Re: [PATCH] mini port scanner for busybox - V3

[Tito]

On Thursday 14 June 2007 21:00:41 Denis Vlasenko wrote:
> On Thursday 14 June 2007 16:41, Luciano Rocha wrote:
> > On Thu, Jun 14, 2007 at 04:12:20PM +0200, Tito wrote:
> > > +static int my_gettimeofday(void)
> > > +{
> > > + struct timeval now;
> > > + 
> > > + if (gettimeofday(&now, NULL))
> > > +         return 0;
> > > + return (now.tv_sec * 1000000 + now.tv_usec);
> > 
> > Err, this overflows in current 32bits systems. tv_sec is already in the
> > 31 bit limit (1181831862).
> > 
> > Use long long instead.
> 
> But he uses these only for time diff (t2 - t1 style thing).
> It's ok then.

I think that the return value can overflow due to the now.tv_sec * 1000000 at 
least in theory
if tv.usec is big enough so i changed the return type to long long as Luciano 
said.

> 
> Actually, my_gettimeofday looks like possible libbb addition.
> traceroute can use it already.
> 
> The only problem is that gettimeofday will jump if time
> is reset. But it's not a new problem.
> --
> vda

Here is version 3 of the patch.

Ciao,
Tito

--- busybox.orig/networking/Config.in	2007-05-26 23:23:37.000000000 +0200
+++ busybox/networking/Config.in	2007-06-12 21:24:18.000000000 +0200
@@ -535,6 +535,12 @@
 	  Make the output from the ping applet include statistics, and at the
 	  same time provide full support for ICMP packets.
 
+config PSCAN
+	bool "pscan"
+	default n
+	help
+	  Simple network port scanner.
+
 config ROUTE
 	bool "route"
 	default n
--- busybox.orig/networking/Kbuild	2007-04-12 22:30:12.000000000 +0200
+++ busybox/networking/Kbuild	2007-06-12 21:24:18.000000000 +0200
@@ -25,6 +25,7 @@
 lib-$(CONFIG_NSLOOKUP)     += nslookup.o
 lib-$(CONFIG_PING)         += ping.o
 lib-$(CONFIG_PING6)        += ping.o
+lib-$(CONFIG_PSCAN)        += pscan.o
 lib-$(CONFIG_ROUTE)        += route.o
 lib-$(CONFIG_TELNET)       += telnet.o
 lib-$(CONFIG_TELNETD)      += telnetd.o
--- busybox.orig/include/applets.h	2007-05-19 23:33:51.000000000 +0200
+++ busybox/include/applets.h	2007-06-12 21:24:18.000000000 +0200
@@ -257,6 +257,7 @@
 USE_PRINTENV(APPLET(printenv, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_PRINTF(APPLET(printf, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_PS(APPLET(ps, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_PSCAN(APPLET(pscan, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_PWD(APPLET_NOFORK(pwd, pwd, _BB_DIR_BIN, _BB_SUID_NEVER, pwd))
 USE_RAIDAUTORUN(APPLET(raidautorun, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_RDATE(APPLET(rdate, _BB_DIR_USR_SBIN, _BB_SUID_NEVER))
--- busybox.orig/include/usage.h	2007-06-05 21:20:53.000000000 +0200
+++ busybox/include/usage.h	2007-06-12 21:42:22.000000000 +0200
@@ -2668,6 +2668,13 @@
        "  745 root     root     S [getty]\n" \
        " 2990 andersen andersen R ps\n"
 
+#define pscan_trivial_usage \
+       "[-p PORT][-t TIMEOUT] HOST"
+#define pscan_full_usage \
+       " Scan a host's ports printing all open ports." \
+       "\n\nOptions:\n" \
+       "	-p	scan up to this port (default 1024)\n" \
+       "	-t	timeout in microseconds (default 5000000)"
 
