From f5d083f781051b70e9dc5f4be4c47aa90f650c45 Mon Sep 17 00:00:00 2001
From: Philipp Zeuner <philipp.zeuner@posteo.de>
Date: Sun, 8 Mar 2020 09:21:17 +0100
Subject: [PATCH] Updated check_extra778 to exclude 0.0.0.0/0 edge case

---
 checks/check_extra778 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/checks/check_extra778 b/checks/check_extra778
index 4de99cf8..d6d362ca 100755
--- a/checks/check_extra778
+++ b/checks/check_extra778
@@ -47,6 +47,9 @@ extra778(){
         for CIDR_IP in ${CIDR_IP_LIST}; do
             if [[ ! ${CIDR_IP} =~ ${RFC1918_REGEX} ]]; then
                 CIDR=$(echo ${CIDR_IP} | cut -d"/" -f2 | xargs)
+
+                # Edge case "0.0.0.0/0" for RDP and SSH are checked already by check41 and check42
+                if [[ ${CIDR} < ${CIDR_THRESHOLD} && 0 < ${CIDR} ]]; then
                     textFail "${REGION}: ${SECURITY_GROUP} has potential wide-open non-RFC1918 address ${CIDR_IP} in ${DIRECTION} rule." "${REGION}"
                 fi
             fi