nmap_scan fails with IndexError: list index out of range #1288
Description
Is there an existing issue for this?
- I have searched the existing open and closed issues and I checked the docs https://jokob-sk.github.io/NetAlertX/
The issue occurs in the following browsers. Select at least 2.
- Firefox
- Chrome
- Edge
- Safari (unsupported) - PRs welcome
- N/A - This is an issue with the backend
Current Behavior
Running from the current MAIN docker-compose, built image locally, run nmap scan with these arguments:
-p- -A -T4 -n -Pn
relevant logs below. values.args has no substring '=b'
12:29:26 [ 2025-11-15 12:29:26 ] START Run: NMAP
12:29:26 [Plugins] Resolving param: {'name': 'ips', 'type': 'sql', 'value': 'SELECT devLastIP from DEVICES order by devMac', 'timeoutMultiplier': True}
12:29:26 [Plugin utils] Flattening the below array
12:29:26
12:29:26 [Plugin utils] isinstance(arr, list) : True | isinstance(arr, str) : False
12:29:26 [Plugin utils] Flattened array:
12:29:26 [Plugins] Convert to Base64: False
12:29:26 [Plugins] The parameter "name":"ips" will multiply the timeout 12 times. Total timeout: 2880s
12:29:26 [Plugins] Resolving param: {'name': 'macs', 'type': 'sql', 'value': 'SELECT devMac from DEVICES order by devMac'}
12:29:26 [Plugin utils] Flattening the below array
12:29:26
12:29:26 [Plugin utils] isinstance(arr, list) : True | isinstance(arr, str) : False
12:29:26 [Plugin utils] Flattened array:
12:29:26 [Plugins] Resolved value:
12:29:26 [Plugins] Convert to Base64: False
12:29:26 [Plugins] Resolving param: {'name': 'timeout', 'type': 'setting', 'value': 'NMAP_RUN_TIMEOUT'}
12:29:26 [Plugins] setTyp: {'dataType': 'integer', 'elements': [{'elementType': 'input', 'elementOptions': [{'type': 'number'}], 'transformers': []}]}
12:29:26 [Plugins] setTypJSN: {'dataType': 'integer', 'elements': [{'elementType': 'input', 'elementOptions': [{'type': 'number'}], 'transformers': []}]}
12:29:26 [Plugins] dType: integer
12:29:26 [Plugins] Resolved value: 240
12:29:26 [Plugins] Convert to Base64: False
12:29:26 [Plugins] Resolving param: {'name': 'args', 'type': 'setting', 'value': 'NMAP_ARGS', 'base64': True}
12:29:26 [Plugins] setTyp: {'dataType': 'string', 'elements': [{'elementType': 'input', 'elementOptions': [], 'transformers': []}]}
12:29:26 [Plugins] setTypJSN: {'dataType': 'string', 'elements': [{'elementType': 'input', 'elementOptions': [], 'transformers': []}]}
12:29:26 [Plugins] dType: string
12:29:26 [Plugins] Resolved value: -p- -A -T4 -n -Pn
12:29:26 [Plugins] Convert to Base64: True
12:29:26 [Plugins] base64 value: LXAtIC1BIC1UNCAtbiAtUG4=
12:29:26 [Plugins] Timeout: 2880
12:29:26 [Plugin utils] Pre-Resolved CMD: python3 /app/front/plugins/nmap_scan/script.py ips={ips} macs={macs} timeout={timeout} args={args}
12:29:26 [Plugins] Executing: python3 /app/front/plugins/nmap_scan/script.py ips={ips} macs={macs} timeout={timeout} args={args}
12:29:26 [Plugins] Resolved : ['python3', '/app/front/plugins/nmap_scan/script.py', 'ips=', 'macs=', 'timeout=240', 'args=LXAtIC1BIC1UNCAtbiAtUG4=']
12:29:28 [plugin_helper] reading config file
12:29:28 [NMAP] In script
12:29:28 [NMAP] values.ips: ['ips=']
12:29:28 [NMAP] values.macs: ['macs=']
12:29:28 [NMAP] values.timeout: ['timeout=240']
12:29:28 [NMAP] values.args: ['args=LXAtIC1BIC1UNCAtbiAtUG4=']
Traceback (most recent call last):
File "/app/front/plugins/nmap_scan/script.py", line 179, in
main()
File "/app/front/plugins/nmap_scan/script.py", line 54, in main
argsDecoded = decodeBase64(values.args[0].split('=b')[1])
~~~~~~~~~~~~~~~~~~~~~~~~~~^^^
IndexError: list index out of range
Expected Behavior
nmap_scan should parse arguments and run without errors
Steps To Reproduce
- Set NMAP args
- -p- -A -T4 -n -Pn
- Manually run NMAP once
- Error: IndexError: list index out of range
app.conf
docker-compose.yml
services:
netalertx:
#use an environmental variable to set host networking mode if needed
network_mode: ${NETALERTX_NETWORK_MODE:-host} # Use host networking for ARP scanning and other services
build:
context: . # Build context is the current directory
dockerfile: Dockerfile # Specify the Dockerfile to use
image: netalertx:latest
container_name: netalertx # The name when you docker contiainer ls
read_only: true # Make the container filesystem read-only
cap_drop: # Drop all capabilities for enhanced security
- ALL
cap_add: # Add only the necessary capabilities
- NET_ADMIN # Required for ARP scanning
- NET_RAW # Required for raw socket operations
- NET_BIND_SERVICE # Required to bind to privileged ports (nbtscan)
volumes:
- type: volume # Persistent Docker-managed Named Volume for storage
