new upstream release (3.3.0); modify package compatibility for Stretch

[ossec-hids.git] / src / init / fw-check.sh

diff --git a/src/init/fw-check.sh b/src/init/fw-check.sh
index 3c35711..5a0c377 100755 (executable)
--- a/src/init/fw-check.sh
+++ b/src/init/fw-check.sh
@@ -1,55 +1,52 @@
 #!/bin/sh
 
+set -e
+set -u
 
 # Checking which firewall to use.
-UNAME=`uname`
+UNAME=$(uname);
 FILE="";
-EXECUTE="$1";
 
 if [ "X${UNAME}" = "XFreeBSD" ]; then
     # Is ipfw enabled?
-    grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1
-    if [ $? = 0 ]; then
+    if grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
         # Firewall is IPFW
         FILE="ipfw.sh";
         echo "IPFW";
-    fi    
+    fi
 
     # if pf enabled?
-    grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1
-    if [ $? = 0 ]; then
+    if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
         # Firewall is PF
         FILE="pf.sh";
         echo "PF";
-    fi    
+    fi
 
 # Darwin
 elif [ "X${UNAME}" = "XDarwin" ]; then
     # Is pfctl present?
-    which pfctl;
-    if [ $? = 0 ]; then
+    if which pfctl; then
         echo "PF";
-        FIlE="pf.sh";
+        FILE="pf.sh";
     else
         echo "IPFW";
         FILE="ipfw_mac.sh";
     fi
-        
+
 elif [ "X${UNAME}" = "XOpenBSD" ]; then
-    if [ $? = 0 ]; then
+    if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then
         # Firewall is PF
         FILE="pf.sh";
         echo "PF";
-    fi    
+    fi
 fi
 
-
 # If file is set and execute flag is set
 if [ ! "X$FILE" = "X" ]; then
-    if [ "X$EXECUTE" = "Xexecute" ]; then
+    if [ $# -eq 1 ] && [ "X$1" = "Xexecute" ]; then
         cp -pr ../active-response/firewall-drop.sh ../active-response/firewalls/default-firewall-drop.sh
         cp -pr ../active-response/firewalls/$FILE ../active-response/firewall-drop.sh
     fi
-fi    
+fi
 
-exit 0;    
+exit 0;