bug fixing

CHANGELOG

@@ -1,5 +1,30 @@
 # Nmap Changelog ($Id$)
 
+o Added --iflist argument which prints a list of system interfaces and
+  routes detected by Nmap.
+
+o Fixed a protocol scan (-sO) problem which led to the error message:
+  "Error compiling our pcap filter: syntax error".  Thanks to Michel
+  Arboi (michel(a)arboi.fr.eu.org) for reporting the problem.
+
+o Fixed an Nmap version detection crash on Windows which led to the
+  error message "Unexpected error in NSE_TYPE_READ callback.  Error
+  code: 10053 (Unknown error)".  Thanks to Srivatsan
+  (srivatsanp(a)adventnet.com) for reporting the problem.
+
+o Fixed some misspellings in docs/nmap.xml reported by Tom Sellers
+  (TSellers(a)trustmark.com).
+
+o Updated random scan (ip_is_reserved()) to reflect the latest IANA
+  assignments.  This patch was sent in by Felix Groebert
+  (felix(a)groebert.org).
+
+o Applied some changes from  Gisle Vanem (giva(a)bgnett.no) to make
+  Nmap compile with Cygwin.
+
+o XML "osmatch" element now has a "line" attribute giving the
+  reference fingerprint line number in nmap-os-fingerprints.
+
 Nmap 3.84ALPHA1
 
 o Added the ability for Nmap to send and properly route raw ethernet
@@ -10,7 +35,7 @@ o Added the ability for Nmap to send and properly route raw ethernet
   platform, though you can override it with the new --send_eth and
   --send_ip options.
 
-o Added ARP ping (-PR). Nmap can now send raw ethernet ARP requests to
+o Added ARP scanning (-PR). Nmap can now send raw ethernet ARP requests to
   determine whether hosts on a LAN are up, rather than relying on
   higher-level IP packets (which can only be sent after a successful
   ARP request and reply anyway).  This is much faster and more
@@ -19,7 +44,7 @@ o Added ARP ping (-PR). Nmap can now send raw ethernet ARP requests to
   same LAN as the scanning machine.  It is now used automatically for
   any hosts that are detected to be on a local ethernet network,
   unless --send_ip was specified.  Example usage: nmap -sP -PR
-  192.168.0.0/16 .  This is not yet supported on Windows.
+  192.168.0.0/16 .
 
 o Added the --spoof_mac option, which asks Nmap to use the given MAC
   address for all of the raw ethernet frames it sends.  The MAC given
@@ -56,6 +81,11 @@ o Added a distcc probes and a bunch of smtp matches from Dirk Mueller
   even more probes and matches from Martin Macok
   (martin.macok(a)underground.cz)
 
+o Nmap on Windows now compiles/links with the new WinPcap 3.1
+  header/lib files. So please upgrade to 3.1 from
+  http://www.winpcap.org before installing this version of Nmap.
+  While older versions may still work, they aren't supported with Nmap.
+
 o Fixed a problem where Nmap compilation would use header files from
   the libpcap included with Nmap even when it was linking to a system
   libpcap.  Thanks to Solar Designer (solar(a)openwall.com) and Okan
@@ -88,7 +118,10 @@ o Added a stripped-down and heavily modified version of Dug Song's
 
 o Removed WinIP library (and all Windows raw sockets code) since MS
   has gone and broken raw sockets.  Maybe packet receipt via raw
-  sockets will come back at some point.
+  sockets will come back at some point.  As part of this removal, the
+  Windows-specific --win_help, --win_list_interfaces, --win_norawsock,
+  --win_forcerawsock, --win_nopcap, --win_nt4route, --win_noiphlpapi,
+  and --win_trace options have been removed.
 
 o Chagned the interesting ports array from a 65K-member array of
   pointers into an STL list.  This noticeable reduces memory usage in

NmapOutputTable.cc

@@ -136,7 +136,7 @@ NmapOutputTable::~NmapOutputTable() {
   if (tableout) free(tableout);
 }
 
