Add endopoint to check is a given port is open on the client (#22)

Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.7 to 1.7.11.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](https://github.com/containerd/containerd/compare/v1.7.7...v1.7.11)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/codeql-analysis.yml

@@ -29,9 +29,6 @@ jobs:
       contents: read
       security-events: write
 
-    strategy:
-      fail-fast: false
-
     steps:
     - name: Checkout repository
       uses: actions/checkout@v3

Makefile

@@ -7,11 +7,11 @@ test: unit-test integration-test
 
 .PHONY: unit-test
 unit-test:
-	go test -race -short -cover ./...
+	go test -count=1 -race -short -cover ./...
 
 .PHONY: integration-test
 integration-test:
-	go test ./integration-tests -v
+	go test -count=1 -v ./integration-tests
 
 .PHONY: install-tools
 install-tools:
@@ -22,14 +22,9 @@ install-tools:
 	@command $(GOPATH)/shadow > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		go install golang.org/x/tools/go/analysis/passes/shadow/cmd/shadow@latest; \
 	fi
-
-	@command $(GOPATH)/golines > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go install github.com/segmentio/golines@latest; \
-	fi
 .PHONY: lint
 lint: install-tools
 	gofmt -l . && test -z $$(gofmt -l .)
-	golines -l . && test -z $$(golines -l .)
 	golangci-lint run
 	shadow ./...
 

README.md

@@ -7,21 +7,22 @@
 [![License Apache 2.0](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](./LICENSE)
 
 - [What is my IP address](#what-is-my-ip-address)
-    - [Features](#features)
-    - [Endpoints](#endpoints)
-    - [Build](#build)
-    - [Usage](#usage)
-    - [Examples](#examples)
-        - [Run a default TCP server](#run-a-default-tcp-server)
-        - [Run a TLS (HTTP/2) server only](#run-a-tls-http2-server-only)
-        - [Run an HTTP/3 server](#run-an-http3-server)
-        - [Run a default TCP server with a custom template and trust a pair of custom headers set by an upstream proxy](#run-a-default-tcp-server-with-a-custom-template-and-trust-a-pair-of-custom-headers-set-by-an-upstream-proxy)
-    - [Download](#download)
-    - [Docker](#docker)
-        - [Run a container locally using test databases](#run-a-container-locally-using-test-databases)
-        - [From Docker Hub](#from-docker-hub)
+  - [Features](#features)
+  - [Endpoints](#endpoints)
+  - [Build](#build)
+  - [Usage](#usage)
+  - [Examples](#examples)
+    - [Run a default TCP server](#run-a-default-tcp-server)
+    - [Run a TLS (HTTP/2) server only](#run-a-tls-http2-server-only)
+    - [Run an HTTP/3 server](#run-an-http3-server)
+    - [Run a default TCP server with a custom template and trust a pair of custom headers set by an upstream proxy](#run-a-default-tcp-server-with-a-custom-template-and-trust-a-pair-of-custom-headers-set-by-an-upstream-proxy)
+  - [Download](#download)
+  - [Docker](#docker)
+    - [Run a container locally using test databases](#run-a-container-locally-using-test-databases)
+    - [From Docker Hub](#from-docker-hub)
 
-Just another "what is my IP address" service, including geolocation and headers information, written in go with high performance in mind, it uses [gin](https://github.com/gin-gonic/gin) which uses [httprouter](https://github.com/julienschmidt/httprouter) a lightweight high performance HTTP multiplexer.
+Just another "what is my IP address" service, including geolocation, TCP open port checking, and headers information. Written in go with high performance in mind,
+it uses [gin](https://github.com/gin-gonic/gin) which uses [httprouter](https://github.com/julienschmidt/httprouter) a lightweight high performance HTTP multiplexer.
 
 Take a look at [ifconfig.es](https://ifconfig.es) a live site using `whatismyip`
 
@@ -42,6 +43,7 @@ curl -6 ifconfig.es
 - Can run behind a proxy by trusting a custom header (usually `X-Real-IP`) to figure out the source IP address. It also supports a custom header to resolve the client port, if the proxy can only add a header for the IP (for example a fixed header from CDNs) the client port is shown as unknown.
 - IPv4 and IPv6.
 - Geolocation info including ASN. This feature is possible thanks to [maxmind](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data?lang=en) GeoLite2 databases. In order to use these databases, a license key is needed. Please visit Maxmind site for further instructions and get a free license.
+- Checking TCP open ports.
 - High performance.
 - Self-contained server that can reload GeoLite2 databases and/or SSL certificates without stop/start. The `hup` signal is honored.
 - HTML templates for the landing page.
@@ -66,6 +68,7 @@ curl -6 ifconfig.es
 - https://ifconfig.es/all
 - https://ifconfig.es/headers
   - https://ifconfig.es/<header_name>
+- https://ifconfig.es/scan/tcp/<port_number>
 
