Merge r5728:5733 from /nmap-exp/david/nmap-massping-migration.

Increase PING_GROUP_SZ to 4096. Remove a broken test for wierd_responses (subnet broadcast addresses) and write a note that a working test is needed.
2025-12-06 12:41:29 +00:00 · 2007-08-30 06:30:29 +00:00
parent c0c4ab055f
commit 695b1a3a2d
2 changed files with 14 additions and 4 deletions
--- a/nmap.h
+++ b/nmap.h
@@ -327,7 +327,7 @@ void *realloc();
 /* Number of hosts we pre-ping and then scan.  We do a lot more if
   randomize_hosts is set.  Every one you add to this leads to ~1K of
   extra always-resident memory in nmap */
-#define PING_GROUP_SZ 2048
+#define PING_GROUP_SZ 4096

 /* DO NOT change stuff after this point */
 #define UC(b)   (((int)b)&0xff)
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -3815,6 +3815,18 @@ static int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
        probeI = hss->probes_outstanding.end();
        listsz = hss->num_probes_outstanding();

+        /* A check for wierd_responses is needed here. This is not currently
+           possible because we don't have a good way to look up the original
+           target of an ICMP probe based on the response. (massping encoded an
+           array index in the ICMP sequence, which won't work here.) Once we've
+           found the host that sent the probe that elicited the response, the
+           test for wierd_responses is
+              if (sending_host->v4host().s_addr != ip->ip_src.s_addr)
+                hss->target->wierd_responses++;
+           (That is, the target that sent the probe is not the same one that
+           sent the response.)
+         */
+
        goodone = false;

        /* Find the probe that provoked this response. */
@@ -3826,10 +3838,8 @@ static int get_ping_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
            continue;

          /* Ensure the connection info matches. */
-          if (hss->target->v4sourceip()->s_addr != ip->ip_dst.s_addr) {
-            hss->target->wierd_responses++;
+          if (hss->target->v4sourceip()->s_addr != ip->ip_dst.s_addr)
            continue;
-          }

          /* Sometimes we get false results when scanning localhost with
             -p- because we scan localhost with src port = dst port and