diff --git a/CHANGELOG b/CHANGELOG
index bbae555c7..72366e33d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,31 @@
# Nmap Changelog ($Id$); -*-text-*-
+o [Nmap, Ncat, Nping] The default unit for time specifications is now
+ seconds, not milliseconds, and times may have a decimal point. 1000
+ now means 1000 seconds, or about 17 minutes, not 1000 milliseconds.
+ This affects the following options:
+ Nmap:
+ --host-timeout
+ --max-rtt-timeout --min-rtt-timeout --initial-rtt-timeout
+ --scan-delay --max-scan-delay
+ --stats-every
+ Ncat:
+ -d --delay
+ -i --idle-timeout
+ -w --wait
+ Nping:
+ --delay
+ --host-timeout
+ --icmp-orig-time --icmp-recv-time --icmp-trans-time
+ Some sanity checks have been added to catch what looks like an
+ attempt to use the old millisecond defaults. For example,
+ --host-timeout 10000 yields
+ The default unit for --host-timeout is seconds (since April 2010),
+ so your time of "10000" is 2.8 hours. If this is what you want,
+ use "10000s".
+ QUITTING!
+ You can always disable the warning by giving an explicit unit.
+
o [NSE] Scripts that take an argument for a time duration can now have
the duration be a number followed by a unit, like other times in
Nmap. For example, 10m for 10 minutes. The units understood are ms
diff --git a/docs/refguide.xml b/docs/refguide.xml
index 7aae21906..437e1cfc8 100644
--- a/docs/refguide.xml
+++ b/docs/refguide.xml
@@ -2430,11 +2430,11 @@ parameters can also make a substantial difference. Those options are
listed below.
Some options accept a time parameter. This
-is specified in milliseconds by default, though you can append
-‘s’, ‘m’, or ‘h’ to the value to
-specify seconds, minutes, or hours. So the
- arguments 900000,
-900s, and 15m all do the same thing.
+is specified in seconds by default, though you can append
+‘ms’, ‘s’, ‘m’, or ‘h’ to the value to
+specify milliseconds, seconds, minutes, or hours. So the
+ arguments 900000ms,
+900, 900s, and 15m all do the same thing.
@@ -2555,8 +2555,9 @@ networks. Don't get too aggressive though. The scan can end up
taking longer if you specify such a low value that many probes are
timing out and retransmitting while the response is in transit.
-If all the hosts are on a local network, 100 milliseconds is a
-reasonable aggressive value. If
+If all the hosts are on a local network, 100 milliseconds
+() is a
+reasonable aggressive value. If
routing is involved, ping a host on the network first with the ICMP
ping utility, or with a custom packet crafter such as
hping2hping2
@@ -2870,12 +2871,12 @@ seconds, respectively, between probes. is Nmap's
default behavior, which includes
parallelization.normal () timing template
-does the equivalent of and sets the maximum TCP scan delay
+does the equivalent of and sets the maximum TCP scan delay
to 10 milliseconds.
does the equivalent of
- as well as
+ as well as
setting the maximum TCP scan delay to 5 ms.
diff --git a/nmap.cc b/nmap.cc
index 6e01b28ca..88174b0b5 100644
--- a/nmap.cc
+++ b/nmap.cc
@@ -545,6 +545,7 @@ int nmap_main(int argc, char *argv[]) {
char *p, *q;
int i, arg;
long l;
+ double d;
unsigned int targetno;
FILE *inputfd = NULL, *excludefd = NULL;
char *host_spec = NULL, *exclude_spec = NULL;
@@ -769,21 +770,25 @@ int nmap_main(int argc, char *argv[]) {
} else if (optcmp(long_options[option_index].name, "max-rtt-timeout") == 0) {
l = tval2msecs(optarg);
if (l < 5)
- fatal("Bogus --max-rtt-timeout argument specified, must be at least 5");
- if (l < 20) {
+ fatal("Bogus --max-rtt-timeout argument specified, must be at least 5ms");
+ if (l >= 50 * 1000 && tval_unit(optarg) == NULL)
+ fatal("The default unit for --max-rtt-timeout is seconds (since April 2010), so your time of \"%s\" is %g seconds. Use \"%sms\" for %g milliseconds.", optarg, l / 1000.0, optarg, l / 1000.0);
+ if (l < 20)
error("WARNING: You specified a round-trip time timeout (%ld ms) that is EXTRAORDINARILY SMALL. Accuracy may suffer.", l);
- }
pre_max_rtt_timeout = l;
