Class: Inspec::Resources::LinuxPorts
Overview
extract port information from netstat
Instance Attribute Summary
Attributes inherited from PortsInfo
#inspec
Instance Method Summary
collapse
Methods inherited from PortsInfo
#initialize
Instance Method Details
#info ⇒ Object
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
|
# File 'lib/resources/port.rb', line 270
def info
cmd = inspec.command('netstat -tulpen')
return nil if cmd.exit_status.to_i != 0
ports = []
cmd.stdout.each_line do |line|
port_info = parse_netstat_line(line)
next unless %w{tcp tcp6 udp udp6}.include?(port_info['protocol'])
ports.push(port_info)
end
ports
end
|
#parse_net_address(net_addr, protocol) ⇒ Object
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
|
# File 'lib/resources/port.rb', line 286
def parse_net_address(net_addr, protocol)
if protocol.eql?('tcp6') || protocol.eql?('udp6')
ip6 = /^(\S+):(\d+)$/.match(net_addr)
ip6addr = ip6[1]
ip6addr = '::' if ip6addr =~ /^:::$/
ip_addr = URI("addr://[#{ip6addr}]:#{ip6[2]}")
host = ip_addr.host[1..ip_addr.host.size-2]
else
ip_addr = URI('addr://'+net_addr)
host = ip_addr.host
end
port = ip_addr.port
[host, port]
rescue URI::InvalidURIError => e
warn "Could not parse #{net_addr}, #{e}"
nil
end
|
#parse_netstat_line(line) ⇒ Object
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
|
# File 'lib/resources/port.rb', line 309
def parse_netstat_line(line)
parsed = /^(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)?\s+(\S+)\s+(\S+)\s+(\S+)/.match(line)
return {} if parsed.nil? || line.match(/^proto/i)
protocol = parsed[1].downcase
protocol += '6' if parsed[4].count(':') > 1 && %w{tcp udp}.include?(protocol)
host, port = parse_net_address(parsed[4], protocol)
process = parsed[9].split('/')
pid = process[0]
pid = pid.to_i if pid =~ /^\d+$/
process = process[1]
{
'port' => port,
'address' => host,
'protocol' => protocol,
'process' => process,
'pid' => pid,
}
end
|