Class: Inspec::Resources::LinuxPorts
Overview
extract port information from netstat
Instance Attribute Summary
Attributes inherited from PortsInfo
#inspec
Instance Method Summary
collapse
Methods inherited from PortsInfo
#initialize
Instance Method Details
#info ⇒ Object
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
|
# File 'lib/resources/port.rb', line 252
def info
cmd = inspec.command('netstat -tulpen')
return nil if cmd.exit_status.to_i != 0
ports = []
cmd.stdout.each_line do |line|
port_info = parse_netstat_line(line)
next unless %w{tcp tcp6 udp udp6}.include?(port_info[:protocol])
ports.push(port_info)
end
ports
end
|
#parse_net_address(net_addr, protocol) ⇒ Object
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
|
# File 'lib/resources/port.rb', line 268
def parse_net_address(net_addr, protocol)
if protocol.eql?('tcp6') || protocol.eql?('udp6')
ip6 = /^(\S+):(\d+)$/.match(net_addr)
ip6addr = ip6[1]
ip6addr = '::' if ip6addr =~ /^:::$/
ip_addr = URI("addr://[#{ip6addr}]:#{ip6[2]}")
host = ip_addr.host[1..ip_addr.host.size-2]
else
ip_addr = URI('addr://'+net_addr)
host = ip_addr.host
end
port = ip_addr.port
[host, port]
rescue URI::InvalidURIError => e
warn "Could not parse #{net_addr}, #{e}"
nil
end
|
#parse_netstat_line(line) ⇒ Object
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
|
# File 'lib/resources/port.rb', line 291
def parse_netstat_line(line)
parsed = /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)?\s+(\S+)\s+(\S+)\s+(\S+)/.match(line)
return {} if parsed.nil? || line.match(/^proto/i)
protocol = parsed[1].downcase
protocol += '6' if parsed[4].count(':') > 1 && %w{tcp udp}.include?(protocol)
host, port = parse_net_address(parsed[4], protocol)
process = parsed[9].split('/')
pid = process[0]
pid = pid.to_i if pid =~ /^\d+$/
process = process[1]
{
port: port,
address: host,
protocol: protocol,
process: process,
pid: pid,
}
end
|