mirror of
https://github.com/byReqz/probehost2.git
synced 2025-10-24 03:37:00 +00:00
Compare commits
14 Commits
1.0.0
...
e4d0d9bf61
Author | SHA1 | Date | |
---|---|---|---|
e4d0d9bf61
|
|||
|
6c7564062f
|
||
|
c6ffa0e628
|
||
|
73414736f9
|
||
|
5c8a39ad75
|
||
|
deab05167d
|
||
|
2866c9915d
|
||
|
d87f9b568b
|
||
|
188dc88d12
|
||
|
3b4e96509b
|
||
|
a0e42d369a
|
||
|
871fe76df5
|
||
|
2b8510c5ee
|
||
|
955f1253af
|
7
.github/workflows/lint.yml
vendored
Normal file
7
.github/workflows/lint.yml
vendored
Normal file
@@ -0,0 +1,7 @@
|
||||
name: ci
|
||||
|
||||
on: [push]
|
||||
|
||||
jobs:
|
||||
test:
|
||||
uses: byReqz/workflows/.github/workflows/golint_with_codeql.yml@main
|
51
README.md
51
README.md
@@ -1,5 +1,5 @@
|
||||
# probehost2
|
||||
an http endpoint to query network diagnosis tools from remote hosts
|
||||
a http endpoint to query network diagnosis tools from remote hosts
|
||||
|
||||
- <a href="#probehost2">Overview</a>
|
||||
- <a href="#disclaimer">Disclaimer</a>
|
||||
@@ -15,14 +15,15 @@ an http endpoint to query network diagnosis tools from remote hosts
|
||||
- <a href="#ping">Ping</a>
|
||||
- <a href="#mtr">MTR</a>
|
||||
- <a href="#traceroute">Traceroute</a>
|
||||
- <a href="#nping">Nping</a>
|
||||
|
||||
# Disclaimer
|
||||
Dont expect good or even mediocre code here. This is my first take at go and is mostly for myself to learn. Suggestions and improvements are welcome.
|
||||
Don't expect good or even mediocre code here. This is my first take at go and is mostly for myself to learn. Suggestions and improvements are welcome.
|
||||
|
||||
Please note that this project does not include any kind of rate limiting or other protection. It is therefore heavily advised to only make it publicly reachable if a reverse proxy is in place. A sample config for <a href="caddyserver.com/">Caddy</a> can be found in the `caddy` subfolder.
|
||||
|
||||
# Installation
|
||||
The runtime dependencies are currently `iputils`, `traceroute` and `mtr` (sometimes called `mtr-tiny`). `iputils` and `traceroute` can be substituted by `busybox`.
|
||||
The runtime dependencies are currently `iputils`, `traceroute`, `nping` (usually provided by nmap) and `mtr` (sometimes called `mtr-tiny`). `iputils` and `traceroute` can be substituted by `busybox`.
|
||||
|
||||
## Building
|
||||
The app can be built with the latest Go toolchain.
|
||||
@@ -48,7 +49,7 @@ docker build -f docker/Dockerfile . -t byreqz/probehost2:latest
|
||||
A compose file can also be found in `docker/docker-compose.yml`.
|
||||
|
||||
## Proxy
|
||||
Its recommended to only run this app together with a rate-limiting reverse-proxy. An example configuration for <a href="caddyserver.com/">Caddy</a> can be found in the `caddy` subfolder.
|
||||
It's recommended to only run this app together with a rate-limiting reverse-proxy. An example configuration for <a href="caddyserver.com/">Caddy</a> can be found in the `caddy` subfolder.
|
||||
|
||||
# Usage
|
||||
## Server
|
||||
@@ -58,9 +59,9 @@ The app currently has 4 runtime flags:
|
||||
- `-x / --disable-x-forwarded-for` -- disables checking for the X-Forwarded-For header
|
||||
- `-l / --allow-private` -- allows lookups of private IP ranges
|
||||
|
||||
All of the Flags also have an accompanying environment value: `PROBEHOST_LOGPATH`, `PROBEHOST_ALLOW_PRIVATE`, `PROBEHOST_LISTEN_PORT` and `PROBEHOST_DISABLE_X_FORWARDED_FOR` but the options given via commandline have priority.
