コード例 #1
0
    def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType='xml', num_devices=0):
        """
        Execute nmap and return its output.
        """
        args = []
        args.extend(["-iL", inputFileFilename])  # input file
        args.append("-sn")               # don't port scan the hosts
        args.append("-PE")               # use ICMP echo 
        args.append("-n")                # don't resolve hosts internally
        args.append("--privileged")      # assume we can open raw socket
        args.append("--send-ip")         # don't allow ARP responses
        if self._daemon.options.dataLength > 0:
            args.extend(["--data-length", str(self._daemon.options.dataLength)])
        
        # give up on a host after spending too much time on it
        args.extend(["--initial-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut])
        args.extend(["--min-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut])
        #args.extend(["--max-retries", "0"])         Remove to reduce false negatives by re-trying
        if num_devices > 0:
            min_parallelism = int(math.floor((num_devices * self._preferences.pingTimeOut * 2) / self._daemon._prefs.pingCycleInterval + 0.5))
            if min_parallelism > MAX_PARALLELISM:
                min_parallelism = MAX_PARALLELISM
            if min_parallelism > DEFAULT_PARALLELISM:
                args.extend(["--min-parallelism", "%d" % min_parallelism])
        

        if traceroute:
            args.append("--traceroute")
        
        if outputType == 'xml':
            args.extend(["-oX", '-']) # outputXML to stdout
        else:
            raise ValueError("Unsupported nmap output type: %s" % outputType)

        # execute nmap
        if log.isEnabledFor(logging.DEBUG):
            log.debug("executing nmap %s", " ".join(args))
        out, err, exitCode = yield utils.getProcessOutputAndValue(
            _NMAP_BINARY, args)

        if exitCode != 0:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            raise nmap.NmapExecutionError(
                exitCode=exitCode, stdout=out, stderr=err, args=args)

        try:
            nmapResults = parseNmapXmlToDict(StringIO(out))
            defer.returnValue(nmapResults)
        except Exception as e:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            log.exception(e)
            raise nmap.NmapExecutionError(
                exitCode=exitCode, stdout=out, stderr=err, args=args)
コード例 #2
0
    def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType="xml", num_devices=0):
        """
        Execute nmap and return its output.
        """
        args = []
        args.extend(["-iL", inputFileFilename])  # input file
        args.append("-sn")  # don't port scan the hosts
        args.append("-PE")  # use ICMP echo
        args.append("-n")  # don't resolve hosts internally
        args.append("--privileged")  # assume we can open raw socket
        args.append("--send-ip")  # don't allow ARP responses
        args.append("-T5")  # "insane" speed
        if self._daemon.options.dataLength > 0:
            args.extend(["--data-length", str(self._daemon.options.dataLength)])

        cycle_interval = self._daemon._prefs.pingCycleInterval
        ping_tries = self._daemon._prefs.pingTries
        ping_timeout = self._preferences.pingTimeOut

        # Make sure the cycle interval is not unreasonably short.
        self._detectCycleInterval()

        # Make sure the timeout fits within one cycle.
        if ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval:
            ping_timeout = cycle_interval - MAX_NMAP_OVERHEAD

        # Give each host at least that much time to respond.
        args.extend(["--min-rtt-timeout", "%.1fs" % ping_timeout])

        # But not more, so we can be exact with our calculations.
        args.extend(["--max-rtt-timeout", "%.1fs" % ping_timeout])

        # Make sure we can safely complete the number of tries within one cycle.
        if ping_tries * ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval:
            ping_tries = int(math.floor((cycle_interval - MAX_NMAP_OVERHEAD) / ping_timeout))
        args.extend(["--max-retries", "%d" % (ping_tries - 1)])

        # Try to force nmap to go fast enough to finish within one cycle.
        min_rate = int(math.ceil(num_devices / (1.0 * cycle_interval / ping_tries)))
        args.extend(["--min-rate", "%d" % min_rate])

        if num_devices > 0:
            min_parallelism = int(math.ceil(2 * num_devices * ping_timeout / cycle_interval))
            if min_parallelism > MAX_PARALLELISM:
                min_parallelism = MAX_PARALLELISM
            if min_parallelism > DEFAULT_PARALLELISM:
                args.extend(["--min-parallelism", "%d" % min_parallelism])

        if traceroute:
            args.append("--traceroute")
            # FYI, all bets are off as far as finishing within the cycle interval.

        if outputType == "xml":
            args.extend(["-oX", "-"])  # outputXML to stdout
        else:
            raise ValueError("Unsupported nmap output type: %s" % outputType)

        # execute nmap
        if log.isEnabledFor(logging.DEBUG):
            log.debug("executing nmap %s", " ".join(args))
        out, err, exitCode = yield utils.getProcessOutputAndValue("/bin/sudo", ["-n", _NMAP_BINARY] + args)

        if exitCode != 0:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args)

        try:
            nmapResults = parseNmapXmlToDict(StringIO(out))
            defer.returnValue(nmapResults)
        except Exception as e:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            log.exception(e)
            raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args)
コード例 #3
0
    def _executeNmapCmd(self,
                        inputFileFilename,
                        traceroute=False,
                        outputType='xml',
                        num_devices=0):
        """
        Execute nmap and return its output.
        """
        args = []
        args.extend(["-iL", inputFileFilename])  # input file
        args.append("-sn")  # don't port scan the hosts
        args.append("-PE")  # use ICMP echo
        args.append("-n")  # don't resolve hosts internally
        args.append("--privileged")  # assume we can open raw socket
        args.append("--send-ip")  # don't allow ARP responses
        if self._daemon.options.dataLength > 0:
            args.extend(
                ["--data-length",
                 str(self._daemon.options.dataLength)])

