-
Notifications
You must be signed in to change notification settings - Fork 16
/
openports.py
51 lines (42 loc) · 1.13 KB
/
openports.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#!/usr/bin/env python
import sys
import psutil
import socket
from socket import AF_INET, SOCK_STREAM, SOCK_DGRAM
"""
Nagios script that takes a list of allowed ports and alerts if any others are opened
"""
allowed_port_list = [
22,
80,
443,
3306
]
AD = "-"
AF_INET6 = getattr(socket, 'AF_INET6', object())
proto_map = {(AF_INET, SOCK_STREAM): 'tcp',
(AF_INET6, SOCK_STREAM): 'tcp6',
(AF_INET, SOCK_DGRAM): 'udp',
(AF_INET6, SOCK_DGRAM): 'udp6'}
def get_listening_ports():
ports = []
for p in psutil.process_iter():
name = '?'
try:
name = p.name
cons = p.get_connections(kind='inet')
except psutil.AccessDenied:
pass
else:
for c in cons:
if c.status is "LISTEN":
ports.append(c.local_address[1])
return list(set(ports))
listening_ports = get_listening_ports()
not_allowed = list(set(listening_ports) - set(allowed_port_list))
if len(not_allowed) > 0:
print "Critical! port(s) %s listening" % not_allowed
sys.exit(2)
else:
print "OK"
sys.exit(0)