From f6f9de5ef07c3e19e6733398e7431650f3df2cb5 Mon Sep 17 00:00:00 2001
From: leech001 <leech001@gmail.com>
Date: Sun, 25 Dec 2022 12:37:02 +0300
Subject: [PATCH] Added  exclusion ports and hosts

---
 CHANGELOG.md     |  5 ++++-
 README.md        |  9 +++++++--
 app/main.go      | 18 +++++++++++++-----
 app/nmapScan.go  | 34 ++++++++++++++++++++++++++--------
 conf/config.yaml |  7 +++++++
 5 files changed, 57 insertions(+), 16 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c017e8a..07795b8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -5,4 +5,7 @@
 - [ ADD ] Running code;
 
 ## [0.0.2] - 2022-12-11
-- [ CHANGE ] Delete `bash` from apk;
\ No newline at end of file
+- [ CHANGE ] Delete `bash` from apk;
+
+## [0.0.2] - 2022-12-25
+- [ ADD ] Exclusion hosts and ports in config;
\ No newline at end of file
diff --git a/README.md b/README.md
index 4cf8198..26ccb85 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # Telegram bot for organizing constant monitoring of open ports on the network
-![GitHub Workflow Status](https://img.shields.io/github/workflow/status/grfc-ru/nmap-telegram-bot/Publish%20Docker%20image?label=BUILD%20AND%20PUBLISH%20APPLICATION&logo=github) [![GitHub](https://img.shields.io/badge/Git-Hub-purple.svg)](https://github.com/grfc-ru/nmap-telegram-bot) [![Docker](https://img.shields.io/badge/Docker-hub-2496ed.svg)](https://hub.docker.com/r/leech001/nmap-telegram-bot) [![License: WTFPL](https://img.shields.io/badge/license-WTFPL-brightgreen)](https://github.com/grfc-ru/nmap-telegram-bot/blob/master/LICENSE)  
+![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/grfc-ru/nmap-telegram-bot/docker-image.yml?label=BUILD%20AND%20PUBLISH%20APPLICATION&logo=GITHUB) [![GitHub](https://img.shields.io/badge/Git-Hub-purple.svg)](https://github.com/grfc-ru/nmap-telegram-bot) [![Docker](https://img.shields.io/badge/Docker-hub-2496ed.svg)](https://hub.docker.com/r/leech001/nmap-telegram-bot) [![License: WTFPL](https://img.shields.io/badge/license-WTFPL-brightgreen)](https://github.com/grfc-ru/nmap-telegram-bot/blob/master/LICENSE)  
 
 Application for organizing constant monitoring of open ports on nodes. Used to monitor erroneous configurations on network equipment or hacker activity.
 
@@ -28,7 +28,12 @@ scan:
   hosts:
     - host: 8.8.8.0/24      #scan network
       ports:
-        - 3389              #scan port
+        - 20-23   
+      exclusion:            
+        hosts:
+          - 8.8.8.1         #exclusion host
+        ports:
+          - 22              #exclusion port
     - host: google.com      #scan host
       ports:
         - 80                #scan port
diff --git a/app/main.go b/app/main.go
index 1224d1a..56903c7 100644
--- a/app/main.go
+++ b/app/main.go
@@ -20,8 +20,12 @@ type Config struct {
 	}
 	Scan struct {
 		Hosts []struct {
-			Host  string
-			Ports []uint16
+			Host      string
+			Ports     []string
+			Exclusion struct {
+				Hosts []string
+				Ports []string
+			}
 		}
 	}
 }
@@ -60,8 +64,12 @@ func main() {
 
 // Telegram bot for listening to incoming commands
 func botUpdate(bot *tgbotapi.BotAPI, hosts []struct {
-	Host  string
-	Ports []uint16
+	Host      string
+	Ports     []string
+	Exclusion struct {
+		Hosts []string
+		Ports []string
+	}
 }) {
 
 	// Create string for list scanning hosts
@@ -69,7 +77,7 @@ func botUpdate(bot *tgbotapi.BotAPI, hosts []struct {
 	for _, host := range hosts {
 		ports := ""
 		for _, port := range host.Ports {
-			ports += strconv.FormatUint(uint64(port), 10) + ","
+			ports += port + ","
 		}
 
 		listString += host.Host + " ports: " + ports + "\n"
diff --git a/app/nmapScan.go b/app/nmapScan.go
index 51aaf18..b57b927 100644
--- a/app/nmapScan.go
+++ b/app/nmapScan.go
@@ -3,7 +3,6 @@ package main
 import (
 	"fmt"
 	"log"
-	"strconv"
 	"time"
 
 	"github.com/Ullaakut/nmap/v2"
@@ -11,18 +10,37 @@ import (
 )
 
 // Scanning hosts for open ports
-func nmapScan(update uint16, bot *tgbotapi.BotAPI, group int64, host struct {
-	Host  string
-	Ports []uint16
-}) {
+func nmapScan(update uint16, bot *tgbotapi.BotAPI, group int64, hosts struct {
+	Host      string
+	Ports     []string
+	Exclusion struct {
+		Hosts []string
+		Ports []string
+	}
+},
+) {
 	ports := ""
-	for _, port := range host.Ports {
-		ports += strconv.FormatUint(uint64(port), 10) + ","
+	for _, port := range hosts.Ports {
+		ports += port + ","
+	}
+
+	// Create exclusions hosts
+	ehosts := ""
+	for _, ehost := range hosts.Exclusion.Hosts {
+		ehosts += ehost + ","
+	}
+
+	// Create exclusions ports
+	eports := ""
+	for _, eport := range hosts.Exclusion.Ports {
+		eports += eport + ","
 	}
 
 	scanner, err := nmap.NewScanner(
-		nmap.WithTargets(host.Host),
+		nmap.WithTargets(hosts.Host),
+		nmap.WithTargetExclusion(ehosts),
 		nmap.WithPorts(ports),
+		nmap.WithPortExclusions(eports),
 	)
 	if err != nil {
 		log.Fatalf("Unable to create nmap scanner: %v", err)
diff --git a/conf/config.yaml b/conf/config.yaml
index 3aaa774..9e96b53 100644
--- a/conf/config.yaml
+++ b/conf/config.yaml
@@ -9,8 +9,15 @@ scan:
   hosts:
     - host: 8.8.8.0/24
       ports:
+        - 20-23
         - 3389
+      exclusion:
+        hosts:
+          - 8.8.8.1
+        ports:
+          - 22
     - host: google.com
       ports:
         - 80
         - 443
+