add netstat parser

2025-06-19 00:17:51 +02:00 · 2019-10-17 08:03:56 -07:00
parent 366c5dbc01
commit b3c52eb1cc
2 changed files with 105 additions and 33 deletions
--- a/jc/parsers/ifconfig.py
+++ b/jc/parsers/ifconfig.py
@ -7,7 +7,7 @@ Usage:
 Example:
-$ ifconfig | ./jc.py --ifconfig -p
+$ ifconfig | jc --ifconfig -p
 """
 from collections import namedtuple
--- a/jc/parsers/netstat.py
+++ b/jc/parsers/netstat.py
@ -6,50 +6,122 @@ Usage:
 Example:
 $ netstat | jc --netstat -p
 $ netstat -lp | jc --netstat -p
 """
-import re
+output = {}
 class state():
    section = ''
    session = ''
    network = ''
    client_tcp_ip4 = []
    client_tcp_ip6 = []
    client_udp_ip4 = []
    client_udp_ip6 = []
    server_tcp_ip4 = []
    server_tcp_ip6 = []
    server_udp_ip4 = []
    server_udp_ip6 = []
 def parse_line(entry):
    parsed_line = entry.split()
    print(parsed_line)
    output_line = {}
    output_line['local'] = parsed_line[3]
    output_line['foreign'] = parsed_line[4]
    output_line['state'] = parsed_line[6]
    output_line['recvq'] = int(parsed_line[1])
    output_line['sendq'] = int(parsed_line[2])
    # output_line['pid'] = int(parsed_line[1])
    # output_line['pname'] = int(parsed_line[1])
    return output_line
 def parse(data):
    output = []
    cleandata = data.splitlines()
-    # Delete last line if it is blank
+    for line in cleandata:
-    if cleandata[-1] == '':
+        if line.find('Active Internet connections (w/o servers)') == 0:
-        cleandata.pop(-1)
+            state.section = "client"
            continue
-    # Delete first line if it starts with 'total'
+        if line.find('Active Internet connections (only servers)') == 0:
-    if cleandata[0].find('total') == 0:
+            state.section = "server"
-        cleandata.pop(0)
+            continue
-    # Check if -l was used to parse extra data
+        if line.find('Proto') == 0:
-    if re.match('^[-dclpsbDCMnP?]([-r][-w][-xsS]){2}([-r][-w][-xtT])[+]?', cleandata[0]):
+            continue
        for entry in cleandata:
            output_line = {}
-            parsed_line = entry.split()
+        if line.find('Active UNIX') == 0:
            break
-            # split filenames and links
+        if state.section == "client":
-            filename_field = ' '.join(parsed_line[8:]).split(' -> ')
+            if line.find('tcp') == 0:
-
+                state.session = 'tcp'
-            # create list of dictionaries
+                if line.find('p6') == 2:
-            output_line['filename'] = filename_field[0]
+                    state.network = 'ipv6'
            if len(filename_field) > 1:
                output_line['link_to'] = filename_field[1]
            output_line['flags'] = parsed_line[0]
            output_line['links'] = int(parsed_line[1])
            output_line['owner'] = parsed_line[2]
            output_line['group'] = parsed_line[3]
            output_line['bytes'] = int(parsed_line[4])
            output_line['date'] = ' '.join(parsed_line[5:8])
            output.append(output_line)
                else:
-        for entry in cleandata:
+                    state.network = 'ipv4'
-            output_line = {}
+            elif line.find('udp') == 0:
-            output_line['filename'] = entry
+                state.session = 'udp'
-            output.append(output_line)
+                if line.find('p6') == 2:
                    state.network = 'ipv6'
                else:
                    state.network = 'ipv4'
        if state.section == "server":
            if line.find('tcp') == 0:
                state.session = 'tcp'
                if line.find('p6') == 2:
                    state.network = 'ipv6'
                else:
                    state.network = 'ipv4'
            elif line.find('udp') == 0:
                state.session = 'udp'
                if line.find('p6') == 2:
                    state.network = 'ipv6'
                else:
                    state.network = 'ipv4'
        if state.section == client && state.session == tcp && state.network == ipv4:
            client_tcp_ip4.append(parse_line(line))
        if state.section == client && state.session == tcp && state.network == ipv6:
            client_tcp_ip6.append(parse_line(line))
        if state.section == client && state.session == udp && state.network == ipv4:
            client_udp_ip4.append(parse_line(line))
        if state.section == client && state.session == udp && state.network == ipv6:
            client_udp_ip6.append(parse_line(line))
        if state.section == server && state.session == tcp && state.network == ipv4:
            server_tcp_ip4.append(parse_line(line))
        if state.section == client && state.session == tcp && state.network == ipv6:
            server_tcp_ip6.append(parse_line(line))
        if state.section == client && state.session == udp && state.network == ipv4:
            server_udp_ip4.append(parse_line(line))
        if state.section == client && state.session == udp && state.network == ipv6:
            server_udp_ip6.append(parse_line(line))
    output['client']['tcp']['ipv4'] = client_tcp_ip4
    output['client']['tcp']['ipv6'] = client_tcp_ip6
    output['client']['udp']['ipv4'] = client_udp_ip4
    output['client']['udp']['ipv6'] = client_udp_ip6
    output['server']['tcp']['ipv4'] = server_tcp_ip4
    output['server']['tcp']['ipv6'] = server_tcp_ip6
    output['server']['udp']['ipv4'] = server_udp_ip4
    output['server']['udp']['ipv6'] = server_udp_ip6
    return output