mirror of
https://github.com/docker/docker-bench-security.git
synced 2025-01-18 16:22:33 +01:00
Merge pull request #475 from nikitastupin/feature-list-open-ports
Implement listing of open ports
This commit is contained in:
commit
ec3ddf2acd
1 changed files with 28 additions and 2 deletions
|
@ -345,8 +345,34 @@ check_5_8() {
|
|||
local check="$id - $desc"
|
||||
starttestjson "$id" "$desc"
|
||||
|
||||
note -c "$check"
|
||||
logcheckresult "NOTE"
|
||||
fail=0
|
||||
open_port_containers=""
|
||||
for c in $containers; do
|
||||
ports=$(docker port "$c" | awk '{print $0}' | cut -d ':' -f2)
|
||||
|
||||
for port in $ports; do
|
||||
if [ -n "$port" ]; then
|
||||
# If it's the first container, fail the test
|
||||
if [ $fail -eq 0 ]; then
|
||||
warn -s "$check"
|
||||
warn " * Port in use: $port in $c"
|
||||
open_port_containers="$open_port_containers $c:$port"
|
||||
fail=1
|
||||
continue
|
||||
fi
|
||||
warn " * Port in use: $port in $c"
|
||||
open_port_containers="$open_port_containers $c:$port"
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
# We went through all the containers and found none with open ports
|
||||
if [ $fail -eq 0 ]; then
|
||||
pass -s "$check"
|
||||
logcheckresult "PASS"
|
||||
return
|
||||
fi
|
||||
logcheckresult "WARN" "Containers with open ports" "$open_port_containers"
|
||||
}
|
||||
|
||||
check_5_9() {
|
||||
|
|
Loading…
Reference in a new issue