#!/usr/bin/env python3
"""
HC900 UDP 포트 스캔
Honeywell proprietary 프로토콜 포트를 찾기 위해 주요 포트 스캔
"""

import socket
import time
import threading
from concurrent.futures import ThreadPoolExecutor, as_completed

HC900_IP = "192.168.0.240"
TIMEOUT = 2.0

# Honeywell / HC900 관련 주요 UDP 포트
HONEYWELL_PORTS = [
    2000,       # 사용자 지정
    44818,      # H1/HSE 통신 (Honeywell)
    44819,      # H1/HSE 통신
    20547,      # Honeywell
    20548,      # Honeywell
    20549,      # Honeywell
    20550,      # Honeywell
    20551,      # Honeywell
    20552,      # Honeywell
    20553,      # Honeywell
    20554,      # Honeywell
    20555,      # Honeywell
    20556,      # Honeywell
    20557,      # Honeywell
    20558,      # Honeywell
    20559,      # Honeywell
    20560,      # Honeywell
    10001,      # Honeywell
    10002,      # Honeywell
    10003,      # Honeywell
    10004,      # Honeywell
    10005,      # Honeywell
    10006,      # Honeywell
    10007,      # Honeywell
    10008,      # Honeywell
    10009,      # Honeywell
    10010,      # Honeywell
    5001,       # Honeywell
    5002,       # Honeywell
    5003,       # Honeywell
    5004,       # Honeywell
    5005,       # Honeywell
    5006,       # Honeywell
    5007,       # Honeywell
    5008,       # Honeywell
    5009,       # Honeywell
    5010,       # Honeywell
]

# 전체 포트 범위 (1-1024, 2000-5000, 10000-11000, 20000-21000, 44000-45000)
RANGE_PORTS = []
RANGE_PORTS.extend(range(1, 1025))
RANGE_PORTS.extend(range(2000, 5001))
RANGE_PORTS.extend(range(10000, 11001))
RANGE_PORTS.extend(range(20000, 21001))
RANGE_PORTS.extend(range(44000, 45001))

ALL_PORTS = sorted(set(HONEYWELL_PORTS + RANGE_PORTS))


def scan_udp_port(port):
    """단일 UDP 포트 스캔"""
    sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
    sock.settimeout(TIMEOUT)
    try:
        # 빈 패킷 전송
        sock.sendto(b'\x00' * 4, (HC900_IP, port))
        data, addr = sock.recvfrom(1024)
        return port, True, len(data), data[:64].hex()
    except socket.timeout:
        return port, False, 0, None
    except Exception as e:
        return port, False, 0, str(e)
    finally:
        sock.close()


def main():
    print(f"HC900 UDP 포트 스캔 ({HC900_IP})")
    print(f"스캔 포트 수: {len(ALL_PORTS)}")
    print(f"타임아웃: {TIMEOUT}초")
    print("=" * 60)

    open_ports = []
    total = len(ALL_PORTS)
    done = 0

    # ThreadPoolExecutor로 병렬 스캔 (10개 동시)
    with ThreadPoolExecutor(max_workers=10) as executor:
        futures = {executor.submit(scan_udp_port, port): port for port in ALL_PORTS}
        for future in as_completed(futures):
            port, is_open, size, data_hex = future.result()
            done += 1
            if done % 500 == 0 or done == total:
                print(f"\r진행: {done}/{total} ({done*100//total}%)", end='', flush=True)

            if is_open:
                open_ports.append((port, size, data_hex))
                print(f"\n  ✓ 포트 {port}: 응답 {size} bytes ({data_hex})")

    print(f"\n")
    print("=" * 60)
    print(f"스캔 완료: {total}개 포트")
    print(f"열린 UDP 포트: {len(open_ports)}개")
    if open_ports:
        for port, size, data_hex in open_ports:
            print(f"  포트 {port}: {size} bytes ({data_hex})")
    else:
        print("  (열린 포트 없음)")
    print("=" * 60)


if __name__ == "__main__":
    main()