|
||||
All the Flags also have an accompanying environment value: `PROBEHOST_LOGPATH`, `PROBEHOST_ALLOW_PRIVATE`, `PROBEHOST_LISTEN_PORT` and `PROBEHOST_DISABLE_X_FORWARDED_FOR` but the options given via commandline have priority.
|
||||
|
||||
The app will log every request including the IP thats querying and show failed requests on stdout.
|
||||
The app will log every request including the IP that's querying and show failed requests on stdout.
|
||||
|
||||
Requests that contain an X-Forwarded-For header (implying the app is behind a reverse proxy) will automatically log that address instead of the requesting IP (the proxy itself), this can be turned off with -x.
|
||||
|
||||
@@ -68,7 +69,7 @@ Requests that contain an X-Forwarded-For header (implying the app is behind a re
|
||||
### General
|
||||
The app can be queried via HTTP/HTTPS with the following scheme:
|
||||
```
|
||||
https://[address]/[command]/[hosts]/[options]
|
||||
https://[address]/[command]/[host](_[port]),[host].../[options]
|
||||
```
|
||||
|
||||
- [address] = the IP or domain serving the site
|
||||
@@ -76,7 +77,9 @@ https://[address]/[command]/[hosts]/[options]
|
||||
- ping
|
||||
- mtr
|
||||
- traceroute
|
||||
- [hosts] = can be one or more hosts query, seperated by a comma
|
||||
- nping
|
||||
- [host] = can be one or more hosts query, seperated by a comma
|
||||
- [port] = port to be queried, optional
|
||||
- [options] = options to run the command with, seperated by a comma
|
||||
|
||||
All inputs are validated and invalid input is discarded. If the request contains no valid data, the server will return HTTP 500.
|
||||
@@ -131,7 +134,7 @@ Available options are:
|
||||
- `c10` / `count10`: send 10 pings
|
||||
|
||||
Example query:
|
||||
```
|
||||
```sh
|
||||
$ curl http://localhost:8000/mtr/localhost/c1,z
|
||||
Start: 2022-01-02T00:06:56+0100
|
||||
HOST: xxx Loss% Snt Last Avg Best Wrst StDev
|
||||
@@ -155,9 +158,37 @@ Available options are:
|
||||
- `b` / `back`: Guess the number of hops in the backward path and print if it differs
|
||||
|
||||
Example query:
|
||||
```
|
||||
```sh
|
||||
$ curl http://localhost:8000/tracert/localhost/i
|
||||
traceroute to localhost (127.0.0.1), 30 hops max, 60 byte packets
|
||||
1 localhost (127.0.0.1) 0.063 ms 0.008 ms 0.006 ms
|
||||
```
|
||||
### Nping
|
||||
The default options are:
|
||||
- `c3`: send 3 pings
|
||||
|
||||
Available options are:
|
||||
- `4` / `force4`: force IPv4
|
||||
- `6` / `force6`: force IPv6
|
||||
- `u` / `udp`: use UDP
|
||||
- `t` / `tcp`: use TCP
|
||||
- `v` / `verbose`: be verbose
|
||||
- `c1` / `count1`: send 1 ping
|
||||
- `c3` / `count3`: send 3 pings
|
||||
- `c5` / `count5`: send 5 pings
|
||||
|
||||
Example query:
|
||||
```sh
|
||||
$ curl localhost:8000/nping/localhost_22
|
||||
Starting Nping 0.7.92 ( https://nmap.org/nping ) at 2022-05-29 15:28 CEST
|
||||
SENT (0.0022s) Starting TCP Handshake > localhost:22 (127.0.0.1:22)
|
||||
RCVD (0.0133s) Handshake with localhost:22 (127.0.0.1:22) completed
|
||||
SENT (1.0041s) Starting TCP Handshake > localhost:22 (127.0.0.1:22)
|
||||
RCVD (1.0089s) Handshake with localhost:22 (127.0.0.1:22) completed
|
||||
SENT (2.0071s) Starting TCP Handshake > localhost:22 (127.0.0.1:22)
|
||||
RCVD (2.0090s) Handshake with localhost:22 (127.0.0.1:22) completed
|
||||
|
||||
Max rtt: 11.130ms | Min rtt: 1.945ms | Avg rtt: 5.965ms
|
||||
TCP connection attempts: 3 | Successful connections: 3 | Failed: 0 (0.00%)
|
||||
Nping done: 1 IP address pinged in 2.01 seconds
|
||||
```
|
@@ -2,11 +2,14 @@ FROM golang:latest as builder
|
||||
WORKDIR /build
|
||||
COPY . .
