r-lanlib 0.1.4

A library crate for performing network scanning operations on any local area network (LAN)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367

# r-lanlib

A Rust library crate for performing network scanning operations on any local
area network (LAN). This is the Rust version of the
[go-lanscan package](https://github.com/robgonnella/go-lanscan).

## Features

- **ARP Scanning**: Discover devices on your network using Address Resolution Protocol
- **SYN Scanning**: Detect open ports on discovered devices using TCP SYN packets
- **Full Scanning**: Combined ARP and SYN scanning in a single operation
- **Vendor Detection**: Identify device manufacturers using MAC address lookup
- **Hostname Resolution**: Resolve hostnames for discovered devices
- **Async Communication**: Channel-based communication for real-time scan results
- **Flexible Targeting**: Support for CIDR blocks, IP ranges, and port ranges

## Requirements

- **Root privileges required**: This library performs raw packet operations that
  require elevated permissions
- **Rust 1.89.0+** with 2024 edition support

## Installation

```bash
cargo add r-lanlib
```

## Quick Start

### Basic ARP Scanning

```rust
use std::{sync::mpsc, time::Duration};
use r_lanlib::{
    network, packet,
    scanners::{
        arp_scanner::{ARPScanner, ARPScannerArgs},
        Device, ScanMessage, Scanner,
    },
    targets::ips::IPTargets,
};

// Get default network interface
let interface = network::get_default_interface()
    .expect("Cannot find network interface");

// Create packet wire (reader/sender)
let wire = packet::wire::default(&interface)
    .expect("Failed to create packet wire");

// Define IP targets (scan entire subnet)
let ip_targets = IPTargets::new(vec![interface.cidr.clone()]);

// Create communication channel
let (tx, rx) = mpsc::channel::<ScanMessage>();

// Configure scanner
let scanner = ARPScanner::new(ARPScannerArgs {
    interface: &interface,
    packet_reader: wire.0,
    packet_sender: wire.1,
    targets: ip_targets,
    source_port: 54321,
    include_vendor: true,
    include_host_names: true,
    idle_timeout: Duration::from_millis(10000),
    notifier: tx,
});

// Start scanning (runs in background thread)
let handle = scanner.scan();

// Process results in real-time
let mut devices = Vec::new();
loop {
    match rx.recv().expect("Failed to receive message") {
        ScanMessage::Done => break,
        ScanMessage::ARPScanResult(device) => {
            println!("Found device: {} ({})", device.ip, device.hostname);
            devices.push(device);
        }
        ScanMessage::Info(scanning) => {
            println!("Scanning: {}", scanning.ip);
        }
    }
}

handle.join().expect("Scanner thread failed");
println!("Discovered {} devices", devices.len());
```

### SYN Port Scanning

```rust
use r_lanlib::{
    scanners::{
        syn_scanner::{SYNScanner, SYNScannerArgs},
        Device, SYNScanResult, Scanner,
    },
    targets::ports::PortTargets,
};

// Define target devices (from previous ARP scan or manual)
let devices = vec![
    Device {
        hostname: "router".to_string(),
        ip: "192.168.1.1".to_string(),
        mac: "aa:bb:cc:dd:ee:ff".to_string(),
        vendor: "".to_string(),
        is_current_host: false,
    }
];

// Define port targets
let port_targets = PortTargets::new(vec![
    "22".to_string(),      // SSH
    "80".to_string(),      // HTTP
    "443".to_string(),     // HTTPS
    "8000-9000".to_string(), // Port range
]);

let scanner = SYNScanner::new(SYNScannerArgs {
    interface: &interface,
    packet_reader: wire.0,
    packet_sender: wire.1,
    targets: devices,
    ports: port_targets,
    source_port: 54321,
    idle_timeout: Duration::from_millis(10000),
    notifier: tx,
});

// Process SYN scan results
let mut results = Vec::new();
let handle = scanner.scan();

loop {
    match rx.recv().expect("Failed to receive message") {
        ScanMessage::Done => break,
        ScanMessage::SYNScanResult(result) => {
            println!("Open port {} on {}",
                result.open_port.id,
                result.device.ip
            );
            results.push(result);
        }
        _ => {}
    }
}
```

### Full Scanning (ARP + SYN)

```rust
use r_lanlib::scanners::{
    full_scanner::{FullScanner, FullScannerArgs},
    Scanner,
};

let scanner = FullScanner::new(FullScannerArgs {
    interface: &interface,
    packet_reader: wire.0,
    packet_sender: wire.1,
    targets: ip_targets,
    ports: port_targets,
    include_vendor: true,
    include_host_names: true,
    idle_timeout: Duration::from_millis(10000),
    notifier: tx,
    source_port: 54321,
});

// This will perform ARP discovery first, then SYN scan on found devices
let handle = scanner.scan();
```

