community.general.listen_ports_facts module – Gather facts on processes listening on TCP and UDP ports

Note

This module is part of the community.general collection (version 9.5.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.listen_ports_facts.

Synopsis 

Gather facts on processes listening on TCP and UDP ports using the netstat or ss commands.
This module currently supports Linux only.

Requirements 

The below requirements are needed on the host that executes this module.

netstat or ss

Parameters 

Parameter	Comments
command string added in community.general 4.1.0	Override which command to use for fetching listen ports. By default module will use first found supported command on the system (in alphanumerical order). Choices: `"netstat"` `"ss"`
include_non_listening boolean added in community.general 5.4.0	Show both listening and non-listening sockets (for TCP this means established connections). Adds the return values `ansible_facts.tcp_listen[].state`, `ansible_facts.udp_listen[].state`, `ansible_facts.tcp_listen[].foreign_address`, and `ansible_facts.udp_listen[].foreign_address` to the returned facts. Choices: `false` ← (default) `true`

Attributes 

Attribute	Support	Description
check_mode	Support: full This action does not modify state.	Can run in `check_mode` and return changed status prediction without modifying target.
diff_mode	Support: N/A This action does not modify state.	Will return details on what has changed (or possibly needs changing in `check_mode`), when in diff mode.
facts	Support: full	Action returns an `ansible_facts` dictionary that will update existing host facts.

Notes 

Note

ss returns all processes for each listen address and port. This plugin will return each of them, so multiple entries for the same listen address and port are likely in results.

Examples 

- name: Gather facts on listening ports
  community.general.listen_ports_facts:

- name: TCP whitelist violation
  ansible.builtin.debug:
    msg: TCP port {{ item.port }} by pid {{ item.pid }} violates the whitelist
  vars:
    tcp_listen_violations: "{{ ansible_facts.tcp_listen | selectattr('port', 'in', tcp_whitelist) | list }}"
    tcp_whitelist:
      - 22
      - 25
  loop: "{{ tcp_listen_violations }}"

- name: List TCP ports
  ansible.builtin.debug:
    msg: "{{ ansible_facts.tcp_listen  | map(attribute='port') | sort | list }}"

- name: List UDP ports
  ansible.builtin.debug:
    msg: "{{ ansible_facts.udp_listen | map(attribute='port') | sort | list }}"

- name: List all ports
  ansible.builtin.debug:
    msg: "{{ (ansible_facts.tcp_listen + ansible_facts.udp_listen) | map(attribute='port') | unique | sort | list }}"

- name: Gather facts on all ports and override which command to use
  community.general.listen_ports_facts:
    command: 'netstat'
    include_non_listening: true

Returned Facts 

Facts returned by this module are added/updated in the hostvars host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them.

Key	Description
tcp_listen list / elements=string	A list of processes that are listening on a TCP port. Returned: if TCP servers were found
address string	The address the server is listening on. Returned: always Sample: `"0.0.0.0"`
foreign_address string added in community.general 5.4.0	The address of the remote end of the socket. Returned: if `include_non_listening=true` Sample: `"10.80.0.1"`
name string	The name of the listening process. Returned: if user permissions allow Sample: `"mysqld"`
pid integer	The pid of the listening process. Returned: always Sample: `1223`
port integer	The port the server is listening on. Returned: always Sample: `3306`
protocol string	The network protocol of the server. Returned: always Sample: `"tcp"`
state string added in community.general 5.4.0	The state of the socket. Returned: if `include_non_listening=true` Sample: `"ESTABLISHED"`
stime string	The start time of the listening process. Returned: always Sample: `"Thu Feb 2 13:29:45 2017"`
user string	The user who is running the listening process. Returned: always Sample: `"mysql"`
udp_listen list / elements=string	A list of processes that are listening on a UDP port. Returned: if UDP servers were found
address string	The address the server is listening on. Returned: always Sample: `"0.0.0.0"`
foreign_address string added in community.general 5.4.0	The address of the remote end of the socket. Returned: if `include_non_listening=true` Sample: `"10.80.0.1"`
name string	The name of the listening process. Returned: if user permissions allow Sample: `"rsyslogd"`
pid integer	The pid of the listening process. Returned: always Sample: `609`
port integer	The port the server is listening on. Returned: always Sample: `514`
protocol string	The network protocol of the server. Returned: always Sample: `"udp"`
state string added in community.general 5.4.0	The state of the socket. UDP is a connectionless protocol. Shows UCONN or ESTAB. Returned: if `include_non_listening=true` Sample: `"UCONN"`
stime string	The start time of the listening process. Returned: always Sample: `"Thu Feb 2 13:29:45 2017"`
user string	The user who is running the listening process. Returned: always Sample: `"root"`

Authors

Nathan Davison (@ndavison)

community.general.listen_ports_facts module – Gather facts on processes listening on TCP and UDP ports

Synopsis

Requirements

Parameters

Attributes

Notes

Examples

Returned Facts