🐞 fix: Port scanning fixes
This commit is contained in:
Keith Solomon
@@ -43,6 +43,7 @@ Environment variables:
|
||||
- `NETTRAK_DB_PATH` (default: `/data/nettrak.db`)
|
||||
- `NETTRAK_SUBNET` (default: `192.168.2.0/24`)
|
||||
- `NETTRAK_TOP_PORTS` (default: `100`)
|
||||
- `NETTRAK_PORT_SPEC` (optional, nmap `-p` syntax, ex: `1-10000` or `22,80,443,8989`)
|
||||
- `NETTRAK_SCAN_WORKERS` (default: `12`)
|
||||
- `NETTRAK_PORT_PROBE_TIMEOUT` (default: `0.4`)
|
||||
- `NETTRAK_ENABLE_OS_DETECTION` (default: `0`)
|
||||
@@ -78,6 +79,8 @@ volumes:
|
||||
|
||||
If your Docker bindings are `0.0.0.0`, set `NETTRAK_DOCKER_HOST_IP` to the host LAN IP so mappings can be attributed correctly.
|
||||
|
||||
Note: Docker socket integration only has direct knowledge of the local Docker daemon (the host running NetTrak). Remote hosts are detected by network scanning only, so ensure your scan profile includes the needed ports (for example `NETTRAK_PORT_SPEC=1-10000` for `8989`).
|
||||
|
||||
## API Endpoints
|
||||
|
||||
- `GET /api/health`
|
||||
|
||||
@@ -4,6 +4,7 @@ DB_PATH = os.getenv("NETTRAK_DB_PATH", "/data/nettrak.db")
|
||||
DEFAULT_SUBNET = os.getenv("NETTRAK_SUBNET", "192.168.2.0/24")
|
||||
SCAN_TIMEOUT_SECONDS = int(os.getenv("NETTRAK_SCAN_TIMEOUT", "1800"))
|
||||
SCAN_TOP_PORTS = int(os.getenv("NETTRAK_TOP_PORTS", "100"))
|
||||
SCAN_PORT_SPEC = os.getenv("NETTRAK_PORT_SPEC", "").strip()
|
||||
SCAN_WORKERS = int(os.getenv("NETTRAK_SCAN_WORKERS", "12"))
|
||||
PORT_PROBE_TIMEOUT_SECONDS = float(os.getenv("NETTRAK_PORT_PROBE_TIMEOUT", "0.4"))
|
||||
ENABLE_OS_DETECTION = os.getenv("NETTRAK_ENABLE_OS_DETECTION", "0").lower() in {"1", "true", "yes", "on"}
|
||||
|
||||
@@ -14,6 +14,7 @@ from .config import (
|
||||
ENABLE_DOCKER_INSIGHTS,
|
||||
ENABLE_OS_DETECTION,
|
||||
PORT_PROBE_TIMEOUT_SECONDS,
|
||||
SCAN_PORT_SPEC,
|
||||
SCAN_TOP_PORTS,
|
||||
)
|
||||
|
||||
@@ -270,8 +271,6 @@ def scan_host(ip: str, seed_host: dict[str, Any] | None = None) -> HostResult:
|
||||
"--open",
|
||||
"-sV",
|
||||
"--version-light",
|
||||
"--top-ports",
|
||||
str(max(SCAN_TOP_PORTS, 1)),
|
||||
"-T4",
|
||||
"--max-retries",
|
||||
"1",
|
||||
@@ -279,6 +278,10 @@ def scan_host(ip: str, seed_host: dict[str, Any] | None = None) -> HostResult:
|
||||
"45s",
|
||||
ip,
|
||||
]
|
||||
if SCAN_PORT_SPEC:
|
||||
base_args[5:5] = ["-p", SCAN_PORT_SPEC]
|
||||
else:
|
||||
base_args[5:5] = ["--top-ports", str(max(SCAN_TOP_PORTS, 1))]
|
||||
|
||||
result: HostResult | None = None
|
||||
if ENABLE_OS_DETECTION:
|
||||
|
||||
@@ -8,6 +8,8 @@ services:
|
||||
- NETTRAK_DB_PATH=/data/nettrak.db
|
||||
- NETTRAK_SUBNET=192.168.2.0/24
|
||||
- NETTRAK_TOP_PORTS=100
|
||||
# Optional explicit port set/range. Example catches 8989 and many app ports:
|
||||
# - NETTRAK_PORT_SPEC=1-10000
|
||||
- NETTRAK_SCAN_WORKERS=12
|
||||
- NETTRAK_PORT_PROBE_TIMEOUT=0.4
|
||||
- NETTRAK_ENABLE_OS_DETECTION=0
|
||||
|
||||
Reference in New Issue
Block a user