## API Reference

### Core Modules

#### `network`

Provides helpers for selecting network interfaces:

- `get_default_interface()` - Get the default network interface
- `get_interface(name)` - Get a specific interface by name
- `get_available_port()` - Find an available port for scanning

#### `packet`

Low-level packet creation and transmission:

- `wire::default(interface)` - Create default packet reader/sender pair
- Various packet builders for ARP, SYN, RST packets

#### `scanners`

Main scanning implementations:

- `ARPScanner` - Discover devices using ARP
- `SYNScanner` - Scan ports on known devices
- `FullScanner` - Combined ARP + SYN scanning

#### `targets`

Target specification utilities:

- `ips::IPTargets` - Define IP ranges and CIDR blocks
- `ports::PortTargets` - Define port ranges and individual ports

### Data Structures

#### `Device`

Represents a discovered network device:

```rust
pub struct Device {
    pub hostname: String,
    pub ip: String,
    pub mac: String,
    pub vendor: String,
    pub is_current_host: bool,
}
```

#### `Port`

Represents a network port:

```rust
pub struct Port {
    pub id: u16,
    pub service: String,
}
```

#### `SYNScanResult`

Result of a SYN scan operation:

```rust
pub struct SYNScanResult {
    pub device: Device,
    pub open_port: Port,
}
```

#### `ScanMessage`

Messages sent over the notification channel:

```rust
pub enum ScanMessage {
    Done,                           // Scanning complete
    Info(Scanning),                 // Status update
    ARPScanResult(Device),          // ARP discovery result
    SYNScanResult(SYNScanResult),   // SYN scan result
}
```

### Target Specification

#### IP Targets

```rust
// CIDR blocks
IPTargets::new(vec!["192.168.1.0/24".to_string()]);

// IP ranges
IPTargets::new(vec!["192.168.1.1-192.168.1.100".to_string()]);

// Individual IPs
IPTargets::new(vec!["192.168.1.1".to_string(), "10.0.0.1".to_string()]);
```

#### Port Targets

```rust
// Port ranges
PortTargets::new(vec!["1-1000".to_string()]);

// Individual ports
PortTargets::new(vec!["22".to_string(), "80".to_string(), "443".to_string()]);

// Mixed specification
PortTargets::new(vec![
    "22".to_string(),
    "80".to_string(),
    "8000-9000".to_string()
]);
```

## Examples

The library includes several complete examples in the `examples/` directory:

- **`arp-scanner.rs`** - Basic ARP device discovery
- **`syn-scanner.rs`** - Port scanning on known devices
- **`full-scanner.rs`** - Complete network reconnaissance

Run examples from the workspace root with:

```bash
sudo -E cargo run --example arp-scanner -p r-lanlib
sudo -E cargo run --example syn-scanner -p r-lanlib
sudo -E cargo run --example full-scanner -p r-lanlib
```

## Configuration Options

### Scanner Timeouts

- `idle_timeout` - How long to wait for responses before concluding scan
- Default: 10 seconds (10,000ms)
- Recommended: 5-30 seconds depending on network size and latency

### Scanner Features

- `include_vendor` - Perform MAC address vendor lookup using IEEE OUI database
- `include_host_names` - Resolve hostnames via reverse DNS lookup
- `source_port` - Source port for scan packets (auto-selected if not specified)

### Performance Tuning

- **Concurrent scanning**: Multiple threads handle packet I/O for optimal throughput
- **Memory efficiency**: Zero-copy packet processing where possible
- **Network-aware**: Automatic rate limiting to prevent network congestion
- **Timeout optimization**: Adaptive timeouts based on network response times

## Security Considerations

- **Requires root privileges** for raw socket access on Unix-like systems
- **Network scanning may be restricted** by network policies and firewalls
- **Built-in rate limiting** prevents network congestion and reduces detection risk
- **Minimal network footprint**: Optimized packet sizes and timing
- **Memory safety**: Rust's ownership system prevents buffer overflows and memory corruption
- **Use responsibly** and only on networks you own or have permission to scan
- **Logging**: All scan activities can be logged for audit purposes

### Ethical Usage Guidelines

- Always obtain proper authorization before scanning
- Respect network resources and avoid aggressive scanning
- Be aware that scanning activities may be logged by network security systems
- Consider the impact on network performance during large-scale scans

## Error Handling

The library uses `ScanError` for comprehensive error reporting:

```rust
pub struct ScanError {
    pub ip: Option<String>,
    pub port: Option<String>,
    pub error: Box<dyn Error>,
}
```

All scanner operations return `Result<(), ScanError>` for proper error handling.

## Related Projects

- [go-lanscan](https://github.com/robgonnella/go-lanscan) - Original Go implementation
- [r-lancli](../cli/README.md) - Command-line interface using this library
- [r-lanterm](../term/README.md) - Terminal UI application using this library