o [libpcap] Added a --disable-packet-ring option to force the use of

an older, slower packet capture mechanism on Linux. Before Linux
  2.6.27, the packet ring mechanism uses different-sized kernel
  structures on 32- and 64-bit architectures, so a 32-bit program will
  not run correctly on a 64-bit kernel. The older mechanism does not
  have this flaw.

CHANGELOG

@@ -1,5 +1,12 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [libpcap] Added a --disable-packet-ring option to force the use of
+  an older, slower packet capture mechanism on Linux. Before Linux
+  2.6.27, the packet ring mechanism uses different-sized kernel
+  structures on 32- and 64-bit architectures, so a 32-bit program will
+  not run correctly on a 64-bit kernel. The older mechanism does not
+  have this flaw.
+
 o UDP payloads are now stored in an external data file, nmap-payloads,
   instead of being hard-coded in the executable. This makes it easier
   to add your own payloads or disable those you find problematic. Jay

libpcap/NMAP_MODIFICATIONS

@@ -133,4 +133,72 @@ o Eliminated Lex/Yacc requirement and added the generated files:
  AC_SUBST(DYEXT)
  AC_SUBST(DAGLIBS)
 
+o Added a --disable-packet-ring configure option to allow the creation
+  of 32-bit binaries compatible with 64-bit Linux kernels before 2.6.27.
+
+Index: configure.in
+===================================================================
+--- configure.in	(revision 17694)
++++ configure.in	(working copy)
+@@ -1396,6 +1396,24 @@
+ 	AC_SUBST(CAN_SRC)
+ fi
+ 
++dnl The packet ring capture facility of Linux, described in
++dnl Documentation/networking/packet_mmap.txt, is not 32/64-bit compatible before
++dnl version 2.6.27. A 32-bit kernel requires a 32-bit userland, and likewise for
++dnl 64-bit. The effect of this is that a 32-bit libpcap binary will not run
++dnl correctly on a 64-bit kernel (the binary will use the wrong offsets into a
++dnl kernel struct). This problem was solved in Linux 2.6.27. Use
++dnl --disable-packet-ring whenever a 32-bit application must run on a 64-bit
++dnl target host, and either the build host or the target host run Linux 2.6.26
++dnl or earlier.
++AC_ARG_ENABLE([packet-ring],
++[AC_HELP_STRING([--enable-packet-ring],[enable Linux packet ring support @<:@default=yes@:>@])],
++,enable_packet_ring=yes)
++
++if test "x$enable_packet_ring" != "xno" ; then
++	AC_DEFINE(PCAP_SUPPORT_PACKET_RING, 1, [use Linux packet ring capture if available])
++	AC_SUBST(PCAP_SUPPORT_PACKET_RING)
++fi
++
+ AC_PROG_INSTALL
+ 
+ AC_CONFIG_HEADER(config.h)
+Index: pcap-linux.c
+===================================================================
+--- pcap-linux.c	(revision 17694)
++++ pcap-linux.c	(working copy)
+@@ -232,17 +232,19 @@
+ # endif /* PACKET_HOST */
+ 
+ 
+- /* check for memory mapped access avaibility. We assume every needed 
+-  * struct is defined if the macro TPACKET_HDRLEN is defined, because it
+-  * uses many ring related structs and macros */
+-# ifdef TPACKET_HDRLEN
+-#  define HAVE_PACKET_RING
+-#  ifdef TPACKET2_HDRLEN
+-#   define HAVE_TPACKET2
+-#  else
+-#   define TPACKET_V1	0
+-#  endif /* TPACKET2_HDRLEN */
+-# endif /* TPACKET_HDRLEN */
++# ifdef PCAP_SUPPORT_PACKET_RING
++  /* check for memory mapped access avaibility. We assume every needed 
++   * struct is defined if the macro TPACKET_HDRLEN is defined, because it
++   * uses many ring related structs and macros */
++#  ifdef TPACKET_HDRLEN
++#   define HAVE_PACKET_RING
++#   ifdef TPACKET2_HDRLEN
++#    define HAVE_TPACKET2
++#   else
++#    define TPACKET_V1	0
++#   endif /* TPACKET2_HDRLEN */
++#  endif /* TPACKET_HDRLEN */
++# endif /* PCAP_SUPPORT_PACKET_RING */
+ #endif /* PF_PACKET */
+ 
+ #ifdef SO_ATTACH_FILTER
+
 o Regenerated configure.

libpcap/config.h.in

@@ -217,6 +217,9 @@
 /* target host supports CAN sniffing */
 #undef PCAP_SUPPORT_CAN
 
