make IPv6 default

[dogancanbakir]

closes #1255

$ go run . -host 'ipv6.google.com' -v      

                  __
  ___  ___  ___ _/ /  __ __
 / _ \/ _ \/ _ \/ _ \/ // /
/_//_/\_,_/\_,_/_.__/\_,_/

                projectdiscovery.io

[INF] Current naabu version 2.3.7 (latest)
[WRN] UI Dashboard is disabled, Use -dashboard option to enable
[DBG] Auto-detected IPv6 addresses for ipv6.google.com, enabling IPv6 scanning
...

Summary by CodeRabbit

• Bug Fixes

  • IPv6 is now enabled by default alongside IPv4, improving discovery when IPv6 targets are present.
  • DNS AAAA lookups are performed appropriately, enhancing IPv6 record resolution.
  • Direct IP inputs are correctly categorized and reported per IP version for clearer counts and results.

• Documentation

  • Help text and examples updated to reflect IPv4/IPv6 defaults and IPv6-specific usage guidance.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Defaults now enable both IPv4 and IPv6 by default; DNS AAAA lookups use the IPv6 constant; direct IP target handling correctly classifies IPv4 vs IPv6; tests and README updated to reflect the new default behavior.

Changes

Cohort / File(s)	Summary
Core IP version handling pkg/runner/runner.go, pkg/runner/util.go, pkg/runner/options.go	Default IPVersion changed to include both "4" and "6". DNS AAAA query logic now checks scan.IPv6 instead of a "6" literal. Direct IP targets are classified and appended to IPv4/IPv6 slices correctly; debug logs report separate IPv4/IPv6 counts.
Tests pkg/runner/runner_test.go	Updated test expectations to reflect ["4","6"] as the default IPVersion.
Documentation README.md	Updated help text, examples, and guidance to indicate both IPv4 and IPv6 are enabled by default; adjusted examples (removed dnsx pipe) and clarified IPv6 resolution wording.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

A rabbit hops with joy so bright,
IPv6 joins in the light,
Two addresses now default and true,
Targets split by V4 and V6 too,
Hooray — the network's dancing new! 🐰✨

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Linked Issues check	⚠️ Warning	The PR makes IPv6 the default but does not implement automatic IP version detection from targets as required by issue #1255.	Implement automatic detection logic that analyzes target hostnames/IPs to determine if IPv6 is needed, rather than just making IPv6 a default for all scans.
Docstring Coverage	⚠️ Warning	Docstring coverage is 75.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Out of Scope Changes check	✅ Passed	The PR changes align with the stated scope of making IPv6 default, though this deviates from the original issue objective of automatic detection.
Title check	✅ Passed	The PR title 'make IPv6 default' accurately summarizes the main change: enabling IPv6 by default alongside IPv4, which is the primary modification across the codebase.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

pkg/runner/runner.go (1)

101-104: Consider using scan.IPv6 constant for consistency.

Line 102 uses the string literal "6" while isDefaultIPVersion on line 101 uses scan.IPv4. For consistency and maintainability, consider using scan.IPv6 instead.

 isDefaultIPVersion := len(options.IPVersion) == 1 && sliceutil.Contains(options.IPVersion, scan.IPv4)
-if sliceutil.Contains(options.IPVersion, "6") || isDefaultIPVersion {
+if sliceutil.Contains(options.IPVersion, scan.IPv6) || isDefaultIPVersion {
     dnsOptions.QuestionTypes = append(dnsOptions.QuestionTypes, dns.TypeAAAA)
 }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0a01d14 and 593c11a.

📒 Files selected for processing (3)

• pkg/runner/runner.go (1 hunks)
• pkg/runner/targets.go (2 hunks)
• pkg/runner/util.go (2 hunks)

🧰 Additional context used

🧬 Code graph analysis (2)

pkg/runner/targets.go (2)

pkg/routing/router.go (2)

• IPv4 (16-16)
• IPv6 (17-17)

pkg/scan/scan_common.go (2)

• IPv4 (14-14)
• IPv6 (15-15)

pkg/runner/util.go (2)

pkg/routing/router.go (2)

• IPv4 (16-16)
• IPv6 (17-17)

pkg/scan/scan_common.go (2)

• IPv4 (14-14)
• IPv6 (15-15)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: build-windows
• GitHub Check: build-linux
• GitHub Check: build-mac
• GitHub Check: release-test-mac
• GitHub Check: release-test-windows
• GitHub Check: Functional Test (ubuntu-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (2)

pkg/runner/util.go (2)

23-40: Logic for default IP version detection looks correct.

The conditional structure properly separates explicit user configuration from the default IPv4-only case, enabling auto-detection of IPv6 when the user hasn't explicitly specified IP versions. The approach of fetching both A and AAAA records in the default case aligns with the PR objective.

---

45-50: Clean separation of IPv4 and IPv6 handling for direct IP inputs.

The explicit branching for IPv4 vs IPv6 targets improves clarity and correctly populates the respective return slices.

[Mzack9999]

We can use syncslice to avoid data races. What do you think?