source: netalertx_data # the default name of the volume is netalertx_data
target: /data # consolidated configuration and database storage
read_only: false # writable volume
# Example custom local folder called /home/user/netalertx_data
# - type: bind
# source: /home/user/netalertx_data
# target: /data
# read_only: false
# ... or use the alternative format
# - /home/user/netalertx_data:/data:rw
- type: bind # Bind mount for timezone consistency
source: /etc/localtime
target: /etc/localtime
read_only: true
# Use a custom Enterprise-configured nginx config for ldap or other settings
# - /custom-enterprise.conf:/tmp/nginx/active-config/netalertx.conf:ro
# Test your plugin on the production container
# - /path/on/host:/app/front/plugins/custom
# Retain logs - comment out tmpfs /tmp/log if you want to retain logs between container restarts
# - /path/on/host/log:/tmp/log
# tmpfs mounts for writable directories in a read-only container and improve system performance
# All writes now live under /tmp/* subdirectories which are created dynamically by entrypoint.d scripts
# uid=20211 and gid=20211 is the netalertx user inside the container
# mode=1700 gives rwx------ permissions to the netalertx user only
tmpfs:
- "/tmp:uid=20211,gid=20211,mode=1700,rw,noexec,nosuid,nodev,async,noatime,nodiratime"
environment:
LISTEN_ADDR: ${LISTEN_ADDR:-0.0.0.0} # Listen for connections on all interfaces
PORT: ${PORT:-20211} # Application port
GRAPHQL_PORT: ${GRAPHQL_PORT:-20212} # GraphQL API port
ALWAYS_FRESH_INSTALL: ${ALWAYS_FRESH_INSTALL:-false} # Set to true to reset your config and database on each container start
NETALERTX_DEBUG: ${NETALERTX_DEBUG:-0} # 0=kill all services and restart if any dies. 1 keeps running dead services.
# Resource limits to prevent resource exhaustion
mem_limit: 2048m # Maximum memory usage
mem_reservation: 1024m # Soft memory limit
cpu_shares: 512 # Relative CPU weight for CPU contention scenarios
pids_limit: 512 # Limit the number of processes/threads to prevent fork bombs
logging:
driver: "json-file" # Use JSON file logging driver
options:
max-size: "10m" # Rotate log files after they reach 10MB
max-file: "3" # Keep a maximum of 3 log files
# Always restart the container unless explicitly stopped
restart: unless-stopped
volumes: # Persistent volume for configuration and database storage
netalertx_data:What installation are you running?
Dev (netalertx-dev)
Debug or Trace enabled
- I have read and followed the steps in the wiki link above and provided the required debug logs and the log section covers the time when the issue occurs.
app.log
No response
Docker Logs
| \ | | | | / _ | | | | \ \ / /
| | | | |/ /\ \ | ___ _ _| | \ V /
| . |/ _ \ __| _ | |/ _ \ __| __|/
| |\ | __/ || | | | | / | | |_/ /^\
_| _/_|__| |/|___|| __/ /
Network intruder and presence detector.
https://netalertx.com
Startup pre-checks
--> storage permission.sh
--> data migration.sh
--> mounts.py
Path | Writeable | Mount | RAMDisk | Performance | DataLoss
--------------------------+-----------+-------+---------+-------------+----------
/data | ✅ | ✅ | ➖ | ➖ | ✅
/data/db | ✅ | ✅ | ➖ | ➖ | ✅
/data/config | ✅ | ✅ | ➖ | ➖ | ✅
/tmp/run/tmp | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/api | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/log | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/run | ✅ | ✅ | ✅ | ✅ | ✅
/tmp/nginx/active-config | ✅ | ✅ | ✅ | ✅ | ✅
--> first run config.sh
--> first run db.sh
--> mandatory folders.sh
* Creating NetAlertX log directory.
* Creating NetAlertX API cache.
* Creating System services runtime directory.
* Creating nginx active configuration directory.
* Creating Plugins log.
* Creating System services run log.
* Creating System services run tmp.
* Creating DB locked log.
* Creating Execution queue log.
--> writable config.sh
--> nginx config.sh
--> user netalertx.sh
--> host mode network.sh
--> layer 2 capabilities.sh
--> excessive capabilities.sh
--> appliance integrity.sh
--> ports available.sh
Setting APP_CONF_OVERRIDE to {"GRAPHQL_PORT":"20212"}
Starting /usr/sbin/crond -c "/services/config/crond" -f -L "/tmp/log/crond.log" >>"/tmp/log/crond.log" 2>&1 &
Starting /usr/sbin/php-fpm83 -y "/services/config/php/php-fpm.conf" -F >>"/tmp/log/app.php_errors.log" 2>/dev/stderr &
Starting python3 -m server > /tmp/log/stdout.log 2> >(tee /tmp/log/stderr.log >&2)
Starting /usr/sbin/nginx -p "/tmp/run/" -c "/tmp/nginx/active-config/nginx.conf" -g "error_log /dev/stderr; error_log /tmp/log/nginx-error.log; daemon off;" &
Successfully updated IEEE OUI database (111797 entries)