 ## Build
 

go.mod

@@ -6,74 +6,85 @@ require (
 	github.com/gin-contrib/secure v0.0.1
 	github.com/gin-gonic/gin v1.9.1
 	github.com/oschwald/maxminddb-golang v1.12.0
-	github.com/quic-go/quic-go v0.39.0
+	github.com/quic-go/quic-go v0.40.1
 	github.com/stretchr/testify v1.8.4
-	github.com/testcontainers/testcontainers-go v0.13.0
-	golang.org/x/net v0.17.0
+	github.com/testcontainers/testcontainers-go v0.27.0
+	golang.org/x/net v0.19.0
 )
 
 require (
+	dario.cat/mergo v1.0.0 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
-	github.com/Microsoft/go-winio v0.5.2 // indirect
-	github.com/Microsoft/hcsshim v0.9.6 // indirect
+	github.com/Microsoft/go-winio v0.6.1 // indirect
+	github.com/Microsoft/hcsshim v0.11.4 // indirect
 	github.com/bytedance/sonic v1.10.2 // indirect
-	github.com/cenkalti/backoff/v4 v4.1.3 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect
-	github.com/chenzhuoyu/iasm v0.9.0 // indirect
-	github.com/containerd/cgroups v1.0.4 // indirect
-	github.com/containerd/containerd v1.6.18 // indirect
+	github.com/chenzhuoyu/iasm v0.9.1 // indirect
+	github.com/containerd/containerd v1.7.11 // indirect
+	github.com/containerd/log v0.1.0 // indirect
+	github.com/cpuguy83/dockercfg v0.3.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/docker/distribution v2.8.2+incompatible // indirect
-	github.com/docker/docker v20.10.24+incompatible // indirect
+	github.com/docker/docker v24.0.7+incompatible // indirect
 	github.com/docker/go-connections v0.4.0 // indirect
-	github.com/docker/go-units v0.4.0 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
+	github.com/docker/go-units v0.5.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.15.5 // indirect
+	github.com/go-playground/validator/v10 v10.16.0 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/mock v1.6.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/pprof v0.0.0-20230926050212-f7f687d19a98 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/pprof v0.0.0-20231229205709-960ae82b1e42 // indirect
+	github.com/google/uuid v1.4.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
+	github.com/klauspost/compress v1.16.5 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.6 // indirect
+	github.com/kr/pretty v0.3.1 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
-	github.com/magiconair/properties v1.8.6 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/moby/sys/mount v0.3.3 // indirect
-	github.com/moby/sys/mountinfo v0.6.2 // indirect
-	github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/moby/patternmatcher v0.6.0 // indirect
+	github.com/moby/sys/sequential v0.5.0 // indirect
+	github.com/moby/term v0.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
-	github.com/onsi/ginkgo/v2 v2.13.0 // indirect
+	github.com/onsi/ginkgo/v2 v2.13.2 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799 // indirect
-	github.com/opencontainers/runc v1.1.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
+	github.com/opencontainers/runc v1.1.9 // indirect
+	github.com/pelletier/go-toml/v2 v2.1.1 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/quic-go/qpack v0.4.0 // indirect
-	github.com/quic-go/qtls-go1-20 v0.3.4 // indirect
-	github.com/sirupsen/logrus v1.9.0 // indirect
+	github.com/quic-go/qtls-go1-20 v0.4.1 // indirect
+	github.com/rogpeppe/go-internal v1.10.0 // indirect
+	github.com/shirou/gopsutil/v3 v3.23.11 // indirect
+	github.com/shoenig/go-m1cpu v0.1.6 // indirect
+	github.com/sirupsen/logrus v1.9.3 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
-	github.com/ugorji/go/codec v1.2.11 // indirect
-	go.opencensus.io v0.23.0 // indirect
-	go.uber.org/mock v0.3.0 // indirect
-	golang.org/x/arch v0.5.0 // indirect
-	golang.org/x/crypto v0.14.0 // indirect
-	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
-	golang.org/x/mod v0.13.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
-	golang.org/x/tools v0.14.0 // indirect
-	google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect
-	google.golang.org/grpc v1.53.0 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	github.com/ugorji/go/codec v1.2.12 // indirect
+	github.com/yusufpapurcu/wmi v1.2.3 // indirect
+	go.uber.org/mock v0.4.0 // indirect
+	golang.org/x/arch v0.6.0 // indirect
+	golang.org/x/crypto v0.17.0 // indirect
+	golang.org/x/exp v0.0.0-20231226003508-02704c960a9b // indirect
+	golang.org/x/mod v0.14.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/tools v0.16.1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
+	google.golang.org/grpc v1.59.0 // indirect
+	google.golang.org/protobuf v1.32.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
+	gotest.tools/v3 v3.5.1 // indirect
 )