[coderabbitai]

Actionable comments posted: 1

Fix all issues with AI Agents 🤖

In @pkg/runner/targets.go:
- Around line 156-157: isDefaultIPVersion reads r.options.IPVersion without
synchronization while enableIPv6 writes it under enableIPv6Once, causing a data
race; fix by protecting access to r.options.IPVersion with a shared lock: add a
sync.RWMutex (e.g., r.optionsMu) and wrap writes to r.options.IPVersion in
enableIPv6 with r.optionsMu.Lock()/Unlock(), and wrap reads in
isDefaultIPVersion with r.optionsMu.RLock()/RUnlock() so both read and write use
the same synchronization.

🧹 Nitpick comments (1)

pkg/runner/runner.go (1)

103-105: Consider deduplicating the isDefaultIPVersion logic.

The isDefaultIPVersion check is defined inline here and presumably also exists as a method in util.go (referenced in targets.go:156). Consider using the helper method consistently to avoid divergence:

-isDefaultIPVersion := len(options.IPVersion) == 1 && sliceutil.Contains(options.IPVersion, scan.IPv4)
-if sliceutil.Contains(options.IPVersion, scan.IPv6) || isDefaultIPVersion {
+if sliceutil.Contains(options.IPVersion, scan.IPv6) || runner.isDefaultIPVersion() {
    dnsOptions.QuestionTypes = append(dnsOptions.QuestionTypes, dns.TypeAAAA)
}

Note: This change enables AAAA queries (and thus auto-detection) for any IPv4-only configuration, including when the user explicitly specifies -iv 4. If you want to distinguish between implicit default (enable auto-detection) and explicit -iv 4 (disable auto-detection), you'll need additional logic to track whether the user explicitly set the flag.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 593c11a and 809da19.

📒 Files selected for processing (3)

• pkg/runner/runner.go
• pkg/runner/targets.go
• pkg/runner/util.go

🚧 Files skipped from review as they are similar to previous changes (1)

• pkg/runner/util.go

🧰 Additional context used

🧬 Code graph analysis (1)

pkg/runner/runner.go (2)

pkg/routing/router.go (2)

• IPv4 (16-16)
• IPv6 (17-17)

pkg/scan/scan_common.go (2)

• IPv4 (14-14)
• IPv6 (15-15)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: build-windows
• GitHub Check: build-mac
• GitHub Check: build-linux
• GitHub Check: release-test-windows
• GitHub Check: release-test-mac
• GitHub Check: Functional Test (ubuntu-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (1)

pkg/runner/runner.go (1)

59-59: LGTM! Thread-safety field added.

The enableIPv6Once field correctly uses sync.Once to coordinate one-time IPv6 enabling across concurrent goroutines. This resolves the data race concern identified in the previous review.

[Mzack9999]

After comparing different scan engines (nmap, masscan, rustscan), naabu’s behavior does not appear surprising or incorrect. Like other scanners, it requires an explicit flag to enable the IPv6 stack and operates in single-stack mode by default. In contrast, naabu already supports dual-stack scanning within a single execution when explicitly enabled.

Given this, it’s unclear how we should change the current behavior. Simply specifying both IP versions on the command line is sufficient to enable dual-stack scanning today. Introducing forced auto-detection would mean always considering both stacks, which could be undesirable in some environments.

My suggestion would be either:

• recommend users explicitly enable dual-stack scanning when needed (since it already works correctly), or
• consider making dual-stack the default behavior, if we agree that’s the better path

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

pkg/runner/util.go (1)

38-43: LGTM! Direct IP targets correctly classified.

The logic properly differentiates IPv4 and IPv6 direct IP inputs, appending them to the appropriate target slices. The debug logging provides useful feedback for direct IP targets.

Optional: Add debug logging for domain resolution

Consider adding a similar debug log after line 33 for domain resolution to provide consistent visibility across both code paths:

 		targetIPsV4 = append(targetIPsV4, dnsData.A...)
 		targetIPsV6 = append(targetIPsV6, dnsData.AAAA...)
+		gologger.Debug().Msgf("Found %d IPv4 and %d IPv6 addresses for %s\n", len(targetIPsV4), len(targetIPsV6), target)
 	}

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9d3a6e1 and cbccbf3.

📒 Files selected for processing (5)

• README.md
• pkg/runner/options.go
• pkg/runner/runner.go
• pkg/runner/runner_test.go
• pkg/runner/util.go

🚧 Files skipped from review as they are similar to previous changes (2)

• README.md
• pkg/runner/runner.go

🧰 Additional context used

🧬 Code graph analysis (1)

pkg/runner/options.go (1)

pkg/scan/scan_common.go (2)

• IPv4 (14-14)
• IPv6 (15-15)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

• GitHub Check: build-linux
• GitHub Check: build-windows
• GitHub Check: build-mac
• GitHub Check: release-test-windows
• GitHub Check: Functional Test (ubuntu-latest)
• GitHub Check: Analyze (go)

🔇 Additional comments (3)

pkg/runner/options.go (1)

184-184: LGTM! IPv4 and IPv6 enabled by default.

The default IPVersion now includes both IPv4 and IPv6, enabling dual-stack scanning by default. This aligns with the PR objective of automatic IP version detection. Users who want IPv4-only scanning must now explicitly specify -iv 4.

pkg/runner/runner_test.go (1)

48-50: LGTM! Test correctly validates the new default.

The expected default IPVersion is updated to match the new dual-stack default behavior.

pkg/runner/util.go (1)

32-32: LGTM! Defensive fallback for unset IPVersion.

This fallback ensures both IPv4 and IPv6 addresses are collected when IPVersion is not set, matching the behavior of the new ["4","6"] default.