Nmap Development mailing list archives
Re: [NSE API] Separate Dnet Objects?
From: Kris Katterjohn <katterjohn () gmail com>
Date: Mon, 31 Mar 2008 08:24:05 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey Marek, majek04 wrote:
Yes. Both pcap and sockets, use nsock library. The socket object contains of very similar fields, like nsock descriptor or timeout. So it was rather obvious to use the same object. On the other hand dnet doesn't share any fields with sockets. Dnet only needs to have dnet ethernet descriptor. (which is cached, but that's a different story).
I know that the dnet module's implementation is very different than that of the connect() and pcap modules, but I'm thinking from a script writer's perspective. If it's not inefficient or too much trouble to do, I still think that sending and receiving should share the same socket object. Is this just a bad idea?
The next thing is ip_send method that I created on dnet object. http://ai.pjwstk.edu.pl/~majek/private/nmap/nse-pcap-u2/partial/nsepcap-sendip.diff Maybe there should be the same interface for sending ip packets as for sending ethernet frames? What do you think about something like: nmap.send_packet(packet_data, layer) // layer values: 2->ethernet, 3->ip
I think that it is different enough setting up the data for the packets that a different function call for sending the two makes sense, especially since you have to setup the interface and specify the layer you want to send on anyway. However, having a layer-independent sending function would be cool. There can be ethernet_open()/ip_open() and ethernet_close()/ip_close() functions. Then a sending function can be layer-neutral. This would allow for switching between ethernet frame and IP packets. I don't know how great of a packet-parser would be needed to really (and unmistakably) differentiate between the frames and IP packets. Obviously checking the IP version number as you do in your patch is a start. I'm fixing to run out the door for class, so I don't have time to see if any checking is done on ethernet frames, etc. (I've never used libdnet so I don't know if it does some parsing or leaves it to the user or what).
If not, is it too late to change this? Only promiscuous.nse appears to require the dnet functionality, so that's the only script that would need changing. Maybe an NSE student can do this this summer.No, it's not too late. I can change it. Marek Majkowski
Thanks, Kris Katterjohn -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR/Dl8/9K37xXYl36AQJQ/A//VQoz9ibr6huka99tJX9gZHAtAiYNxHvJ N78r4tIzeEeDKMmhAc7pq2q9tuEVDkfiuBOQpfNQ7lpdRG6JZLZjncU2Aw5PQCJ5 dSChxV/sSOb3Jv3wVhQ+ycPkVq8foMBc8Nmew2K+vlueuXClRBH7/nvITDObxJ+2 9C76Uplk+aH5lMRL3bPmJoZmPp2UOr0NtiUYWaONkjIHM/9su8LQ7NB4cSk8YGqv MVk2YxdzcTkDqaDzA3AY8nImhi4qskFgLaBsFcbe+WyqgYOzZcBwuNWCZexmI6OG xQoyb0f212kMcTv9TXoYg891z4i8QkHQKm6FpiZhewpG7AcQF3gkTvwnhC7QbOGE jwy8YbU+dKw2rQGG0NLbislgHjttRvHQIJzKvtpuK3DPPyAaNf43qeTrKRsF3Q3T GnABIiv0YzMt08gCe2slkuRAU2r4qpURmBE+VGfpiH1DifP6uj+hALfc5+5VyOMe yHvkrUkzYv1eTB1WzQua+v8yKMDd2PR0hHg5wIUKP0x/HpoZC1HlCqU+HcDh1+TY Y5MZIdPSLwpOnYVjCfTZWf1DLThI3qaiZ8dFtKIvDdmTlfhOL2MXNvJY8ed6b3ar v2DxzhFQnRaoaJIRqdr7w1IfZy3rvA9kQCIPW9/TDPir+SwgzbTvlfPRuG0KfpnN xuB1tKeFyGA= =GdJT -----END PGP SIGNATURE----- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [NSE API] Separate Dnet Objects? Kris Katterjohn (Mar 27)
- Re: [NSE API] Separate Dnet Objects? majek04 (Mar 31)
- Re: [NSE API] Separate Dnet Objects? Kris Katterjohn (Mar 31)
- Re: [NSE API] Separate Dnet Objects? majek04 (Mar 31)