-void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy, char *item, 
+void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy, const char *item, 
 			      int itemlen) {
   struct NmapOutputTableCell *cell;
 
@@ -160,7 +160,7 @@ void NmapOutputTable::addItem(unsigned int row, unsigned int column, bool copy,
     memcpy(cell->str, item, itemlen);
     cell->str[itemlen] = '\0';
   } else {
-    cell->str = item;
+    cell->str = (char *) item;
   }
   cell->weAllocated = copy;
 

NmapOutputTable.h

@@ -129,7 +129,7 @@ class NmapOutputTable {
   // Copy specifies whether we must make a copy of item.  Otherwise we'll just save the
   // ptr (and you better not free it until this table is destroyed ).  Skip the itemlen parameter if you
   // don't know (and the function will use strlen).
-  void addItem(unsigned int row, unsigned int column, bool copy, char *item, int itemlen = -1);
+  void addItem(unsigned int row, unsigned int column, bool copy, const char *item, int itemlen = -1);
   // Like addItem except this version takes a prinf-style format string followed by varargs
   void addItemFormatted(unsigned int row, unsigned int column, const char *fmt, ...)
     __attribute__ ((format (printf, 4, 5)));

configure

@@ -9059,4 +9059,4 @@ fi
 if test -f docs/leet-nmap-ascii-art.txt; then
 	cat docs/leet-nmap-ascii-art.txt
 fi
-echo "Configuration complete.  Type make to compile."
+echo "Configuration complete.  Type make (or gmake on some *BSD machines) to compile."

docs/nmap.dtd

@@ -202,6 +202,7 @@
 <!ATTLIST osmatch
 			name		CDATA		#REQUIRED
 			accuracy	%attr_numeric;	#REQUIRED
+			line    	%attr_numeric;	#REQUIRED
 >
 
 <!ELEMENT uptime	EMPTY >

docs/nmap.xsl

@@ -358,10 +358,10 @@ function timestamp2date(stamp)
     	<xsl:with-param name="stamp"><xsl:value-of select="$end" /></xsl:with-param>
     </xsl:call-template>.
 	<xsl:choose>
-        <xsl:when test="debugging/@level = '0'">Debbuging was disabled, </xsl:when>
-        <xsl:otherwise>Debugging was enabeld, </xsl:otherwise>
+        <xsl:when test="debugging/@level = '0'">Debugging was disabled, </xsl:when>
+        <xsl:otherwise>Debugging was enabled, </xsl:otherwise>
     </xsl:choose>
-    the verbosing level was <xsl:value-of select="verbose/@level" />.
+    the verbosity level was <xsl:value-of select="verbose/@level" />.
 
     </p>
 	<xsl:apply-templates/>

libdnet-stripped/include/dnet/os.h

@@ -26,9 +26,10 @@
   typedef unsigned int		ssize_t;
 # endif
 #if !defined(__GNUC__)
+typedef unsigned int                ssize_t;
 #define snprintf _snprintf
 #define vsnprintf _vsnprintf
-# endif
+#endif
 #else
 # include <sys/param.h>
 # include <sys/types.h>

mswin32/IPExport.h

@@ -216,5 +216,3 @@ typedef struct _IP_ADAPTER_ORDER_MAP
 
 
 #endif // IP_EXPORT_INCLUDED
-
-

mswin32/winclude.h

@@ -65,6 +65,9 @@
 #ifndef WINCLUDE_H
 #define WINCLUDE_H
 
+#include <stdio.h>
+#include <stdlib.h>
+
 #include "nbase.h"
 
