T6181: make tools for scaning ports #3940
+165
−0
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| <?xml version="1.0"?> | ||
| <interfaceDefinition> | ||
| <node name="show"> | ||
| <children> | ||
| <node name="ports"> | ||
| <children> | ||
| <node name="local"> | ||
| <properties> | ||
| <help>show opened ports on a local host</help> | ||
| </properties> | ||
| <command>sudo ${vyos_op_scripts_dir}/scan_localhost.py</command> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </interfaceDefinition> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| <?xml version="1.0"?> | ||
|
There was a problem hiding this comment. I see no reason to split these commands in three different files. The usual reason why we split them is either that commands are unrelated or that a file is reusable. These commands are closely related and these files are not reusable. |
||
| <interfaceDefinition> | ||
| <node name="show"> | ||
| <children> | ||
| <node name="ports"> | ||
| <children> | ||
| <node name="all"> | ||
| <properties> | ||
| <help>show opened ports and services on a remote host (scan all ports 1-65535)</help> | ||
| <completionHelp> | ||
| <list><hostname> <x.x.x.x> <h:h:h:h:h:h:h:h></list> | ||
| </completionHelp> | ||
| </properties> | ||
| <command>sudo ${vyos_op_scripts_dir}/scan_all_ports.py ${@:2}</command> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </interfaceDefinition> | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| <?xml version="1.0"?> | ||
| <interfaceDefinition> | ||
| <node name="show"> | ||
| <children> | ||
| <node name="ports"> | ||
| <children> | ||
| <properties> | ||
| <help>show opened ports on a remote host (scan popular ports)</help> | ||
| <completionHelp> | ||
| <list><hostname> <x.x.x.x> <h:h:h:h:h:h:h:h></list> | ||
| </completionHelp> | ||
| </properties> | ||
| <command>sudo ${vyos_op_scripts_dir}/scan_ports_popular.py ${@:2}</command> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </children> | ||
| </node> | ||
| </interfaceDefinition> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| #!/usr/bin/env python3 | ||
|
There was a problem hiding this comment. I can't see why this script is needed. Python startup time is notoriously slow, and this script only takes one argument that could easily be appended to the base command. It doesn't provide machine-friendly op mode either (we don't have a generic "perform" or "initiate" op mode word yet). We need to either figure out a way to make this machine-friendly and use Python or just use a shell command for the time being (I'd prefer the former). |
||
|
|
||
| import subprocess | ||
| import argparse | ||
|
|
||
| def scan_ports(host): | ||
| # Define the command to execute | ||
| command = ['nmap', '-p-', '-T4', '--min-rate=5000', '--max-retries=1', '--host-timeout=30s', host] | ||
|
|
||
| try: | ||
| # Execute the command and capture the result | ||
| result = subprocess.run(command, capture_output=True, text=True, check=True) | ||
|
|
||
| # Extract and print only the lines containing port information | ||
| output = result.stdout | ||
| start_extracting = False | ||
| for line in output.split('\n'): | ||
| if line.startswith("PORT"): | ||
| start_extracting = True | ||
| if start_extracting: | ||
| if line.startswith("Nmap done:"): | ||
| break | ||
| print(line) | ||
|
|
||
| except subprocess.CalledProcessError as e: | ||
| print(f"Error executing command: {e}") | ||
|
|
||
| if __name__ == "__main__": | ||
| # Create an argument parser | ||
| parser = argparse.ArgumentParser(description='Scan all ports on a remote host using T4 timing template with high rate and reduced retries.') | ||
| parser.add_argument('host', type=str, help='IP address or domain name of the host to scan') | ||
|
|
||
| # Parse the arguments | ||
| args = parser.parse_args() | ||
|
|
||
| # Perform the scan | ||
| scan_ports(args.host) | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| #!/usr/bin/env python3 | ||
|
There was a problem hiding this comment. Why use two different script files if the logic is the same, just some arguments are different? |
||
|
|
||
| import subprocess | ||
|
|
||
| def scan_localhost(): | ||
| try: | ||
| # Run the nmap command to list open TCP ports on localhost | ||
| result = subprocess.run( | ||
| ['nmap', '-sT', 'localhost'], | ||
| capture_output=True, text=True, check=True | ||
| ) | ||
| output = result.stdout | ||
|
|
||
| # Extract only the lines containing port information | ||
| start_extracting = False | ||
| for line in output.split('\n'): | ||
| if line.startswith("PORT"): | ||
| start_extracting = True | ||
| if start_extracting: | ||
| if line.startswith("Nmap done:"): | ||
| break | ||
| print(line) | ||
|
|
||
| except subprocess.CalledProcessError as e: | ||
| print(f"Error executing nmap command: {e}") | ||
|
|
||
| if __name__ == "__main__": | ||
| scan_localhost() | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| #!/usr/bin/env python3 | ||
|
|
||
| import subprocess | ||
| import sys | ||
|
|
||
| def scan_popular_ports(host): | ||
| # List of popular ports to scan | ||
| popular_ports = [ | ||
|
There was a problem hiding this comment. Popular according to whom? I see no reason to have a special case for this. 21 (FTP) and 23 (telnet) are quite rare now, but it's beside the point. People who want specific ports can specify a list in the command argument. |
||
| 20, 21, 22, 23, 25, 53, 80, 110, 123, 135, 137, 138, 139, 143, 161, 162, | ||
| 179, 389, 443, 445, 465, 514, 587, 993, 995, 1080, 1433, 1434, 1521, 1723, | ||
| 3306, 3389, 5060, 5432, 5900, 5938, 8080, 8443, 8888 | ||
| ] | ||
|
|
||
| # Create a comma-separated string of ports | ||
| ports_str = ",".join(map(str, popular_ports)) | ||
|
|
||
| try: | ||
| # Run the nmap command to scan the specified ports on the given host | ||
| result = subprocess.run( | ||
| ['nmap', '-p', ports_str, host], | ||
| capture_output=True, text=True, check=True | ||
| ) | ||
| output = result.stdout | ||
|
|
||
| # Extract only the lines containing port information | ||
| start_extracting = False | ||
| for line in output.split('\n'): | ||
| if line.startswith("PORT"): | ||
| start_extracting = True | ||
| if start_extracting: | ||
| if line.startswith("Nmap done:"): | ||
| break | ||
| print(line) | ||
|
|
||
| except subprocess.CalledProcessError as e: | ||
| print(f"Error executing nmap command: {e}") | ||
|
|
||
| if __name__ == "__main__": | ||
| if len(sys.argv) != 2: | ||
| print("Usage: python scan_popular_ports.py <IP>") | ||
| sys.exit(1) | ||
|
|
||
| remote_host = sys.argv[1] | ||
| scan_popular_ports(remote_host) | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't see how this shortcut is useful. Anyone who needs port scanning also knows what
127.0.0.1and::1orlocalhostare and they aren't long to type. More on this later.Besides,
netstatorssis a better way to show open ports on the local machine anyway, so this use case is rare and doesn't benefit from a shortcut.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We already have
show system connectionsThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, my point exactly. If there are reason to nmap localhost, they must be to specific and rare that a shortcut isn't useful