From 188dc88d12f88f3a5f81ef3538c64591d6f15238 Mon Sep 17 00:00:00 2001 From: Nils Date: Sun, 29 May 2022 15:32:18 +0200 Subject: [PATCH] update readme --- README.md | 52 +++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 3739bb3..63b8366 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # probehost2 -an http endpoint to query network diagnosis tools from remote hosts +a http endpoint to query network diagnosis tools from remote hosts - Overview - Disclaimer @@ -15,14 +15,15 @@ an http endpoint to query network diagnosis tools from remote hosts - Ping - MTR - Traceroute + - Nping # Disclaimer -Dont expect good or even mediocre code here. This is my first take at go and is mostly for myself to learn. Suggestions and improvements are welcome. +Don't expect good or even mediocre code here. This is my first take at go and is mostly for myself to learn. Suggestions and improvements are welcome. Please note that this project does not include any kind of rate limiting or other protection. It is therefore heavily advised to only make it publicly reachable if a reverse proxy is in place. A sample config for Caddy can be found in the `caddy` subfolder. # Installation -The runtime dependencies are currently `iputils`, `traceroute` and `mtr` (sometimes called `mtr-tiny`). `iputils` and `traceroute` can be substituted by `busybox`. +The runtime dependencies are currently `iputils`, `traceroute`, `nping` (usually provided by nmap) and `mtr` (sometimes called `mtr-tiny`). `iputils` and `traceroute` can be substituted by `busybox`. ## Building The app can be built with the latest Go toolchain. @@ -43,12 +44,12 @@ Example files for a systemd service can be found in the `systemd` subfolder. ## Docker A docker container based on Alpine can be built by using the included dockerfile (`docker/Dockerfile`). ```sh -docker build -f docker/Dockerfile . -t byreqz/probehost2:latest +docker build -f docker/Dockerfile . -t https://reg.nils.lol/byreqz/probehost2:latest ``` A compose file can also be found in `docker/docker-compose.yml`. ## Proxy -Its recommended to only run this app together with a rate-limiting reverse-proxy. An example configuration for Caddy can be found in the `caddy` subfolder. +It's recommended to only run this app together with a rate-limiting reverse-proxy. An example configuration for Caddy can be found in the `caddy` subfolder. # Usage ## Server @@ -58,9 +59,9 @@ The app currently has 4 runtime flags: - `-x / --disable-x-forwarded-for` -- disables checking for the X-Forwarded-For header - `-l / --allow-private` -- allows lookups of private IP ranges -All of the Flags also have an accompanying environment value: `PROBEHOST_LOGPATH`, `PROBEHOST_ALLOW_PRIVATE`, `PROBEHOST_LISTEN_PORT` and `PROBEHOST_DISABLE_X_FORWARDED_FOR` but the options given via commandline have priority. +All the Flags also have an accompanying environment value: `PROBEHOST_LOGPATH`, `PROBEHOST_ALLOW_PRIVATE`, `PROBEHOST_LISTEN_PORT` and `PROBEHOST_DISABLE_X_FORWARDED_FOR` but the options given via commandline have priority. -The app will log every request including the IP thats querying and show failed requests on stdout. +The app will log every request including the IP that's querying and show failed requests on stdout. Requests that contain an X-Forwarded-For header (implying the app is behind a reverse proxy) will automatically log that address instead of the requesting IP (the proxy itself), this can be turned off with -x. @@ -68,7 +69,7 @@ Requests that contain an X-Forwarded-For header (implying the app is behind a re ### General The app can be queried via HTTP/HTTPS with the following scheme: ``` -https://[address]/[command]/[hosts]/[options] +https://[address]/[command]/[host](_[port]),[host].../[options] ``` - [address] = the IP or domain serving the site @@ -76,7 +77,8 @@ https://[address]/[command]/[hosts]/[options] - ping - mtr - traceroute -- [hosts] = can be one or more hosts query, seperated by a comma +- [host] = can be one or more hosts query, seperated by a comma +- [port] = port to be queried, optional - [options] = options to run the command with, seperated by a comma All inputs are validated and invalid input is discarded. If the request contains no valid data, the server will return HTTP 500. @@ -131,7 +133,7 @@ Available options are: - `c10` / `count10`: send 10 pings Example query: -``` +```sh $ curl http://localhost:8000/mtr/localhost/c1,z Start: 2022-01-02T00:06:56+0100 HOST: xxx Loss% Snt Last Avg Best Wrst StDev @@ -155,9 +157,37 @@ Available options are: - `b` / `back`: Guess the number of hops in the backward path and print if it differs Example query: -``` +```sh $ curl http://localhost:8000/tracert/localhost/i traceroute to localhost (127.0.0.1), 30 hops max, 60 byte packets 1 localhost (127.0.0.1) 0.063 ms 0.008 ms 0.006 ms +``` +### Nping +The default options are: +- `c3`: send 3 pings +Available options are: +- `4` / `force4`: force IPv4 +- `6` / `force6`: force IPv6 +- `u` / `udp`: use UDP +- `t` / `tcp`: use TCP +- `v` / `verbose`: be verbose +- `c1` / `count1`: send 1 ping +- `c3` / `count3`: send 3 pings +- `c5` / `count5`: send 5 pings + +Example query: +```sh +$ curl localhost:8000/nping/localhost_22 +Starting Nping 0.7.92 ( https://nmap.org/nping ) at 2022-05-29 15:28 CEST +SENT (0.0022s) Starting TCP Handshake > localhost:22 (127.0.0.1:22) +RCVD (0.0133s) Handshake with localhost:22 (127.0.0.1:22) completed +SENT (1.0041s) Starting TCP Handshake > localhost:22 (127.0.0.1:22) +RCVD (1.0089s) Handshake with localhost:22 (127.0.0.1:22) completed +SENT (2.0071s) Starting TCP Handshake > localhost:22 (127.0.0.1:22) +RCVD (2.0090s) Handshake with localhost:22 (127.0.0.1:22) completed + +Max rtt: 11.130ms | Min rtt: 1.945ms | Avg rtt: 5.965ms +TCP connection attempts: 3 | Successful connections: 3 | Failed: 0 (0.00%) +Nping done: 1 IP address pinged in 2.01 seconds ``` \ No newline at end of file