Re: [RFC] --exclude-ports option for Nmap

[John <nmap-dev () johnbond org>]

Hi Jay,

I like the suggestion and i think your logic on how to handle the flags
is what i would expect.

On 05/06/14 13:42, Jacek Wielemborek wrote:
> 03/06/2014 15:42:11 Jay Bosamiya <jaybosamiya () gmail com>:
> > Hi All!
> >
> > The --exclude-ports option would be a major boon to many Nmap
> > users and it has been in demand for quite a while now.
> > However, there are some things that need to be thought about
> > before we add it in.
> >
> > 1. How does it interact with -p? More specifically, what does
> > "-p 80 --exclude-ports 80" do (since user specifically
> > included it as well as excluded it)?
> >      I think that we should follow a "exclude has higher priority
> > than include" ideology and NOT scan 80 in this case. However,
> > we could show a warning to a user if he has included a port
> > individually and then excluded it (i.e. not using ranges). The
> > warning thing could be added later on, as a follow up.
>
> IMHO the first case should be an error as there are no ports to 
> scan. I would personally find it perfect if it defaulted to 
> signalling an error instead of guessing. I was thinking of 
> suggesting that it should panic anytime the -p and --exclude 
> lists overlap, but that would make "-p- --exclude smtp" 
> impossible, so it's probably not a good idea.
To me the main use for this feature is doing things like nmap -p-
--exlude 9100 or nmap -p1-1000 --exclude 9.  So i would be against
making this an error.
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/