diff --git a/CHANGELOG b/CHANGELOG index 3dd326d45..b0bfe521c 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,4 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- +o Fixed (I hope) a bug related to Pcap capture on Mac OS X. Thanks to + Christophe Thil for reporting the problem and to Kurt Grutzmacher + and Diman Todorov for helping to track it down. + o Upgraded the included LibPCRE from version 6.4 to 6.7. Thanks to Jochen Voß (voss(a)seehuhn.de) for the suggestion (he found some bugs in 6.4) diff --git a/osscan2.cc b/osscan2.cc index 025e4de49..bd8cbc70e 100644 --- a/osscan2.cc +++ b/osscan2.cc @@ -3256,7 +3256,7 @@ static void begin_sniffer(HostOsScan *HOS, vector &Targets) { } filterlen = 0; - HOS->pd = my_pcap_open_live(Targets[0]->deviceName(), 8192, (o.spoofsource)? 1 : 0, 2); + HOS->pd = my_pcap_open_live(Targets[0]->deviceName(), 8192, (o.spoofsource)? 1 : 0, pcap_selectable_fd_valid()? 200 : 2); if (doIndividual) len = snprintf(pcap_filter, sizeof(pcap_filter), "dst host %s and (icmp or (tcp and (%s", diff --git a/scan_engine.cc b/scan_engine.cc index c16974b54..105c8683d 100644 --- a/scan_engine.cc +++ b/scan_engine.cc @@ -3209,7 +3209,7 @@ static void begin_sniffer(UltraScanInfo *USI, vector &Targets) { } filterlen = 0; - USI->pd = my_pcap_open_live(Targets[0]->deviceName(), 100, (o.spoofsource)? 1 : 0, 2); + USI->pd = my_pcap_open_live(Targets[0]->deviceName(), 100, (o.spoofsource)? 1 : 0, pcap_selectable_fd_valid()? 200 : 2); if (USI->tcp_scan || USI->udp_scan) { if (doIndividual) diff --git a/targets.cc b/targets.cc index 11efffa62..f0c9ef9fb 100644 --- a/targets.cc +++ b/targets.cc @@ -1579,7 +1579,7 @@ static void massping(Target *hostbatch[], int num_hosts, 16 bytes of the TCP header --- = 104 byte snaplen */ - pd = my_pcap_open_live(hostbatch[0]->deviceName(), 104, o.spoofsource, 20); + pd = my_pcap_open_live(hostbatch[0]->deviceName(), 104, o.spoofsource, pcap_selectable_fd_valid()? 200 : 15); snprintf(filter, sizeof(filter), "(icmp and dst host %s) or ((tcp or udp) and dst host %s and ( dst port %d or dst port %d or dst port %d or dst port %d or dst port %d))", inet_ntoa(hostbatch[0]->v4source()), diff --git a/tcpip.cc b/tcpip.cc index b6f8736e5..dbb559e36 100644 --- a/tcpip.cc +++ b/tcpip.cc @@ -1844,12 +1844,9 @@ if (!pd) fatal("NULL packet device passed to readip_pcap"); gettimeofday(&tv_start, NULL); } -// Add other systems here if they don't support select()able pcap descriptors -#ifdef WIN32 pcap_descriptor = -1; -#else - pcap_descriptor = pcap_get_selectable_fd(pd); -#endif + if (pcap_selectable_fd_valid()) + pcap_descriptor = pcap_get_selectable_fd(pd); do { #ifdef WIN32 @@ -1950,6 +1947,16 @@ if (timedout) { return alignedbuf; } + +// Returns whether the system supports pcap_get_selectable_fd() properly +bool pcap_selectable_fd_valid() { +#if defined(WIN32) || defined(MACOSX) + return false; +#endif + return true; +} + + // Returns whether the packet receive time value obtained from libpcap // (and thus by readip_pcap()) should be considered valid. When @@ -2069,13 +2076,10 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP, } #endif -// Add other systems here if they don't support select()able pcap descriptors -#ifdef WIN32 - pcap_descriptor = -1; -#else - pcap_descriptor = pcap_get_selectable_fd(pd); -#endif - + pcap_descriptor = -1; + if (pcap_selectable_fd_valid()) + pcap_descriptor = pcap_get_selectable_fd(pd); + p = NULL; if (pcap_descriptor != -1) { fd_set rfds; diff --git a/tcpip.h b/tcpip.h index a83070d32..f5b9aaf20 100644 --- a/tcpip.h +++ b/tcpip.h @@ -617,6 +617,11 @@ int send_udp_raw_decoys( int sd, struct eth_nfo *eth, So a valid pcap_t will always be returned. */ pcap_t *my_pcap_open_live(const char *device, int snaplen, int promisc, int to_ms); + +// Returns whether the system supports pcap_get_selectable_fd() properly +bool pcap_selectable_fd_valid(); + + // Returns whether the packet receive time value obtaned from libpcap // (and thus by readip_pcap()) should be considered valid. When // invalid (Windows and Amiga), readip_pcap returns the time you called it.