diff -r e10152caf835 -r b28f231eda85 check_scan.pl --- a/check_scan.pl Wed Jul 04 09:37:04 2012 +0200 +++ b/check_scan.pl Wed Jul 04 12:04:26 2012 +0200 @@ -1,6 +1,6 @@ #!/usr/bin/perl -w -# Copyright (C) 2011 Christian Arnold +# Copyright (C) 2012 Christian Arnold # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -22,6 +22,7 @@ use File::Basename; use Getopt::Long; use Pod::Usage; +use Data::Dumper; delete @ENV{ grep /^LC_/ => keys %ENV }; $ENV{LANG} = "C"; @@ -29,7 +30,7 @@ sub version($$); sub scan($$$); -sub report(@); +sub report($$); my %ERRORS = ( OK => 0, @@ -41,11 +42,11 @@ my $ME = basename $0; my $NAME = "SCAN"; -my $VERSION = "0.2"; +my $VERSION = "0.5"; my %opt = ( host => "localhost", - options => "-sT -sU -r -p1-65535", + options => "-sS -sU -r -p1-65535", exceptions => "22/tcp" ); @@ -60,8 +61,9 @@ "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; } ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} ); - my @openports = scan( $opt{host}, $opt{options}, $opt{exceptions} ); - report(@openports); + my ( $opened, $closed ) = + scan( $opt{host}, $opt{options}, $opt{exceptions} ); + report( $opened, $closed ); } sub version($$) { @@ -79,8 +81,9 @@ sub scan($$$) { my ( $host, $options, $exceptions ) = @_; - my @scan = grep { /^\d+\/.*\s+open/ } `nmap $options $host`; + my @scan = grep { /^\d+\// } `nmap $options $host`; my @openports; + my @closedports; my @exceptions; if ($exceptions) { @@ -93,17 +96,43 @@ } chomp($port); $port =~ s/\s+/ /g; - push @openports, $port; + push @openports, $port if ( $port =~ /^\d+\/tcp|udp\s+open\s+/ ); + push @closedports, $port if ( $port =~ /^\d+\/tcp|udp\s+closed\s+/ ); } - return @openports; + return ( \@openports, \@closedports ); } -sub report(@) { - my @openports = @_; +sub report($$) { + my $opened = shift; + my $closed = shift; + + my @opened = @$opened; + my @closed = @$closed; - if (@openports) { - say "$NAME WARNING: " . join( "; ", @openports ); + if (@opened) { + if ( $opt{exceptions} ) { + say "$NAME CRITICAL: " + . join( "; ", @opened ) + . " (exceptions: $opt{exceptions})"; + } + else { + say "$NAME CRITICAL: " + . join( "; ", @opened ) + . " (exceptions: $opt{exceptions})"; + } + exit $ERRORS{CRITICAL}; + } + + if (@closed) { + if ( $opt{exceptions} ) { + say "$NAME WARNING: " + . join( "; ", @closed ) + . " (exceptions: $opt{exceptions})"; + } + else { + say "$NAME WARNING: " . join( "; ", @closed ); + } exit $ERRORS{WARNING}; } @@ -140,7 +169,7 @@ =item B<-o>|B<--options> -Nmap options for scan, must be specified in quotes. (default: '-sT -sU -r -p1-65535') +Nmap options for scan, must be specified in quotes. (default: '-sS -sU -r -p1-65535') =item B<-e>|B<--exceptions> @@ -167,7 +196,7 @@ =head1 VERSION -This man page is current for version 0.2 of B. +This man page is current for version 0.5 of B. =head1 AUTHOR