def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType='xml', num_devices=0): """ Execute nmap and return its output. """ args = [] args.extend(["-iL", inputFileFilename]) # input file args.append("-sn") # don't port scan the hosts args.append("-PE") # use ICMP echo args.append("-n") # don't resolve hosts internally args.append("--privileged") # assume we can open raw socket args.append("--send-ip") # don't allow ARP responses if self._daemon.options.dataLength > 0: args.extend(["--data-length", str(self._daemon.options.dataLength)]) # give up on a host after spending too much time on it args.extend(["--initial-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut]) args.extend(["--min-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut]) #args.extend(["--max-retries", "0"]) Remove to reduce false negatives by re-trying if num_devices > 0: min_parallelism = int(math.floor((num_devices * self._preferences.pingTimeOut * 2) / self._daemon._prefs.pingCycleInterval + 0.5)) if min_parallelism > MAX_PARALLELISM: min_parallelism = MAX_PARALLELISM if min_parallelism > DEFAULT_PARALLELISM: args.extend(["--min-parallelism", "%d" % min_parallelism]) if traceroute: args.append("--traceroute") if outputType == 'xml': args.extend(["-oX", '-']) # outputXML to stdout else: raise ValueError("Unsupported nmap output type: %s" % outputType) # execute nmap if log.isEnabledFor(logging.DEBUG): log.debug("executing nmap %s", " ".join(args)) out, err, exitCode = yield utils.getProcessOutputAndValue( _NMAP_BINARY, args) if exitCode != 0: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) raise nmap.NmapExecutionError( exitCode=exitCode, stdout=out, stderr=err, args=args) try: nmapResults = parseNmapXmlToDict(StringIO(out)) defer.returnValue(nmapResults) except Exception as e: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) log.exception(e) raise nmap.NmapExecutionError( exitCode=exitCode, stdout=out, stderr=err, args=args)
def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType="xml", num_devices=0): """ Execute nmap and return its output. """ args = [] args.extend(["-iL", inputFileFilename]) # input file args.append("-sn") # don't port scan the hosts args.append("-PE") # use ICMP echo args.append("-n") # don't resolve hosts internally args.append("--privileged") # assume we can open raw socket args.append("--send-ip") # don't allow ARP responses args.append("-T5") # "insane" speed if self._daemon.options.dataLength > 0: args.extend(["--data-length", str(self._daemon.options.dataLength)]) cycle_interval = self._daemon._prefs.pingCycleInterval ping_tries = self._daemon._prefs.pingTries ping_timeout = self._preferences.pingTimeOut # Make sure the cycle interval is not unreasonably short. self._detectCycleInterval() # Make sure the timeout fits within one cycle. if ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval: ping_timeout = cycle_interval - MAX_NMAP_OVERHEAD # Give each host at least that much time to respond. args.extend(["--min-rtt-timeout", "%.1fs" % ping_timeout]) # But not more, so we can be exact with our calculations. args.extend(["--max-rtt-timeout", "%.1fs" % ping_timeout]) # Make sure we can safely complete the number of tries within one cycle. if ping_tries * ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval: ping_tries = int(math.floor((cycle_interval - MAX_NMAP_OVERHEAD) / ping_timeout)) args.extend(["--max-retries", "%d" % (ping_tries - 1)]) # Try to force nmap to go fast enough to finish within one cycle. min_rate = int(math.ceil(num_devices / (1.0 * cycle_interval / ping_tries))) args.extend(["--min-rate", "%d" % min_rate]) if num_devices > 0: min_parallelism = int(math.ceil(2 * num_devices * ping_timeout / cycle_interval)) if min_parallelism > MAX_PARALLELISM: min_parallelism = MAX_PARALLELISM if min_parallelism > DEFAULT_PARALLELISM: args.extend(["--min-parallelism", "%d" % min_parallelism]) if traceroute: args.append("--traceroute") # FYI, all bets are off as far as finishing within the cycle interval. if outputType == "xml": args.extend(["-oX", "-"]) # outputXML to stdout else: raise ValueError("Unsupported nmap output type: %s" % outputType) # execute nmap if log.isEnabledFor(logging.DEBUG): log.debug("executing nmap %s", " ".join(args)) out, err, exitCode = yield utils.getProcessOutputAndValue("/bin/sudo", ["-n", _NMAP_BINARY] + args) if exitCode != 0: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args) try: nmapResults = parseNmapXmlToDict(StringIO(out)) defer.returnValue(nmapResults) except Exception as e: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) log.exception(e) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args)
def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType='xml', num_devices=0): """ Execute nmap and return its output. """ args = [] args.extend(["-iL", inputFileFilename]) # input file args.append("-sn") # don't port scan the hosts args.append("-PE") # use ICMP echo args.append("-n") # don't resolve hosts internally args.append("--privileged") # assume we can open raw socket args.append("--send-ip") # don't allow ARP responses if self._daemon.options.dataLength > 0: args.extend( ["--data-length", str(self._daemon.options.dataLength)]) # give up on a host after spending too much time on it args.extend( ["--initial-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut]) args.extend( ["--min-rtt-timeout", "%.1fs" % self._preferences.pingTimeOut]) #args.extend(["--max-retries", "0"]) Remove to reduce false negatives by re-trying if num_devices > 0: min_parallelism = int( math.floor((num_devices * self._preferences.pingTimeOut * 2) / self._daemon._prefs.pingCycleInterval + 0.5)) if min_parallelism > MAX_PARALLELISM: min_parallelism = MAX_PARALLELISM if min_parallelism > DEFAULT_PARALLELISM: args.extend(["--min-parallelism", "%d" % min_parallelism]) if traceroute: args.append("--traceroute") if outputType == 'xml': args.extend(["-oX", '-']) # outputXML to stdout else: raise ValueError("Unsupported nmap output type: %s" % outputType) # execute nmap if log.isEnabledFor(logging.DEBUG): log.debug("executing nmap %s", " ".join(args)) out, err, exitCode = yield utils.getProcessOutputAndValue( _NMAP_BINARY, args) if exitCode != 0: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args) try: nmapResults = parseNmapXmlToDict(StringIO(out)) defer.returnValue(nmapResults) except Exception as e: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) log.exception(e) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args)
def _executeNmapCmd(self, inputFileFilename, traceroute=False, outputType='xml', num_devices=0): """ Execute nmap and return its output. """ args = [] args.extend(["-iL", inputFileFilename]) # input file args.append("-sn") # don't port scan the hosts args.append("-PE") # use ICMP echo args.append("-n") # don't resolve hosts internally args.append("--privileged") # assume we can open raw socket args.append("--send-ip") # don't allow ARP responses args.append("-T5") # "insane" speed if self._daemon.options.dataLength > 0: args.extend( ["--data-length", str(self._daemon.options.dataLength)]) cycle_interval = self._daemon._prefs.pingCycleInterval ping_tries = self._daemon._prefs.pingTries ping_timeout = self._preferences.pingTimeOut # Make sure the cycle interval is not unreasonably short. self._detectCycleInterval() # Make sure the timeout fits within one cycle. if ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval: ping_timeout = cycle_interval - MAX_NMAP_OVERHEAD # Give each host at least as much time as the preferences suggest. args.extend(["--min-rtt-timeout", "%.1fs" % ping_timeout]) # But not more, so we can be exact with our calculations. args.extend(["--max-rtt-timeout", "%.1fs" % ping_timeout]) # Make sure we can safely complete the number of tries within one cycle. if (ping_tries * ping_timeout + MAX_NMAP_OVERHEAD > cycle_interval): ping_tries = int( math.floor( (cycle_interval - MAX_NMAP_OVERHEAD) / ping_timeout)) args.extend(["--max-retries", "%d" % (ping_tries - 1)]) # Try to force nmap to go fast enough to finish within one cycle. min_rate = int( math.ceil(num_devices / (1.0 * cycle_interval / ping_tries))) args.extend(["--min-rate", "%d" % min_rate]) if num_devices > 0: min_parallelism = int( math.ceil(2 * num_devices * ping_timeout / cycle_interval)) if min_parallelism > MAX_PARALLELISM: min_parallelism = MAX_PARALLELISM if min_parallelism > DEFAULT_PARALLELISM: args.extend(["--min-parallelism", "%d" % min_parallelism]) if traceroute: args.append("--traceroute") # FYI, all bets are off as far as finishing within the cycle interval. if outputType == 'xml': args.extend(["-oX", '-']) # outputXML to stdout else: raise ValueError("Unsupported nmap output type: %s" % outputType) # execute nmap if log.isEnabledFor(logging.DEBUG): log.debug("executing nmap %s", " ".join(args)) out, err, exitCode = yield utils.getProcessOutputAndValue( _NMAP_BINARY, args) if exitCode != 0: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args) try: nmapResults = parseNmapXmlToDict(StringIO(out)) defer.returnValue(nmapResults) except Exception as e: input = open(inputFileFilename).read() log.debug("input file: %s", input) log.debug("stdout: %s", out) log.debug("stderr: %s", err) log.exception(e) raise nmap.NmapExecutionError(exitCode=exitCode, stdout=out, stderr=err, args=args)