aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPawel Wieczorek <p.wieczorek2@samsung.com>2020-03-19 11:14:18 +0100
committerPawel Wieczorek <p.wieczorek2@samsung.com>2020-03-19 11:17:06 +0100
commit48d30cd5199396c3f859b4be2258d9a99a701507 (patch)
tree87d053625b16a5297cab4821ab865d9a9d459c80
parent73862136e234e7bd74e0286dfbf34c07430dacca (diff)
Filter out only open non-SSL ports
This patch ignores closed and filtered ports from scan results. It is intended to keep "expected failure" list minimal. Issue-ID: INT-1480 Change-Id: Idb93cf4e19284bc121aa45ea950d28405c29e222 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
-rwxr-xr-xtest/security/check_for_nonssl_endpoints.sh2
1 files changed, 1 insertions, 1 deletions
diff --git a/test/security/check_for_nonssl_endpoints.sh b/test/security/check_for_nonssl_endpoints.sh
index 9e98520af..531b24814 100755
--- a/test/security/check_for_nonssl_endpoints.sh
+++ b/test/security/check_for_nonssl_endpoints.sh
@@ -95,7 +95,7 @@ SCAN_RESULT=`nmap $K8S_NODE -sV -p $PORT_LIST 2>/dev/null | grep \tcp`
RESULTS=`paste <(printf %s "$SVCS") <(printf %s "$SCAN_RESULT") | column -t`
# Find all non-SSL ports
-HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | tee "$FILTERED_PORTS_LIST"`
+HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | grep open | tee "$FILTERED_PORTS_LIST"`
# Filter out whitelisted endpoints
while IFS= read -r line; do