npm - @roflsec/fail2scan - Versions diffs - 0.0.13 → 0.0.14 - Mend

@roflsec/fail2scan 0.0.13 → 0.0.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/daemon.js +96 -94
package/package.json +1 -1

package/bin/daemon.js CHANGED Viewed

@@ -9,9 +9,9 @@ const execFileP = promisify(execFile);
 // === Géolocalisation ===
 let getGeo = async (ip) => null;
 if (process.env.IPGEO_API_KEY) {
-  const IPGeolocationAPI = require("ip-geolocation-api-javascript-sdk");
-  const GeolocationParams = require("ip-geolocation-api-javascript-sdk/GeolocationParams.js");
+  const { default: IPGeolocationAPI, GeolocationParams } = require("ip-geolocation-api-javascript-sdk");
   const ipGeo = new IPGeolocationAPI(process.env.IPGEO_API_KEY, true);
   getGeo = (ip) => {
     return new Promise((resolve) => {
       const params = new GeolocationParams();
@@ -24,8 +24,9 @@ if (process.env.IPGEO_API_KEY) {
 // === Arguments CLI ===
 const argv = process.argv.slice(2);
-const getArg = (k,d) => { for(let i=0;i<argv.length;i++){const a=argv[i]; if(a===k&&argv[i+1]) return argv[++i]; if(a.startsWith(k+'=')) return a.split('=')[1]; } return d; };
-if(argv.includes('--help')||argv.includes('-h')){console.log(`Fail2Scan optimized daemon
+const getArg = (k, d) => { for (let i = 0; i < argv.length; i++) { const a = argv[i]; if (a === k && argv[i + 1]) return argv[++i]; if (a.startsWith(k + '=')) return a.split('=')[1]; } return d; };
+if (argv.includes('--help') || argv.includes('-h')) {
+  console.log(`Fail2Scan optimized daemon
 --log PATH (default /var/log/fail2ban.log)
 --out PATH (default /var/log/fail2scan)
 --concurrency N (default 1)
@@ -33,38 +34,39 @@ if(argv.includes('--help')||argv.includes('-h')){console.log(`Fail2Scan optimize
 --nmap-args "args" (default "-sS -Pn -p- -T4 -sV")
 --scan-ip IP (do one scan and exit)
 --quiet
-`); process.exit(0); }
-const LOG_PATH = getArg('--log','/var/log/fail2ban.log');
-const OUT_ROOT = getArg('--out','/var/log/fail2scan');
-const USER_CONCURRENCY = parseInt(getArg('--concurrency','0'),10)||0;
-const CORE_OVERRIDE = parseInt(getArg('--cores','0'),10)||0;
-const NMAP_ARGS_STR = getArg('--nmap-args','-sS -Pn -p- -T4 -sV');
-const SINGLE_IP = getArg('--scan-ip',null);
+`); process.exit(0);
+}
+const LOG_PATH = getArg('--log', '/var/log/fail2ban.log');
+const OUT_ROOT = getArg('--out', '/var/log/fail2scan');
+const USER_CONCURRENCY = parseInt(getArg('--concurrency', '0'), 10) || 0;
+const CORE_OVERRIDE = parseInt(getArg('--cores', '0'), 10) || 0;
+const NMAP_ARGS_STR = getArg('--nmap-args', '-sS -Pn -p- -T4 -sV');
+const SINGLE_IP = getArg('--scan-ip', null);
 const QUIET = argv.includes('--quiet');
-const RESCAN_TTL_SEC = 60*60;
-const STATE_FILE = path.join(os.homedir(),'.fail2scan_state.json');
-const LOG_FILE = path.join(os.homedir(),'.fail2scan.log');
+const RESCAN_TTL_SEC = 60 * 60;
+const STATE_FILE = path.join(os.homedir(), '.fail2scan_state.json');
+const LOG_FILE = path.join(os.homedir(), '.fail2scan.log');
 // === Logging ===
-const log=(...a)=>{if(!QUIET)console.log(new Date().toISOString(),...a); try{fs.appendFileSync(LOG_FILE,new Date().toISOString()+' '+a.join(' ')+'\n');}catch{}};
+const log = (...a) => { if (!QUIET) console.log(new Date().toISOString(), ...a); try { fs.appendFileSync(LOG_FILE, new Date().toISOString() + ' ' + a.join(' ') + '\n'); } catch { } };