|
||||
RUN go get -u
|
||||
RUN CGO_ENABLED=0 go build -o probehost2
|
||||
RUN CGO_ENABLED=0 go build -ldflags="-s -w" -o probehost2
|
||||
|
||||
FROM alpine:latest
|
||||
RUN apk update
|
||||
RUN apk add mtr iputils
|
||||
RUN apk add mtr iputils nmap-nping traceroute
|
||||
RUN adduser -D probehost2
|
||||
COPY --from=builder /build/probehost2 /
|
||||
RUN touch /probehost2.log
|
||||
RUN chown probehost2:users /probehost2.log
|
||||
USER probehost2
|
||||
CMD ["/probehost2"]
|
||||
|
8
go.mod
8
go.mod
@@ -2,9 +2,9 @@ module github.com/byReqz/probehost2
|
||||
|
||||
go 1.17
|
||||
|
||||
require github.com/sirupsen/logrus v1.8.1
|
||||
|
||||
require (
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect
|
||||
github.com/sirupsen/logrus v1.9.3
|
||||
github.com/spf13/pflag v1.0.5
|
||||
)
|
||||
|
||||
require golang.org/x/sys v0.23.0 // indirect
|
||||
|
20
go.sum
20
go.sum
@@ -1,14 +1,18 @@
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
|
||||
github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
|
||||
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
|
||||
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
|
||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||
github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
|
||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM=
|
||||
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
|
||||
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
377
main.go
377
main.go
@@ -1,201 +1,236 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strings"
|
||||
"net/http"
|
||||
"net"
|
||||
"strconv"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
flag "github.com/spf13/pflag"
|
||||
"fmt"
|
||||
"net"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
flag "github.com/spf13/pflag"
|
||||
)
|
||||
|
||||
var logstdout = log.New()
|
||||
var logfile = log.New()
|
||||
var logStdout = log.New()
|
||||
var logFile = log.New()
|
||||
|
||||
var listenport int
|
||||
var disablexforwardedfor bool
|
||||
var allowprivate bool
|
||||
var listenPort = 8080 // port to listen on
|
||||
var disableXForwardedFor bool // whether to disable parsing the X-Forwarded-For header or not
|
||||
var allowPrivate bool // whether to allow private IP ranges or not
|
||||
|
||||
func init() {
|
||||
logstdout.SetFormatter(&log.TextFormatter{
|
||||
FullTimestamp: true})
|
||||
logstdout.SetOutput(os.Stdout)
|
||||
logstdout.SetLevel(log.InfoLevel)
|
||||
var logfilepath string
|
||||
logStdout.SetFormatter(&log.TextFormatter{
|
||||
FullTimestamp: true})
|
||||
logStdout.SetOutput(os.Stdout)
|
||||
logStdout.SetLevel(log.InfoLevel)
|
||||
|
||||
if _, exists := os.LookupEnv("PROBEHOST_LOGPATH"); exists == true {
|
||||
logfilepath, _ = os.LookupEnv("PROBEHOST_LOGPATH")
|
||||
} else {
|
||||
logfilepath = "probehost2.log"
|
||||
}
|
||||
if exists, _ := os.LookupEnv("PROBEHOST_ALLOW_PRIVATE"); exists == "true" {
|
||||
allowprivate = true
|
||||
} else {
|
||||
allowprivate = false
|
||||
}
|
||||
if envvalue, exists := os.LookupEnv("PROBEHOST_LISTEN_PORT"); exists == true {
|
||||
var err error
|
||||
listenport, err = strconv.Atoi(envvalue)
|
||||
if err != nil {
|
||||
logstdout.Fatal("Failed to read PROBEHOST_LISTEN_PORT: ", err.Error())
