Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [RFC] Add reason_ttl attribute to host status element in XML output

From: David Fifield <david () bamsoftware com>
Date: Fri, 20 Jul 2012 14:29:06 -0700
On Thu, Jul 05, 2012 at 09:30:30AM -0500, Daniel Miller wrote:

List,

This is very minor, but I found myself wanting to see the TTL values
of the host discovery probe responses. It turns out that for probe
types where this makes sense (i.e. not ARP response), the
information is already present, only requiring an additional line to
output it. Here's the patch I'm proposing:

diff --git a/docs/nmap.dtd b/docs/nmap.dtd
index 614d91f..3ae0927 100644
--- a/docs/nmap.dtd
+++ b/docs/nmap.dtd
@@ -153,7 +153,8 @@
 <!-- these elements are written by
output.c:write_xml_initial_hostinfo() -->
 <!ELEMENT status       EMPTY >
 <!ATTLIST status       state           %host_states;   #REQUIRED
-                 reason        CDATA           #REQUIRED
+                 reason            CDATA       #REQUIRED
+                 reason_ttl    CDATA #REQUIRED
  >

 <!ELEMENT address      EMPTY >
diff --git a/output.cc b/output.cc
index e6b35b6..4bc1a92 100644
--- a/output.cc
+++ b/output.cc
@@ -1272,6 +1272,7 @@ static void write_xml_initial_hostinfo(Target
*currenths,
   xml_open_start_tag("status");
   xml_attribute("state", "%s", status);
   xml_attribute("reason", "%s",
reason_str(currenths->reason.reason_id, SINGULAR));
+  xml_attribute("reason_ttl", "%d", currenths->reason.ttl);
   xml_close_empty_tag();
   xml_newline();
   xml_open_start_tag("address");

For ARP response reasons, the reason_ttl is 0. I considered checking
for whether to expect a meaningful TTL value before outputting it,
but for simplicity's sake chose to follow the example of the port
state element's reason_ttl attribute (Ports that receive no-response
also have a reason_ttl set to 0). Any thoughts on this before I
commit it?


Go ahead.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: