2 个相等的字符串(预期状态和当前状态)评估为 false
2 equal strings (expected status and current status) evaluate to false
我有一个**bash脚本来设置UFW,预期输出如下:
user@host:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp LIMIT IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
22/tcp (v6) LIMIT IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
我创建了一个测试函数来验证输出是否符合预期。我手动将输出复制到一个变量中,并将输出存储在另一个变量中,这样我就可以按如下方式比较这两个变量:
function test() {
# Verify that output is as excpeted
local output="$(sudo ufw status verbose)"
local expected="Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 22/tcp LIMIT IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere 22/tcp (v6) LIMIT IN Anywhere (v6) 80/tcp (v6) ALLOW IN Anywhere (v6) 443/tcp (v6) ALLOW IN Anywhere (v6)"
# echo
# echo $output
# echo
# echo $expected
# echo
if [[ "$output" == "$expected" ]]; then
echo "UFW setup: output was as expected"
else
echo "UFW setup: output NOT as expected!"
echo "Please check UFW status before coninuing:"
echo
sudo ufw status verbose
fi
输出:
luc@E580-debian:~$ test
UFW setup: output NOT as expected!
Please check UFW status before coninuing:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp LIMIT IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
22/tcp (v6) LIMIT IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
据我所知,它们是完全一样的,但我也不知道是否有办法检查是否是隐藏字符导致的。或者,如果有办法 remove/replace 他们。
你是在比较硬的方式。您对 UFW 输出中的 /tabs /spaces 一无所知。这将是更专业的方法。请根据您的需要进行调整:
vim ./check_ufw.sh
#!/usr/bin/env bash
#:: Author: pr0logas
#:: Date: 2020-08-20
#:: Description: This program checks if the UFW firewall rules have not changed.
expected_output_file='/tmp/ufw_original.txt'
current_output_file='/tmp/ufw_current.txt'
echo "Just pushing some text as original UFW input to make FAILURE" > $expected_output_file
function check_diff() {
ufw status numbered verbose > $current_output_file
diff -q $expected_output_file $current_output_file 1> /dev/null
if [[ $? == "0" ]]; then
echo "SUCCESS! UFW rules are the same."
else
echo "FAIL! UFW rules differ, attention needed!"
exit 1
fi
}
check_diff
为了 100% 确定所需的输出,我建议您第一次将当前输出复制为原始输入,如下所示:
cat /tmp/ufw_current.txt > /tmp/ufw_original.txt
然后评论:
#echo "Just pushing some text as original UFW input to make FAILURE" > $expected_output_file
我有一个**bash脚本来设置UFW,预期输出如下:
user@host:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp LIMIT IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
22/tcp (v6) LIMIT IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
我创建了一个测试函数来验证输出是否符合预期。我手动将输出复制到一个变量中,并将输出存储在另一个变量中,这样我就可以按如下方式比较这两个变量:
function test() {
# Verify that output is as excpeted
local output="$(sudo ufw status verbose)"
local expected="Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 22/tcp LIMIT IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere 22/tcp (v6) LIMIT IN Anywhere (v6) 80/tcp (v6) ALLOW IN Anywhere (v6) 443/tcp (v6) ALLOW IN Anywhere (v6)"
# echo
# echo $output
# echo
# echo $expected
# echo
if [[ "$output" == "$expected" ]]; then
echo "UFW setup: output was as expected"
else
echo "UFW setup: output NOT as expected!"
echo "Please check UFW status before coninuing:"
echo
sudo ufw status verbose
fi
输出:
luc@E580-debian:~$ test
UFW setup: output NOT as expected!
Please check UFW status before coninuing:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp LIMIT IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
22/tcp (v6) LIMIT IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
据我所知,它们是完全一样的,但我也不知道是否有办法检查是否是隐藏字符导致的。或者,如果有办法 remove/replace 他们。
你是在比较硬的方式。您对 UFW 输出中的 /tabs /spaces 一无所知。这将是更专业的方法。请根据您的需要进行调整:
vim ./check_ufw.sh
#!/usr/bin/env bash
#:: Author: pr0logas
#:: Date: 2020-08-20
#:: Description: This program checks if the UFW firewall rules have not changed.
expected_output_file='/tmp/ufw_original.txt'
current_output_file='/tmp/ufw_current.txt'
echo "Just pushing some text as original UFW input to make FAILURE" > $expected_output_file
function check_diff() {
ufw status numbered verbose > $current_output_file
diff -q $expected_output_file $current_output_file 1> /dev/null
if [[ $? == "0" ]]; then
echo "SUCCESS! UFW rules are the same."
else
echo "FAIL! UFW rules differ, attention needed!"
exit 1
fi
}
check_diff
为了 100% 确定所需的输出,我建议您第一次将当前输出复制为原始输入,如下所示:
cat /tmp/ufw_current.txt > /tmp/ufw_original.txt
然后评论:
#echo "Just pushing some text as original UFW input to make FAILURE" > $expected_output_file