Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-09-21 06:51:56 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #5522 from inspec/vasundhara/fix-for-port-resource

Browse source 
Fix for port resource performance: adding more specific search while using ss command
This commit is contained in:
Clinton Wolfe 2021-05-18 15:37:01 -04:00 committed by GitHub
commit 85ecf5373d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 23 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/inspec/resources/port.rb
View file

@ -54,7 +54,7 @@ module Inspec::Resources
def port_manager_for_os def port_manager_for_os
os = inspec.os os = inspec.os
if os.linux? if os.linux?
LinuxPorts.new(inspec) LinuxPorts.new(inspec, @port)
elsif os.aix? elsif os.aix?
# AIX: see http://www.ibm.com/developerworks/aix/library/au-lsof.html#resources # AIX: see http://www.ibm.com/developerworks/aix/library/au-lsof.html#resources
# and https://www-01.ibm.com/marketing/iwm/iwm/web/reg/pick.do?source=aixbp # and https://www-01.ibm.com/marketing/iwm/iwm/web/reg/pick.do?source=aixbp
@ -102,8 +102,9 @@ module Inspec::Resources
# }] # }]
class PortsInfo class PortsInfo
attr_reader :inspec attr_reader :inspec
def initialize(inspec) def initialize(inspec, port = nil)
@inspec = inspec @inspec = inspec
@port = port
end end
end end
@ -394,7 +395,12 @@ module Inspec::Resources
def ports_via_ss def ports_via_ss
return nil unless inspec.command("ss").exist? return nil unless inspec.command("ss").exist?
if @port.nil?
cmd = inspec.command("ss -tulpen") cmd = inspec.command("ss -tulpen")
else
cmd = inspec.command("ss -tulpen '( dport = #{@port} or sport = #{@port} )'")
end
return nil unless cmd.exit_status.to_i == 0 return nil unless cmd.exit_status.to_i == 0
ports = [] ports = []

6
test/helpers/mock_loader.rb
View file

@ -18,10 +18,10 @@ class MockLoader
freebsd12: { name: "freebsd", family: "bsd", release: "12", arch: "amd64" }, freebsd12: { name: "freebsd", family: "bsd", release: "12", arch: "amd64" },
macos10_10: { name: "mac_os_x", family: "darwin", release: "10.10.4", arch: nil }, macos10_10: { name: "mac_os_x", family: "darwin", release: "10.10.4", arch: nil },
macos10_16: { name: "darwin", family: "darwin", release: "10.16", arch: nil }, macos10_16: { name: "darwin", family: "darwin", release: "10.16", arch: nil },
ubuntu1204: { name: "ubuntu", family: "debian", release: "12.04", arch: "x86_64" },
ubuntu1404: { name: "ubuntu", family: "debian", release: "14.04", arch: "x86_64" }, ubuntu1404: { name: "ubuntu", family: "debian", release: "14.04", arch: "x86_64" },
ubuntu1504: { name: "ubuntu", family: "debian", release: "15.04", arch: "x86_64" }, ubuntu1504: { name: "ubuntu", family: "debian", release: "15.04", arch: "x86_64" },
ubuntu1604: { name: "ubuntu", family: "debian", release: "16.04", arch: "x86_64" }, ubuntu1604: { name: "ubuntu", family: "debian", release: "16.04", arch: "x86_64" },
ubuntu1804: { name: "ubuntu", family: "debian", release: "18.04", arch: "x86_64" },
mint17: { name: "linuxmint", family: "debian", release: "17.3", arch: "x86_64" }, mint17: { name: "linuxmint", family: "debian", release: "17.3", arch: "x86_64" },
mint18: { name: "linuxmint", family: "debian", release: "18", arch: "x86_64" }, mint18: { name: "linuxmint", family: "debian", release: "18", arch: "x86_64" },
windows: { name: "windows", family: "windows", release: "6.2.9200", arch: "x86_64" }, windows: { name: "windows", family: "windows", release: "6.2.9200", arch: "x86_64" },
@ -591,6 +591,10 @@ class MockLoader
%{sh -c 'type "ss"'} => empty.call, %{sh -c 'type "ss"'} => empty.call,
%{sh -c 'type "netstat"'} => empty.call, %{sh -c 'type "netstat"'} => empty.call,
"ss -tulpen" => cmd.call("ss-tulpen"), "ss -tulpen" => cmd.call("ss-tulpen"),
"ss -tulpen '( dport = 22 or sport = 22 )'" => cmd.call("ss-tulpen"),
"ss -tulpen '( dport = 68 or sport = 68 )'" => cmd.call("ss-tulpen"),
"ss -tulpen '( dport = 9200 or sport = 9200 )'" => cmd.call("ss-tulpen"),
"ss -tulpen '( dport = 80 or sport = 80 )'" => cmd.call("ss-tulpen"),
"netstat -tulpen" => cmd.call("netstat-tulpen") "netstat -tulpen" => cmd.call("netstat-tulpen")
) )
end end