integration-tests/integration_test.go

@@ -4,8 +4,8 @@ import (
 	"context"
 	"crypto/tls"
 	"encoding/json"
+	"fmt"
 	"io"
-	"log"
 	"net/http"
 	"path/filepath"
 	"runtime"
@@ -30,12 +30,12 @@ func buildContainer() testcontainers.ContainerRequest {
 			Dockerfile: "Dockerfile",
 		},
 		Cmd: []string{
-			"-geoip2-city", "/tmp/GeoIP2-City-Test.mmdb",
-			"-geoip2-asn", "/tmp/GeoLite2-ASN-Test.mmdb",
+			"-geoip2-city", "/GeoIP2-City-Test.mmdb",
+			"-geoip2-asn", "/GeoLite2-ASN-Test.mmdb",
 			"-bind", ":8000",
 			"-tls-bind", ":8001",
-			"-tls-crt", "/tmp/server.pem",
-			"-tls-key", "/tmp/server.key",
+			"-tls-crt", "/server.pem",
+			"-tls-key", "/server.key",
 			"-trusted-header", "X-Real-IP",
 			"-enable-secure-headers",
 			"-enable-http3",
@@ -44,45 +44,55 @@ func buildContainer() testcontainers.ContainerRequest {
 		WaitingFor: wait.ForHTTP("/geo").
 			WithTLS(true, &tls.Config{InsecureSkipVerify: true}).
 			WithPort("8001"),
-		Mounts: testcontainers.Mounts(
-			testcontainers.BindMount(
-				filepath.Join(dir, "/../test/GeoIP2-City-Test.mmdb"),
-				"/tmp/GeoIP2-City-Test.mmdb",
-			),
-			testcontainers.BindMount(
-				filepath.Join(dir, "/../test/GeoLite2-ASN-Test.mmdb"),
-				"/tmp/GeoLite2-ASN-Test.mmdb",
-			),
-			testcontainers.BindMount(filepath.Join(dir, "/../test/server.pem"), "/tmp/server.pem"),
-			testcontainers.BindMount(filepath.Join(dir, "/../test/server.key"), "/tmp/server.key"),
-		),
+		Files: []testcontainers.ContainerFile{
+			{
+				HostFilePath:      filepath.Join(dir, "/../test/GeoIP2-City-Test.mmdb"),
+				ContainerFilePath: "/GeoIP2-City-Test.mmdb",
+				FileMode:          0644,
+			},
+			{
+				HostFilePath:      filepath.Join(dir, "/../test/GeoLite2-ASN-Test.mmdb"),
+				ContainerFilePath: "/GeoLite2-ASN-Test.mmdb",
+				FileMode:          0644,
+			},
+			{
+				HostFilePath:      filepath.Join(dir, "/../test/server.pem"),
+				ContainerFilePath: "/server.pem",
+				FileMode:          0644,
+			},
+			{
+				HostFilePath:      filepath.Join(dir, "/../test/server.key"),
+				ContainerFilePath: "/server.key",
+				FileMode:          0644,
+			},
+		},
 	}
 
 	return req
 }
 
+func initContainer(t assert.TestingT, request testcontainers.ContainerRequest) func() {
+	ctx := context.Background()
+
+	container, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
+		ContainerRequest: request,
+		Started:          true,
+	})
+	assert.NoError(t, err)
+
+	return func() {
+		assert.NoError(t, container.Terminate(ctx))
+	}
+}
+
 func TestContainerIntegration(t *testing.T) {
 	if testing.Short() {
 		t.Skip("Skiping integration tests")
 	}
 
