joshbeard
commented
9 years ago Appears to be Solaris. The Linux script doesn't do anything (as seen above).
Solaris Check Script:
#!/bin/ksh
#
# check_tcp_strong
#
# greeben - 20090617: broke out to function from sox_verification.ksh script
#
check_tcp_strong() {
#
typeset FUNC=check_tcp_strong
#
( [ "$ISZONE" = "no" ] ) && TCP="$( cat /etc/default/inetinit | grep -v "^#" | grep TCP_STRONG_ISS | cut -d= -f2 )"
TCP2="$( /usr/sbin/ndd -get /dev/tcp tcp_strong_iss )"
case "$ISZONE" in # Don't check inetinit file if its a zone, file does not exist
no)
if ( [ "$TCP" -ne 2 ] ) || ( [ "$TCP2" -ne 2 ] ) then
printf "\t%-60s %10s\n" "TCP strong sequence numbers:" FAILED
FailFlag="yes"
( [ $fixit = 1 ] ) && (fix_tcp_strong; check_result "$?")
else
printf "\t%-60s %10s\n" "TCP strong sequence numbers:" Passed
fi
;;
yes)
if ( [ "$TCP2" -ne 2 ] ) then
printf "\t%-60s %10s\n" "TCP strong sequence numbers:" FAILED
FailFlag="yes"
( [ $fixit = 1 ] ) && (fix_tcp_strong; check_result "$?")
else
printf "\t%-60s %10s\n" "TCP strong sequence numbers:" Passed
fi
;;
esac
}Fix Script
#!/bin/ksh
#
# fix_tcp_strong
#
# greeben - 20090617: broke out to function from sox_verification.ksh script
# greeben - 20090702: modified edit to perl
#
fix_tcp_strong() {
#
typeset FUNC=fix_tcp_strong
#
cp -pr /etc/default/inetinit /etc/default/inetinit.save.$$
perl -pi -e "s/TCP_STRONG_ISS.*/TCP_STRONG_ISS=2/g" /etc/default/inetinit
#
if ( [ "$ISZONE" == "no" ] ) then
/usr/sbin/ndd -set /dev/tcp tcp_strong_iss 2
else
echo " Cannot set ndd -set /dev/tcp tcp_strong_iss 2 in a zone"
echo " Must be done from the global zone!"
return 1
fi
return $?
}
Check Script
Fix Script