Nmap Development mailing list archives
Re: [NSE] New class of scripts -- New Net Rules proposal
From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 26 Jun 2010 07:26:20 -0400
On Sat, Jun 26, 2010 at 6:42 AM, Djalal Harouni <tixxdz () gmail com> wrote:
7) The Action function: ----------------------- o Since new NSE scripts can run at different times, the action function must know when it has been called, because some scripts can have different behaviours especially when they have multiple netrules. e.g: A whois script which have a netrule_pre and a netrule_post rules will run at the beginning and sets a registry value to tell the whois hostrule script to save the results onto the registry, after that the first whois script will run at the end (netrule_post) and collects/report the final results (e.g: unique contact details). Having two different scripts, a pre-scan one and a post-scan script to do this seems to me rediculous. o The action function receives two arguments: * A net table argument. * Another string argument "netrule_pre" or "netrule_post", in this case if there are scripts with more than one netrule the action will know when it has been called. o This feature of a script which can have multiple netrules must not be abused, if the action code differes a lot from when the script is in the pre-scan mode and in the post-scan mode, then the best solution is to have two different scripts each one with a netrule.
An idea we floated around in the NSE meeting was to change a rule function to return its action function instead of a boolean. This enables different action functions for each different rule (a script can have multiple rule functions). A nice aspect of this change is the ability to keep backwards compatibility: if the rule function returns the boolean true --> use the global action function. This would remove the need to make the action function aware of when it runs through an extra argument. -- - Patrick Donnelly _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New class of scripts -- New Rule proposal Djalal Harouni (Jun 24)
- Re: [NSE] New class of scripts -- New Rule proposal Fyodor (Jun 24)
- Re: [NSE] New class of scripts -- New Rule proposal Ron (Jun 25)
- Re: [NSE] New class of scripts -- New Rule proposal Djalal Harouni (Jun 26)
- Re: [NSE] New class of scripts -- New Rule proposal Djalal Harouni (Jun 26)
- Re: [NSE] New class of scripts -- New Rule proposal Ron (Jun 25)
- Re: [NSE] New class of scripts -- New Rule proposal Daniel Miller (Jun 25)
- Re: [NSE] New class of scripts -- New Rule proposal Djalal Harouni (Jun 26)
- Re: [NSE] New class of scripts -- New Rule proposal Fyodor (Jun 28)
- Re: [NSE] New class of scripts -- New Rule proposal DePriest, Jason R. (Jun 29)
- Re: [NSE] New class of scripts -- New Net Rules proposal Djalal Harouni (Jun 26)
- Re: [NSE] New class of scripts -- New Net Rules proposal Patrick Donnelly (Jun 26)
- Re: [NSE] New class of scripts -- New Net Rules proposal Fyodor (Jun 28)
- Re: [NSE] New class of scripts -- New Rule proposal Fyodor (Jun 24)