Adding support for -p option to specify port(s) to scan (#6165)

* Adding support for `-p` option to specify port(s) to scan * Adding changelog fragment file * Corrected appending options * Edit to doc section * Correction in documentation type * Fixed `:` use in doc breaking yaml * Update changelogs/fragments/6165-nmap-port.yml Co-authored-by: Felix Fontein <[email protected]> * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein <[email protected]> * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein <[email protected]> * Adding usage example * Adding comment to example that was missed * Breaking line up, was too long for sanity test 160 char limit * Still too long since spaces are counted * Changed type to string to work for a single entry as well as comma separated values * Update changelogs/fragments/6165-nmap-port.yml Co-authored-by: Felix Fontein <[email protected]> * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein <[email protected]> --------- Co-authored-by: Felix Fontein <[email protected]>
ansible-collections · Mar 19, 2023 · bf8f295 · bf8f295
1 parent e8a7c27
commit bf8f295
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/changelogs/fragments/6165-nmap-port.yml b/changelogs/fragments/6165-nmap-port.yml
@@ -0,0 +1,2 @@
+minor_changes:
+ - nmap inventory plugin - add new option ``port`` for port specific scan (https://github.com/ansible-collections/community.general/pull/6165).
diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py
@@ -34,6 +34,13 @@
             description: list of addresses to exclude
             type: list
             elements: string
+        port:
+            description:
+                - Only scan specific port or port range (C(-p)).
+                - For example, you could pass C(22) for a single port, C(1-65535) for a range of ports,
+                  or C(U:53,137,T:21-25,139,8080,S:9) to check port 53 with UDP, ports 21-25 with TCP, port 9 with SCTP, and ports 137, 139, and 8080 with all.
+            type: string
+            version_added: 6.5.0
         ports:
             description: Enable/disable scanning for open ports
             type: boolean
@@ -81,6 +88,14 @@
 sudo: true
 strict: false
 address: 192.168.0.0/24
+
+# an nmap scan specifying ports and classifying results to an inventory group
+plugin: community.general.nmap
+address: 192.168.0.0/24
+exclude: 192.168.0.1, web.example.com
+port: 22, 443
+groups:
+  web_servers: "ports | selectattr('port', 'equalto', '443')"
 '''
 
 import os
@@ -171,6 +186,10 @@ def parse(self, inventory, loader, path, cache=True):
             if self._options['sudo']:
                 cmd.insert(0, 'sudo')
 
+            if self._options['port']:
+                cmd.append('-p')
+                cmd.append(self._options['port'])
+
             if not self._options['ports']:
                 cmd.append('-sP')
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		minor_changes:
		- nmap inventory plugin - add new option ``port`` for port specific scan (https://github.com/ansible-collections/community.general/pull/6165).