Re: Patches to Nmap 5.30BETA1

[David Fifield <david () bamsoftware com>]

On Tue, Apr 27, 2010 at 05:54:00PM -0700, Darren Reed wrote:
> On 27/04/10 05:30 PM, David Fifield wrote:
> > The other problem, that of SIOCGIFHWADDR not being supported on PF_INET
> > sockets, remains. As you suggested, the absolute best solution would be
> > for this support to be added to OpenSolaris. Alternatively, we have to
> > add an Autoconf check not only that "SIOCGIFHWADDR is defined" but that
> > "SIOCGIFHWADDR works on PF_INET sockets." Then we would avoid using it
> > on OpenSolaris and use the route-bsd.c code instead. Wine added a check
> > for the member ifreq.ifr_hwaddr.
> > http://bugs.winehq.org/show_bug.cgi?id=20714
> > http://bugs2.winehq.org/attachment.cgi?id=26765
> > I don't think it's the best approach because OpenSolaris could
> > conceivably add that member and still not support SIOCGIFHWADDR on
> > PF_INET. Can you suggest a good way to check for this?
> > ...
> > > > > I know it is bad form to patch "configure" but I don't know any other
> > > > >   way to fix the detection of bpf here. The configure script is also
> > > > > wrong  for many BSD's because NetBSD, etc, now only have /dev/bpf (a
> > > > > cloning  device) and no longer have /dev/bpf0-15.
> >
> > In this case you should patch config/acinclude.m4 and then run autoconf.
> > The point about /dev/bpf is good but I've left it alone for now because
> > it's not yet working on OpenSolaris. Checking for /dev/bpf would make
> > eth-bsd.c be used in place of eth-dlpi.c, and then we would be in the
> > same situation as with eth-linux.c.
>
> Right.
>
> What I'd like to suggest is that the detection and use of
> a method to access raw ethernet packets be separated from
> querying the kernel for a MAC address.
>
> I can add SIOCGIFHWADDR support for PF_INET but in this case
> that would presume that PF_PACKET was the right choice for
> raw access. While that will work, I'd prefer to see BPF used
> because it is much more efficient for packet capture than
> PF_PACKET.

These are already separate. The SIOCGIFHWADDR code is in Nmap, not
libdnet. That is independent of whatever code libdnet chooses to use for
Ethernet sending.

> Additionally, what if someone added SIOCGIFHWADDR support
> to a BSD platform at some point in the future?

It's no problem--Nmap will use SIOCGIFHWADDR to get the MAC address and
libdnet with use the eth-bsd.c code for Ethernet. If the eth-bsd.c code
can be adapted to work on OpenSolaris then it will work the same way.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/