From 140a438324db77f779fa37371d760784970af9a7 Mon Sep 17 00:00:00 2001
From: Miha Purg <miha.purg@canonical.com>
Date: Thu, 18 Apr 2024 09:42:10 +0200
Subject: [PATCH] Fix SCE check for iptables_open_ports

The check incorrectly parsed ipv6 ss output,
separating the ip:port at first colon instead of last.

Fixes https://bugs.launchpad.net/usg/+bug/2061213
---
 .../ip6tables_rules_for_open_ports/sce/shared.sh                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
index ccfb8db7925..51b6c4fb691 100644
--- a/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
+++ b/linux_os/guide/system/network/network-iptables/iptables_ruleset_modifications/ip6tables_rules_for_open_ports/sce/shared.sh
@@ -11,6 +11,6 @@ do
                 result=$XCCDF_RESULT_FAIL
                 break
         fi
-done < <(ss -6tuln | awk '($5!~/%lo:/ && $5!~/127.0.0.1:/ && $5!~/::1/) {split($5, a, ":"); print a[2]}i' | sort | uniq)
+    done < <(ss -6tulnH | awk '($5!~/::1/) {n=split($5, a, ":"); print a[n]}' | sort -u)
 
 exit "$result"