PNG  IHDR* pHYs+ IDATx]n#; cdLb Ǚ[at¤_:uP}>!Usă cag޿ ֵNu`ݼTâabO7uL&y^wFٝA"l[|ŲHLN밪4*sG3|Dv}?+y߉{OuOAt4Jj.u]Gz*҉sP'VQKbA1u\`& Af;HWj hsO;ogTu uj7S3/QzUr&wS`M$X_L7r2;aE+ώ%vikDA:dR+%KzƉo>eOth$z%: :{WwaQ:wz%4foɹE[9<]#ERINƻv溂E%P1i01 |Jvҗ&{b?9g=^wζXn/lK::90KwrюO\!ջ3uzuGv^;騢wq<Iatv09:tt~hEG`v;3@MNZD.1]L:{ծI3`L(÷ba")Y.iljCɄae#I"1 `3*Bdz>j<fU40⨬%O$3cGt]j%Fߠ_twJ;ABU8vP3uEԑwQ V:h%))LfraqX-ۿX]v-\9I gl8tzX ]ecm)-cgʒ#Uw=Wlێn(0hPP/ӨtQ“&J35 $=]r1{tLuǮ*i0_;NƝ8;-vݏr8+U-kruȕYr0RnC]*ެ(M:]gE;{]tg(#ZJ9y>utRDRMdr9㪩̞zֹb<ģ&wzJM"iI( .ꮅX)Qw:9,i좜\Ԛi7&N0:asϓc];=ΗOӣ APqz93 y $)A*kVHZwBƺnWNaby>XMN*45~ղM6Nvm;A=jֲ.~1}(9`KJ/V F9[=`~[;sRuk]rєT!)iQO)Y$V ی ۤmzWz5IM Zb )ˆC`6 rRa}qNmUfDsWuˤV{ Pݝ'=Kֳbg,UҘVz2ﴻnjNgBb{? ߮tcsͻQuxVCIY۠:(V뺕 ٥2;t`@Fo{Z9`;]wMzU~%UA蛚dI vGq\r82iu +St`cR.6U/M9IENDB`############################################################################### # Copyright 2006-2023, Way to the Web Limited # URL: http://www.configserver.com # Email: sales@waytotheweb.com ############################################################################### ## no critic (RequireUseWarnings, ProhibitExplicitReturnUndef, ProhibitMixedBooleanOperators, RequireBriefOpen) # start main package ConfigServer::Ports; use strict; use lib '/usr/local/csf/lib'; use Fcntl qw(:DEFAULT :flock); use ConfigServer::Config; use Exporter qw(import); our $VERSION = 1.02; our @ISA = qw(Exporter); our @EXPORT_OK = qw(); my %printable = ( ( map { chr($_), unpack('H2', chr($_)) } (0..255) ), "\\"=>'\\', "\r"=>'r', "\n"=>'n', "\t"=>'t', "\""=>'"' ); ##no critic my %tcpstates = ("01" => "ESTABLISHED", "02" => "SYN_SENT", "03" => "SYN_RECV", "04" => "FIN_WAIT1", "05" => "FIN_WAIT2", "06" => "TIME_WAIT", "07" => "CLOSE", "08" => "CLOSE_WAIT", "09" => "LAST_ACK", "0A" => "LISTEN", "0B" => "CLOSING"); # end main ############################################################################### # start listening sub listening { my %net; my %conn; my %listen; foreach my $proto ("tcp","udp","tcp6","udp6") { open (my $IN, "<","/proc/net/$proto"); flock ($IN, LOCK_SH); while (<$IN>) { my @rec = split(); if ($rec[9] =~ /uid/) {next} my ($dip,$dport) = split(/:/,$rec[1]); $dport = hex($dport); my ($sip,$sport) = split(/:/,$rec[2]); $sport = hex($sport); $dip = &hex2ip($dip); $sip = &hex2ip($sip); my $inode = $rec[9]; my $state = $tcpstates{$rec[3]}; my $protocol = $proto; $protocol =~ s/6//; if ($protocol eq "udp" and $state eq "CLOSE") {$state = "LISTEN"} if ($state eq "ESTABLISHED") {$conn{$dport}{$protocol}++} if ($dip =~ /^127\./) {next} if ($dip =~ /^0\.0\.0\.1/) {next} if ($state eq "LISTEN") {$net{$inode}{$protocol} = $dport} } close ($IN); } opendir (PROCDIR, "/proc"); while (my $pid = readdir(PROCDIR)) { if ($pid !