From 5ebd980e264936bc5b6cfdcb900897f9bc350215 Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Wed, 23 Nov 2022 07:37:59 +0100 Subject: [PATCH] Add additional flags to nmap.py (#5566) (#5576) * Adding extra flag options for NMAP scaning udp_scan, icmp_timestamp and dns_resolve * Update nmap.py * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein * Updates as per felixfontein suggestions * Updates as per felixfontein suggestions * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein * Update plugins/inventory/nmap.py Co-authored-by: Felix Fontein * Update nmap.py * Update changelogs/fragments/5566-additional-flags-nmap.yml Co-authored-by: Felix Fontein * Update changelogs/fragments/5566-additional-flags-nmap.yml Co-authored-by: Felix Fontein * Update 5566-additional-flags-nmap.yml * Update nmap.py Co-authored-by: Axis12 <3225945+axistwelve@users.noreply.github.com> Co-authored-by: Felix Fontein (cherry picked from commit 52c28494ca903642aa4278afb580321302d119c9) Co-authored-by: David Stuart --- .../fragments/5566-additional-flags-nmap.yml | 3 ++ plugins/inventory/nmap.py | 28 +++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 changelogs/fragments/5566-additional-flags-nmap.yml diff --git a/changelogs/fragments/5566-additional-flags-nmap.yml b/changelogs/fragments/5566-additional-flags-nmap.yml new file mode 100644 index 00000000000..d42f3a4695a --- /dev/null +++ b/changelogs/fragments/5566-additional-flags-nmap.yml @@ -0,0 +1,3 @@ +minor_changes: + - nmap inventory plugin - add new options ``udp_scan``, ``icmp_timestamp``, and ``dns_resolve`` for different types of scans (https://github.com/ansible-collections/community.general/pull/5566). + diff --git a/plugins/inventory/nmap.py b/plugins/inventory/nmap.py index 01a5fa04ba9..f0fa50e3b30 100644 --- a/plugins/inventory/nmap.py +++ b/plugins/inventory/nmap.py @@ -46,6 +46,25 @@ description: use IPv6 type addresses type: boolean default: true + udp_scan: + description: + - Scan via UDP. + - Depending on your system you might need I(sudo=true) for this to work. + type: boolean + default: false + version_added: 6.1.0 + icmp_timestamp: + description: + - Scan via ICMP Timestamp (C(-PP)). + - Depending on your system you might need I(sudo=true) for this to work. + type: boolean + default: false + version_added: 6.1.0 + dns_resolve: + description: Whether to always (C(true)) or never (C(false)) do DNS resolution. + type: boolean + default: false + version_added: 6.1.0 notes: - At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False. - 'TODO: add OS fingerprinting' @@ -166,6 +185,15 @@ def parse(self, inventory, loader, path, cache=True): cmd.append('--exclude') cmd.append(','.join(self._options['exclude'])) + if self._options['dns_resolve']: + cmd.append('-n') + + if self._options['udp_scan']: + cmd.append('-sU') + + if self._options['icmp_timestamp']: + cmd.append('-PP') + cmd.append(self._options['address']) try: # execute