|
||||
}
|
||||
} else {
|
||||
listenport = 8000
|
||||
}
|
||||
if exists, _ := os.LookupEnv("PROBEHOST_DISABLE_X_FORWARDED_FOR"); exists == "true" {
|
||||
disablexforwardedfor = true
|
||||
} else {
|
||||
disablexforwardedfor = false
|
||||
}
|
||||
flag.StringVarP(&logfilepath, "logfilepath", "o", logfilepath, "sets the output file for the log")
|
||||
flag.IntVarP(&listenport, "port", "p", listenport, "sets the port to listen on")
|
||||
flag.BoolVarP(&disablexforwardedfor, "disable-x-forwarded-for", "x", disablexforwardedfor, "whether to show x-forwarded-for or the requesting IP")
|
||||
flag.BoolVarP(&allowprivate, "allow-private", "l", allowprivate, "whether to show lookups of private IP ranges")
|
||||
flag.Parse()
|
||||
logFilePath := "probehost2.log"
|
||||
if val, exists := os.LookupEnv("PROBEHOST_LOGPATH"); exists {
|
||||
logFilePath = val
|
||||
}
|
||||
|
||||
logpath, err := os.OpenFile(logfilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0660)
|
||||
if err != nil {
|
||||
logstdout.Fatal("Failed to initialize the logfile: ", err.Error())
|
||||
}
|
||||
logfile.SetLevel(log.InfoLevel)
|
||||
logfile.SetOutput(logpath)
|
||||
logfile.Info("probehost2 initialized")
|
||||
_, allowPrivate = os.LookupEnv("PROBEHOST_ALLOW_PRIVATE")
|
||||
_, disableXForwardedFor = os.LookupEnv("PROBEHOST_DISABLE_X_FORWARDED_FOR")
|
||||
|
||||
if val, exists := os.LookupEnv("PROBEHOST_LISTEN_PORT"); exists {
|
||||
var err error
|
||||
listenPort, err = strconv.Atoi(val)
|
||||
if err != nil {
|
||||
logStdout.Fatal("Failed to read PROBEHOST_LISTEN_PORT: ", err.Error())
|
||||
}
|
||||
}
|
||||
|
||||
flag.StringVarP(&logFilePath, "logFilePath", "o", logFilePath, "sets the output file for the log")
|
||||
flag.IntVarP(&listenPort, "port", "p", listenPort, "sets the port to listen on")
|
||||
flag.BoolVarP(&disableXForwardedFor, "disable-x-forwarded-for", "x", disableXForwardedFor, "whether to show x-forwarded-for or the requesting IP")
|
||||
flag.BoolVarP(&allowPrivate, "allow-private", "l", allowPrivate, "whether to show lookups of private IP ranges")
|
||||
flag.Parse()
|
||||
|
||||
logpath, err := os.OpenFile(logFilePath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0660)
|
||||
if err != nil {
|
||||
logStdout.Fatal("Failed to initialize the logFile: ", err.Error())
|
||||
}
|
||||
logFile.SetLevel(log.InfoLevel)
|
||||
logFile.SetOutput(logpath)
|
||||
logFile.Info("probehost2 initialized")
|
||||
}
|
||||
|
||||
func runner(remoteip string, command string, args... string) string{
|
||||
logfile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
}).Info("request initiated:")
|
||||
cmd, err := exec.Command(command, args...).Output()
|
||||
if err != nil {
|
||||
logstdout.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
"error": err.Error(),
|
||||
}).Warn("request failed:")
|
||||
logfile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
"error": err.Error(),
|
||||
}).Warn("request failed:")
|
||||
} else {
|
||||
logfile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
}).Info("request succeeded:")
|
||||
}
|
||||
return string(cmd)
|
||||
// runner runs the given command with the given args and returns stdout as string. Also logs all executed commands and their exit state.
