[PATCH] Module for keeping inventory of network listening ports and processes.

Jan-Frode Myklebust <janfrode@xxxxxxxxx> · Sun, 1 May 2011 16:46:36 +0200

Will give an inventory-file on the format:

	# addr:port	protocol	command [args]
	0.0.0.0:44321	tcp	/usr/libexec/pcp/bin/pmcd
	0.0.0.0:51234	tcp	/usr/bin/python /usr/bin/funcd --daemon
	:::443	tcp	/usr/sbin/httpd
	:::80	tcp	/usr/sbin/httpd
	192.168.21.136:22	tcp	/usr/sbin/sshd
	0.0.0.0:123	udp	ntpd -u ntp:ntp -p /var/run/ntpd.pid
	192.168.21.136:123	udp	ntpd -u ntp:ntp -p /var/run/ntpd.pid
	::1:123	udp	ntpd -u ntp:ntp -p /var/run/ntpd.pid
---
 func/minion/modules/portinfo.py |   61 +++++++++++++++++++++++++++++++++++++++
 1 files changed, 61 insertions(+), 0 deletions(-)
 create mode 100644 func/minion/modules/portinfo.py

diff --git a/func/minion/modules/portinfo.py b/func/minion/modules/portinfo.py
new file mode 100644
index 0000000..af94364
--- /dev/null
+++ b/func/minion/modules/portinfo.py
@@ -0,0 +1,61 @@
+#
+# Copyright 2011
+# Jan-Frode Myklebust <janfrode@xxxxxxxxx>
+#
+# This software may be freely redistributed under the terms of the GNU
+# general public license.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+import func_module
+import sub_process
+
+class PortinfoModule(func_module.FuncModule):
+
+    version = "0.0.2"
+    api_version = "0.0.1"
+    description = "Information on active network ports and processes listening."
+
+    def inventory(self):
+        """
+        Returns information on all network ports in LISTEN state and the processes listening.
+        """
+        flattened = ""
+        for i in self.listenports():
+            flattened = flattened + "\t".join(i) + "\n"
+        return flattened
+
+    def listenports(self):
+        """
+        Returns the adresses and ports a host is listening on.
+        """
+
+        cmd = sub_process.Popen(["netstat", "-nlp"],shell=False,stdout=sub_process.PIPE,close_fds=True)
+        data = cmd.communicate()[0]
+
+        ports = []
+        tcpports = []
+        udpports = []
+        for line in data.splitlines():
+              if line.split()[0]=="tcp":
+		    pid = line.split()[6].split('/')[0]
+		    cmd = self.cmdline(pid)
+                    tcpports.append( (line.split()[3], "tcp", cmd) )
+              elif line.split()[0]=="udp":
+		    pid = line.split()[5].split('/')[0]
+		    cmd = self.cmdline(pid)
+                    udpports.append( (line.split()[3], "udp", cmd) )
+        tcpports.sort()
+        udpports.sort()
+        ports.append( ('# addr:port', 'protocol', 'command [args]') )
+        ports = ports + tcpports + udpports
+        return ports
+
+    def cmdline(self, pid):
+        """
+        Returns the commandline for a given pid as a string.
+        """
+        proccmdline = open("/proc/" + pid + "/cmdline").readline().split('\x00')
+        return " ".join(proccmdline)
-- 
1.7.1

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list





