community / community.general / 8.5.0 / module / listen_ports_facts Gather facts on processes listening on TCP and UDP ports Authors: Nathan Davison (@ndavison)community.general.listen_ports_facts (8.5.0) — module
Install with ansible-galaxy collection install community.general:==8.5.0
collections: - name: community.general version: 8.5.0
Gather facts on processes listening on TCP and UDP ports using the C(netstat) or C(ss) commands.
This module currently supports Linux only.
- name: Gather facts on listening ports community.general.listen_ports_facts:
- name: TCP whitelist violation ansible.builtin.debug: msg: TCP port {{ item.port }} by pid {{ item.pid }} violates the whitelist vars: tcp_listen_violations: "{{ ansible_facts.tcp_listen | selectattr('port', 'in', tcp_whitelist) | list }}" tcp_whitelist: - 22 - 25 loop: "{{ tcp_listen_violations }}"
- name: List TCP ports ansible.builtin.debug: msg: "{{ ansible_facts.tcp_listen | map(attribute='port') | sort | list }}"
- name: List UDP ports ansible.builtin.debug: msg: "{{ ansible_facts.udp_listen | map(attribute='port') | sort | list }}"
- name: List all ports ansible.builtin.debug: msg: "{{ (ansible_facts.tcp_listen + ansible_facts.udp_listen) | map(attribute='port') | unique | sort | list }}"
- name: Gather facts on all ports and override which command to use community.general.listen_ports_facts: command: 'netstat' include_non_listening: true
command: choices: - netstat - ss description: - Override which command to use for fetching listen ports. - By default module will use first found supported command on the system (in alphanumerical order). type: str version_added: 4.1.0 version_added_collection: community.general include_non_listening: default: false description: - Show both listening and non-listening sockets (for TCP this means established connections). - Adds the return values RV(ansible_facts.tcp_listen[].state), RV(ansible_facts.udp_listen[].state), RV(ansible_facts.tcp_listen[].foreign_address), and RV(ansible_facts.udp_listen[].foreign_address) to the returned facts. type: bool version_added: 5.4.0 version_added_collection: community.general
ansible_facts: contains: tcp_listen: contains: address: description: The address the server is listening on. returned: always sample: 0.0.0.0 type: str foreign_address: description: The address of the remote end of the socket. returned: if O(include_non_listening=true) sample: 10.80.0.1 type: str version_added: 5.4.0 version_added_collection: community.general name: description: The name of the listening process. returned: if user permissions allow sample: mysqld type: str pid: description: The pid of the listening process. returned: always sample: 1223 type: int port: description: The port the server is listening on. returned: always sample: 3306 type: int protocol: description: The network protocol of the server. returned: always sample: tcp type: str state: description: The state of the socket. returned: if O(include_non_listening=true) sample: ESTABLISHED type: str version_added: 5.4.0 version_added_collection: community.general stime: description: The start time of the listening process. returned: always sample: Thu Feb 2 13:29:45 2017 type: str user: description: The user who is running the listening process. returned: always sample: mysql type: str description: A list of processes that are listening on a TCP port. returned: if TCP servers were found type: list udp_listen: contains: address: description: The address the server is listening on. returned: always sample: 0.0.0.0 type: str foreign_address: description: The address of the remote end of the socket. returned: if O(include_non_listening=true) sample: 10.80.0.1 type: str version_added: 5.4.0 version_added_collection: community.general name: description: The name of the listening process. returned: if user permissions allow sample: rsyslogd type: str pid: description: The pid of the listening process. returned: always sample: 609 type: int port: description: The port the server is listening on. returned: always sample: 514 type: int protocol: description: The network protocol of the server. returned: always sample: udp type: str state: description: The state of the socket. UDP is a connectionless protocol. Shows UCONN or ESTAB. returned: if O(include_non_listening=true) sample: UCONN type: str version_added: 5.4.0 version_added_collection: community.general stime: description: The start time of the listening process. returned: always sample: Thu Feb 2 13:29:45 2017 type: str user: description: The user who is running the listening process. returned: always sample: root type: str description: A list of processes that are listening on a UDP port. returned: if UDP servers were found type: list description: Dictionary containing details of TCP and UDP ports with listening servers returned: always type: complex