 // === Utilitaires ===
-const sanitizeFilename=s=>String(s).replace(/[:\/\\<>?"|* ]+/g,'_');
-async function which(bin){try{await execFileP('which',[bin]);return true;}catch{return false;}}
-async function runCmdCapture(cmd,args,opts={}){try{const {stdout,stderr}=await execFileP(cmd,args,{maxBuffer:1024*1024*32,...opts}); return {ok:true,stdout:stdout||'',stderr:stderr||''};}catch(e){return {ok:false,stdout:(e.stdout||'')+'',stderr:(e.stderr||e.message)+''};}}
-function safeMkdirSyncWithFallback(p){try{return fs.mkdirSync(p,{recursive:true,mode:0o750})||p}catch(e){const f=path.join('/tmp','fail2scan');try{return fs.mkdirSync(f,{recursive:true,mode:0o750})||f}catch(ee){throw e;}}}
+const sanitizeFilename = s => String(s).replace(/[:\/\\<>?"|* ]+/g, '_');
+async function which(bin) { try { await execFileP('which', [bin]); return true; } catch { return false; } }
+async function runCmdCapture(cmd, args, opts = {}) { try { const { stdout, stderr } = await execFileP(cmd, args, { maxBuffer: 1024 * 1024 * 32, ...opts }); return { ok: true, stdout: stdout || '', stderr: stderr || '' }; } catch (e) { return { ok: false, stdout: (e.stdout || '') + '', stderr: (e.stderr || e.message) + '' }; } }
+function safeMkdirSyncWithFallback(p) { try { return fs.mkdirSync(p, { recursive: true, mode: 0o750 }) || p } catch (e) { const f = path.join('/tmp', 'fail2scan'); try { return fs.mkdirSync(f, { recursive: true, mode: 0o750 }) || f } catch (ee) { throw e; } } }
 // === Vérification prérequis ===
-(async()=>{for(const t of ['nmap','dig','whois','which']){if(t==='which')continue;if(!(await which(t))){console.error(`Missing required binary: ${t}`);process.exit(2);}}})().catch(e=>{console.error('Prereq check failed',e);process.exit(2);});
+(async () => { for (const t of ['nmap', 'dig', 'whois', 'which']) { if (t === 'which') continue; if (!(await which(t))) { console.error(`Missing required binary: ${t}`); process.exit(2); } } })().catch(e => { console.error('Prereq check failed', e); process.exit(2); });
 // === Etat ===
-function loadState(){try{if(fs.existsSync(STATE_FILE)){const j=JSON.parse(fs.readFileSync(STATE_FILE,'utf8'));return{seen:new Set(Array.isArray(j.seen)?j.seen:[]),retryAfter:typeof j.retryAfter==='object'?j.retryAfter:{}};}}catch{}return{seen:new Set(),retryAfter:{}};}
-function saveState(s){try{fs.mkdirSync(path.dirname(STATE_FILE),{recursive:true,mode:0o700});fs.writeFileSync(STATE_FILE,JSON.stringify({seen:Array.from(s.seen||[]),retryAfter:s.retryAfter||{}},null,2));}catch{}}
-const STATE=loadState();
+function loadState() { try { if (fs.existsSync(STATE_FILE)) { const j = JSON.parse(fs.readFileSync(STATE_FILE, 'utf8')); return { seen: new Set(Array.isArray(j.seen) ? j.seen : []), retryAfter: typeof j.retryAfter === 'object' ? j.retryAfter : {} }; } } catch { } return { seen: new Set(), retryAfter: {} }; }
+function saveState(s) { try { fs.mkdirSync(path.dirname(STATE_FILE), { recursive: true, mode: 0o700 }); fs.writeFileSync(STATE_FILE, JSON.stringify({ seen: Array.from(s.seen || []), retryAfter: s.retryAfter || {} }, null, 2)); } catch { } }
+const STATE = loadState();
 // === Extraction IP ===
