community.general.listen_ports_facts – Gather facts on processes listening on TCP and UDP ports.

From Get docs
Ansible/docs/2.11/collections/community/general/listen ports facts module


community.general.listen_ports_facts – Gather facts on processes listening on TCP and UDP ports.

Note

This plugin is part of the community.general collection (version 2.0.1).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.listen_ports_facts.


Synopsis

  • Gather facts on processes listening on TCP and UDP ports using netstat command.
  • This module currently supports Linux only.

Requirements

The below requirements are needed on the host that executes this module.

  • netstat

Examples

- name: Gather facts on listening ports
  community.general.listen_ports_facts:

- name: TCP whitelist violation
  ansible.builtin.debug:
    msg: TCP port {{ item.port }} by pid {{ item.pid }} violates the whitelist
  vars:
    tcp_listen_violations: "{{ ansible_facts.tcp_listen | selectattr('port', 'in', tcp_whitelist) | list }}"
    tcp_whitelist:
      - 22
      - 25
  loop: "{{ tcp_listen_violations }}"

- name: List TCP ports
  ansible.builtin.debug:
    msg: "{{ ansible_facts.tcp_listen  | map(attribute='port') | sort | list }}"

- name: List UDP ports
  ansible.builtin.debug:
    msg: "{{ ansible_facts.udp_listen | map(attribute='port') | sort | list }}"

- name: List all ports
  ansible.builtin.debug:
    msg: "{{ (ansible_facts.tcp_listen + ansible_facts.udp_listen) | map(attribute='port') | unique | sort | list }}"

Returned Facts

Facts returned by this module are added/updated in the hostvars host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them.

Fact Returned Description

tcp_listen

list / elements=string

if TCP servers were found

A list of processes that are listening on a TCP port.


address

string / elements=string

always

The address the server is listening on.


Sample:

0.0.0.0

name

string / elements=string

if user permissions allow

The name of the listening process.


Sample:

mysqld

pid

integer / elements=string

always

The pid of the listening process.


Sample:

1223

port

integer / elements=string

always

The port the server is listening on.


Sample:

3306

protocol

string / elements=string

always

The network protocol of the server.


Sample:

tcp

stime

string / elements=string

always

The start time of the listening process.


Sample:

Thu Feb 2 13:29:45 2017

user

string / elements=string

always

The user who is running the listening process.


Sample:

mysql

udp_listen

list / elements=string

if UDP servers were found

A list of processes that are listening on a UDP port.


address

string / elements=string

always

The address the server is listening on.


Sample:

0.0.0.0

name

string / elements=string

if user permissions allow

The name of the listening process.


Sample:

rsyslogd

pid

integer / elements=string

always

The pid of the listening process.


Sample:

609

port

integer / elements=string

always

The port the server is listening on.


Sample:

514

protocol

string / elements=string

always

The network protocol of the server.


Sample:

udp

stime

string / elements=string

always

The start time of the listening process.


Sample:

Thu Feb 2 13:29:45 2017

user

string / elements=string

always

The user who is running the listening process.


Sample:

root




Authors

  • Nathan Davison (@ndavison)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/general/listen_ports_facts_module.html