table of contents
| Parse::Netstat::win32(3pm) | User Contributed Perl Documentation | Parse::Netstat::win32(3pm) |
NAME¶
Parse::Netstat::win32 - Parse the output of Windows "netstat" command
VERSION¶
This document describes version 0.150 of Parse::Netstat::win32 (from Perl distribution Parse-Netstat), released on 2022-12-04.
SYNOPSIS¶
use Parse::Netstat qw(parse_netstat);
my $res = parse_netstat(output=>join("", `netstat -anp`), flavor=>"win32");
Sample `netstat -anp` output:
Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 988 c:\windows\system32\WS2_32.dll C:\WINDOWS\system32\RPCRT4.dll c:\windows\system32\rpcss.dll C:\WINDOWS\system32\svchost.exe -- unknown component(s) -- [svchost.exe] TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4 [System] TCP 127.0.0.1:1027 0.0.0.0:0 LISTENING 1244 [alg.exe] TCP 192.168.0.104:139 0.0.0.0:0 LISTENING 4 [System] UDP 0.0.0.0:1025 *:* 1120 C:\WINDOWS\system32\mswsock.dll c:\windows\system32\WS2_32.dll c:\windows\system32\DNSAPI.dll c:\windows\system32\dnsrslvr.dll C:\WINDOWS\system32\RPCRT4.dll [svchost.exe] UDP 0.0.0.0:500 *:* 696 [lsass.exe]
Sample result:
[
200,
"OK",
{
active_conns => [
{
execs => [
"c:\\windows\\system32\\WS2_32.dll",
"C:\\WINDOWS\\system32\\RPCRT4.dll",
"c:\\windows\\system32\\rpcss.dll",
"C:\\WINDOWS\\system32\\svchost.exe",
"[svchost.exe]",
],
foreign_host => "0.0.0.0",
foreign_port => 0,
local_host => "0.0.0.0",
local_port => 135,
pid => 988,
proto => "tcp",
state => "LISTENING",
},
{
execs => ["[System]"],
foreign_host => "0.0.0.0",
foreign_port => 0,
local_host => "0.0.0.0",
local_port => 445,
pid => 4,
proto => "tcp",
state => "LISTENING",
},
{
execs => ["[alg.exe]"],
foreign_host => "0.0.0.0",
foreign_port => 0,
local_host => "127.0.0.1",
local_port => 1027,
pid => 1244,
proto => "tcp",
state => "LISTENING",
},
{
execs => ["[System]"],
foreign_host => "0.0.0.0",
foreign_port => 0,
local_host => "192.168.0.104",
local_port => 139,
pid => 4,
proto => "tcp",
state => "LISTENING",
},
{
execs => [
"C:\\WINDOWS\\system32\\mswsock.dll",
"c:\\windows\\system32\\WS2_32.dll",
"c:\\windows\\system32\\DNSAPI.dll",
"c:\\windows\\system32\\dnsrslvr.dll",
"C:\\WINDOWS\\system32\\RPCRT4.dll",
"[svchost.exe]",
],
foreign_host => "*",
foreign_port => "*",
local_host => "0.0.0.0",
local_port => 1025,
pid => 1120,
proto => "udp",
},
{
execs => ["[lsass.exe]"],
foreign_host => "*",
foreign_port => "*",
local_host => "0.0.0.0",
local_port => 500,
pid => 696,
proto => "udp",
},
],
},
]
FUNCTIONS¶
parse_netstat¶
Usage:
parse_netstat(%args) -> [$status_code, $reason, $payload, \%result_meta]
Parse the output of Windows "netstat" command.
Netstat can be called with "-n" (show raw IP addresses and port numbers instead of hostnames or port names) or without. It can be called with "-a" (show all listening and non-listening socket) option or without. And can be called with "-p" (show PID/program names) or without.
This function is not exported by default, but exportable.
Arguments ('*' denotes required arguments):
- output* => str
Output of netstat command.
- tcp => bool (default: 1)
Whether to parse TCP (and TCP6) connections.
- udp => bool (default: 1)
Whether to parse UDP (and UDP6) connections.
Returns an enveloped result (an array).
First element ($status_code) is an integer containing HTTP-like status code (200 means OK, 4xx caller error, 5xx function error). Second element ($reason) is a string containing error message, or something like "OK" if status is 200. Third element ($payload) is the actual result, but usually not present when enveloped result is an error response ($status_code is not 2xx). Fourth element (%result_meta) is called result metadata and is optional, a hash that contains extra information, much like how HTTP response headers provide additional metadata.
Return value: (any)
HOMEPAGE¶
Please visit the project's homepage at <https://metacpan.org/release/Parse-Netstat>.
SOURCE¶
Source repository is at <https://github.com/perlancar/perl-Parse-Netstat>.
AUTHOR¶
perlancar <perlancar@cpan.org>
CONTRIBUTING¶
To contribute, you can send patches by email/via RT, or send pull requests on GitHub.
Most of the time, you don't need to build the distribution yourself. You can simply modify the code, then test via:
% prove -l
If you want to build the distribution (e.g. to try to install it locally on your system), you can install Dist::Zilla, Dist::Zilla::PluginBundle::Author::PERLANCAR, Pod::Weaver::PluginBundle::Author::PERLANCAR, and sometimes one or two other Dist::Zilla- and/or Pod::Weaver plugins. Any additional steps required beyond that are considered a bug and can be reported to me.
COPYRIGHT AND LICENSE¶
This software is copyright (c) 2022, 2017, 2015, 2014, 2012, 2011 by perlancar <perlancar@cpan.org>.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
BUGS¶
Please report any bugs or feature requests on the bugtracker website <https://rt.cpan.org/Public/Dist/Display.html?Name=Parse-Netstat>
When submitting a bug or request, please include a test-file or a patch to an existing test-file that illustrates the bug or desired feature.
| 2023-01-15 | perl v5.36.0 |