-function extractIpFromLine(line){const v4=line.match(/\b(?:\d{1,3}\.){3}\d{1,3}\b/);if(v4&&v4[0])return v4[0];const v6=line.match(/\b([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}\b/);if(v6&&v6[0])return v6[0];return null;}
+function extractIpFromLine(line) { const v4 = line.match(/\b(?:\d{1,3}\.){3}\d{1,3}\b/); if (v4 && v4[0]) return v4[0]; const v6 = line.match(/\b([0-9a-fA-F]{0,4}:){2,7}[0-9a-fA-F]{0,4}\b/); if (v6 && v6[0]) return v6[0]; return null; }
 // === Nmap spawn ===
 function spawnOneNmap(args, outFile) {
@@ -76,7 +78,7 @@ function spawnOneNmap(args, outFile) {
     proc.stderr.on('data', c => { stderr += c.toString(); });
     proc.on('close', code => {
       if (stderr) {
-        try { fs.appendFileSync(outFile, '\n\nSTDERR:\n' + stderr); } catch (e) {}
+        try { fs.appendFileSync(outFile, '\n\nSTDERR:\n' + stderr); } catch (e) { }
       }
       resolve({ code, ok: code === 0 });
     });
@@ -100,7 +102,7 @@ async function spawnNmapParallel(ip, outDir, requestedArgs, parts) {
     const start = 1 + i * portsPer;
     const end = (i === numParts - 1) ? 65535 : ((i + 1) * portsPer);
     const subdir = path.join(outDir, `part-${i}`);
-    try { fs.mkdirSync(subdir, { recursive: true, mode: 0o750 }); } catch (e) {}
+    try { fs.mkdirSync(subdir, { recursive: true, mode: 0o750 }); } catch (e) { }
     const outNmap = path.join(subdir, 'nmap.txt');
     const portArg = `-p${start}-${end}`;
     const args = requestedArgs.map(a => a === '-p-' ? portArg : a).concat([ip]);
@@ -113,10 +115,10 @@ async function spawnNmapParallel(ip, outDir, requestedArgs, parts) {
   for (let i = 0; i < numParts; i++) {
     const fn = path.join(outDir, `part-${i}`, 'nmap.txt');
     try {
-      if (fs.existsSync(fn)) partsContent.push(fs.readFileSync(fn,'utf8'));
-    } catch (e) {}
+      if (fs.existsSync(fn)) partsContent.push(fs.readFileSync(fn, 'utf8'));
+    } catch (e) { }
   }
-  try { fs.writeFileSync(path.join(outDir, 'nmap.txt'), partsContent.join('\n\n--- PART ---\n\n')); } catch (e) {}
+  try { fs.writeFileSync(path.join(outDir, 'nmap.txt'), partsContent.join('\n\n--- PART ---\n\n')); } catch (e) { }
 }
 async function runNmap(ip, outDir, requestedArgs) {
@@ -128,104 +130,104 @@ async function runNmap(ip, outDir, requestedArgs) {
 }
 // === Scan d’une IP ===
-async function performScan(ip){
-  const now=new Date(),dateDir=now.toISOString().slice(0,10),safeIp=sanitizeFilename(ip);
-  let outDir=path.join(OUT_ROOT,dateDir,`${safeIp}_${now.toISOString().replace(/[:.]/g,'-')}`);
-  outDir=path.join(safeMkdirSyncWithFallback(path.dirname(outDir)),path.basename(outDir));
-  try { fs.mkdirSync(outDir,{recursive:true,mode:0o750}); } catch (e) {}
-  const summary={ip,ts:now.toISOString(),cmds:{}};
+async function performScan(ip) {
+  const now = new Date(), dateDir = now.toISOString().slice(0, 10), safeIp = sanitizeFilename(ip);
+  let outDir = path.join(OUT_ROOT, dateDir, `${safeIp}_${now.toISOString().replace(/[:.]/g, '-')}`);
+  outDir = path.join(safeMkdirSyncWithFallback(path.dirname(outDir)), path.basename(outDir));
+  try { fs.mkdirSync(outDir, { recursive: true, mode: 0o750 }); } catch (e) { }
+  const summary = { ip, ts: now.toISOString(), cmds: {} };
-  const requested=NMAP_ARGS_STR.trim().split(/\s+/).filter(Boolean);
+  const requested = NMAP_ARGS_STR.trim().split(/\s+/).filter(Boolean);
-  try{
-    log('Running nmap on',ip,'args:',requested.join(' '));
