Nmap Development mailing list archives
Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...)
From: Patrick Donnelly <batrick () batbytes com>
Date: Thu, 11 Feb 2010 18:43:45 -0500
Hi Kris, On Thu, Feb 11, 2010 at 5:53 PM, Kris Katterjohn <katterjohn () gmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/08/2010 08:08 PM, Fyodor wrote:On Fri, Feb 05, 2010 at 04:32:33PM -0600, Kris Katterjohn wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/04/2010 04:09 PM, Fyodor wrote:On Thu, Feb 04, 2010 at 10:58:03AM -0600, Kris Katterjohn wrote:I've added support for this:Nice! It's worth noting for people who haven't been paying attention that you're talking about your nmap-exp/kris/nse-rawip/ branch.But this remains: if ethernet is requested, but Nmap fails to find an ethernet route (but found a route nonetheless), should the raw socket be used instead? Currently the raw socket is always opened and the eth stuff is used instead in ip_send() because I'm not sure how this should work. This fallback stuff isn't implemented yet, however.Ideally the ethernet-or-raw-socket decision should be made in exactly the same way as the rest of Nmap's raw packet/frame sending functionality.Alright, I like to think my branch is essentially complete. So here we go: * ip_open(), ip_send() and ip_close() methods for sending packets starting with an IPv4 header * Works with arbitrary (non-Target) hosts using various routing functions and sends over raw socket or ethernet if preferred and is available * Fallback: if ethernet is preferred but no (ethernet) route can be found, the raw socket is used instead. If an ethernet route is found but an error occurs then we pass an error to the script. Keeping in mind your suggestion, I feel this is similar to how eth vs raw decisions are made elsewhere, even though those parts use Target information while this is done itself. * Errors are passed to the script for use with try() exception handling * Tested on Linux and Windows; kx also verified on Windows earlier * Docs added to scripting.xml (similar to ethernet_* methods' docs) * IP ID sequence script with optional probeport arg; recently done up with NSEDoc (although my NSEDoc-fu is weak as I don't recall ever using it) Any testing, comments or suggestions are very much appreciated. It would be nice to finally have this functionality in trunk, but if it breaks I prefer to know now rather than after a merge :)
I have just some small nitpicking. I compacted your nmap.get_ports function to just take the protocol and state as arguments rather than a table with the two. I also got rid of the wrapper l_get_ports and renamed get_ports to l_get_ports. The new nmap.cc function was removed. I changed it to use luaL_checkoption instead. Otherwise it looks good to me :) -- - Patrick Donnelly
Attachment:
nse-rawip-compact.patch
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] Raw ethernet frame questions and NSE library questions, (continued)
- Re: [NSE] Raw ethernet frame questions and NSE library questions majek04 (Feb 04)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 04)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Fyodor (Feb 04)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 04)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions kx (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Kris Katterjohn (Feb 05)
- Re: [NSE] Raw ethernet frame questions and NSE library questions Fyodor (Feb 08)
- Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 11)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 12)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 16)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kurt (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 18)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- error compiling 5.21 Mike Calmus (Feb 20)