From 8688fee2e29d83edb2a0318736fb5025b916e1bb Mon Sep 17 00:00:00 2001
From: david <david@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Wed, 11 Aug 2010 16:27:17 +0000
Subject: [PATCH] Document that -g doesn't work for anything that uses normal
 OS sockets, including DNS resolution, connect scan, version detection, and
 NSE.

---
 docs/refguide.xml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/docs/refguide.xml b/docs/refguide.xml
index 483e8775b..b99aa9fc4 100644
--- a/docs/refguide.xml
+++ b/docs/refguide.xml
@@ -3181,11 +3181,14 @@ allowed any incoming UDP packets with the source port 53 (DNS) or 67
 <para>Nmap offers the <option>-g</option> and
 <option>--source-port</option> options (they are equivalent) to exploit these
 weaknesses.  Simply provide a port number and Nmap will send packets
-from that port where possible.  Nmap must use different port numbers
-for certain OS detection tests to work properly, and DNS requests
-ignore the <option>--source-port</option> flag because Nmap relies on system
-libraries to handle those.  Most TCP scans, including SYN scan,
-support the option completely, as does UDP scan.</para>
+from that port where possible.  Most scanning operations that use raw sockets,
+including SYN and UDP scans, support the option completely.  The option notably
+doesn't have an effect for any operations that use normal operating system
+sockets, including DNS requests, TCP <function>connect</function>
+scan,<indexterm><primary>connect scan</primary></indexterm> version detection,
+and script scanning. Setting the source port also doesn't work for OS detection,
+because Nmap must use different port numbers for certain OS detection tests to
+work properly.</para>
 
         </listitem>
       </varlistentry>