+  try {
+    log('Running nmap on', ip, 'args:', requested.join(' '));
     await runNmap(ip, outDir, requested);
     summary.cmds.nmap = { ok: true, args: requested.join(' '), path: 'nmap.txt' };
-  } catch(e){
-    log('nmap failed for',ip, e && e.message ? e.message : e);
+  } catch (e) {
+    log('nmap failed for', ip, e && e.message ? e.message : e);
     summary.cmds.nmap = { ok: false, err: e && e.message ? e.message : String(e) };
   }
-  try{
-    const dig = await runCmdCapture('dig',['-x',ip,'+short']);
-    fs.writeFileSync(path.join(outDir,'dig.txt'),(dig.stdout||'') + (dig.stderr?'\n\nSTDERR:\n'+dig.stderr:''));
-    summary.cmds.dig = { ok: dig.ok, path: 'dig.txt' };
-  } catch(e){ summary.cmds.dig = { ok:false, err: e && e.message ? e.message : String(e) }; }
+  try {
+    const dig = await runCmdCapture('dig', ['-x', ip, '+short']);
+    fs.writeFileSync(path.join(outDir, 'dig.txt'), (dig.stdout || '') + (dig.stderr ? '\n\nSTDERR:\n' + dig.stderr : ''));
+    summary.cmds.dig = { ok: dig.ok, path: 'dig.txt' };
+  } catch (e) { summary.cmds.dig = { ok: false, err: e && e.message ? e.message : String(e) }; }
-  try{
-    const who = await runCmdCapture('whois',[ip]);
-    fs.writeFileSync(path.join(outDir,'whois.txt'),(who.stdout||'') + (who.stderr?'\n\nSTDERR:\n'+who.stderr:''));
-    summary.cmds.whois = { ok: who.ok, path: 'whois.txt' };
-  } catch(e){ summary.cmds.whois = { ok:false, err: e && e.message ? e.message : String(e) }; }
+  try {
+    const who = await runCmdCapture('whois', [ip]);
+    fs.writeFileSync(path.join(outDir, 'whois.txt'), (who.stdout || '') + (who.stderr ? '\n\nSTDERR:\n' + who.stderr : ''));
+    summary.cmds.whois = { ok: who.ok, path: 'whois.txt' };
+  } catch (e) { summary.cmds.whois = { ok: false, err: e && e.message ? e.message : String(e) }; }
-  try{
-    const nmapTxt = fs.readFileSync(path.join(outDir,'nmap.txt'),'utf8');
-    summary.open_ports = nmapTxt.split(/\r?\n/).filter(l=>/^\d+\/tcp\s+open/.test(l)).map(l=>l.trim());
-  } catch(e){ summary.open_ports = []; }
+  try {
+    const nmapTxt = fs.readFileSync(path.join(outDir, 'nmap.txt'), 'utf8');
+    summary.open_ports = nmapTxt.split(/\r?\n/).filter(l => /^\d+\/tcp\s+open/.test(l)).map(l => l.trim());
+  } catch (e) { summary.open_ports = []; }
   // === Géolocalisation ===
-  if(getGeo){
-    try{
+  if (getGeo) {
+    try {
       const geo = await getGeo(ip);
-      fs.writeFileSync(path.join(outDir,'geo.json'), JSON.stringify(geo,null,2));
+      fs.writeFileSync(path.join(outDir, 'geo.json'), JSON.stringify(geo, null, 2));
       summary.geo = geo;
-    }catch(e){
-      log('Geo lookup failed for',ip,e.message||e);
+    } catch (e) {
+      log('Geo lookup failed for', ip, e.message || e);
       summary.geo = null;
     }
   }
-  try{ fs.writeFileSync(path.join(outDir,'summary.json'),JSON.stringify(summary,null,2)); } catch (e) {}
-  try{ fs.chmodSync(outDir,0o750); } catch (e) {}
-  log('Scan written for',ip,'->',outDir);
+  try { fs.writeFileSync(path.join(outDir, 'summary.json'), JSON.stringify(summary, null, 2)); } catch (e) { }
+  try { fs.chmodSync(outDir, 0o750); } catch (e) { }
+  log('Scan written for', ip, '->', outDir);
 }
 // === Queue ===
-class ScanQueue{
