Improve the logic

Add the ANSSI scanner to URLs
Drop a non used test
2025-04-06 22:39:27 +02:00 · 2025-04-06 22:27:12 +02:00 · 2025-04-06 22:26:01 +02:00 · 2025-04-06 22:22:01 +02:00 · 2025-04-06 21:22:24 +02:00
5 changed files with 34 additions and 41 deletions
--- a/snow-scanner/src/main.rs
+++ b/snow-scanner/src/main.rs
@ -244,7 +244,7 @@ async fn handle_scan(

                let msg = EventBusWriterEvent::BroadcastMessage(
                    WorkerMessages::DoWorkRequest {
-                        neworks: vec![Network(cidr)],
+                        networks: vec![Network(cidr)],
                    }
                    .into(),
                );
--- a/snow-scanner/src/server.rs
+++ b/snow-scanner/src/server.rs
@ -271,7 +271,7 @@ impl<'a> Worker<'a> {
                Ok(())
            }
            WorkerMessages::GetWorkRequest {} => {
-                worker_reply = Some(WorkerMessages::DoWorkRequest { neworks: vec![] });
+                worker_reply = Some(WorkerMessages::DoWorkRequest { networks: vec![] });
                Ok(())
            }
            WorkerMessages::DoWorkRequest { .. } | WorkerMessages::Invalid { .. } => {
--- a/snow-scanner/src/worker/modules.rs
+++ b/snow-scanner/src/worker/modules.rs
@ -15,7 +15,7 @@ pub enum WorkerMessages {
    #[serde(rename = "get_work")]
    GetWorkRequest {},
    #[serde(rename = "do_work")]
-    DoWorkRequest { neworks: Vec<Network> },
+    DoWorkRequest { networks: Vec<Network> },
    #[serde(rename = "scanner_found")]
    ScannerFoundResponse { name: String, address: IpAddr },
    #[serde(rename = "")]
@ -95,25 +95,25 @@ mod tests {

    #[test]
    fn deserialize_do_work_empty() {
-        let data = "{\"type\":\"do_work\",\"request\":{\"neworks\":[]}}";
+        let data = "{\"type\":\"do_work\",\"request\":{\"networks\":[]}}";
        let result: WorkerMessages = data.to_string().into();
        assert_eq!(
            result,
            WorkerMessages::DoWorkRequest {
-                neworks: [].to_vec()
+                networks: [].to_vec()
            }
        );
    }

    #[test]
    fn deserialize_do_work() {
-        let data = "{\"type\":\"do_work\",\"request\":{\"neworks\":[\"127.0.0.0/31\"]}}";
+        let data = "{\"type\":\"do_work\",\"request\":{\"networks\":[\"127.0.0.0/31\"]}}";
        let result: WorkerMessages = data.to_string().into();
        let cidr: IpCidr = IpCidr::from_str("127.0.0.0/31").unwrap();
        assert_eq!(
            result,
            WorkerMessages::DoWorkRequest {
-                neworks: [Network(cidr)].to_vec()
+                networks: [Network(cidr)].to_vec()
            }
        );
    }
--- a/snow-scanner/src/worker/scanners.rs
+++ b/snow-scanner/src/worker/scanners.rs
@ -19,6 +19,7 @@ pub enum Scanners {
    Shadowserver,
    Censys,
    InternetMeasurement,
+    Anssi,
 }

 pub trait ScannerMethods {
@ -29,17 +30,14 @@ pub trait ScannerMethods {

 impl ScannerMethods for Scanners {
    fn is_static(self: &Self) -> bool {
-        match self {
-            Self::Censys => true,
-            Self::InternetMeasurement => true,
-            _ => false,
-        }
+        self.static_file_name().is_some()
    }

    fn static_file_name(self: &Self) -> Option<&str> {
        match self {
            Self::Censys => Some("censys.txt"),
            Self::InternetMeasurement => Some("internet-measurement.com.txt"),
+            Self::Anssi => Some("anssi.txt"),
            _ => None,
        }
    }
@ -51,6 +49,7 @@ impl ScannerMethods for Scanners {
            Self::Censys => "Censys node",
            Self::InternetMeasurement => "internet measurement probe",
            Self::Shadowserver => "cloudy shadowserver",
+            _ => (*self).into(),
        }
    }
 }
@ -79,20 +78,28 @@ impl<'de> Deserialize<'de> for Scanners {