        # give up on a host after spending too much time on it
        args.extend(
            ["--initial-rtt-timeout",
             "%.1fs" % self._preferences.pingTimeOut])
        args.extend(
            ["--min-rtt-timeout",
             "%.1fs" % self._preferences.pingTimeOut])
        #args.extend(["--max-retries", "0"])         Remove to reduce false negatives by re-trying
        if num_devices > 0:
            min_parallelism = int(
                math.floor((num_devices * self._preferences.pingTimeOut * 2) /
                           self._daemon._prefs.pingCycleInterval + 0.5))
            if min_parallelism > MAX_PARALLELISM:
                min_parallelism = MAX_PARALLELISM
            if min_parallelism > DEFAULT_PARALLELISM:
                args.extend(["--min-parallelism", "%d" % min_parallelism])

        if traceroute:
            args.append("--traceroute")

        if outputType == 'xml':
            args.extend(["-oX", '-'])  # outputXML to stdout
        else:
            raise ValueError("Unsupported nmap output type: %s" % outputType)

        # execute nmap
        if log.isEnabledFor(logging.DEBUG):
            log.debug("executing nmap %s", " ".join(args))
        out, err, exitCode = yield utils.getProcessOutputAndValue(
            _NMAP_BINARY, args)

        if exitCode != 0:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            raise nmap.NmapExecutionError(exitCode=exitCode,
                                          stdout=out,
                                          stderr=err,
                                          args=args)

        try:
            nmapResults = parseNmapXmlToDict(StringIO(out))
            defer.returnValue(nmapResults)
        except Exception as e:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            log.exception(e)
            raise nmap.NmapExecutionError(exitCode=exitCode,
                                          stdout=out,
                                          stderr=err,
                                          args=args)
コード例 #4
0
ファイル: NmapPingTask.py プロジェクト: c0ns0le/zenoss-4
    def _executeNmapCmd(self,
                        inputFileFilename,
                        traceroute=False,
                        outputType='xml',
                        num_devices=0):
        """
        Execute nmap and return its output.
        """
        args = []
        args.extend(["-iL", inputFileFilename])  # input file
        args.append("-sn")  # don't port scan the hosts
        args.append("-PE")  # use ICMP echo
        args.append("-n")  # don't resolve hosts internally
        args.append("--privileged")  # assume we can open raw socket
        args.append("--send-ip")  # don't allow ARP responses
        args.append("-T5")  # "insane" speed
        if self._daemon.options.dataLength > 0:
            args.extend(
                ["--data-length",
                 str(self._daemon.options.dataLength)])

        cycle_interval = self._daemon._prefs.pingCycleInterval
        ping_tries = self._daemon._prefs.pingTries
        ping_timeout = self._preferences.pingTimeOut

        # Make sure the cycle interval is not unreasonably short.
        self._detectCycleInterval()

        # Make sure the timeout fits within one cycle.
        if ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval:
            ping_timeout = cycle_interval - MAX_NMAP_OVERHEAD

        # Give each host at least as much time as the preferences suggest.
        args.extend(["--min-rtt-timeout", "%.1fs" % ping_timeout])

        # But not more, so we can be exact with our calculations.
        args.extend(["--max-rtt-timeout", "%.1fs" % ping_timeout])

        # Make sure we can safely complete the number of tries within one cycle.
        if (ping_tries * ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval):
            ping_tries = int(
                math.floor(
                    (cycle_interval - MAX_NMAP_OVERHEAD) / ping_timeout))
        args.extend(["--max-retries", "%d" % (ping_tries - 1)])

        # Try to force nmap to go fast enough to finish within one cycle.
        min_rate = int(
            math.ceil(num_devices / (1.0 * cycle_interval / ping_tries)))
        args.extend(["--min-rate", "%d" % min_rate])

        if num_devices > 0:
            min_parallelism = int(
                math.ceil(2 * num_devices * ping_timeout / cycle_interval))
            if min_parallelism > MAX_PARALLELISM:
                min_parallelism = MAX_PARALLELISM
            if min_parallelism > DEFAULT_PARALLELISM:
                args.extend(["--min-parallelism", "%d" % min_parallelism])

        if traceroute:
            args.append("--traceroute")
            # FYI, all bets are off as far as finishing within the cycle interval.

        if outputType == 'xml':
            args.extend(["-oX", '-'])  # outputXML to stdout
        else:
            raise ValueError("Unsupported nmap output type: %s" % outputType)

        # execute nmap
        if log.isEnabledFor(logging.DEBUG):
            log.debug("executing nmap %s", " ".join(args))
        out, err, exitCode = yield utils.getProcessOutputAndValue(
            _NMAP_BINARY, args)

        if exitCode != 0:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            raise nmap.NmapExecutionError(exitCode=exitCode,
                                          stdout=out,
                                          stderr=err,
                                          args=args)

        try:
            nmapResults = parseNmapXmlToDict(StringIO(out))
            defer.returnValue(nmapResults)
        except Exception as e:
            input = open(inputFileFilename).read()
            log.debug("input file: %s", input)
            log.debug("stdout: %s", out)
            log.debug("stderr: %s", err)
            log.exception(e)
            raise nmap.NmapExecutionError(exitCode=exitCode,
                                          stdout=out,
                                          stderr=err,
                                          args=args)