Merge pull request #719 from thannaske/feature-exclude-addresses

PsypherPunk · web-flow · commit 3b06a34885a3 · 2025-01-20T13:09:27.000Z
feat: add address exclusion flag (#718)
diff --git a/src/address.rs b/src/address.rs
@@ -69,9 +69,18 @@ pub fn parse_addresses(input: &Opts) -> Vec<IpAddr> {
         }
     }
 
+    // Finally, craft a list of addresses to be excluded from the scan.
+    let mut excluded_ips: Vec<IpAddr> = Vec::new();
+    if let Some(exclude_addresses) = &input.exclude_addresses {
+        for addr in exclude_addresses {
+            excluded_ips.extend(parse_address(addr, &backup_resolver));
+        }
+    }
+
     ips.into_iter()
         .collect::<BTreeSet<_>>()
         .into_iter()
+        .filter(|ip| !excluded_ips.contains(ip))
         .collect()
 }
 
@@ -212,6 +221,58 @@ mod tests {
         );
     }
 
+    #[test]
+    fn parse_addresses_with_address_exclusions() {
+        let mut opts = Opts::default();
+        opts.addresses = vec!["192.168.0.0/30".to_owned()];
+        opts.exclude_addresses = Some(vec!["192.168.0.1".to_owned()]);
+        let ips = parse_addresses(&opts);
+
+        assert_eq!(
+            ips,
+            [
+                Ipv4Addr::new(192, 168, 0, 0),
+                Ipv4Addr::new(192, 168, 0, 2),
+                Ipv4Addr::new(192, 168, 0, 3)
+            ]
+        );
+    }
+
+    #[test]
+    fn parse_addresses_with_cidr_exclusions() {
+        let mut opts = Opts::default();
+        opts.addresses = vec!["192.168.0.0/29".to_owned()];
+        opts.exclude_addresses = Some(vec!["192.168.0.0/30".to_owned()]);
+        let ips = parse_addresses(&opts);
+
+        assert_eq!(
+            ips,
+            [
+                Ipv4Addr::new(192, 168, 0, 4),
+                Ipv4Addr::new(192, 168, 0, 5),
+                Ipv4Addr::new(192, 168, 0, 6),
+                Ipv4Addr::new(192, 168, 0, 7),
+            ]
+        );
+    }
+
+    #[test]
+    fn parse_addresses_with_incorrect_address_exclusions() {
+        let mut opts = Opts::default();
+        opts.addresses = vec!["192.168.0.0/30".to_owned()];
+        opts.exclude_addresses = Some(vec!["192.168.0.1".to_owned(), "im_wrong".to_owned()]);
+        let ips = parse_addresses(&opts);
+
+        assert_eq!(
+            ips,
+            [
+                Ipv4Addr::new(192, 168, 0, 0),
+                Ipv4Addr::new(192, 168, 0, 2),
+                Ipv4Addr::new(192, 168, 0, 3)
+            ]
+        );
+    }
+
     #[test]
     fn parse_correct_host_addresses() {
         let opts = Opts {
@@ -247,6 +308,7 @@ mod tests {
 
         assert!(ips.is_empty());
     }
+
     #[test]
     fn parse_hosts_file_and_incorrect_hosts() {
         // Host file contains IP, Hosts, incorrect IPs, incorrect hosts
diff --git a/src/input.rs b/src/input.rs
@@ -155,6 +155,10 @@ pub struct Opts {
     #[arg(short, long, value_delimiter = ',')]
     pub exclude_ports: Option<Vec<u16>>,
 
+    /// A list of comma separated CIDRs, IPs, or hosts to be excluded from scanning.
+    #[arg(short = 'x', long = "exclude-addresses", value_delimiter = ',')]
+    pub exclude_addresses: Option<Vec<String>>,
+
     /// UDP scanning mode, finds UDP ports that send back responses
     #[arg(long)]
     pub udp: bool,
@@ -221,7 +225,7 @@ impl Opts {
             self.ports = Some(ports);
         }
 
-        merge_optional!(range, resolver, ulimit, exclude_ports);
+        merge_optional!(range, resolver, ulimit, exclude_ports, exclude_addresses);
     }
 }
 
@@ -246,6 +250,7 @@ impl Default for Opts {
             scripts: ScriptsRequired::Default,
             config_path: None,
             exclude_ports: None,
+            exclude_addresses: None,
             udp: false,
         }
     }
@@ -271,6 +276,7 @@ pub struct Config {
     command: Option<Vec<String>>,
     scripts: Option<ScriptsRequired>,
     exclude_ports: Option<Vec<u16>>,
+    exclude_addresses: Option<Vec<String>>,
     udp: Option<bool>,
 }
 
@@ -345,6 +351,7 @@ mod tests {
                 scan_order: Some(ScanOrder::Random),
                 scripts: None,
                 exclude_ports: None,
+                exclude_addresses: None,
                 udp: Some(false),
             }
         }

Original file line number	Diff line number	Diff line change
`@@ -155,6 +155,10 @@ pub struct Opts {`
`155`	`155`	`#[arg(short, long, value_delimiter = ',')]`
`156`	`156`	`pub exclude_ports: Option<Vec<u16>>,`
`157`	`157`
	`158`	`+ /// A list of comma separated CIDRs, IPs, or hosts to be excluded from scanning.`
	`159`	`+ #[arg(short = 'x', long = "exclude-addresses", value_delimiter = ',')]`
	`160`	`+ pub exclude_addresses: Option<Vec<String>>,`
	`161`	`+`
`158`	`162`	`/// UDP scanning mode, finds UDP ports that send back responses`
`159`	`163`	`#[arg(long)]`
`160`	`164`	`pub udp: bool,`
`@@ -221,7 +225,7 @@ impl Opts {`
`221`	`225`	`self.ports = Some(ports);`
`222`	`226`	`}`
`223`	`227`
`224`		`- merge_optional!(range, resolver, ulimit, exclude_ports);`
	`228`	`+ merge_optional!(range, resolver, ulimit, exclude_ports, exclude_addresses);`
`225`	`229`	`}`
`226`	`230`	`}`
`227`	`231`
`@@ -246,6 +250,7 @@ impl Default for Opts {`
`246`	`250`	`scripts: ScriptsRequired::Default,`
`247`	`251`	`config_path: None,`
`248`	`252`	`exclude_ports: None,`
	`253`	`+ exclude_addresses: None,`
`249`	`254`	`udp: false,`
`250`	`255`	`}`
`251`	`256`	`}`
`@@ -271,6 +276,7 @@ pub struct Config {`
`271`	`276`	`command: Option<Vec<String>>,`
`272`	`277`	`scripts: Option<ScriptsRequired>,`
`273`	`278`	`exclude_ports: Option<Vec<u16>>,`
	`279`	`+ exclude_addresses: Option<Vec<String>>,`
`274`	`280`	`udp: Option<bool>,`
`275`	`281`	`}`
`276`	`282`
`@@ -345,6 +351,7 @@ mod tests {`
`345`	`351`	`scan_order: Some(ScanOrder::Random),`
`346`	`352`	`scripts: None,`
`347`	`353`	`exclude_ports: None,`
	`354`	`+ exclude_addresses: None,`
`348`	`355`	`udp: Some(false),`
`349`	`356`	`}`
`350`	`357`	`}`