# shellcheck shell=bash
# run-shellcheck
is_ipv6_enabled() {
    CURRENT_IPV6_ENABLED=1
    if sysctl net.ipv6 >/dev/null 2>&1; then
        for iface in /proc/sys/net/ipv6/conf/*; do
            ifname=$(basename "$iface")
            if [ "$ifname" != "default" ] && [ "$ifname" != "all" ]; then
                value=$(cat "$iface"/disable_ipv6)
                # if only one interface has ipv6, this is enough to consider it enabled
                if [ "$value" -eq 0 ]; then
                    CURRENT_IPV6_ENABLED=0
                    break
                fi
            fi
        done
    fi
}

test_audit() {
    describe Prepare test
    apt install -y iptables

    is_ipv6_enabled
    if [ "$CURRENT_IPV6_ENABLED" -eq 0 ]; then

        # not much to test here, unless working on a privileged container
        describe Running on blank host
        register_test retvalshouldbe 1
        # shellcheck disable=2154
        run blank "${CIS_CHECKS_DIR}/${script}.sh" --audit-all

    else

        # not much to test here, unless working on a privileged container
        describe Running on blank host
        register_test retvalshouldbe 0
        # shellcheck disable=2154
        run blank "${CIS_CHECKS_DIR}/${script}.sh" --audit-all

    fi

    describe clean test
    apt remove -y iptables

}