Netstat issue with spaces in program name #578
Comments
|
While running our monitoring script which uses First one was to see the data comming in def parse_network(headers, entry):
LIST_OF_STATES = [
"ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1", "FIN_WAIT2",
"TIME_WAIT", "CLOSED", "CLOSE_WAIT", "LAST_ACK", "LISTEN", "CLOSING",
"UNKNOWN", "7"
]
# split entry based on presence of value in "State" column
contains_state = any(state in entry for state in LIST_OF_STATES)
split_modifier = 1 if contains_state else 2
### DEBUG PRINT ###
print(entry)
entry = entry.split(maxsplit=len(headers) - split_modifier)output: tcp 0 0 0.0.0.0:9898 0.0.0.0:* LISTEN 1178/pgpool
tcp 0 0 192.168.68.116:9102 0.0.0.0:* LISTEN 584/bareos-fd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 600/sshd: /usr/sbin
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 1178/pgpool
tcp 0 0 0.0.0.0:5433 0.0.0.0:* LISTEN 1676/postgres
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 928/exim4
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 1817931/zabbix_agen
tcp 0 0 0.0.0.0:9000 0.0.0.0:* LISTEN 1187/pgpool: watchd
tcp6 0 0 :::9898 :::* LISTEN 1178/pgpool
tcp6 0 0 :::22 :::* LISTEN 600/sshd: /usr/sbin
tcp6 0 0 :::5432 :::* LISTEN 1178/pgpool
tcp6 0 0 :::5433 :::* LISTEN 1676/postgres
tcp6 0 0 :::10050 :::* LISTEN 1817931/zabbix_agen
udp 0 0 0.0.0.0:68 0.0.0.0:* 535/dhclient
udp 0 0 0.0.0.0:37300 0.0.0.0:* 1204/pgpool: heartb
udp 0 0 0.0.0.0:9694 0.0.0.0:* 1205/pgpool: heartb
udp 0 0 0.0.0.0:9694 0.0.0.0:* 1203/pgpool: heartb
udp 0 0 0.0.0.0:44649 0.0.0.0:* 1206/pgpool: heartb
udp 0 0 0.0.0.0:52868 0.0.0.0:* 494/rsyslogdThe interesting part comes here, It is clear that none of the def parse_network(headers, entry):
LIST_OF_STATES = [
"ESTABLISHED", "SYN_SENT", "SYN_RECV", "FIN_WAIT1", "FIN_WAIT2",
"TIME_WAIT", "CLOSED", "CLOSE_WAIT", "LAST_ACK", "LISTEN", "CLOSING",
"UNKNOWN", "7"
]
# split entry based on presence of value in "State" column
contains_state = any(state in entry for state in LIST_OF_STATES)
split_modifier = 1 if contains_state else 2
entry = entry.split(maxsplit=len(headers) - split_modifier)
### DEBUG PRINT ###
print(entry, len(entry))The row with the The "index out of range error" I'm getting is because I take the output of jc and split the column PID/Program name on I was localy able to fix the problem when I removed the number 7 from the LIST_OF_STATES. I remember tho, that without the 7 present in it, some tests of yours were failing. What I would like to do, is to remove the number 7 from LIST_OF_STATES because according to the documentation it is not a valid state that can appear as output of the netstat command, and to try and debug why the tests are failing. |
|
Oh, dear - that's a nasty little bug. Thanks for looking into this - looking forward to working with you on this! |
|
@HervisDaubeny any update on this? If not, I can take a look. Thanks! |
|
Hello, unfortunately I'm currently flooded with work from every side. If
you don't mind waiting I would love to look into it,
but I can't promise you I will be able to do it soon. My estimate is that I
could get to it in november.
Best regards,
Sebastian
… Message ID: ***@***.***>
|
DescriptionThe current code for checking if an entry contains a specific state has a bug where partial matches can mistakenly trigger the condition. The current implementation: does not enforce word boundaries, which means that it can match unintended portions of text, like matching "7" within "0.0.0.0:37300". Suggested FixOne potential quick fix to enforce word boundaries is to modify the code as follows: |
It looks like the tests fail because we do see Looks like we'll have to tighten up the splitting logic per @Luigi31415 's comment above. |
|
@kellyjonbrazil I think my suggested fix does solve the problem. Let me know if you agree so that I can put in a PR. |
|
@Luigi31415 sounds good - go ahead and use |
Originally posted by @HervisDaubeny in #447 (comment)
The text was updated successfully, but these errors were encountered: