add nping handler, port support and fmt code

This commit is contained in:
Nils 2022-05-29 14:20:06 +02:00
parent a94503ba7a
commit 955f1253af
Signed by: byreqz
GPG Key ID: 396A62D7D436749E

367
main.go
View File

@ -1,16 +1,16 @@
package main package main
import ( import (
"fmt" "fmt"
"os" "net"
"os/exec" "net/http"
"strings" "os"
"net/http" "os/exec"
"net" "strconv"
"strconv" "strings"
log "github.com/sirupsen/logrus"
flag "github.com/spf13/pflag"
log "github.com/sirupsen/logrus"
flag "github.com/spf13/pflag"
) )
var logstdout = log.New() var logstdout = log.New()
@ -21,181 +21,218 @@ var disablexforwardedfor bool
var allowprivate bool var allowprivate bool
func init() { func init() {
logstdout.SetFormatter(&log.TextFormatter{ logstdout.SetFormatter(&log.TextFormatter{
FullTimestamp: true}) FullTimestamp: true})
logstdout.SetOutput(os.Stdout) logstdout.SetOutput(os.Stdout)
logstdout.SetLevel(log.InfoLevel) logstdout.SetLevel(log.InfoLevel)
var logfilepath string var logfilepath string
if _, exists := os.LookupEnv("PROBEHOST_LOGPATH"); exists == true { if _, exists := os.LookupEnv("PROBEHOST_LOGPATH"); exists == true {
logfilepath, _ = os.LookupEnv("PROBEHOST_LOGPATH") logfilepath, _ = os.LookupEnv("PROBEHOST_LOGPATH")
} else { } else {
logfilepath = "probehost2.log" logfilepath = "probehost2.log"
} }
if exists, _ := os.LookupEnv("PROBEHOST_ALLOW_PRIVATE"); exists == "true" { if exists, _ := os.LookupEnv("PROBEHOST_ALLOW_PRIVATE"); exists == "true" {
allowprivate = true allowprivate = true
} else { } else {
allowprivate = false allowprivate = false
} }
if envvalue, exists := os.LookupEnv("PROBEHOST_LISTEN_PORT"); exists == true { if envvalue, exists := os.LookupEnv("PROBEHOST_LISTEN_PORT"); exists == true {
var err error var err error
listenport, err = strconv.Atoi(envvalue) listenport, err = strconv.Atoi(envvalue)
if err != nil { if err != nil {
logstdout.Fatal("Failed to read PROBEHOST_LISTEN_PORT: ", err.Error()) logstdout.Fatal("Failed to read PROBEHOST_LISTEN_PORT: ", err.Error())
} }
} else { } else {
listenport = 8000 listenport = 8000
} }
if exists, _ := os.LookupEnv("PROBEHOST_DISABLE_X_FORWARDED_FOR"); exists == "true" { if exists, _ := os.LookupEnv("PROBEHOST_DISABLE_X_FORWARDED_FOR"); exists == "true" {
disablexforwardedfor = true disablexforwardedfor = true
} else { } else {
disablexforwardedfor = false disablexforwardedfor = false
} }
flag.StringVarP(&logfilepath, "logfilepath", "o", logfilepath, "sets the output file for the log") flag.StringVarP(&logfilepath, "logfilepath", "o", logfilepath, "sets the output file for the log")
flag.IntVarP(&listenport, "port", "p", listenport, "sets the port to listen on") flag.IntVarP(&listenport, "port", "p", listenport, "sets the port to listen on")
flag.BoolVarP(&disablexforwardedfor, "disable-x-forwarded-for", "x", disablexforwardedfor, "whether to show x-forwarded-for or the requesting IP") flag.BoolVarP(&disablexforwardedfor, "disable-x-forwarded-for", "x", disablexforwardedfor, "whether to show x-forwarded-for or the requesting IP")
flag.BoolVarP(&allowprivate, "allow-private", "l", allowprivate, "whether to show lookups of private IP ranges") flag.BoolVarP(&allowprivate, "allow-private", "l", allowprivate, "whether to show lookups of private IP ranges")
flag.Parse() flag.Parse()
logpath, err := os.OpenFile(logfilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0660) logpath, err := os.OpenFile(logfilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0660)
if err != nil { if err != nil {
logstdout.Fatal("Failed to initialize the logfile: ", err.Error()) logstdout.Fatal("Failed to initialize the logfile: ", err.Error())
} }
logfile.SetLevel(log.InfoLevel) logfile.SetLevel(log.InfoLevel)
logfile.SetOutput(logpath) logfile.SetOutput(logpath)
logfile.Info("probehost2 initialized") logfile.Info("probehost2 initialized")
} }
func runner(remoteip string, command string, args... string) string{ func runner(remoteip string, command string, args ...string) string {
logfile.WithFields(log.Fields{ logfile.WithFields(log.Fields{
"remote_ip": remoteip, "remote_ip": remoteip,
"command": fmt.Sprint(command, args), "command": fmt.Sprint(command, args),
}).Info("request initiated:") }).Info("request initiated:")
cmd, err := exec.Command(command, args...).Output() cmd, err := exec.Command(command, args...).Output()
if err != nil { if err != nil {
logstdout.WithFields(log.Fields{ logstdout.WithFields(log.Fields{
"remote_ip": remoteip, "remote_ip": remoteip,
"command": fmt.Sprint(command, args), "command": fmt.Sprint(command, args),
"error": err.Error(), "error": err.Error(),
}).Warn("request failed:") }).Warn("request failed:")
logfile.WithFields(log.Fields{ logfile.WithFields(log.Fields{
"remote_ip": remoteip, "remote_ip": remoteip,
"command": fmt.Sprint(command, args), "command": fmt.Sprint(command, args),
"error": err.Error(), "error": err.Error(),
}).Warn("request failed:") }).Warn("request failed:")
} else { } else {
logfile.WithFields(log.Fields{ logfile.WithFields(log.Fields{
"remote_ip": remoteip, "remote_ip": remoteip,
"command": fmt.Sprint(command, args), "command": fmt.Sprint(command, args),
}).Info("request succeeded:") }).Info("request succeeded:")
} }
return string(cmd) return string(cmd)
} }
func validatehosts(hosts []string) []string{ func validatehosts(hosts []string) ([]string, []string) {
var valid []string var validhosts []string
for _, host := range hosts { var validports []string
if hostparse := net.ParseIP(host); hostparse != nil { for _, host := range hosts {
if (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) && allowprivate { split := strings.Split(host, "_")
valid = append(valid, host) host = split[0]
} else if ! (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) { if hostparse := net.ParseIP(host); hostparse != nil {
valid = append(valid, host) if (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) && allowprivate {
} validhosts = append(validhosts, host)
} else if _, err := net.LookupIP(host); err == nil { } else if !(net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) {
valid = append(valid, host) validhosts = append(validhosts, host)
} }
} } else if _, err := net.LookupIP(host); err == nil {
return valid validhosts = append(validhosts, host)
}
var port string
if len(split) > 1 {
port = split[1]
_, err := strconv.Atoi(port) // validate if port is just an int
if err == nil {
validports = append(validports, port)
} else {
validports = append(validports, "0")
}
} else {
validports = append(validports, "0")
}
}
return validhosts, validports
} }
func parseopts(options []string, cmdopts map[string]string) []string{ func parseopts(options []string, cmdopts map[string]string) []string {
var opts []string var opts []string
for _, opt := range options { for _, opt := range options {
opts = append(opts, cmdopts[opt]) opts = append(opts, cmdopts[opt])
} }
return opts return opts
} }
func prerunner(req *http.Request, cmd string, cmdopts map[string]string, defaultopts []string) string{ func prerunner(req *http.Request, cmd string, cmdopts map[string]string, defaultopts []string) string {
geturl := strings.Split(req.URL.String(), "/") geturl := strings.Split(req.URL.String(), "/")
targets := strings.Split(geturl[2], ",") targets := strings.Split(geturl[2], ",")
hosts := validatehosts(targets) hosts, ports := validatehosts(targets)
var opts []string var opts []string
opts = append(opts, defaultopts...) opts = append(opts, defaultopts...)
if len(geturl) > 3 && len(geturl[3]) > 0 { if len(geturl) > 3 && len(geturl[3]) > 0 {
options := strings.Split(geturl[3], ",") options := strings.Split(geturl[3], ",")
opts = append(opts, parseopts(options, cmdopts)...) opts = append(opts, parseopts(options, cmdopts)...)