|
||||
func runner(remoteip string, command string, args ...string) string {
|
||||
logFile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
}).Info("request initiated:")
|
||||
cmd, err := exec.Command(command, args...).Output()
|
||||
if err != nil {
|
||||
logStdout.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
"error": err.Error(),
|
||||
}).Warn("request failed:")
|
||||
logFile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
"error": err.Error(),
|
||||
}).Warn("request failed:")
|
||||
} else {
|
||||
logFile.WithFields(log.Fields{
|
||||
"remote_ip": remoteip,
|
||||
"command": fmt.Sprint(command, args),
|
||||
}).Info("request succeeded:")
|
||||
}
|
||||
return string(cmd)
|
||||
}
|
||||
|
||||
func validatehosts(hosts []string) []string{
|
||||
var valid []string
|
||||
for _, host := range hosts {
|
||||
if hostparse := net.ParseIP(host); hostparse != nil {
|
||||
if (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) && allowprivate {
|
||||
valid = append(valid, host)
|
||||
} else if ! (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) {
|
||||
valid = append(valid, host)
|
||||
}
|
||||
} else if _, err := net.LookupIP(host); err == nil {
|
||||
valid = append(valid, host)
|
||||
}
|
||||
}
|
||||
return valid
|
||||
// validatehosts checks the given host+port combinations for validity and returns valid hosts + valid ports seperately.
|
||||
func validatehosts(hosts []string) ([]string, []string) {
|
||||
var validHosts []string
|
||||
var validPorts []string
|
||||
for _, host := range hosts {
|
||||
split := strings.Split(host, "_")
|
||||
host = split[0]
|
||||
if hostparse := net.ParseIP(host); hostparse != nil {
|
||||
if (net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) && allowPrivate {
|
||||
validHosts = append(validHosts, host)
|
||||
} else if !(net.IP.IsPrivate(hostparse) || net.IP.IsLoopback(hostparse)) {
|
||||
validHosts = append(validHosts, host)
|
||||
}
|
||||
} else if _, err := net.LookupIP(host); err == nil {
|
||||
validHosts = append(validHosts, host)
|
||||
} else {
|
||||
continue
|
||||
}
|
||||
|
||||
var port string
|
||||
if len(split) > 1 {
|
||||
port = split[1]
|
||||
_, err := strconv.Atoi(port) // validate if port is just an int
|
||||
if err == nil {
|
||||
validPorts = append(validPorts, port)
|
||||
} else {
|
||||
validPorts = append(validPorts, "0")
|
||||
}
|
||||
} else {
|
||||
validPorts = append(validPorts, "0")
|
||||
}
|
||||
}
|
||||
return validHosts, validPorts
|
||||
}
|
||||
|
||||
func parseopts(options []string, cmdopts map[string]string) []string{
|
||||
var opts []string
|
||||
for _, opt := range options {
|
||||
opts = append(opts, cmdopts[opt])
|
||||
}
|
||||
return opts
|
||||
// parseopts matches the given user options to the valid optionmap.
|
||||
func parseopts(options []string, cmdopts map[string]string) []string {
|
||||
var opts []string
|
||||
for _, opt := range options {
|
||||
opts = append(opts, cmdopts[opt])
|
||||
}
|
||||
return opts
|
||||
}
|
||||
|
||||
func prerunner(req *http.Request, cmd string, cmdopts map[string]string, defaultopts []string) string{
|
||||
geturl := strings.Split(req.URL.String(), "/")
|
||||
targets := strings.Split(geturl[2], ",")
|
||||
hosts := validatehosts(targets)
|
||||
var opts []string
|
||||
opts = append(opts, defaultopts...)
|
||||
if len(geturl) > 3 && len(geturl[3]) > 0 {
|
||||
options := strings.Split(geturl[3], ",")
|
||||
opts = append(opts, parseopts(options, cmdopts)...)
|
||||
}
|
||||
var res string
|
||||
var args []string
|
||||
var remoteaddr string
|
||||
if req.Header.Get("X-Forwarded-For") != "" && disablexforwardedfor != true {
|
||||
remoteaddr = req.Header.Get("X-Forwarded-For")
|
||||
} else {
|
||||
remoteaddr = req.RemoteAddr
|
||||
}
|
||||
for _, host := range hosts {
|
||||
args = append(args, opts...)
|
||||
args = append(args, host)
|
||||
res = fmt.Sprint(res, runner(remoteaddr, cmd, args...), "\n")
|
||||
}
|
||||
return res
|
||||
// prerunner processes the incoming request to send it to runner.
