Jan-Frode Myklebust
2011-05-09 21:25:40 UTC
---
func/minion/modules/portinfo.py | 33 ++++++++++++++++++++++++---------
1 files changed, 24 insertions(+), 9 deletions(-)
diff --git a/func/minion/modules/portinfo.py b/func/minion/modules/portinfo.py
index d456ec5..af94364 100644
--- a/func/minion/modules/portinfo.py
+++ b/func/minion/modules/portinfo.py
@@ -1,6 +1,6 @@
#
# Copyright 2011
-# Jan-Frode Myklebust <janfrode-***@public.gmane.org> -- 2011
+# Jan-Frode Myklebust <janfrode-***@public.gmane.org>
#
# This software may be freely redistributed under the terms of the GNU
# general public license.
@@ -14,22 +14,25 @@ import sub_process
class PortinfoModule(func_module.FuncModule):
- version = "0.0.1"
+ version = "0.0.2"
api_version = "0.0.1"
- description = "Informations on active network ports."
+ description = "Information on active network ports and processes listening."
def inventory(self):
"""
- Returns information on all network ports in LISTEN state.
+ Returns information on all network ports in LISTEN state and the processes listening.
"""
- return "\n".join(self.listenports()) + "\n"
+ flattened = ""
+ for i in self.listenports():
+ flattened = flattened + "\t".join(i) + "\n"
+ return flattened
def listenports(self):
"""
Returns the adresses and ports a host is listening on.
"""
- cmd = sub_process.Popen(["netstat", "-nl"],shell=False,stdout=sub_process.PIPE,close_fds=True)
+ cmd = sub_process.Popen(["netstat", "-nlp"],shell=False,stdout=sub_process.PIPE,close_fds=True)
data = cmd.communicate()[0]
ports = []
@@ -37,10 +40,22 @@ class PortinfoModule(func_module.FuncModule):
udpports = []
for line in data.splitlines():
if line.split()[0]=="tcp":
- tcpports.append(line.split()[3] + "/tcp")
+ pid = line.split()[6].split('/')[0]
+ cmd = self.cmdline(pid)
+ tcpports.append( (line.split()[3], "tcp", cmd) )
elif line.split()[0]=="udp":
- udpports.append(line.split()[3] + "/udp")
+ pid = line.split()[5].split('/')[0]
+ cmd = self.cmdline(pid)
+ udpports.append( (line.split()[3], "udp", cmd) )
tcpports.sort()
udpports.sort()
- ports = tcpports + udpports
+ ports.append( ('# addr:port', 'protocol', 'command [args]') )
+ ports = ports + tcpports + udpports
return ports
+
+ def cmdline(self, pid):
+ """
+ Returns the commandline for a given pid as a string.
+ """
+ proccmdline = open("/proc/" + pid + "/cmdline").readline().split('\x00')
+ return " ".join(proccmdline)
func/minion/modules/portinfo.py | 33 ++++++++++++++++++++++++---------
1 files changed, 24 insertions(+), 9 deletions(-)
diff --git a/func/minion/modules/portinfo.py b/func/minion/modules/portinfo.py
index d456ec5..af94364 100644
--- a/func/minion/modules/portinfo.py
+++ b/func/minion/modules/portinfo.py
@@ -1,6 +1,6 @@
#
# Copyright 2011
-# Jan-Frode Myklebust <janfrode-***@public.gmane.org> -- 2011
+# Jan-Frode Myklebust <janfrode-***@public.gmane.org>
#
# This software may be freely redistributed under the terms of the GNU
# general public license.
@@ -14,22 +14,25 @@ import sub_process
class PortinfoModule(func_module.FuncModule):
- version = "0.0.1"
+ version = "0.0.2"
api_version = "0.0.1"
- description = "Informations on active network ports."
+ description = "Information on active network ports and processes listening."
def inventory(self):
"""
- Returns information on all network ports in LISTEN state.
+ Returns information on all network ports in LISTEN state and the processes listening.
"""
- return "\n".join(self.listenports()) + "\n"
+ flattened = ""
+ for i in self.listenports():
+ flattened = flattened + "\t".join(i) + "\n"
+ return flattened
def listenports(self):
"""
Returns the adresses and ports a host is listening on.
"""
- cmd = sub_process.Popen(["netstat", "-nl"],shell=False,stdout=sub_process.PIPE,close_fds=True)
+ cmd = sub_process.Popen(["netstat", "-nlp"],shell=False,stdout=sub_process.PIPE,close_fds=True)
data = cmd.communicate()[0]
ports = []
@@ -37,10 +40,22 @@ class PortinfoModule(func_module.FuncModule):
udpports = []
for line in data.splitlines():
if line.split()[0]=="tcp":
- tcpports.append(line.split()[3] + "/tcp")
+ pid = line.split()[6].split('/')[0]
+ cmd = self.cmdline(pid)
+ tcpports.append( (line.split()[3], "tcp", cmd) )
elif line.split()[0]=="udp":
- udpports.append(line.split()[3] + "/udp")
+ pid = line.split()[5].split('/')[0]
+ cmd = self.cmdline(pid)
+ udpports.append( (line.split()[3], "udp", cmd) )
tcpports.sort()
udpports.sort()
- ports = tcpports + udpports
+ ports.append( ('# addr:port', 'protocol', 'command [args]') )
+ ports = ports + tcpports + udpports
return ports
+
+ def cmdline(self, pid):
+ """
+ Returns the commandline for a given pid as a string.
+ """
+ proccmdline = open("/proc/" + pid + "/cmdline").readline().split('\x00')
+ return " ".join(proccmdline)
--
1.7.1
1.7.1