} }
var res string var res string
var args []string var args []string
var remoteaddr string var remoteaddr string
if req.Header.Get("X-Forwarded-For") != "" && disablexforwardedfor != true { if req.Header.Get("X-Forwarded-For") != "" && disablexforwardedfor != true {
remoteaddr = req.Header.Get("X-Forwarded-For") remoteaddr = req.Header.Get("X-Forwarded-For")
} else { } else {
remoteaddr = req.RemoteAddr remoteaddr = req.RemoteAddr
} }
for _, host := range hosts { for i, host := range hosts {
args = append(args, opts...) if ports[i] != "0" && cmd == "nping" {
args = append(args, host) args = append(args, "-p"+ports[i])
res = fmt.Sprint(res, runner(remoteaddr, cmd, args...), "\n") }
} args = append(args, opts...)
return res args = append(args, host)
fmt.Println(remoteaddr, cmd, args)
res = fmt.Sprint(res, runner(remoteaddr, cmd, args...), "\n")
}
return res
} }
func ping(w http.ResponseWriter, req *http.Request) { func ping(w http.ResponseWriter, req *http.Request) {
cmd := "ping" cmd := "ping"
cmdopts := map[string]string{ cmdopts := map[string]string{
"4": "-4", "6": "-6", "d": "-D", "n": "-n", "v": "-v", "c1": "-c1", "c5": "-c5", "c10": "-c10", "4": "-4", "6": "-6", "d": "-D", "n": "-n", "v": "-v", "c1": "-c1", "c5": "-c5", "c10": "-c10",
"force4": "-4", "force6": "-6", "timestamps": "-D", "nodns": "-n", "verbose": "-v", "count1": "-c1", "count5": "-c5", "count10": "-c10", "force4": "-4", "force6": "-6", "timestamps": "-D", "nodns": "-n", "verbose": "-v", "count1": "-c1", "count5": "-c5", "count10": "-c10",
} }
var defaultopts []string var defaultopts []string
defaultopts = append(defaultopts, "-c10") defaultopts = append(defaultopts, "-c10")
res := prerunner(req, cmd, cmdopts, defaultopts) res := prerunner(req, cmd, cmdopts, defaultopts)
if strings.TrimSpace(res) == "" { if strings.TrimSpace(res) == "" {
fmt.Fprintln(w, http.StatusInternalServerError) fmt.Fprintln(w, http.StatusInternalServerError)
} else { } else {
fmt.Fprint(w, strings.TrimSpace(res), "\n") fmt.Fprint(w, strings.TrimSpace(res), "\n")
} }
} }
func mtr(w http.ResponseWriter, req *http.Request) { func mtr(w http.ResponseWriter, req *http.Request) {
cmd := "mtr" cmd := "mtr"
cmdopts := map[string]string{ cmdopts := map[string]string{
"4": "-4", "6": "-6", "u": "-u", "t": "-T", "e": "-e", "x": "-x", "n": "-n", "b": "-b", "z": "-z", "c1": "-c1", "c5": "-c5", "c10": "-c10", "4": "-4", "6": "-6", "u": "-u", "t": "-T", "e": "-e", "x": "-x", "n": "-n", "b": "-b", "z": "-z", "c1": "-c1", "c5": "-c5", "c10": "-c10",
"force4": "-4", "force6": "-6", "udp": "-u", "tcp": "-T", "ext": "-e", "xml": "-x", "nodns": "-n", "cmb": "-b", "asn": "-z", "count1": "-c1", "count5": "-c5", "count10": "-c10", "force4": "-4", "force6": "-6", "udp": "-u", "tcp": "-T", "ext": "-e", "xml": "-x", "nodns": "-n", "cmb": "-b", "asn": "-z", "count1": "-c1", "count5": "-c5", "count10": "-c10",
} }
var defaultopts []string var defaultopts []string
defaultopts = append(defaultopts, "-r", "-w", "-c10") defaultopts = append(defaultopts, "-r", "-w", "-c10")
