Jan-Frode Myklebust
2011-05-01 14:46:36 UTC
Will give an inventory-file on the format:
# addr:port protocol command [args]
0.0.0.0:44321 tcp /usr/libexec/pcp/bin/pmcd
0.0.0.0:51234 tcp /usr/bin/python /usr/bin/funcd --daemon
:::443 tcp /usr/sbin/httpd
:::80 tcp /usr/sbin/httpd
192.168.21.136:22 tcp /usr/sbin/sshd
0.0.0.0:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
192.168.21.136:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
::1:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
---
func/minion/modules/portinfo.py | 61 +++++++++++++++++++++++++++++++++++++++
1 files changed, 61 insertions(+), 0 deletions(-)
create mode 100644 func/minion/modules/portinfo.py
diff --git a/func/minion/modules/portinfo.py b/func/minion/modules/portinfo.py
new file mode 100644
index 0000000..af94364
--- /dev/null
+++ b/func/minion/modules/portinfo.py
@@ -0,0 +1,61 @@
+#
+# Copyright 2011
+# Jan-Frode Myklebust <janfrode-***@public.gmane.org>
+#
+# This software may be freely redistributed under the terms of the GNU
+# general public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+import func_module
+import sub_process
+
+class PortinfoModule(func_module.FuncModule):
+
+ version = "0.0.2"
+ api_version = "0.0.1"
+ description = "Information on active network ports and processes listening."
+
+ def inventory(self):
+ """
+ Returns information on all network ports in LISTEN state and the processes listening.
+ """
+ flattened = ""
+ for i in self.listenports():
+ flattened = flattened + "\t".join(i) + "\n"
+ return flattened
+
+ def listenports(self):
+ """
+ Returns the adresses and ports a host is listening on.
+ """
+
+ cmd = sub_process.Popen(["netstat", "-nlp"],shell=False,stdout=sub_process.PIPE,close_fds=True)
+ data = cmd.communicate()[0]
+
+ ports = []
+ tcpports = []
+ udpports = []
+ for line in data.splitlines():
+ if line.split()[0]=="tcp":
+ pid = line.split()[6].split('/')[0]
+ cmd = self.cmdline(pid)
+ tcpports.append( (line.split()[3], "tcp", cmd) )
+ elif line.split()[0]=="udp":
+ pid = line.split()[5].split('/')[0]
+ cmd = self.cmdline(pid)
+ udpports.append( (line.split()[3], "udp", cmd) )
+ tcpports.sort()
+ udpports.sort()
+ ports.append( ('# addr:port', 'protocol', 'command [args]') )
+ ports = ports + tcpports + udpports
+ return ports
+
+ def cmdline(self, pid):
+ """
+ Returns the commandline for a given pid as a string.
+ """
+ proccmdline = open("/proc/" + pid + "/cmdline").readline().split('\x00')
+ return " ".join(proccmdline)
# addr:port protocol command [args]
0.0.0.0:44321 tcp /usr/libexec/pcp/bin/pmcd
0.0.0.0:51234 tcp /usr/bin/python /usr/bin/funcd --daemon
:::443 tcp /usr/sbin/httpd
:::80 tcp /usr/sbin/httpd
192.168.21.136:22 tcp /usr/sbin/sshd
0.0.0.0:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
192.168.21.136:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
::1:123 udp ntpd -u ntp:ntp -p /var/run/ntpd.pid
---
func/minion/modules/portinfo.py | 61 +++++++++++++++++++++++++++++++++++++++
1 files changed, 61 insertions(+), 0 deletions(-)
create mode 100644 func/minion/modules/portinfo.py
diff --git a/func/minion/modules/portinfo.py b/func/minion/modules/portinfo.py
new file mode 100644
index 0000000..af94364
--- /dev/null
+++ b/func/minion/modules/portinfo.py
@@ -0,0 +1,61 @@
+#
+# Copyright 2011
+# Jan-Frode Myklebust <janfrode-***@public.gmane.org>
+#
+# This software may be freely redistributed under the terms of the GNU
+# general public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+import func_module
+import sub_process
+
+class PortinfoModule(func_module.FuncModule):
+
+ version = "0.0.2"
+ api_version = "0.0.1"
+ description = "Information on active network ports and processes listening."
+
+ def inventory(self):
+ """
+ Returns information on all network ports in LISTEN state and the processes listening.
+ """
+ flattened = ""
+ for i in self.listenports():
+ flattened = flattened + "\t".join(i) + "\n"
+ return flattened
+
+ def listenports(self):
+ """
+ Returns the adresses and ports a host is listening on.
+ """
+
+ cmd = sub_process.Popen(["netstat", "-nlp"],shell=False,stdout=sub_process.PIPE,close_fds=True)
+ data = cmd.communicate()[0]
+
+ ports = []
+ tcpports = []
+ udpports = []
+ for line in data.splitlines():
+ if line.split()[0]=="tcp":
+ pid = line.split()[6].split('/')[0]
+ cmd = self.cmdline(pid)
+ tcpports.append( (line.split()[3], "tcp", cmd) )
+ elif line.split()[0]=="udp":
+ pid = line.split()[5].split('/')[0]
+ cmd = self.cmdline(pid)
+ udpports.append( (line.split()[3], "udp", cmd) )
+ tcpports.sort()
+ udpports.sort()
+ ports.append( ('# addr:port', 'protocol', 'command [args]') )
+ ports = ports + tcpports + udpports
+ return ports
+
+ def cmdline(self, pid):
+ """
+ Returns the commandline for a given pid as a string.
+ """
+ proccmdline = open("/proc/" + pid + "/cmdline").readline().split('\x00')
+ return " ".join(proccmdline)
--
1.7.1
1.7.1