 #include <gnuc.h>

mswin32/winfix.cc

@@ -171,7 +171,7 @@ void win_init()
 		if(o.debugging > 2) printf("***WinIP***  trying to initialize winpcap 2.1\n");
 		PacketGetAdapterNames(pcaplist, &len);
 		if(o.debugging)
-			printf("***WinIP***  winpcap present, dynamic linked to: %s\n", pcap_lib_version());
+			printf("Winpcap present, dynamic linked to: %s\n", pcap_lib_version());
 	}
 #ifdef _MSC_VER
 	__except(GetExceptionCode() == DLI_ERROR)

nmap-os-fingerprints

@@ -11569,7 +11569,7 @@ PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E|F%ULEN=134%DAT=E)
 # Linux 2.6.4 i686
 # Linux gentoo 2.6.7-gentoo-r11 i686
 # Linux gentoo 2.6.11-gentoo-r9
-Fingerprint Linux 2.4.18 - 2.6.11
+Fingerprint Linux 2.4.7 - 2.6.11
 Class Linux | Linux | 2.4.X | general purpose
 Class Linux | Linux | 2.5.X | general purpose
 Class Linux | Linux | 2.6.X | general purpose
@@ -11836,20 +11836,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-# Red Hat Enterprise Linux AS release 3.90 (Nahant), Kernel 2.6.8-1.528.2.10smp on an i686
-Fingerprint Linux 2.4.20 or 2.6.8
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<28E2CAC&>68A83%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 Fingerprint Linux 2.4.20 x86
 Class Linux | Linux | 2.4.X | general purpose
 TSeq(Class=RI%gcd=<8%SI=<1DB22CE&>1862A%IPID=Z%TS=100HZ)
@@ -12254,21 +12240,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux kernel 2.4.26-1.ll.rh90.ccrma from RedHat 9.0
-# Linux kernel 2.6.5-63255U10_3cl (i686(X86)) from Conectiva Linux 10
-Fingerprint Linux 2.4.26 or 2.6.5
-Class Linux | Linux | 2.4.X | general purpose
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<247BECA&>5659F%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=F%UCK=F%ULEN=134%DAT=E)
-
 Fingerprint Linux 2.4.26-gentoo-r6 w/grsec
 Class Linux | Linux | 2.4.X | general purpose
 TSeq(Class=TR%gcd=<6%IPID=RD%TS=100HZ)
@@ -12334,19 +12305,6 @@ T6(DF=N%W=800|1000|C00%ACK=S%Flags=AR%Ops=WNMETL)
 T7(DF=N%W=1000|400%ACK=S++%Flags=AR%Ops=WNMETL)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
-# Linux 2.4.3-2.10.1smp (RedHat 7.0.98 Wolverine)
-Fingerprint Linux 2.4.3 SMP (RedHat)
-Class Linux | Linux | 2.4.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<2E7A750&>76F8A%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=Y%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux kernel 2.4.30 (vanilla)
 Fingerprint Linux 2.4.30
 Class Linux | Linux | 2.4.X | general purpose
@@ -12414,7 +12372,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
 # Linux Athena 2.6.3-1-686 #2 Tue Feb 24 20:24:38 EST 2004 i686 GNU/Linux
 # Linux 2.4.7 (RedHat 7.3 on SPARC)  
-Fingerprint Linux 2.4.7 through 2.6.3
+Fingerprint Linux 2.4.7 - 2.6.11
 Class Linux | Linux | 2.4.X | general purpose
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1682210&>399B1%IPID=Z%TS=1000HZ)
@@ -12492,7 +12450,7 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=D0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Linux 2.6.0 (x86)
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<34CD71A&>861AC%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -12516,19 +12474,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-# Linux 2.6.0-test5 x86
-Fingerprint Linux 2.6.0-test5 - 2.6.0 (x86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<29CB5CE&>6ADE5%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=0|80%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
 # Linux 2.6.0-test5 x86
 Fingerprint Linux 2.6.0-test5 x86
 Class Linux | Linux | 2.6.X | general purpose
@@ -12610,7 +12555,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 # Linux 2.6.10 #1 Wed Jan 5 12:36:35 CET 2005 i686 unknown  Debian 3.0r2
 # linux gentoo kernel 2.6.10
 # Linux kernel 2.6.10-custom (x86) from Debian GNU/Linux 3.1
-Fingerprint Linux 2.6.10
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1A5ABDA&>43761%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -12706,7 +12651,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 # Linux 2.6.3-gentoo-r1 #5 Wed Apr 7 13:48:31 EDT 2004 i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
 # Gentoo 1.4.16; Kernel 2.6.7
 # Linux sarge 2.6.8-2-386 #1 Thu May 19 17:40:50 JST 2005 i686 GNU/Linux
-Fingerprint Linux 2.6.3 - 2.6.8
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<16883CC&>1CD61%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -12980,7 +12925,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
 # Linux 2.6.8.1-12mdk #1 i686 Intel(R) Xeon(TM) CPU 2.80GHz unknown GNU/Linux
 # Linux 2.6.8-1-k7 #1 i686 GNU/Linux
-Fingerprint Linux 2.6.8
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<18C0F36&>3F49D%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -13036,7 +12981,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 # Linux 2.6.11-gentoo-r2-ck1
 # Linux 2.6.11-gentoo-r4 #1 i686 P4CPU+2.40GHz GenuineIntel GNU/Linux Gentoo Base System version 1.4.16
 # Linux 2.6.11-gentoo-r9-nymph #1i686 Pentium III (Coppermine) GenuineIntel GNU/Linux
-Fingerprint Linux 2.6.8 - 2.6.11
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<1F96C34&>50AA5%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -13064,7 +13009,7 @@ PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
 