+/* use Linux packet ring capture if available */
+#undef PCAP_SUPPORT_PACKET_RING
+
 /* target host supports USB sniffing */
 #undef PCAP_SUPPORT_USB
 

libpcap/configure

@@ -596,6 +596,7 @@ ac_subst_vars='LTLIBOBJS
 INSTALL_DATA
 INSTALL_SCRIPT
 INSTALL_PROGRAM
+PCAP_SUPPORT_PACKET_RING
 CAN_SRC
 PCAP_SUPPORT_CAN
 BT_SRC
@@ -702,6 +703,7 @@ with_snf_includes
 with_snf_libraries
 enable_bluetooth
 enable_can
+enable_packet_ring
 '
       ac_precious_vars='build_alias
 host_alias
@@ -1335,6 +1337,7 @@ Optional Features:
                           available]
   --enable-can            enable CAN support [default=yes, if support
                           available]
+  --enable-packet-ring    enable Linux packet ring support [default=yes]
 
 Optional Packages:
   --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
@@ -7179,6 +7182,21 @@ $as_echo "$as_me: no CAN sniffing support implemented for $host_os" >&6;}
 	esac
 
 
+fi
+
+# Check whether --enable-packet-ring was given.
+if test "${enable_packet_ring+set}" = set; then :
+  enableval=$enable_packet_ring;
+else
+  enable_packet_ring=yes
+fi
+
+
+if test "x$enable_packet_ring" != "xno" ; then
+
+$as_echo "#define PCAP_SUPPORT_PACKET_RING 1" >>confdefs.h
+
+
 fi
 
 # Find a good install program.  We prefer a C program (faster),

libpcap/configure.in

@@ -1396,6 +1396,24 @@ if test "x$enable_can" != "xno" ; then
 	AC_SUBST(CAN_SRC)
 fi
 
+dnl The packet ring capture facility of Linux, described in
+dnl Documentation/networking/packet_mmap.txt, is not 32/64-bit compatible before
+dnl version 2.6.27. A 32-bit kernel requires a 32-bit userland, and likewise for
+dnl 64-bit. The effect of this is that a 32-bit libpcap binary will not run
+dnl correctly on a 64-bit kernel (the binary will use the wrong offsets into a
+dnl kernel struct). This problem was solved in Linux 2.6.27. Use
+dnl --disable-packet-ring whenever a 32-bit application must run on a 64-bit
+dnl target host, and either the build host or the target host run Linux 2.6.26
+dnl or earlier.
+AC_ARG_ENABLE([packet-ring],
+[AC_HELP_STRING([--enable-packet-ring],[enable Linux packet ring support @<:@default=yes@:>@])],
+,enable_packet_ring=yes)
+
+if test "x$enable_packet_ring" != "xno" ; then
+	AC_DEFINE(PCAP_SUPPORT_PACKET_RING, 1, [use Linux packet ring capture if available])
+	AC_SUBST(PCAP_SUPPORT_PACKET_RING)
+fi
+
 AC_PROG_INSTALL
 
 AC_CONFIG_HEADER(config.h)

libpcap/pcap-linux.c

@@ -232,17 +232,19 @@ static const char rcsid[] _U_ =
 # endif /* PACKET_HOST */
 
 
- /* check for memory mapped access avaibility. We assume every needed 
-  * struct is defined if the macro TPACKET_HDRLEN is defined, because it
-  * uses many ring related structs and macros */
-# ifdef TPACKET_HDRLEN
-#  define HAVE_PACKET_RING
-#  ifdef TPACKET2_HDRLEN
-#   define HAVE_TPACKET2
-#  else
-#   define TPACKET_V1	0
-#  endif /* TPACKET2_HDRLEN */
-# endif /* TPACKET_HDRLEN */
+# ifdef PCAP_SUPPORT_PACKET_RING
+  /* check for memory mapped access avaibility. We assume every needed 
+   * struct is defined if the macro TPACKET_HDRLEN is defined, because it
+   * uses many ring related structs and macros */
+#  ifdef TPACKET_HDRLEN
+#   define HAVE_PACKET_RING
+#   ifdef TPACKET2_HDRLEN
+#    define HAVE_TPACKET2
+#   else
+#    define TPACKET_V1	0
+#   endif /* TPACKET2_HDRLEN */
+#  endif /* TPACKET_HDRLEN */
+# endif /* PCAP_SUPPORT_PACKET_RING */
 #endif /* PF_PACKET */
 
 #ifdef SO_ATTACH_FILTER