Deploy managed portal with Docker

internal/webdevice/service.go

@@ -46,6 +46,14 @@ type TCPScanner func(ip, netmask string, port int, excludeIPs map[string]bool) (
 type ForwarderFactory func(ip string, port int, listenAddress, targetAddress string) (*webDeviceForwarder, error)
 type ProxyTargetResolver func(ip string) string
 
+const (
+	webDeviceScanConcurrency = 128
+	webDeviceScanTimeout     = 1500 * time.Millisecond
+	webDeviceScanAttempts    = 2
+	webDeviceScanRetryDelay  = 100 * time.Millisecond
+	maxWebDeviceScanAddrs    = 256
+)
+
 type Service struct {
 	mu              sync.RWMutex
 	allowed         map[string]time.Time
@@ -74,6 +82,8 @@ func (s *Service) Scan(r *http.Request) (*ScanResult, error) {
 	if err != nil {
 		return nil, err
 	}
+	scheme, host := requestBase(r)
+	interfaces = appendRequestHostInterface(interfaces, host)
 
 	if len(interfaces) == 0 {
 		return &ScanResult{
@@ -94,7 +104,6 @@ func (s *Service) Scan(r *http.Request) (*ScanResult, error) {
 		Errors:     []string{},
 	}
 
-	scheme, host := requestBase(r)
 	for _, iface := range interfaces {
 		devices, scanErr := s.tcpScanner(iface.IP, iface.Netmask, 80, excludeIPs)
 		if scanErr != nil {
@@ -135,6 +144,22 @@ func (s *Service) Scan(r *http.Request) (*ScanResult, error) {
 	return result, nil
 }
 
+func appendRequestHostInterface(interfaces []InterfaceInfo, host string) []InterfaceInfo {
+	if !IsPrivateIPv4Literal(host) {
+		return interfaces
+	}
+	for _, iface := range interfaces {
+		if iface.IP == host {
+			return interfaces
+		}
+	}
+	return append(interfaces, InterfaceInfo{
+		Name:    "request-host",
+		IP:      host,
+		Netmask: "255.255.255.0",
+	})
+}
+
 func (s *Service) allowIP(ip string) {
 	s.mu.Lock()
 	defer s.mu.Unlock()
@@ -390,8 +415,7 @@ func scanTCP(ip string, netmask string, port int, excludeIPs map[string]bool) ([
 	var devices []TCPDevice
 	var mu sync.Mutex
 	var wg sync.WaitGroup
-	semaphore := make(chan struct{}, 20)
-	timeout := 2 * time.Second
+	semaphore := make(chan struct{}, webDeviceScanConcurrency)
 
 	current := make(net.IP, len(ipRange.Start))
 	copy(current, ipRange.Start)
@@ -414,7 +438,7 @@ func scanTCP(ip string, netmask string, port int, excludeIPs map[string]bool) ([
 			defer wg.Done()
 			defer func() { <-semaphore }()
 
-			if scanTCPPort(targetIP, port, timeout) {
+			if scanTCPPortWithRetry(targetIP, port) {
 				mu.Lock()
 				devices = append(devices, TCPDevice{IP: targetIP, Port: port})
 				mu.Unlock()
@@ -457,7 +481,31 @@ func calculateIPRange(ip string, netmask string) (*ipRange, error) {
 		broadcast[i] |= ^mask[i]
 	}
 
-	return &ipRange{Start: network.IP.To4(), End: broadcast}, nil
+	result := &ipRange{Start: network.IP.To4(), End: broadcast}
+	if ipToUint32(result.End)-ipToUint32(result.Start)+1 <= maxWebDeviceScanAddrs {
+		return result, nil
+	}
+
+	local24Mask := net.CIDRMask(24, 32)
+	local24Network := parseIP.To4().Mask(local24Mask)
+	local24Broadcast := make(net.IP, len(local24Network))
+	copy(local24Broadcast, local24Network)
+	for i := 0; i < len(local24Mask); i++ {
+		local24Broadcast[i] |= ^local24Mask[i]
+	}
+	return &ipRange{Start: local24Network, End: local24Broadcast}, nil
+}
+
+func scanTCPPortWithRetry(ip string, port int) bool {
+	for attempt := 0; attempt < webDeviceScanAttempts; attempt++ {
+		if scanTCPPort(ip, port, webDeviceScanTimeout) {
+			return true
+		}
+		if attempt < webDeviceScanAttempts-1 {
+			time.Sleep(webDeviceScanRetryDelay)
+		}
+	}
+	return false
 }
 
 func scanTCPPort(ip string, port int, timeout time.Duration) bool {
@@ -487,6 +535,10 @@ func ipv4ToUint32(value string) uint32 {
 	if parsed == nil {
 		return 0
 	}
+	return ipToUint32(parsed)
+}
+
+func ipToUint32(parsed net.IP) uint32 {
 	ip := parsed.To4()
 	if ip == nil {
 		return 0