diff options
| author |   Pawel Wieczorek <p.wieczorek2@samsung.com> | 2020-03-19 11:14:18 +0100 |
|---|---|---|
| committer | Pawel Wieczorek <p.wieczorek2@samsung.com> | 2020-03-19 11:17:06 +0100 |
| commit | 48d30cd5199396c3f859b4be2258d9a99a701507 (patch) | |
| tree | 87d053625b16a5297cab4821ab865d9a9d459c80 /test/security | |
| parent | 73862136e234e7bd74e0286dfbf34c07430dacca (diff) | |
Filter out only open non-SSL ports
This patch ignores closed and filtered ports from scan results. It is
intended to keep "expected failure" list minimal.
Issue-ID: INT-1480
Change-Id: Idb93cf4e19284bc121aa45ea950d28405c29e222
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security')
| -rwxr-xr-x | test/security/check_for_nonssl_endpoints.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/security/check_for_nonssl_endpoints.sh b/test/security/check_for_nonssl_endpoints.sh index 9e98520af..531b24814 100755 --- a/test/security/check_for_nonssl_endpoints.sh +++ b/test/security/check_for_nonssl_endpoints.sh @@ -95,7 +95,7 @@ SCAN_RESULT=`nmap $K8S_NODE -sV -p $PORT_LIST 2>/dev/null | grep \tcp` RESULTS=`paste <(printf %s "$SVCS") <(printf %s "$SCAN_RESULT") | column -t` # Find all non-SSL ports -HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | tee "$FILTERED_PORTS_LIST"` +HTTP_PORTS=`grep -v ssl <<< "$RESULTS" | grep open | tee "$FILTERED_PORTS_LIST"` # Filter out whitelisted endpoints while IFS= read -r line; do |