#!/usr/bin/perl -s

require 5.002;
use Socket;

my($firstport, $lastport) = (1, 1024);
$services{1321} = "MOO FTP";
$services{1355} = "MOO Who";
$services{1357} = "MOO ProgPort";
$services{1359} = "MidgardMOO";
$services{1705} = "Quip Server";
$services{1999} = "MOO TTY";
$services{4848} = "Mancala";
$services{11359} = "MOOltiplexor";
$services{18888} = "MOO Info";
$services{8080} = "www";
$services{1977} = "Synod 1.0";
$services{2001} = "Synod 2.0";

if(!@ARGV) {
  print "Usage: $0 [[first port] last port] host ...\n";
  exit(0);
}

if($ARGV[0] =~ /^\d+$/ && $ARGV[1] =~ /^\d+$/) {
  $firstport = 0+shift;
  $lastport = 0+shift;
} elsif($ARGV[0]=~/^\d+$/) {
  $lastport = 0+shift;
}


use Net::Netmask;
for(my $i=@ARGV; $i>=0; $i--) {
  if($ARGV[$i] =~ m|^(\d+\.\d+\.\d+\.\d+)/(\d+\.\d+\.\d+\.\d+)$|) {
    my $b=new Net::Netmask($1,$2);
    splice @ARGV, $i, 1, $b->enumerate();
  } elsif($ARGV[$i] =~ m|^(\d+\.\d+\.\d+\.\d+)/(\d+)$|) {
    my $b=new Net::Netmask("$1/$2");
    splice @ARGV, $i, 1, $b->enumerate();
  } elsif($ARGV[$i] =~ m|^(\d+\.\d+\.\d+\.\d+)-((\d+\.){0,3}\d+)$|) {
    my @start = split /\./, $1;
    my @end = split /\./, $2;
    @end = (@start[0..(3-@end)], @end);
    my $start = 0;
    while(@start) {$start *= 256; $start += shift @start;}
    my $end = 0;
    while(@end) {$end *= 256; $end += shift @end;}
    my @net=();
    for($ip=$start; $ip<=$end; $ip++) {
      push @net, inet_ntoa(pack("N",$ip));
    }
    splice @ARGV, $i, 1, @net;
  }
}

@ARGV = ("localhost") unless @ARGV;

$| = 1;

while($remote = shift) {
  print STDERR "$remote ";
  my(@results) = ();

  $noroute = $timeout = 0;
  $iaddr = inet_aton($remote);
  $proto = getprotobyname("tcp");
  for($port=$firstport; $port<=$lastport; $port++) {
    $paddr = sockaddr_in($port, $iaddr);
    socket(SOCK, PF_INET, SOCK_STREAM, $proto) || die "socket: $!";
#    setsockopt(SOCK, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) || die "setsockopt: $!";
    print STDERR "." unless ($d || $port%512);
    print STDERR "$port" if $d;
    eval {
    local $SIG{ALRM} = sub { die "Timeout"; };
    alarm(5);
    if(connect(SOCK, $paddr)) {
      print STDERR "++\t" if $d;
      @results = (@results, $port);
    } else {
      if($! eq "No route to host") {
        $noroute = 1;
        print STDERR " $!";
        last;
      }
      print STDERR "- \t" if $d;
    }
    close(SOCK);
    alarm(0);
    };
    if($@ && $@ =~ /Timeout/) {
      $timeout = 1;
      print STDERR " Timeout";
      last;
    } elsif($@) {
      die $@;
    }
  }
  print STDERR "\n" unless $d;
  print STDERR "\n\n\n" if $d;
  $remoteip = inet_ntoa($iaddr);
  if($remote ne $remoteip) {
    $remote .= " ($remoteip)";
  } elsif(!$n) {
    $hostname = gethostbyaddr($iaddr, AF_INET);
    $remote .= " ($hostname)";
  }
  print "Port Scan for $remote:\n";
  print "Host unreachable, scan canceled\n" if $noroute;
  print "Timeout, scan canceled\n" if $timeout;
  if(@results) {
    print "\n";
    for $port (@results) {
      $serv = getservbyport($port, "tcp");
      print "$port";
      print " ($serv)" if $serv;
      print " ($services{$port}?)" if !$serv and exists($services{$port});
      print "\n";
    }
  } elsif(!$noroute && !$timeout) {
    print "No open TCP ports found\n";
  }
  print "\n\n";
}