-  constructor(concurrency=1){this.concurrency=concurrency;this.running=0;this.q=[];this.set=STATE.seen;this.tmpCache=new Set();}
-  push(ip){
-    const now=Math.floor(Date.now()/1000),next=STATE.retryAfter[ip]||0;
-    if((this.set.has(ip)&&next>now)||this.tmpCache.has(ip)){log('IP already queued or running (TTL/cache):',ip);return;}
-    if(this.set.has(ip)&&next<=now)log('Re-queueing after TTL:',ip),this.set.delete(ip);
-    this.set.add(ip);STATE.seen=this.set;saveState(STATE);
-    this.q.push(ip);this.tmpCache.add(ip);this._next();
+class ScanQueue {
+  constructor(concurrency = 1) { this.concurrency = concurrency; this.running = 0; this.q = []; this.set = STATE.seen; this.tmpCache = new Set(); }
+  push(ip) {
+    const now = Math.floor(Date.now() / 1000), next = STATE.retryAfter[ip] || 0;
+    if ((this.set.has(ip) && next > now) || this.tmpCache.has(ip)) { log('IP already queued or running (TTL/cache):', ip); return; }
+    if (this.set.has(ip) && next <= now) log('Re-queueing after TTL:', ip), this.set.delete(ip);
+    this.set.add(ip); STATE.seen = this.set; saveState(STATE);
+    this.q.push(ip); this.tmpCache.add(ip); this._next();
   }
-  _next(){
-    if(this.running>=this.concurrency)return;
-    const ip=this.q.shift();if(!ip)return;
+  _next() {
+    if (this.running >= this.concurrency) return;
+    const ip = this.q.shift(); if (!ip) return;
     this.running++;
-    (async()=>{
-      try{log('Scanning',ip);await performScan(ip);log('Done',ip);}
-      catch(e){log('Error scanning',ip,e.message||e);}
-      finally{
-        STATE.retryAfter[ip]=Math.floor(Date.now()/1000)+RESCAN_TTL_SEC;
+    (async () => {
+      try { log('Scanning', ip); await performScan(ip); log('Done', ip); }
+      catch (e) { log('Error scanning', ip, e.message || e); }
+      finally {
+        STATE.retryAfter[ip] = Math.floor(Date.now() / 1000) + RESCAN_TTL_SEC;
         saveState(STATE);
-        this.set.delete(ip);this.tmpCache.delete(ip);
-        this.running--;setImmediate(()=>this._next());
+        this.set.delete(ip); this.tmpCache.delete(ip);
+        this.running--; setImmediate(() => this._next());
       }
     })();
-    setImmediate(()=>this._next());
+    setImmediate(() => this._next());
   }
 }
 // === Single IP mode ===
-if(SINGLE_IP){(async()=>{const q=new ScanQueue(CORE_OVERRIDE||USER_CONCURRENCY||1);q.push(SINGLE_IP);})();return;}
+if (SINGLE_IP) { (async () => { const q = new ScanQueue(CORE_OVERRIDE || USER_CONCURRENCY || 1); q.push(SINGLE_IP); })(); return; }
 // === Lancement daemon ===
-const concurrency = CORE_OVERRIDE||USER_CONCURRENCY||os.cpus().length||1;
+const concurrency = CORE_OVERRIDE || USER_CONCURRENCY || os.cpus().length || 1;
 const q = new ScanQueue(concurrency);
 log(`Fail2Scan started. Watching ${LOG_PATH} -> output ${OUT_ROOT}, concurrency ${concurrency}`);
 const BAN_RE = /\bBan\b/i;
-class FileTail{
-  constructor(filePath,onLine){this.filePath=filePath;this.onLine=onLine;this.pos=0;this.inode=null;this.buf='';this.watch=null;this.start();}
-  start(){try{const st=fs.statSync(this.filePath);this.inode=st.ino;this.pos=st.size;}catch{this.inode=null;this.pos=0;}this._watch();this._readNew().catch(()=>{});}
