/run/prelude-manager
311 sudo chown prelude:rainer /var/run/prelude-manager
312 sudo chmod 770 /var/run/prelude-manager
313 fi
314 if ! test -d /var/spool/prelude/samhain/global
315 then
316 [ -z "$verbose" ] || log_msg_ok "create /var/spool/prelude/samhain/global...";
317 sudo mkdir -p /var/spool/prelude/samhain/global
318 sudo chown prelude:rainer /var/spool/prelude/samhain/global
319 sudo chmod 770 /var/spool/prelude/samhain/global
320 fi
321
322 #
323 #
324 [ -z "$verbose" ] || { echo " starting prelude-manager.."; echo " ($PM --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &)"; }
325 "$PM" --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &
326 PRELUDEPID=$!
327 #
328 #
329 five_sec_sleep
330 #
331 #
332 if [ $errval -eq 0 ]; then
333 run_check_prelude
334 check_err $? ${tcount}; errval=$?
335 fi
336 fi
337
338 else
339 if [ $errval -eq 0 ]; then
340 run_check
341 check_err $? ${tcount}; errval=$?
342 fi
343 fi
344 #
345 if [ $errval -eq 0 ]; then
346 eval chk_portdata_${tcount}
347 check_err $? ${tcount}; errval=$?
348 fi
349 #
350 if [ $errval -eq 0 ]; then
351 if test ${tcount} -ne 5; then
352 [ -z "$quiet" ] && log_ok ${tcount} ${MAXTEST};
353 fi
354 fi
355 let "tcount = tcount + 1" >/dev/null
356 POLICY=`eval echo '"$'"PORTPOLICY_$tcount"'"'`
357
358 if test $PRELUDEPID -ne 0;
359 then
360 kill $PRELUDEPID
361 fi
362
363 done
364
365 return 0
366}
367
368testrun1e ()
369{
370 log_start "RUN STANDALONE W/PORTCHECK"
371 testrun_internal_1e
372 log_end "RUN STANDALONE W/PORTCHECK"
373 return 0
374}
375
376
Note: See TracBrowser for help on using the repository browser.