X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Finit%2Ffw-check.sh;h=5a0c3770388a3776daae08531a1dc94290bd6825;hp=3c35711006f805f6c5cfcba9da8066220ebd24c6;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b diff --git a/src/init/fw-check.sh b/src/init/fw-check.sh index 3c35711..5a0c377 100755 --- a/src/init/fw-check.sh +++ b/src/init/fw-check.sh @@ -1,55 +1,52 @@ #!/bin/sh +set -e +set -u # Checking which firewall to use. -UNAME=`uname` +UNAME=$(uname); FILE=""; -EXECUTE="$1"; if [ "X${UNAME}" = "XFreeBSD" ]; then # Is ipfw enabled? - grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1 - if [ $? = 0 ]; then + if grep 'firewall_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then # Firewall is IPFW FILE="ipfw.sh"; echo "IPFW"; - fi + fi # if pf enabled? - grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1 - if [ $? = 0 ]; then + if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then # Firewall is PF FILE="pf.sh"; echo "PF"; - fi + fi # Darwin elif [ "X${UNAME}" = "XDarwin" ]; then # Is pfctl present? - which pfctl; - if [ $? = 0 ]; then + if which pfctl; then echo "PF"; - FIlE="pf.sh"; + FILE="pf.sh"; else echo "IPFW"; FILE="ipfw_mac.sh"; fi - + elif [ "X${UNAME}" = "XOpenBSD" ]; then - if [ $? = 0 ]; then + if grep 'pf_enable="YES"' /etc/rc.conf >/dev/null 2>&1; then # Firewall is PF FILE="pf.sh"; echo "PF"; - fi + fi fi - # If file is set and execute flag is set if [ ! "X$FILE" = "X" ]; then - if [ "X$EXECUTE" = "Xexecute" ]; then + if [ $# -eq 1 ] && [ "X$1" = "Xexecute" ]; then cp -pr ../active-response/firewall-drop.sh ../active-response/firewalls/default-firewall-drop.sh cp -pr ../active-response/firewalls/$FILE ../active-response/firewall-drop.sh fi -fi +fi -exit 0; +exit 0;