Add configurable UDP scanning and numeric IP sorting

- Add UDP_SCAN_ENABLED and UDP_PORTS environment variables to control UDP scanning - UDP scanning disabled by default for faster scans - Support port ranges (100-200), lists (53,67,68), or mixed formats - Sort IPs numerically by octets in site management modal
2025-11-21 13:33:38 -06:00
parent c592000c96
commit 04dc238aea
4 changed files with 41 additions and 5 deletions
--- a/.env.example
+++ b/.env.example
@@ -57,6 +57,17 @@ SCHEDULER_EXECUTORS=2
 # Recommended: 3 for typical usage
 SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES=3
 # ================================
 # UDP Scanning Configuration
 # ================================
 # Enable UDP port scanning (disabled by default as it's slower)
 UDP_SCAN_ENABLED=false
 # UDP ports to scan when enabled
 # Supports ranges (e.g., 100-200), lists (e.g., 53,67,68), or mixed (e.g., 53,67-69,123)
 # Default: common UDP services
 UDP_PORTS=53,67,68,69,123,161,500,514,1900
 # ================================
 # Initial Password (First Run)
 # ================================
--- a/app/src/scanner.py
+++ b/app/src/scanner.py
@@ -6,6 +6,7 @@ SneakyScanner - Masscan-based network scanner with YAML configuration
 import argparse
 import json
 import logging
 import os
 import subprocess
 import sys
 import tempfile
@@ -906,11 +907,20 @@ class SneakyScanner:
            progress_callback('tcp_scan', None, {'status': 'starting'})
        tcp_results = self._run_masscan(all_ips, '0-65535', 'tcp')
-        # Perform UDP scan (all ports)
+        # Perform UDP scan (if enabled)
-        print(f"\n[3/5] Performing UDP scan on {len(all_ips)} IPs (ports 0-65535)...", flush=True)
+        udp_enabled = os.environ.get('UDP_SCAN_ENABLED', 'false').lower() == 'true'
        udp_ports = os.environ.get('UDP_PORTS', '53,67,68,69,123,161,500,514,1900')
        if udp_enabled:
            print(f"\n[3/5] Performing UDP scan on {len(all_ips)} IPs (ports {udp_ports})...", flush=True)
            if progress_callback:
                progress_callback('udp_scan', None, {'status': 'starting'})
-        udp_results = self._run_masscan(all_ips, '0-65535', 'udp')
+            udp_results = self._run_masscan(all_ips, udp_ports, 'udp')
        else:
            print(f"\n[3/5] Skipping UDP scan (disabled)...", flush=True)
            if progress_callback:
                progress_callback('udp_scan', None, {'status': 'skipped'})
            udp_results = []
        # Organize results by IP
        results_by_ip = {}
--- a/app/web/templates/sites.html
+++ b/app/web/templates/sites.html
@@ -688,6 +688,18 @@ async function loadSiteIps(siteId) {
        const data = await response.json();
        const ips = data.ips || [];
        // Sort IPs by numeric octets
        ips.sort((a, b) => {
            const partsA = a.ip_address.split('.').map(Number);
            const partsB = b.ip_address.split('.').map(Number);
            for (let i = 0; i < 4; i++) {
                if (partsA[i] !== partsB[i]) {
                    return partsA[i] - partsB[i];
                }
            }
            return 0;
        });
        document.getElementById('ip-count').textContent = data.total || ips.length;
        // Render flat IP table
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -41,6 +41,9 @@ services:
      # Scheduler configuration (APScheduler)
      - SCHEDULER_EXECUTORS=${SCHEDULER_EXECUTORS:-2}
      - SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES=${SCHEDULER_JOB_DEFAULTS_MAX_INSTANCES:-3}
      # UDP scanning configuration
      - UDP_SCAN_ENABLED=${UDP_SCAN_ENABLED:-false}
      - UDP_PORTS=${UDP_PORTS:-53,67,68,69,123,161,500,514,1900}
    # Scanner functionality requires privileged mode and host network for masscan/nmap
    privileged: true
    network_mode: host