-	ctx := context.Background()
-	container, err := testcontainers.GenericContainer(ctx, testcontainers.GenericContainerRequest{
-		ContainerRequest: buildContainer(),
-		Started:          true,
-	})
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer func() {
-		err = container.Terminate(ctx)
-		if err != nil {
-			log.Fatal(err)
-		}
-	}()
+	t.Cleanup(initContainer(t, buildContainer()))
 
 	http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-
 	tests := []struct {
 		name string
 		url  string
@@ -105,9 +115,27 @@ func TestContainerIntegration(t *testing.T) {
 		},
 	}
 
+	testsPortScan := []struct {
+		name string
+		port int
+		want bool
+	}{
+		{
+			name: "RequestOpenPortScan",
+			port: 8000,
+			want: true,
+		},
+		{
+			name: "RequestClosedPortScan",
+			port: 65533,
+			want: false,
+		},
+	}
+
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			req, _ := http.NewRequest("GET", tt.url, nil)
+			req, err := http.NewRequest("GET", tt.url, nil)
+			assert.NoError(t, err)
 			req.Header.Set("Accept", "application/json")
 
 			var resp *http.Response
@@ -131,6 +159,27 @@ func TestContainerIntegration(t *testing.T) {
 			assert.Equal(t, "1; mode=block", resp.Header.Get("X-Xss-Protection"))
 		})
 	}
+
+	for _, tt := range testsPortScan {
+		t.Run(tt.name, func(t *testing.T) {
+			req, err := http.NewRequest("GET", fmt.Sprintf("http://localhost:8000/scan/tcp/%d", tt.port), nil)
+			assert.NoError(t, err)
+			req.Header.Set("Accept", "application/json")
+			req.Header.Set("X-Real-IP", "127.0.0.1")
+
+			client := &http.Client{}
+			resp, err := client.Do(req)
+			assert.NoError(t, err)
+			assert.Equal(t, 200, resp.StatusCode)
+
+			body, err := io.ReadAll(resp.Body)
+			assert.NoError(t, err)
+			j := router.JSONScanResponse{}
+			assert.NoError(t, json.Unmarshal(body, &j))
+			assert.Equal(t, tt.want, j.Reachable)
+		})
+
+	}
 }
 
 func doQuicRequest(req *http.Request) (*http.Response, []byte, error) {

router/port_scanner.go

@@ -0,0 +1,54 @@
+package router
+
+import (
+	"fmt"
+	"net"
+	"net/http"
+	"strconv"
+
+	"github.com/dcarrillo/whatismyip/service"
+	"github.com/gin-gonic/gin"
+)
+
+type JSONScanResponse struct {
+	IP        string `json:"ip"`
+	Port      int    `json:"port"`
+	Reachable bool   `json:"reachable"`
+	Reason    string `json:"reason"`
+}
+
+func scanTCPPort(ctx *gin.Context) {
+	port, err := strconv.Atoi(ctx.Params.ByName("port"))
+	if err == nil && (port < 1 || port > 65535) {
+		err = fmt.Errorf("%d is not a valid port number", port)
+	}
+	if err != nil {
+		ctx.JSON(http.StatusBadRequest, JSONScanResponse{
+			Reason: err.Error(),
+		})
+		return
+	}
+
+	add := net.TCPAddr{
+		IP:   net.ParseIP(ctx.ClientIP()),
+		Port: port,
+	}
+
+	scan := service.PortScanner{
+		Address: &add,
+	}
+
+	isOpen, err := scan.IsPortOpen()
+	reason := ""
+	if err != nil {
+		reason = err.Error()
+	}
+
+	response := JSONScanResponse{
+		IP:        ctx.ClientIP(),
+		Port:      port,
+		Reachable: isOpen,
+		Reason:    reason,
+	}
+	ctx.JSON(http.StatusOK, response)
+}

router/setup.go

@@ -22,6 +22,7 @@ func SetupTemplate(r *gin.Engine) {
 // Setup defines the endpoints
 func Setup(r *gin.Engine) {
 	r.GET("/", getRoot)
+	r.GET("/scan/tcp/:port", scanTCPPort)
 	r.GET("/client-port", getClientPortAsString)
 	r.GET("/geo", getGeoAsString)
 	r.GET("/geo/:field", getGeoAsString)

service/port_scanner.go

@@ -0,0 +1,21 @@
+package service
+
+import (
+	"net"
+	"time"
+)
+
+type PortScanner struct {
+	Address net.Addr
+}
+
+func (p *PortScanner) IsPortOpen() (bool, error) {
+	conn, err := net.DialTimeout(p.Address.Network(), p.Address.String(), 3*time.Second)
+	if err != nil {
+		return false, err
+	}
+	if conn != nil {
+		defer conn.Close()
+	}
+	return true, nil
+}