Nmap Development mailing list archives
Re: [NSE] Raw sockets support
From: Diman Todorov <diman.todorov () chello at>
Date: Mon, 11 Dec 2006 21:42:24 +0100
On 11.12.2006, at 21:02, castorpilot wrote:
I am not good with Lua, but could coroutine do the job ? Or are they not thread enough ?
Coroutines are like threads which cannot be suspended from outside. They suspend when they feel like it. That's also how scripts are executed in parallel in NSE. When a script wants to do network I/O it says "ok, I'm done for now" - it is put in a waiting queue. When the I/O is finished the script is moved to a second waiting queue. The main loop keeps fetching scripts from this second waiting queue and executes them until they are either finished or they block on I/O again.
Solutions I can think about: - modify nsock and support listening to pcap in nsock_loop (I personally don't like this solution. I think that nsock shouldn't be changed if possible.)
I don't know if there is a reason for which nsock should or should not support raw sockets. This might turn out to be the most doable option in the end. Fyodor?
- run two threads of nmap. in one thread listen to nsock in other listen to pcap. (probably there will be huge compatibility problems with threads and synchronization)
Maybe it is not necessary to synchronize that much. All the thread has to do is store the incoming packets in a synchronized buffer. The nsock loop can check if there is something in the buffer at each iteration. As far as portability is concerned - posix threads anyone? I personally think that modifying nsock is preferable to introducing a thread library dependence into nmap.
- set some custom flags on pcap descriptor and when packet comes signal SIGIO will be triggered. In signal handler do something to get out from nsock_loop function. (this solution is also very os-dependant and some changes to nsock will be needed)
- check for pcap events after nsock_loop() leaves after some time. (some packets can be lost while nsock_loop() is working)
When you're doing raw sockets you have to expect packet loss :) But I agree that this solution is not very elegant.
- extract socket descriptors from nsock and run select() on them and on pcap by hand. (there will be complications with NSE_TYPE_TIMER events)
just my 2 cents cheers Diman _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE] Raw sockets support majek04 (Dec 11)
- Re: [NSE] Raw sockets support castorpilot (Dec 11)
- Re: [NSE] Raw sockets support Diman Todorov (Dec 11)
- Re: [NSE] Raw sockets support majek04 (Dec 12)
- Re: [NSE] Raw sockets support majek04 (Dec 15)
- Re: [NSE] Raw sockets support Fyodor (Dec 15)
- Re: [NSE] Raw sockets support Diman Todorov (Dec 11)
- Re: [NSE] Raw sockets support castorpilot (Dec 11)