-
Notifications
You must be signed in to change notification settings - Fork 2
/
icmp_port_unreach.yml
75 lines (66 loc) · 2.59 KB
/
icmp_port_unreach.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
---
- name: check UDP port is closed for the particular port
hosts: server
vars:
server_port: "{{ server.port|int + 1 }}"
gather_facts: false
become: true
tasks:
- name: use netstat to check the port is not open
shell: netstat -lnup | grep ":{{ server_port }}"
register: result
changed_when: false
failed_when: "result.rc == 0"
- name: print out the result
debug: var=result
- name: ICMP port unreach for closed UDP port
hosts: client
vars:
# server.port + 1 is not open, as verified above play.
server_port: "{{ server.port|int + 1 }}"
timeout: 3
retry: 3
debug: false
gather_facts: false
become: true
tasks:
- name: check ICMP port unreach for the closed UDP port (IPv4)
shell: nmap -Pn -sU --host-timeout "{{ timeout }}" -p "{{ server_port }}" "{{ server.ipv4 }}" 2>/dev/null
register: result
changed_when: false
failed_when: "result.rc != 0 or 'udp closed' not in result.stdout"
until: result.rc == 0 and 'udp closed' in result.stdout
retries: "{{ retry }}"
ignore_errors: "{{ debug }}"
- name: print out the result
debug: var=result
- name: check ICMP port unreach for the closed UDP port (private IPv4)
shell: nmap -Pn -sU --host-timeout "{{ timeout }}" -p "{{ server_port }}" "{{ server.ipv4_private }}" 2>/dev/null
register: result
changed_when: false
failed_when: "result.rc != 0 or 'udp closed' not in result.stdout"
until: result.rc == 0 and 'udp closed' in result.stdout
retries: "{{ retry }}"
ignore_errors: "{{ debug }}"
- name: print out the result
debug: var=result
- name: check ICMP port unreach for the closed UDP port (IPv6)
shell: nmap -6 -Pn -sU --host-timeout "{{ timeout }}" -p "{{ server_port }}" "{{ server.ipv6 }}" 2>/dev/null
register: result
changed_when: false
failed_when: "result.rc != 0 or 'udp closed' not in result.stdout"
until: result.rc == 0 and 'udp closed' in result.stdout
retries: "{{ retry }}"
ignore_errors: "{{ debug }}"
- name: print out the result
debug: var=result
- name: check ICMP port unreach for the closed UDP port (Floating IP)
shell: nmap -Pn -sU --host-timeout "{{ timeout }}" -p "{{ server_port }}" "{{ server.flip }}" 2>/dev/null
register: result
changed_when: false
failed_when: "result.rc != 0 or 'udp closed' not in result.stdout"
until: result.rc == 0 and 'udp closed' in result.stdout
retries: "{{ retry }}"
ignore_errors: true
- name: print out the result
debug: var=result