 # Linux 2.6.9 #1 i686
 # Linux kernel 2.6.9 (PIII-80Mhz)
-Fingerprint Linux 2.6.9
+Fingerprint Linux 2.6.0 - 2.6.11
 Class Linux | Linux | 2.6.X | general purpose
 TSeq(Class=RI%gcd=<6%SI=<2AB93AA&>6D5A3%IPID=Z%TS=1000HZ)
 T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
@@ -13103,30 +13048,6 @@ T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
 T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
 PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
 
-Fingerprint Linux kernel 2.6.4 (x86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<6%SI=<16FCF2E&>297DE%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=N)
-T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=20%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=F%ULEN=134%DAT=E)
-
-Fingerprint Linux kernel 2.6.4 (X86)
-Class Linux | Linux | 2.6.X | general purpose
-TSeq(Class=RI%gcd=<A%SI=<1E2EBD0&>198DF%IPID=Z%TS=1000HZ)
-T1(DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T2(Resp=Y%DF=Y%W=0%ACK=S%Flags=AR%Ops=)
-T3(Resp=Y%DF=Y%W=1680%ACK=S++%Flags=AS%Ops=MNNTNW)
-T4(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T5(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-T6(DF=Y%W=0%ACK=O%Flags=R%Ops=)
-T7(DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
-PU(DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
-
 # Linux 2.6.5 (Gentoo)
 # Linux 2.6.8 (Fedora Core 2)
 # Fingerprint Linux kernel 2.6.8-1.521 Fedora 2

