Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...)

[Patrick Donnelly <batrick () batbytes com>]

Hi Kris,

On Thu, Feb 11, 2010 at 5:53 PM, Kris Katterjohn <katterjohn () gmail com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/08/2010 08:08 PM, Fyodor wrote:
> > On Fri, Feb 05, 2010 at 04:32:33PM -0600, Kris Katterjohn wrote:
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > On 02/04/2010 04:09 PM, Fyodor wrote:
> > > > On Thu, Feb 04, 2010 at 10:58:03AM -0600, Kris Katterjohn wrote:
> > > I've added support for this:
> >
> > Nice!  It's worth noting for people who haven't been paying attention
> > that you're talking about your nmap-exp/kris/nse-rawip/ branch.
> >
> > > But this remains: if ethernet is requested, but Nmap fails to find an ethernet
> > > route (but found a route nonetheless), should the raw socket be used instead?
> > > Currently the raw socket is always opened and the eth stuff is used instead in
> > > ip_send() because I'm not sure how this should work.  This fallback stuff
> > > isn't implemented yet, however.
> >
> > Ideally the ethernet-or-raw-socket decision should be made in exactly
> > the same way as the rest of Nmap's raw packet/frame sending
> > functionality.
>
> Alright, I like to think my branch is essentially complete.  So here we go:
>
> * ip_open(), ip_send() and ip_close() methods for sending packets starting
> with an IPv4 header
>
> * Works with arbitrary (non-Target) hosts using various routing functions and
> sends over raw socket or ethernet if preferred and is available
>
> * Fallback: if ethernet is preferred but no (ethernet) route can be found, the
> raw socket is used instead.  If an ethernet route is found but an error occurs
> then we pass an error to the script.  Keeping in mind your suggestion, I feel
> this is similar to how eth vs raw decisions are made elsewhere, even though
> those parts use Target information while this is done itself.
>
> * Errors are passed to the script for use with try() exception handling
>
> * Tested on Linux and Windows; kx also verified on Windows earlier
>
> * Docs added to scripting.xml (similar to ethernet_* methods' docs)
>
> * IP ID sequence script with optional probeport arg; recently done up with
> NSEDoc (although my NSEDoc-fu is weak as I don't recall ever using it)
>
> Any testing, comments or suggestions are very much appreciated.  It would be
> nice to finally have this functionality in trunk, but if it breaks I prefer to
> know now rather than after a merge :)

I have just some small nitpicking. I compacted your nmap.get_ports
function to just take the protocol and state as arguments rather than
a table with the two. I also got rid of the wrapper l_get_ports and
renamed get_ports to l_get_ports. The new nmap.cc function was
removed. I changed it to use luaL_checkoption instead.

Otherwise it looks good to me :)

-- 
- Patrick Donnelly

Attachment: nse-rawip-compact.patch
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/