Puppet Class: diffscan

Defined in:
modules/diffscan/manifests/init.pp

Overview

Class: diffscan

This class installs & manages diffscan, an nmap wrapper for differential port scans. See github.com/ameihm0912/diffscan2

Parameters

ipranges

The list of IP/masks to scan. See nmap doc for accepted formats.

emailto

Diff emails recipient. Defaults to “root”.

groupname

An identifier to distinguish between several instances. Defaults to “diffscan”.

Parameters:

  • ipranges (Any) (defaults to: {})
  • emailto (Any) (defaults to: '')
  • groupname (Any) (defaults to: 'diffscan-default')


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# File 'modules/diffscan/manifests/init.pp', line 19

class diffscan(
    $ipranges={},
    $emailto='',
    $groupname='diffscan-default'
) {
    require_package('nmap')

    file { '/srv/diffscan':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0775',
    }
    file { "/srv/diffscan/targets-${groupname}.txt":
        ensure  => present,
        owner   => 'root',
        group   => 'root',
        mode    => '0444',
        content => template('diffscan/targets.txt.erb'),
    }
    file { '/srv/diffscan/diffscan.py':
        ensure => present,
        owner  => 'root',
        group  => 'root',
        mode   => '0554',
        source => 'puppet:///modules/diffscan/diffscan.py',
    }
    cron { "diffscan-${groupname}":
        ensure  => present,
        user    => 'root',  # nmap needs root privileges
        command => "cd /srv/diffscan/; /srv/diffscan/diffscan.py -q /srv/diffscan/targets-${groupname}.txt ${emailto} ${groupname}",
        hour    => '0',
    }

}