Nmap Development mailing list archives
Re: Raw IP NSE Functionality
From: David Fifield <david () bamsoftware com>
Date: Tue, 23 Feb 2010 01:07:26 -0700
On Wed, Feb 17, 2010 at 10:35:04PM -0500, Patrick Donnelly wrote:
On Wed, Feb 17, 2010 at 8:16 PM, David Fifield <david () bamsoftware com> wrote:The nmap.is_privileged function I have no objection to. All the above is fine with me. One thing deserves some further design discussion, which is the nmap.get_ports function. I think it would be better to wrap PortList::nextPort more directly, giving scripts one-at-a-time access to port tables (and avoiding creating a potentially large table of tables, most of which won't be used by many scripts). A script that needs the full port list can easily create it by doing just what your C function does, looping with nextPort. Scripts like ipidseq.nse that need just any old port wouldn't need to allocate as much memory.NSE currently iterates over the port tables in the same way Kris does (create a large array of port tables). We can move to the other approach but we will need to have some "complicated" userdata for the for loop invariant (see generic for loops [1]). If we do this it should be generic enough so that NSE can use it too. I can do this if Kris doesn't want to.
Okay. I see that cnse.ports does just as you say (ports function in nse_main.cc). Let's handle one thing at a time. If you or Kris can implement a user-level interface around nextPort, let's do that first so that the raw IP stuff can be merged. Then reworking nse_main.lua to use less memory while iterating over the port table can be handled as a separate step. I'm not so much concerned about the implementation right now as the interface. If cnse and script-level NSE use different methods to access the ports, that's fine for now. The internal implementation can change later. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...), (continued)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) kx (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kurt (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) David Fifield (Feb 18)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- error compiling 5.21 Mike Calmus (Feb 20)
- Re: error compiling 5.21 David Fifield (Feb 22)
- Re: error compiling 5.21 Mike Calmus (Feb 23)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Patrick Donnelly (Feb 17)
- Re: Raw IP NSE Functionality (Was Re: [NSE] Raw ethernet frame questions ...) Kris Katterjohn (Feb 17)
- Re: Raw IP NSE Functionality David Fifield (Feb 23)
- Re: Raw IP NSE Functionality Patrick Donnelly (Feb 23)
- Re: Raw IP NSE Functionality Patrick Donnelly (Feb 23)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 23)
- Re: Raw IP NSE Functionality David Fifield (Feb 23)
- Re: Raw IP NSE Functionality David Fifield (Feb 25)
- Re: Raw IP NSE Functionality Kris Katterjohn (Feb 25)
- pcap_register David Fifield (Feb 25)
- Re: pcap_register majek04 (Feb 26)
- Re: pcap_register Kris Katterjohn (Feb 26)
- Re: Raw IP NSE Functionality kx (Feb 25)