 impl ToString for Scanners {
    fn to_string(&self) -> String {
+        let res: &str = (*self).into();
+        res.to_string()
+    }
+}
+
+impl Into<&str> for Scanners {
+    fn into(self) -> &'static str {
        match self {
            Self::Stretchoid => "stretchoid",
            Self::Binaryedge => "binaryedge",
            Self::Censys => "censys",
            Self::InternetMeasurement => "internet-measurement.com",
            Self::Shadowserver => "shadowserver",
+            Self::Anssi => "anssi",
        }
-        .to_string()
    }
 }

 impl serialize::ToSql<Text, Mysql> for Scanners {
    fn to_sql(&self, out: &mut serialize::Output<Mysql>) -> serialize::Result {
-        out.write_all(self.to_string().as_bytes())?;
+        let res: &str = (*self).into();
+        out.write_all(res.as_bytes())?;

        Ok(IsNull::No)
    }
@ -121,6 +128,7 @@ impl TryInto<Scanners> for &str {
            "internet-measurement.com" => Ok(Scanners::InternetMeasurement),
            "shadowserver" => Ok(Scanners::Shadowserver),
            "censys" => Ok(Scanners::Censys),
+            "anssi" => Ok(Scanners::Anssi),
            value => Err(format!("Invalid value: {value}")),
        }
    }
@ -171,20 +179,4 @@ mod test {

        assert_eq!(res.unwrap(), Scanners::Shadowserver);
    }
-
-    #[test]
-    fn test_detect_scanner() {
-        let cname_ptr = Name::from_str("111.0-24.197.62.64.in-addr.arpa.").unwrap();
-        let ptr = Name::from_str("scan-47e.shadowserver.org.").unwrap();
-
-        assert_eq!(
-            detect_scanner(&ResolvedResult {
-                query: cname_ptr,
-                result: Some(ptr),
-                error: None
-            })
-            .unwrap(),
-            Some(Scanners::Shadowserver)
-        );
-    }
 }
--- a/snow-scanner/src/worker/worker.rs
+++ b/snow-scanner/src/worker/worker.rs
@ -2,7 +2,6 @@ use std::{env, net::IpAddr};

 use chrono::{Duration, NaiveDateTime, Utc};
 use cidr::IpCidr;
-use detection::detect_scanner;
 use dns_ptr_resolver::{get_ptr, ResolvedResult};
 use log2::*;
 use scanners::Scanners;
@ -160,14 +159,16 @@ impl Worker {
        for addr in addresses {
            let client = get_dns_client(&get_dns_server_config(&rr_dns_servers.next().unwrap()));
            match get_ptr(addr, client) {
-                Ok(result) => match detect_scanner(&result) {
-                    Ok(Some(scanner_name)) => {
+                Ok(result) => {
+                    let scanner: Result<Scanners, String> = result.query.clone().try_into();
+
+                    match scanner {
+                        Ok(scanner_name) => {
                            self.report_detection(scanner_name, addr, result);
                        }
-                    Ok(None) => {}
-
                        Err(err) => error!("Error detecting for {addr}: {:?}", err),
-                },
+                    }
+                }
                Err(_) => {
                    //debug!("Error processing {addr}: {err}")
                }
@ -195,9 +196,9 @@ impl Worker {

    pub fn receive_request(&mut self, server_request: WorkerMessages) -> &Worker {
        match server_request {
-            WorkerMessages::DoWorkRequest { neworks } => {
-                info!("Work request received for neworks: {:?}", neworks);
-                for cidr in neworks {
+            WorkerMessages::DoWorkRequest { networks } => {
+                info!("Work request received for networks: {:?}", networks);
+                for cidr in networks {
                    let cidr = cidr.0;
                    self.work_on_cidr(cidr);
                }
Author	SHA1	Message	Date
William Desportes	816a9f1aaa	Improve the logic	2025-04-06 22:39:27 +02:00
William Desportes	a6da51aa0b	Add the ANSSI scanner to URLs	2025-04-06 22:27:12 +02:00
William Desportes	bee0c757e9	Drop a non used test	2025-04-06 22:26:01 +02:00
William Desportes	9593af7b66	Fix the worker logic	2025-04-06 22:22:01 +02:00
William Desportes	9fa4dad52b	Fix a typo on "neworks" -> "networks"	2025-04-06 21:22:24 +02:00