Implement handling for scanning_host Redis keys (#7922)

2026-04-29 07:29:32 +00:00 · 2023-10-20 10:36:12 +02:00 · 2023-10-20 10:36:12 +02:00 · 7f0e408c76
commit 7f0e408c76
parent 3876d0e113
1 changed files with 41 additions and 2 deletions
--- a/scripts/lua/modules/vulnerability_scan/vs_utils.lua
+++ b/scripts/lua/modules/vulnerability_scan/vs_utils.lua
@ -44,6 +44,7 @@ local host_to_scan_periodicity_key  = "ntopng.prefs.host_to_scan.periodicity_sca
 local host_scannned_count_key       = "ntopng.prefs.host_to_scan.count_scanned"
 local host_scan_queue_key           = "ntopng.vs_scan_queue"
 local scanned_hosts_changes_key     = "ntopng.alerts.scanned_hosts_changes"
+local host_in_scanning_key          = "ntopng.vs_host_in_scanning.%s.%s"

 local json = require("dkjson")
 local format_utils = require("format_utils")
@ -59,6 +60,10 @@ function vs_utils.get_host_hash_key(host, scan_type)
   return string.format("%s-%s",host,scan_type)
 end

+function vs_utils.get_host_in_scanning_key(host, scan_type)
+   return string.format(host_in_scanning_key, host, scan_type)
+end
+
 -- **********************************************************

 vs_utils.scan_status = {
@ -594,6 +599,36 @@ end

 -- **********************************************************

+-- Function to remove scanning host 
+local function remove_scanning_host(host_info) 
+
+   local redis_host_in_scanning_key = vs_utils.get_host_in_scanning_key(host_info.host, host_info.scan_type)
+   local host_info_redis_string = ntop.getCache(redis_host_in_scanning_key)
+   if (not isEmptyString(host_info_redis_string)) then
+      
+      local host_info_redis = json.decode(host_info_redis_string)
+      
+      -- check also the ports to be sure. 
+      if (host_info_redis and 
+            host_info.ports == host_info_redis.ports) 
+      then
+         ntop.delCache(redis_host_in_scanning_key)
+      end
+   end
+end
+
+-- **********************************************************
+
+-- Function to set the actual scanning host on a redis key
+local function save_scanning_host(scan_info) 
+   local redis_host_in_scanning_key = vs_utils.get_host_in_scanning_key(scan_info.host, scan_info.scan_type)
+   
+   ntop.setCache(redis_host_in_scanning_key, json.encode({ports=scan_info.ports}))
+
+end
+
+-- **********************************************************
+
 -- Function to save host configuration
 function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time, last_duration,
 				    is_ok_last_scan, ports, scan_frequency, num_open_ports,
@ -749,9 +784,8 @@ function vs_utils.save_host_to_scan(scan_type, host, scan_result, last_scan_time

   vs_utils.notify_end_periodicity()

+   remove_scanning_host({host=host, scan_type=scan_type, ports=ports})

-
-   --ntop.setCache(host_to_scan_key, json.encode(saved_hosts))
   return result, new_item.id
 end

@ -1062,6 +1096,11 @@ function vs_utils.scan_host(scan_type, host, ports, scan_id)
   
   vs_utils.set_status_scan(scan_type, host, ports_scan_param, id, nil, vs_utils.scan_status.scanning)

+   -- Save on redis the scanning host to avoid inconsistent state on ntopng restarts
+   local scanning_host = {scan_type = scan_type, host = host, ports = ports_scan_param, id = scan_id}
+   save_scanning_host(scanning_host)
+
+   -- Scan host
   local scan_module = vs_utils.load_module(scan_type)
   local now,result,duration,scan_result,num_open_ports,num_vulnerabilities_found, cve, udp_ports, tcp_ports = scan_module:scan_host(host, ports)