Re: feature suggestion: --udp_reliable

[Rasmus Andersson <rasmus () pole-position org>]

R Anderson wrote:

> I include a patch for doing this. The info is not written to .gnmap or
> .xml in this version, but that should definitely be implemented too.


Of course it introduced a bug, here is an update :)

/R

diff -ruB nmap-3.10ALPHA4/Target.cc nmap-3.10ALPHA4-icmp/Target.cc
--- nmap-3.10ALPHA4/Target.cc   Tue Aug 27 23:43:23 2002
+++ nmap-3.10ALPHA4-icmp/Target.cc      Fri Nov 29 12:04:21 2002
@@ -72,6 +72,7 @@
   bzero(&sourcesock, sizeof(sourcesock));
   targetsocklen = sourcesocklen = 0;
   targetipstring[0] = '\0';
+  icmpresponse = intermediateresp = 0;
 }
 
 void Target::Recycle() {
diff -ruB nmap-3.10ALPHA4/Target.h nmap-3.10ALPHA4-icmp/Target.h
--- nmap-3.10ALPHA4/Target.h    Tue Aug 27 23:43:23 2002
+++ nmap-3.10ALPHA4-icmp/Target.h       Fri Nov 29 12:04:21 2002
@@ -116,6 +116,8 @@
   int timedout; /* Nonzero if continued scanning should be aborted due to
                   timeout  */
   char device[64]; /* The device we transmit on */
+  unsigned int icmpresponse;  // Number of ICMP responses from this host
+  unsigned int intermediateresp;  // Number of ICMP responses from intermediate routers
 
  private:
   char *hostname; // Null if unable to resolve or unset
diff -ruB nmap-3.10ALPHA4/output.cc nmap-3.10ALPHA4-icmp/output.cc
--- nmap-3.10ALPHA4/output.cc   Mon Sep  9 09:59:51 2002
+++ nmap-3.10ALPHA4-icmp/output.cc      Fri Nov 29 12:04:21 2002
@@ -217,6 +217,12 @@
     }
    }
   }
+  if (currenths->icmpresponse) {
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"Number of ICMP unreachables from this host: %d\n", 
currenths->icmpresponse);
+  } else {
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"Note: no ICMP unreachables seen from the host.\n");
+  }
+  if (currenths->intermediateresp) log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"Number of unreachables from 
intermediates: %d\n", currenths->intermediateresp);
   /*  log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"\n"); */
   log_write(LOG_MACHINE, "\tIgnored State: %s (%d)", statenum2str(plist->ignored_port_state), 
plist->state_counts[plist->ignored_port_state]);
   log_write(LOG_XML, "</ports>\n");
diff -ruB nmap-3.10ALPHA4/scan_engine.cc nmap-3.10ALPHA4-icmp/scan_engine.cc
--- nmap-3.10ALPHA4/scan_engine.cc      Mon Sep 16 06:39:58 2002
+++ nmap-3.10ALPHA4-icmp/scan_engine.cc Fri Nov 29 12:04:21 2002
@@ -488,6 +488,17 @@
        continue;
       }
 
+      /* Wasn't it sent from the host itself? */
+      if (ip->ip_src.s_addr != ip2->ip_dst.s_addr) {
+        target->intermediateresp++;
+        if (o.debugging || o.verbose) {
+          log_write(LOG_STDOUT, "ICMP 3/%d regarding %s received from intermediate ", icmp->icmp_code,
+            inet_ntoa(inet_makeaddr(htonl(ip2->ip_dst.s_addr),0)));
+          log_write(LOG_STDOUT, "router %s\n", inet_ntoa(inet_makeaddr(htonl(ip->ip_src.s_addr),0)));
+        }
+      }
+
+      target->icmpresponse++;
       data = (u16 *) ((char *)ip2 + 4 * ip2->ip_hl);
       /*           log_write(LOG_STDOUT, "Caught ICMP packet:\n");
                    hdump(icmp, ntohs(ip->ip_len) - sizeof(struct ip)); */
@@ -1505,6 +1517,17 @@
                /*          log_write(LOG_STDOUT, "Caught ICMP packet:\n");
                            hdump(icmp, ntohs(ip->ip_len) - sizeof(struct ip)); */
 
+    /* Wasn't it sent from the host itself? */
+    if (ip->ip_src.s_addr != ip2->ip_dst.s_addr) {
+      target->intermediateresp++;
+      if (o.debugging || o.verbose) {
+        log_write(LOG_STDOUT, "ICMP 3/%d regarding %s received from intermediate ", icmp->icmp_code,
+          inet_ntoa(inet_makeaddr(htonl(ip2->ip_dst.s_addr),0)));
+        log_write(LOG_STDOUT, "router %s\n", inet_ntoa(inet_makeaddr(htonl(ip->ip_src.s_addr),0)));
+      }
+    }
+
+    target->icmpresponse++;
                if (icmp->icmp_type == 3) {
                  if (scantype != IPPROT_SCAN)
                    newport = ntohs(data[1]);

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).