-  _watch(){try{this.watch=fs.watch(this.filePath,{persistent:true},async()=>{try{const st=fs.statSync(this.filePath);if(!st){this.inode=null;this.pos=0;return;}if(this.inode!==null&&st.ino!==this.inode)this.inode=st.ino,this.pos=0;else if(this.inode===null)this.inode=st.ino,this.pos=0;await this._readNew();}catch{}});}catch(e){log('fs.watch failed:',e.message);}}
-  async _readNew(){try{const st=fs.statSync(this.filePath);if(st.size<this.pos)this.pos=0;if(st.size===this.pos)return;const stream=fs.createReadStream(this.filePath,{start:this.pos,end:st.size-1,encoding:'utf8'});for await(const chunk of stream){this.buf+=chunk;let idx;while((idx=this.buf.indexOf('\n'))>=0){const line=this.buf.slice(0,idx);this.buf=this.buf.slice(idx+1);if(line.trim())this.onLine(line);}}this.pos=st.size;}catch{}}
-  close(){try{this.watch?.close();}catch{}}
+class FileTail {
+  constructor(filePath, onLine) { this.filePath = filePath; this.onLine = onLine; this.pos = 0; this.inode = null; this.buf = ''; this.watch = null; this.start(); }
+  start() { try { const st = fs.statSync(this.filePath); this.inode = st.ino; this.pos = st.size; } catch { this.inode = null; this.pos = 0; } this._watch(); this._readNew().catch(() => { }); }
+  _watch() { try { this.watch = fs.watch(this.filePath, { persistent: true }, async () => { try { const st = fs.statSync(this.filePath); if (!st) { this.inode = null; this.pos = 0; return; } if (this.inode !== null && st.ino !== this.inode) this.inode = st.ino, this.pos = 0; else if (this.inode === null) this.inode = st.ino, this.pos = 0; await this._readNew(); } catch { } }); } catch (e) { log('fs.watch failed:', e.message); } }
+  async _readNew() { try { const st = fs.statSync(this.filePath); if (st.size < this.pos) this.pos = 0; if (st.size === this.pos) return; const stream = fs.createReadStream(this.filePath, { start: this.pos, end: st.size - 1, encoding: 'utf8' }); for await (const chunk of stream) { this.buf += chunk; let idx; while ((idx = this.buf.indexOf('\n')) >= 0) { const line = this.buf.slice(0, idx); this.buf = this.buf.slice(idx + 1); if (line.trim()) this.onLine(line); } } this.pos = st.size; } catch { } }
+  close() { try { this.watch?.close(); } catch { } }
 }
-const tail=new FileTail(LOG_PATH,line=>{try{if(!BAN_RE.test(line))return;const ip=extractIpFromLine(line);if(!ip)return;q.push(ip);}catch(e){log('onLine handler error',e.message||e);}});
+const tail = new FileTail(LOG_PATH, line => { try { if (!BAN_RE.test(line)) return; const ip = extractIpFromLine(line); if (!ip) return; q.push(ip); } catch (e) { log('onLine handler error', e.message || e); } });
-function shutdown(){log('Shutting down Fail2Scan...');tail.close();const start=Date.now();const wait=()=>{if(q.running===0||Date.now()-start>10000)process.exit(0);setTimeout(wait,500);};wait();}
-process.on('SIGINT',shutdown);
-process.on('SIGTERM',shutdown);
+function shutdown() { log('Shutting down Fail2Scan...'); tail.close(); const start = Date.now(); const wait = () => { if (q.running === 0 || Date.now() - start > 10000) process.exit(0); setTimeout(wait, 500); }; wait(); }
+process.on('SIGINT', shutdown);
+process.on('SIGTERM', shutdown);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@roflsec/fail2scan",
-  "version": "0.0.13",
+  "version": "0.0.14",
   "description": "Fail2Scan daemon - watches fail2ban logs and scans banned IPs using nmap, dig and whois.",
   "bin": {
     "fail2scan-daemon": "./bin/daemon.js"