|
||||
func prerunner(req *http.Request, cmd string, cmdopts map[string]string, defaultopts []string) string {
|
||||
geturl := strings.Split(req.URL.String(), "/")
|
||||
targets := strings.Split(geturl[2], ",")
|
||||
hosts, ports := validatehosts(targets)
|
||||
var opts []string
|
||||
opts = append(opts, defaultopts...)
|
||||
if len(geturl) > 3 && len(geturl[3]) > 0 {
|
||||
options := strings.Split(geturl[3], ",")
|
||||
opts = append(opts, parseopts(options, cmdopts)...)
|
||||
}
|
||||
var res string
|
||||
var args []string
|
||||
remoteaddr := req.RemoteAddr
|
||||
if req.Header.Get("X-Forwarded-For") != "" && !disableXForwardedFor {
|
||||
remoteaddr = req.Header.Get("X-Forwarded-For")
|
||||
}
|
||||
for i, host := range hosts {
|
||||
runargs := append(args, opts...)
|
||||
if ports[i] != "0" && cmd == "nping" {
|
||||
runargs = append(runargs, "-p"+ports[i])
|
||||
}
|
||||
runargs = append(runargs, host)
|
||||
res = fmt.Sprint(res, runner(remoteaddr, cmd, runargs...), "\n")
|
||||
}
|
||||
return res
|
||||
}
|
||||
|
||||
// ping is the response handler for the ping command. It defines the allowed options.
|
||||
func ping(w http.ResponseWriter, req *http.Request) {
|
||||
cmd := "ping"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "d": "-D", "n": "-n", "v": "-v", "c1": "-c1", "c5": "-c5", "c10": "-c10",
|
||||
"force4": "-4", "force6": "-6", "timestamps": "-D", "nodns": "-n", "verbose": "-v", "count1": "-c1", "count5": "-c5", "count10": "-c10",
|
||||
}
|
||||
var defaultopts []string
|
||||
defaultopts = append(defaultopts, "-c10")
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
fmt.Fprintln(w, http.StatusInternalServerError)
|
||||
} else {
|
||||
fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
cmd := "ping"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "d": "-D", "n": "-n", "v": "-v", "c1": "-c1", "c5": "-c5", "c10": "-c10",
|
||||
"force4": "-4", "force6": "-6", "timestamps": "-D", "nodns": "-n", "verbose": "-v", "count1": "-c1", "count5": "-c5", "count10": "-c10",
|
||||
}
|
||||
var defaultopts []string
|
||||
defaultopts = append(defaultopts, "-c10")
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
http.Error(w, "500: Internal Server Error", http.StatusInternalServerError)
|
||||
} else {
|
||||
_, _ = fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
}
|
||||
|
||||
// mtr is the response handler for the mtr command. It defines the allowed options.
|
||||
func mtr(w http.ResponseWriter, req *http.Request) {
|
||||
cmd := "mtr"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "u": "-u", "t": "-T", "e": "-e", "x": "-x", "n": "-n", "b": "-b", "z": "-z", "c1": "-c1", "c5": "-c5", "c10": "-c10",
|
||||
"force4": "-4", "force6": "-6", "udp": "-u", "tcp": "-T", "ext": "-e", "xml": "-x", "nodns": "-n", "cmb": "-b", "asn": "-z", "count1": "-c1", "count5": "-c5", "count10": "-c10",
|
||||
}
|
||||
var defaultopts []string
|
||||
defaultopts = append(defaultopts, "-r", "-w", "-c10")
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
fmt.Fprintln(w, http.StatusInternalServerError)
|
||||
} else {
|
||||
fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
cmd := "mtr"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "u": "-u", "t": "-T", "e": "-e", "x": "-x", "n": "-n", "b": "-b", "z": "-z", "c1": "-c1", "c5": "-c5", "c10": "-c10",
|
||||
"force4": "-4", "force6": "-6", "udp": "-u", "tcp": "-T", "ext": "-e", "xml": "-x", "nodns": "-n", "cmb": "-b", "asn": "-z", "count1": "-c1", "count5": "-c5", "count10": "-c10",
|
||||
}
|
||||
var defaultopts []string
|
||||
defaultopts = append(defaultopts, "-r", "-w", "-c10")
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
http.Error(w, "500: Internal Server Error", http.StatusInternalServerError)
|
||||
} else {
|
||||
_, _ = fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
}
|
||||
|
||||
// traceroute is the response handler for the traceroute command. It defines the allowed options.