 #define pwd_trivial_usage \
        ""
--- busybox.orig/networking/pscan.c	1970-01-01 01:00:00.000000000 +0100
+++ busybox/networking/pscan.c	2007-06-14 21:48:47.000000000 +0200
@@ -0,0 +1,127 @@
+/*
+ * Pscan is a mini port scanner implementation for busybox
+ *
+ * Copyright 2007 Tito Ragusa <[EMAIL PROTECTED]>
+ *
+ * Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
+ */
+
+#include "libbb.h"
+
+static long long my_gettimeofday(void)
+{
+	struct timeval now;
+	
+	if (gettimeofday(&now, NULL))
+		return 0;
+	return (now.tv_sec * 1000000 + now.tv_usec);
+}
+
+static char *my_getservbyport(int port)
+{
+	struct servent *server;
+	/* Protocol will be tcp as we use SOCK_STREAM. */
+	if ((server = getservbyport(htons(port), NULL)))
+		return server->s_name;
+	return (char *) "unknown";
+}
+
+int pscan_main( int argc, char **argv) ATTRIBUTE_NORETURN;
+int pscan_main( int argc, char **argv)
+{
+	const char *opt_max_port = "1024";          /* default max port */
+	unsigned int max_port;
+	const char *opt_timeout = "5000000";        /* arbitrary default timeout for roundtrip: 5 seconds */
+	int timeout;
+	int closed_ports = 0;
+	int open_ports = 0;
+	long long rtt = 0;                          /* roundtrip time */
+	long long t1;
+	int s;
+	int i;
+	smallint retval = 0;
+	len_and_sockaddr *lsap;
+
+	opt_complementary = "-1";
+	getopt32(argc, argv, "p:t:", &opt_max_port, &opt_timeout);
+	max_port =  xatoul_range(opt_max_port, 1, 65535);
+	timeout = xatoul_range(opt_timeout, 1, INT_MAX);
+	argv += optind;
+	lsap = xhost2sockaddr(*argv, max_port);
+
+	printf("Scanning %s ports 1 to %d\n Port\tProto\tState\tService\n", *argv, max_port);
+
+	for (i = 1; i <= max_port; i++) {
+		/*printf("%lld\n", rtt);*/ /* DEBUG */
+		lsap = xhost2sockaddr(*argv, i);
+
+		/* The SOCK_STREAM socket type is implemented on the TCP/IP protocol. */
+		s = xsocket(lsap->sa.sa_family, SOCK_STREAM, 0);
+
+		/* Try to unblock the socket so we don't need to wait for ETIMEOUT.   */
+		ndelay_on(s);
+
+		/* Start point needed to calculate some rough rtt and tune timeout.   */
+		t1 = my_gettimeofday();
+	int t1;
+		/* Don't check return value of connect as most of the times it is -1, */
+		/* We will check for the errno later.                                 */
+		connect(s, &lsap->sa, lsap->len);
+		/* Exit on all errors that make any further action useless.           */
+		if (errno == ENETDOWN 
+		||  errno == ENETUNREACH 
+		||  errno == ENETRESET 
+		||  errno == ECONNABORTED)
+			bb_perror_nomsg_and_die();
+		/* We ignore EHOSTUNREACH, ETIMEDOUT, EHOSTDOWN,               */
+		/* as they could be due to a firewall.                         */
+		/* We ignore EAGAIN, EINPROGRESS as they are due to O_NONBLOCK.*/
+		/* We ignore EACCES, EPERM, EADDRINUSE, EAFNOSUPPORT,          */
+		/* EALREADY, EBADF, EFAULT, EINTR, EISCONN, ENOTSOCK           */
+		/* as they are unlikely to happen here. I hope...              */
+
+		do {
+			if (errno == ECONNREFUSED) {
+				/* PORT CLOSED */
+				closed_ports++;
+				/* Attempt to calculate a new rtt. */
+				rtt = my_gettimeofday() - t1;
+				break;
+			}
+			retval = write(s, " ", 1);
+
+			if (((rtt * 2) - (my_gettimeofday() - t1)) <= 0) {
+			/* Calculate a temporary rtt and compare it with the       */
+			/* previous rtt * 2. We double the value to try to avoid   */
+			/* some false negative results on ports due to network     */
+			/* performance decrease.                                   */
+				if (rtt < timeout) {
+				/* We had some response from the host before as rtt    */
+				/* is less than our timeout value so we retry one      */
+				/* more time on this port resetting rtt to the timeout.*/
+					rtt = timeout;
+					continue;
+				}
+				/* else timeout expired. */
+				break;
+			}
+		} while (retval <= 0);
+
+		if (retval > 0) {
+			/* PORT OPEN: we were able to write to the socket. */
+			open_ports++;
+			/* Attempt to calculate a new rtt.                 */
+			rtt = my_gettimeofday() - t1;
+			printf("%5d\ttcp\topen\t%s\n", i, my_getservbyport(i));
+		}
+		/* Clean up. */
+		close(s);
+		free(lsap);
+	}
+
+	printf("%d stealth, %d closed, %d open ports\n",
+					max_port - (closed_ports + open_ports),
+					closed_ports,
+					open_ports);
+	exit(EXIT_SUCCESS);
+}

_______________________________________________
busybox mailing list
busybox@busybox.net
http://busybox.net/cgi-bin/mailman/listinfo/busybox