Merge pull request #11189 from dodys/nftables-v0.1.70

Cherry-pick of PR 11180 for v0.1.70
ComplianceAsCode · Oct 10, 2023 · 28b7817 · 28b7817
2 parents 2568bef + 05f15d3
commit 28b7817
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/...s/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/sce/ubuntu.sh b/...s/guide/system/network/network-nftables/nftables_ensure_default_deny_policy/sce/ubuntu.sh
@@ -5,9 +5,9 @@
 # Check if default policy is drop
 output=$(nft list ruleset)
 
-if ! (grep 'hook input' "$output" |& grep -w 'policy drop' &>/dev/null &&\
-     grep 'hook forward' "$output" |&  grep -w 'policy drop' &>/dev/null &&\
-     grep 'hook output' "$output" |& grep -w 'policy drop' &>/dev/null); then
+if ! (echo "$output" | grep 'hook input' |& grep -wq 'policy drop' &&\
+     echo "$output" | grep 'hook forward' |&  grep -wq 'policy drop' &&\
+     echo "$output" | grep 'hook output' |& grep -wq 'policy drop'); then
     exit "${XCCDF_RESULT_FAIL}"
 fi