} else if (optcmp(long_options[option_index].name, "min-rtt-timeout") == 0) {
l = tval2msecs(optarg);
- if (l < 0) fatal("Bogus --min-rtt-timeout argument specified");
- if (l > 50000) {
- error("Warning: min-rtt-timeout is given in milliseconds, your value seems pretty large.");
- }
+ if (l < 0)
+ fatal("Bogus --min-rtt-timeout argument specified");
+ if (l >= 50 * 1000 && tval_unit(optarg) == NULL)
+ fatal("The default unit for --min-rtt-timeout is seconds (since April 2010), so your time of \"%s\" is %g seconds. Use \"%sms\" for %g milliseconds.", optarg, l / 1000.0, optarg, l / 1000.0);
pre_min_rtt_timeout = l;
} else if (optcmp(long_options[option_index].name, "initial-rtt-timeout") == 0) {
l = tval2msecs(optarg);
- if (l <= 0) fatal("Bogus --initial-rtt-timeout argument specified. Must be positive");
+ if (l <= 0)
+ fatal("Bogus --initial-rtt-timeout argument specified. Must be positive");
+ if (l >= 50 * 1000 && tval_unit(optarg) == NULL)
+ fatal("The default unit for --initial-rtt-timeout is seconds (since April 2010), so your time of \"%s\" is %g seconds. Use \"%sms\" for %g milliseconds.", optarg, l / 1000.0, optarg, l / 1000.0);
pre_init_rtt_timeout = l;
} else if (strcmp(long_options[option_index].name, "excludefile") == 0) {
if (exclude_spec)
@@ -823,11 +828,11 @@ int nmap_main(int argc, char *argv[]) {
}
} else if (optcmp(long_options[option_index].name, "host-timeout") == 0) {
l = tval2msecs(optarg);
- if (l <= 1500) fatal("--host-timeout is specified in milliseconds unless you qualify it by appending 's', 'm', or 'h'. The value must be greater than 1500 milliseconds");
+ if (l <= 0)
+ fatal("Bogus --host-timeout argument specified");
+ if (l >= 10000 * 1000 && tval_unit(optarg) == NULL)
+ fatal("The default unit for --host-timeout is seconds (since April 2010), so your time of \"%s\" is %.1f hours. If this is what you want, use \"%ss\".", optarg, l / 1000.0 / 60 / 60, optarg);
pre_host_timeout = l;
- if (l < 15000) {
- error("host-timeout is given in milliseconds, so you specified less than 15 seconds (%lims). This is allowed but not recommended.", l);
- }
} else if (strcmp(long_options[option_index].name, "ttl") == 0) {
o.ttl = atoi(optarg);
if (o.ttl < 0 || o.ttl > 255) {
@@ -860,13 +865,19 @@ int nmap_main(int argc, char *argv[]) {
o.version_intensity = 9;
} else if (optcmp(long_options[option_index].name, "scan-delay") == 0) {
l = tval2msecs(optarg);
- if (l < 0) fatal("Bogus --scan-delay argument specified.");
+ if (l < 0)
+ fatal("Bogus --scan-delay argument specified.");
+ if (l >= 100 * 1000)
+ fatal("The default unit for --scan-delay is seconds (since April 2010), so your time of \"%s\" is %.1f minutes. Use \"%sms\" for %g milliseconds.", optarg, l / 1000.0 / 60, optarg, l / 1000.0);
pre_scan_delay = l;
} else if (optcmp(long_options[option_index].name, "defeat-rst-ratelimit") == 0) {
o.defeat_rst_ratelimit = 1;
} else if (optcmp(long_options[option_index].name, "max-scan-delay") == 0) {
l = tval2msecs(optarg);
- if (l < 0) fatal("--max-scan-delay cannot be negative.");
+ if (l < 0)
+ fatal("Bogus --max-scan-delay argument specified.");
+ if (l >= 100 * 1000)
+ fatal("The default unit for --max-scan-delay is seconds (since April 2010), so your time of \"%s\" is %.1f minutes. If this is what you want, use \"%ss\".", optarg, l / 1000.0 / 60, optarg);
pre_max_scan_delay = l;
} else if (optcmp(long_options[option_index].name, "max-retries") == 0) {
pre_max_retries = atoi(optarg);
@@ -989,9 +1000,10 @@ int nmap_main(int argc, char *argv[]) {
} else if (optcmp(long_options[option_index].name, "adler32") == 0) {
o.adler32 = true;
} else if(optcmp(long_options[option_index].name, "stats-every") == 0) {
- l = tval2msecs(optarg);
- if (l < 0) fatal("Argument to --stats-every cannot be negative.");
- o.stats_interval = (double) l / 1000.0;
+ d = tval2secs(optarg);
+ if (d < 0)
+ fatal("Argument to --stats-every cannot be negative.");
+ o.stats_interval = d;
} else {
fatal("Unknown long option (%s) given@#!$#$", long_options[option_index].name);
}