#!/usr/bin/env bash{active_firewall=()firewalls=("ufw""nftables""iptables")# Determine which firewall is in useforfirewallin"${firewalls[@]}";docase$firewallinnftables)cmd="nft";;*)cmd=$firewall;;esacifcommand-v$cmd&>/dev/null&&systemctlis-enabled--quiet
$firewall&&systemctlis-active--quiet$firewall;thenactive_firewall+=("$firewall")fidone# Display audit resultsif[${#active_firewall[@]}-eq1];thenprintf'%s\n'"""Audit Results:"" ** PASS **"" - A single firewall is in use follow the recommendation in ${active_firewall[0]} subsection ONLY"elif[${#active_firewall[@]}-eq0];thenprintf'%s\n'""" Audit Results:"" ** FAIL **""- No firewall in use or unable to determine firewall status"elseprintf'%s\n'""" Audit Results:"" ** FAIL **"" - Multiple firewalls are in use: ${active_firewall[*]}"fi}
Remediating to a single firewall configuration is a complex process and involves several steps. The following provides the basic steps to follow for a single firewall configuration:
1. Determine which firewall utility best fits organizational needs
2. Follow the recommendations in the subsequent subsection for the single firewall to be used
Note: Review the firewall subsection overview for the selected firewall to be used, it contains a script to simplify this process.
3. Return to this recommendation to ensure a single firewall configuration utility is in use