res := prerunner(req, cmd, cmdopts, defaultopts) res := prerunner(req, cmd, cmdopts, defaultopts)
if strings.TrimSpace(res) == "" { if strings.TrimSpace(res) == "" {
fmt.Fprintln(w, http.StatusInternalServerError) fmt.Fprintln(w, http.StatusInternalServerError)
} else { } else {
fmt.Fprint(w, strings.TrimSpace(res), "\n") fmt.Fprint(w, strings.TrimSpace(res), "\n")
} }
} }
func traceroute(w http.ResponseWriter, req *http.Request) { func traceroute(w http.ResponseWriter, req *http.Request) {
cmd := "traceroute" cmd := "traceroute"
cmdopts := map[string]string{ cmdopts := map[string]string{
"4": "-4", "6": "-6", "f": "-F", "i": "-I", "t": "-T", "n": "-n", "u": "-U", "ul": "-UL", "d": "-D", "b": "--back", "4": "-4", "6": "-6", "f": "-F", "i": "-I", "t": "-T", "n": "-n", "u": "-U", "ul": "-UL", "d": "-D", "b": "--back",
"force4": "-4", "force6": "-6", "dnf": "-F", "icmp": "-I", "tcp": "-T", "nodns": "-n", "udp": "-U", "udplite": "-UL", "dccp": "-D", "back": "--back", "force4": "-4", "force6": "-6", "dnf": "-F", "icmp": "-I", "tcp": "-T", "nodns": "-n", "udp": "-U", "udplite": "-UL", "dccp": "-D", "back": "--back",
} }
var defaultopts []string var defaultopts []string
//defaultopts = append(defaultopts) // no default options for traceroute //defaultopts = append(defaultopts) // no default options for traceroute
res := prerunner(req, cmd, cmdopts, defaultopts) res := prerunner(req, cmd, cmdopts, defaultopts)
if strings.TrimSpace(res) == "" { if strings.TrimSpace(res) == "" {
fmt.Fprintln(w, http.StatusInternalServerError) fmt.Fprintln(w, http.StatusInternalServerError)
} else { } else {
fmt.Fprint(w, strings.TrimSpace(res), "\n") fmt.Fprint(w, strings.TrimSpace(res), "\n")
} }
}
func nping(w http.ResponseWriter, req *http.Request) {
cmd := "nping"
cmdopts := map[string]string{
"4": "-4", "6": "-6", "u": "--udp", "t": "--tcp-connect", "v": "-v", "c1": "-c1", "c3": "-c3", "c5": "-c5",
"force4": "-4", "force6": "-6", "udp": "--udp", "tcp": "--tcp-connect", "verbose": "-v", "count1": "-c1", "count3": "-c3", "count5": "-c5",
}
var defaultopts []string
defaultopts = append(defaultopts, "-c3")
res := prerunner(req, cmd, cmdopts, defaultopts)
if strings.TrimSpace(res) == "" {
fmt.Fprintln(w, http.StatusInternalServerError)
} else {
fmt.Fprint(w, strings.TrimSpace(res), "\n")
}
} }
func main() { func main() {
http.HandleFunc("/ping/", ping) http.HandleFunc("/ping/", ping)
http.HandleFunc("/mtr/", mtr) http.HandleFunc("/mtr/", mtr)
http.HandleFunc("/tracert/", traceroute) http.HandleFunc("/tracert/", traceroute)
http.HandleFunc("/traceroute/", traceroute) http.HandleFunc("/traceroute/", traceroute)
logstdout.Info("Serving on :", listenport) http.HandleFunc("/nping/", nping)
logfile.Info("Serving on :", listenport) logstdout.Info("Serving on :", listenport)
http.ListenAndServe(fmt.Sprint(":", listenport), nil) logfile.Info("Serving on :", listenport)
http.ListenAndServe(fmt.Sprint(":", listenport), nil)
} }