Nmap Development mailing list archives
[Patch] --exclude-ports option for Nmap
From: Jay Bosamiya <jaybosamiya () gmail com>
Date: Wed, 18 Jun 2014 20:31:58 +0530
Hi All! Attached is the patch for --exclude-ports option for Nmap. A discussion for it had occured at [1] before. When coding it in, however, I realized that we should probably block even host discovery (ACK, SYN and such) if the user asks for it. The current patch takes care of such cases and shows relevant error messages (for example, try running "nmap --unprivileged -sn --exclude-ports 80,443"). I've also modified some error messages that were shown previously (when user gives invalid port specifications) so that it matches with --exclude-ports too. All tests that I ran on my machine passed. What I'm not so sure about is something like "nmap --exclude-ports 1-1000 {target}". With the current patch, it correctly shows a warning that it is skipping TCP ping scan (the reason is that 80 and 443 are excluded). This might seem like a nuisance to some since they might not care how host discovery is done (and that's why they left it at default). Should I rewrite the warning part so that it appears only if non default host discovery is done? Another possibility is that I could show the warning always (if non default) and only when -d is used (if default host). I personally think that this second method might be more useful, but I think this might require some thought. Feedback is welcome as always. :) Cheers, Jay Links: [1] http://seclists.org/nmap-dev/2014/q2/400
Attachment:
excludePorts.patch
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [Patch] --exclude-ports option for Nmap Jay Bosamiya (Jun 18)
- Re: [Patch] --exclude-ports option for Nmap Daniel Miller (Jun 18)
- Re: [Patch] --exclude-ports option for Nmap Jay Bosamiya (Jun 19)
- Re: [Patch] --exclude-ports option for Nmap Daniel Miller (Jun 18)