18
test/unit/resources/port_test.rb
View file

@ -4,7 +4,7 @@ require "inspec/resources/port"
describe "Inspec::Resources::Port" do describe "Inspec::Resources::Port" do
it "verify port on Ubuntu 14.04" do it "verify port on Ubuntu 14.04" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", 22) resource = MockLoader.new(:ubuntu1804).load_resource("port", 22)
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal %w{ tcp tcp6 } _(resource.protocols).must_equal %w{ tcp tcp6 }
_(resource.pids).must_equal [1222] _(resource.pids).must_equal [1222]
@ -13,7 +13,7 @@ describe "Inspec::Resources::Port" do
end end
it "lists all ports" do it "lists all ports" do
resource = MockLoader.new(:ubuntu1404).load_resource("port") resource = MockLoader.new(:ubuntu1804).load_resource("port")
_(resource.entries.length).must_equal 9 _(resource.entries.length).must_equal 9
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal %w{ udp tcp tcp6 } _(resource.protocols).must_equal %w{ udp tcp tcp6 }
@ -23,7 +23,7 @@ describe "Inspec::Resources::Port" do
end end
it "filter ports by conditions" do it "filter ports by conditions" do
resource = MockLoader.new(:ubuntu1404).load_resource("port").where { protocol =~ /udp/i } resource = MockLoader.new(:ubuntu1804).load_resource("port").where { protocol =~ /udp/i }
_(resource.entries.length).must_equal 1 _(resource.entries.length).must_equal 1
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal ["udp"] _(resource.protocols).must_equal ["udp"]
@ -33,7 +33,7 @@ describe "Inspec::Resources::Port" do
end end
it "verify UDP port on Ubuntu 14.04" do it "verify UDP port on Ubuntu 14.04" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", 68) resource = MockLoader.new(:ubuntu1804).load_resource("port", 68)
_(resource.entries.length).must_equal 1 _(resource.entries.length).must_equal 1
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal ["udp"] _(resource.protocols).must_equal ["udp"]
@ -43,7 +43,7 @@ describe "Inspec::Resources::Port" do
end end
it "accepts the port as a string" do it "accepts the port as a string" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", "68") resource = MockLoader.new(:ubuntu1804).load_resource("port", "68")
_(resource.entries.length).must_equal 1 _(resource.entries.length).must_equal 1
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal ["udp"] _(resource.protocols).must_equal ["udp"]
@ -53,7 +53,7 @@ describe "Inspec::Resources::Port" do
end end
it "properly handles multiple processes using one fd" do it "properly handles multiple processes using one fd" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", "80") resource = MockLoader.new(:ubuntu1804).load_resource("port", "80")
_(resource.entries.length).must_equal 1 _(resource.entries.length).must_equal 1
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal ["tcp"] _(resource.protocols).must_equal ["tcp"]
@ -63,7 +63,7 @@ describe "Inspec::Resources::Port" do
end end
it "properly handles a IPv4 address in a v6 listing" do it "properly handles a IPv4 address in a v6 listing" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", 9200) resource = MockLoader.new(:ubuntu1804).load_resource("port", 9200)
_(resource.protocols).must_equal %w{ tcp tcp6 } _(resource.protocols).must_equal %w{ tcp tcp6 }
_(resource.addresses).must_equal ["10.0.2.15", "fe80::a00:27ff:fe32:ed09"] _(resource.addresses).must_equal ["10.0.2.15", "fe80::a00:27ff:fe32:ed09"]
end end
@ -185,7 +185,7 @@ describe "Inspec::Resources::Port" do
end end
it "verify port and interface on Ubuntu 14.04" do it "verify port and interface on Ubuntu 14.04" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", "0.0.0.0", 22) resource = MockLoader.new(:ubuntu1804).load_resource("port", "0.0.0.0", 22)
_(resource.listening?).must_equal true _(resource.listening?).must_equal true
_(resource.protocols).must_equal %w{ tcp } _(resource.protocols).must_equal %w{ tcp }
_(resource.pids).must_equal [1222] _(resource.pids).must_equal [1222]
@ -194,7 +194,7 @@ describe "Inspec::Resources::Port" do
end end
it "verify not listening port on interface on Ubuntu 14.04" do it "verify not listening port on interface on Ubuntu 14.04" do
resource = MockLoader.new(:ubuntu1404).load_resource("port", "127.0.0.1", 22) resource = MockLoader.new(:ubuntu1804).load_resource("port", "127.0.0.1", 22)
_(resource.listening?).must_equal false _(resource.listening?).must_equal false
_(resource.addresses).must_equal [] _(resource.addresses).must_equal []
end end