~ /^\d+$/) {next} my $exe = readlink("/proc/$pid/exe") || ""; my $cwd = readlink("/proc/$pid/cwd") || ""; my $uid; my $user; if (defined $exe) {$exe =~ s/([\r\n\t\"\\\x00-\x1f\x7F-\xFF])/\\$printable{$1}/sg} open (my $CMDLINE,"<","/proc/$pid/cmdline"); flock ($CMDLINE, LOCK_SH); my $cmdline = <$CMDLINE>; close ($CMDLINE); if (defined $cmdline) { chomp $cmdline; $cmdline =~ s/\0$//g; $cmdline =~ s/\0/ /g; $cmdline =~ s/([\r\n\t\"\\\x00-\x1f\x7F-\xFF])/\\$printable{$1}/sg; $cmdline =~ s/\s+$//; $cmdline =~ s/^\s+//; } if ($exe eq "") {next} my @fd; opendir (DIR, "/proc/$pid/fd") or next; while (my $file = readdir (DIR)) { if ($file =~ /^\./) {next} push (@fd, readlink("/proc/$pid/fd/$file")); } closedir (DIR); open (my $STATUS,"<", "/proc/$pid/status") or next; flock ($STATUS, LOCK_SH); my @status = <$STATUS>; close ($STATUS); chomp @status; foreach my $line (@status) { if ($line =~ /^Uid:(.*)/) { my $uidline = $1; my @uids; foreach my $bit (split(/\s/,$uidline)) { if ($bit =~ /^(\d*)$/) {push @uids, $1} } $uid = $uids[-1]; $user = getpwuid($uid); if ($user eq "") {$user = $uid} } } my $files; my $sockets; foreach my $file (@fd) { if ($file =~ /^socket:\[?([0-9]+)\]?$/) { my $ino = $1; if ($net{$ino}) { foreach my $protocol (keys %{$net{$ino}}) { $listen{$protocol}{$net{$ino}{$protocol}}{$pid}{user} = $user; $listen{$protocol}{$net{$ino}{$protocol}}{$pid}{exe} = $exe; $listen{$protocol}{$net{$ino}{$protocol}}{$pid}{cmd} = $cmdline; $listen{$protocol}{$net{$ino}{$protocol}}{$pid}{cmd} = $cmdline; $listen{$protocol}{$net{$ino}{$protocol}}{$pid}{conn} = $conn{$net{$ino}{$protocol}}{$protocol} | "-"; } } } } } closedir (PROCDIR); return %listen; } # end listening ############################################################################### # start openports sub openports { my $config = ConfigServer::Config->loadconfig(); my %config = $config->config(); my %ports; $config{TCP_IN} =~ s/\s//g; foreach my $entry (split(/,/,$config{TCP_IN})) { if ($entry =~ /^(\d+):(\d+)$/) { my $from = $1; my $to = $2; for (my $port = $from; $port < $to ; $port++) { $ports{tcp}{$port} = 1; } } else { $ports{tcp}{$entry} = 1; } } $config{TCP6_IN} =~ s/\s//g; foreach my $entry (split(/,/,$config{TCP6_IN})) { if ($entry =~ /^(\d+):(\d+)$/) { my $from = $1; my $to = $2; for (my $port = $from; $port < $to ; $port++) { $ports{tcp6}{$port} = 1; } } else { $ports{tcp6}{$entry} = 1; } } $config{UDP_IN} =~ s/\s//g; foreach my $entry (split(/,/,$config{UDP_IN})) { if ($entry =~ /^(\d+):(\d+)$/) { my $from = $1; my $to = $2; for (my $port = $from; $port < $to ; $port++) { $ports{udp}{$port} = 1; } } else { $ports{udp}{$entry} = 1; } } $config{UDP6_IN} =~ s/\s//g; foreach my $entry (split(/,/,$config{UDP6_IN})) { if ($entry =~ /^(\d+):(\d+)$/) { my $from = $1; my $to = $2; for (my $port = $from; $port < $to ; $port++) { $ports{udp6}{$port} = 1; } } else { $ports{udp6}{$entry} = 1; } } return %ports; } # end openports ############################################################################### ## start hex2ip sub hex2ip { my $bin = pack "C*" => map hex, $_[0] =~ /../g; my @l = unpack "L*", $bin; if (@l == 4) { return join ':', map { sprintf "%x:%x", $_ >> 16, $_ & 0xffff } @l; } elsif (@l == 1) { return join '.', map { $_ >> 24, ($_ >> 16 ) & 0xff, ($_ >> 8) & 0xff, $_ & 0xff } @l; } } ## end hex2ip ############################################################################### 1;