|
||||
func traceroute(w http.ResponseWriter, req *http.Request) {
|
||||
cmd := "traceroute"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "f": "-F", "i": "-I", "t": "-T", "n": "-n", "u": "-U", "ul": "-UL", "d": "-D", "b": "--back",
|
||||
"force4": "-4", "force6": "-6", "dnf": "-F", "icmp": "-I", "tcp": "-T", "nodns": "-n", "udp": "-U", "udplite": "-UL", "dccp": "-D", "back": "--back",
|
||||
}
|
||||
var defaultopts []string
|
||||
//defaultopts = append(defaultopts) // no default options for traceroute
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
fmt.Fprintln(w, http.StatusInternalServerError)
|
||||
} else {
|
||||
fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
cmd := "traceroute"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "f": "-F", "i": "-I", "t": "-T", "n": "-n", "u": "-U", "ul": "-UL", "d": "-D", "b": "--back",
|
||||
"force4": "-4", "force6": "-6", "dnf": "-F", "icmp": "-I", "tcp": "-T", "nodns": "-n", "udp": "-U", "udplite": "-UL", "dccp": "-D", "back": "--back",
|
||||
}
|
||||
var defaultopts []string
|
||||
//defaultopts = append(defaultopts) // no default options for traceroute
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
http.Error(w, "500: Internal Server Error", http.StatusInternalServerError)
|
||||
} else {
|
||||
_, _ = fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
}
|
||||
|
||||
// nping is the response handler for the nping command. It defines the allowed options.
|
||||
func nping(w http.ResponseWriter, req *http.Request) {
|
||||
cmd := "nping"
|
||||
cmdopts := map[string]string{
|
||||
"4": "-4", "6": "-6", "u": "--udp", "t": "--tcp-connect", "v": "-v", "c1": "-c1", "c3": "-c3", "c5": "-c5",
|
||||
"force4": "-4", "force6": "-6", "udp": "--udp", "tcp": "--tcp-connect", "verbose": "-v", "count1": "-c1", "count3": "-c3", "count5": "-c5",
|
||||
}
|
||||
var defaultopts []string
|
||||
defaultopts = append(defaultopts, "-c3")
|
||||
res := prerunner(req, cmd, cmdopts, defaultopts)
|
||||
if strings.TrimSpace(res) == "" {
|
||||
http.Error(w, "500: Internal Server Error", http.StatusInternalServerError)
|
||||
} else {
|
||||
_, _ = fmt.Fprint(w, strings.TrimSpace(res), "\n")
|
||||
}
|
||||
}
|
||||
|
||||
func main() {
|
||||
http.HandleFunc("/ping/", ping)
|
||||
http.HandleFunc("/mtr/", mtr)
|
||||
http.HandleFunc("/tracert/", traceroute)
|
||||
http.HandleFunc("/traceroute/", traceroute)
|
||||
logstdout.Info("Serving on :", listenport)
|
||||
logfile.Info("Serving on :", listenport)
|
||||
http.ListenAndServe(fmt.Sprint(":", listenport), nil)
|
||||
}
|
||||
http.HandleFunc("/ping/", ping)
|
||||
http.HandleFunc("/mtr/", mtr)
|
||||
http.HandleFunc("/tracert/", traceroute)
|
||||
http.HandleFunc("/traceroute/", traceroute)
|
||||
http.HandleFunc("/nping/", nping)
|
||||
logStdout.Info("Serving on :", listenPort)
|
||||
logFile.Info("Serving on :", listenPort)
|
||||
_ = http.ListenAndServe(fmt.Sprint(":", listenPort), nil)
|
||||
}
|
||||
|
@@ -8,6 +8,8 @@ StartLimitBurst=5
|
||||
StartLimitIntervalSec=20
|
||||
|
||||
[Service]
|
||||
User=1000
|
||||
Group=1000
|
||||
Restart=always
|
||||
RestartSec=1
|
||||
ExecStart=/bin/probehost2 --logfilepath "/var/log/probehost2.log" --port 8000
|
||||
|
Reference in New Issue
Block a user