merge soc07 r5094:5098 - Updated to winpcap 4.01; Update reason documentation.; bugfix re multiple copies of winpcap installed

CHANGELOG

@@ -2,6 +2,9 @@
 
 4.22SOC1
 
+o Upgraded from WinPcap 4.0 to WinPcap 4.01 and fixed a versioning
+  error [Eddie]
+
 o The port selection mechanism was overhauled.  Nmap now knows
   (roughly) how common various services are, so you can specify
   options such as --top-ports 50 to scan the 50 most popular ports.

docs/nmap.1

@@ -118,6 +118,7 @@ SCAN TECHNIQUES:
   \-sO: IP protocol scan
   \-b <ftp relay host>: FTP bounce scan
   \-\-traceroute: Trace hop path to each host
+  \-\-reason: Display the reason a port is in a particular state
 PORT SPECIFICATION AND SCAN ORDER:
   \-p <port ranges>: Only scan specified ports
     Ex: \-p22; \-p1\-65535; \-p U:53,111,137,T:21\-25,80,139,8080
@@ -381,6 +382,9 @@ Traceroutes are performed post\-scan using information from the scan results to
 .sp
 Traceroute works by sending packets with a low TTL (time\-to\-live) in an attempt to illicit ICMP TTL_EXCCEDED messages from intermediate hops between the scanner and the target host. Standard traceroute implementation start with a TTL of 1 and increment the TTL until the destination host is reached. Nmap's traceroute starts with a high TTL and then decrements the TTL until it reaches 0. Doing it backwards lets nmap employ clever caching algorithms to speed up traces over multiple hosts. On average nmap sends 5\-10 fewer packets per host, depending on network conditions. If a single subnet is being scanned (i.e. 192.168.0.0/24) nmap may only have to send a single packet to most hosts.
 .TP
+\fB\-\-reason\fR (Host and port state reasons)
+Shows the reason each port is set to a specific state and the reason each host is up or down. This option displays the type of the packet that determined a port or hosts state. For example, A RST packet from a closed port or an echo reply from an alive host. The information nmap can provide is determined by the type of scan or ping. The SYN scan and SYN ping (\fB\-sS and -PT\fR) are very detailed. Whilst the TCP connect scan and ping (\fB\-sT\fR) are limited by the implementation of connect(). This feature is automatically enabled by the debug flag (\fB\-d\fR) and the results are stored in XML log files even if this option is not specified.
+.TP
 \fB\-n\fR (No DNS resolution)
 Tells Nmap to
 \fInever\fR

docs/refguide.xml

@@ -692,7 +692,19 @@ Traceroute works by sending packets with a low TTL (time-to-live) in an attempt
 </listitem>
 </varlistentry>
 
+<varlistentry>
+ <term>
+  <option>--reason</option> (Host and port state reasons)
+ </term>
+ <listitem>
+   <indexterm significance="normal"><primary>--reason</primary></indexterm>
+   <indexterm significance="normal"><primary>Host and port state reasons</primary></indexterm>
 
+<para>
+Shows the reason each port is set to a specific state and the reason each host is up or down. This option displays the type of the packet that determined a port or hosts state. For example, A RST packet from a closed port or an echo reply from an alive host. The information nmap can provide is determined by the type of scan or ping. The SYN scan and SYN ping (\fB\-sS and -PT\fR) are very detailed. Whilst the TCP connect scan and ping (\fB\-sT\fR) are limited by the implementation of connect(). This feature is automatically enabled by the debug flag (\fB\-d\fR) and the results are stored in XML log files even if this option is not specified.
+</para>
+</listitem>
+</varlistentry>
 
       <varlistentry>
         <term>

mswin32/nsis/Nmap.nsi

@@ -96,10 +96,10 @@ Section "Register Nmap Path" SecRegisterPath
   Call AddToPath 
 SectionEnd 
  
-Section "WinPcap 4.0" SecWinPcap 
-  File ..\winpcap\winpcap-nmap-4.0.exe 
-  Exec '"$INSTDIR\winpcap-nmap-4.0.exe"' 
-  Delete "$INSTDIR\winpcap-nmap-4.0.exe" 
+Section "WinPcap 4.01" SecWinPcap 
+  File ..\winpcap\winpcap-nmap-4.01.exe 
+  Exec '"$INSTDIR\winpcap-nmap-4.01.exe"' 
+  Delete "$INSTDIR\winpcap-nmap-4.01.exe" 
 SectionEnd 
  
 Section "Network Performance Improvements (Registry Changes)" SecPerfRegistryMods 

mswin32/winpcap/winpcap-nmap.nsi

@@ -1,14 +1,17 @@
 ;; Custom winpcap for nmap
 ;; Started by Doug Hoyte, April 2006
+
+;; Eddie Bell
 ;; Updated to 4.0, June 2007
+;; Updated to 4.01, July 2007
 
 ;--------------------------------
 
 ; The name of the installer
-Name "winpcap-nmap-4.0"
+Name "winpcap-nmap-4.01"
 
 ; The file to write
-OutFile "winpcap-nmap-4.0.exe"
+OutFile "winpcap-nmap-4.01.exe"
 
 ; The default installation directory
 InstallDir $PROGRAMFILES\WinPcap
@@ -40,7 +43,8 @@ UninstPage instfiles
 Function .onInit
   var /GLOBAL inst_ver
   var /GLOBAL my_ver
-
+  StrCpy $my_ver "4.0.0.901" 
+  
   IfSilent do_silent no_silent
 
   do_silent:
@@ -62,13 +66,6 @@ Function .onInit
     IntOp $R5 $R1 & 0x0000FFFF
     StrCpy $inst_ver "$R2.$R3.$R4.$R5"
 
-    GetDllVersion "wpcap.dll" $R0 $R1
-    IntOp $R2 $R0 / 0x00010000
-    IntOp $R3 $R0 & 0x0000FFFF
-    IntOp $R4 $R1 / 0x00010000
-    IntOp $R5 $R1 & 0x0000FFFF
-    StrCpy $my_ver "$R2.$R3.$R4.$R5"
-
     StrCmp $inst_ver $my_ver same_ver
 
     MessageBox MB_YESNO|MB_ICONQUESTION "WinPcap version $inst_ver exists on this system. Replace with version $my_ver?" IDYES finish
@@ -118,7 +115,7 @@ Section "" ;No components page, name is not important
   WriteRegStr HKLM "Software\WinPcap" "" '"$INSTDIR"'
 
   ; Write the uninstall keys for Windows
-  WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "DisplayName" "winpcap-nmap 4.0"
+  WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "DisplayName" "winpcap-nmap 4.01"
   WriteRegStr HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "UninstallString" '"$INSTDIR\uninstall.exe"'
   WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "NoModify" 1
   WriteRegDWORD HKLM "Software\Microsoft\Windows\CurrentVersion\Uninstall\winpcap-nmap" "NoRepair" 1
@@ -146,4 +143,4 @@ Section "Uninstall"
 
   RMDir "$INSTDIR"
 
-SectionEnd
+SectionEnd