Closed
Description
Here's an example of my test that was working before upgrading to testinfra 1.12.0.
@pytest.mark.parametrize('ossec_service', [
dict(host="0.0.0.0", proto="tcp", port=22, listening=True),
dict(host="0.0.0.0", proto="udp", port=1514, listening=True),
dict(host="0.0.0.0", proto="tcp", port=1515, listening=False),
])
def test_listening_ports(host, ossec_service):
Ensure the OSSEC-related services are listening on the
socket = "{proto}://{host}:{port}".format(**ossec_service)
with host.sudo():
assert host.socket(socket).is_listening == ossec_service['listening']
Specifically getting a fail on dict(host="0.0.0.0", proto="udp", port=1514, listening=True) now. Here is the relevant ss and lsof output:
sdrop@mon-staging:~$ sudo lsof -iUDP -n
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dhclient 674 root 5u IPv4 10425 0t0 UDP *:bootpc
dhclient 674 root 20u IPv4 10405 0t0 UDP *:15006
dhclient 674 root 21u IPv6 10406 0t0 UDP *:45681
ossec-rem 1174 ossecr 4u IPv4 11482 0t0 UDP *:1514
ntpd 3133 ntp 16u IPv4 18769 0t0 UDP *:ntp
ntpd 3133 ntp 17u IPv6 18770 0t0 UDP *:ntp
ntpd 3133 ntp 18u IPv4 18776 0t0 UDP 127.0.0.1:ntp
ntpd 3133 ntp 19u IPv4 18777 0t0 UDP 172.17.1.164:ntp
sdrop@mon-staging:~$ ss --numeric --listening --udp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:15006 *:*
UNCONN 0 0 *:1514 *:*
UNCONN 0 0 *:68 *:*
UNCONN 0 0 172.17.1.164:123 *:*
UNCONN 0 0 127.0.0.1:123 *:*
UNCONN 0 0 *:123 *:*
UNCONN 0 0 :::45681 :::*
UNCONN 0 0 :::123 :::*It appears that the socket module only looks for the status of LISTEN or ESTAB but doesn't recognize UNCONN as a listening status.