nmap.cc

@@ -240,6 +240,7 @@ int nmap_main(int argc, char *argv[]) {
   struct sockaddr_storage ss;
   size_t sslen;
   int option_index;
+  bool iflist = false;
   struct option long_options[] =
     {
       {"version", no_argument, 0, 'V'},
@@ -247,9 +248,11 @@ int nmap_main(int argc, char *argv[]) {
       {"datadir", required_argument, 0, 0},
       {"debug", optional_argument, 0, 'd'},
       {"help", no_argument, 0, 'h'},
+      {"iflist", no_argument, 0, 0},
       {"max_parallelism", required_argument, 0, 'M'},
       {"min_parallelism", required_argument, 0, 0},
       {"timing", required_argument, 0, 'T'},
+      {"timing", no_argument, 0, 0},
       {"max_rtt_timeout", required_argument, 0, 0},
       {"min_rtt_timeout", required_argument, 0, 0},
       {"initial_rtt_timeout", required_argument, 0, 0},
@@ -351,6 +354,8 @@ int nmap_main(int argc, char *argv[]) {
 	if (o.scanflags < 0) {
 	  fatal("--scanflags option must be a number between 0 and 255 (inclusive) or a string like \"URGPSHFIN\".");
 	}
+      } else if (strcmp(long_options[option_index].name, "iflist") == 0 ) {
+	iflist = true;
       } else if (strcmp(long_options[option_index].name, "min_parallelism") == 0 ) {
 	o.min_parallelism = atoi(optarg); 
 	if (o.min_parallelism < 1) fatal("Argument to --min_parallelism must be at least 1!");
@@ -774,7 +779,10 @@ int nmap_main(int argc, char *argv[]) {
     if (o.verbose && tm->tm_mon == 8 && tm->tm_mday == 1) {
       log_write(LOG_STDOUT|LOG_SKID, "Happy %dth Birthday to Nmap, may it live to be %d!\n", tm->tm_year - 97, tm->tm_year + 3 );
     }
-
+    if (iflist) {
+      print_iflist();
+      exit(0);
+    }
   }
 
   if ((o.pingscan || o.listscan) && fastscan) {
@@ -1536,11 +1544,6 @@ struct scan_lists *getpts(char *origexpr) {
 }
 
 void printusage(char *name, int rc) {
-#ifdef WIN32
-#define WIN32_PRINTF "  --win_help Windows-specific features\n"
-#else
-#define WIN32_PRINTF
-#endif
   printf(
 	 "Nmap %s Usage: nmap [Scan Type(s)] [Options] <host or net list>\n"
 	 "Some Common Scan Types ('*' options require root privileges)\n"
@@ -1565,7 +1568,6 @@ void printusage(char *name, int rc) {
 	 "  -iL <inputfile> Get targets from file; Use '-' for stdin\n"
 	 "* -S <your_IP>/-e <devicename> Specify source address or network interface\n"
 	 "  --interactive Go into interactive mode (then press h for help)\n"
-         WIN32_PRINTF
 	 "Example: nmap -v -sS -O www.my.com 192.168.0.0/16 '192.88-90.*.*'\n"
 	 "SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES \n", NMAP_VERSION);
   exit(rc);
@@ -1699,7 +1701,9 @@ char *tsseqclass2ascii(int seqclass) {
  * 2001 (www.junk.org is an example of a new address in this range).
  *
  * Check <http://www.iana.org/assignments/ipv4-address-space> for
- * the most recent assigments.
+ * the most recent assigments and
+ * <http://www.cymru.com/Documents/bogon-bn-nonagg.txt> for bogon
+ * netblocks.
  */
 
 int ip_is_reserved(struct in_addr *ip)
@@ -1707,24 +1711,6 @@ int ip_is_reserved(struct in_addr *ip)
   char *ipc = (char *) &(ip->s_addr);
   unsigned char i1 = ipc[0], i2 = ipc[1], i3 = ipc[2], i4 = ipc[3];
 
-  /* 224-239/8 is all multicast stuff */
-  /* 240-255/8 is IANA reserved */
-  if (i1 >= 224)
-    return 1;
-
-  /* 096-123/8 is IANA reserved */
-  /* 127/8 is reserved for loopback */
-  if (i1 >= 96 && i1 <= 123)
-    return 1;
-
-  /* 073-079/8 is IANA reserved */
-  if (i1 >= 73 && i1 <= 79)
-    return 1;
-
-  /* 089-095/8 is IANA reserved */
-  if (i1 >= 83 && i1 <= 95)
-    return 1;
-
   /* do all the /7's and /8's with a big switch statement, hopefully the
    * compiler will be able to optimize this a little better using a jump table
    * or what have you
@@ -1744,27 +1730,50 @@ int ip_is_reserved(struct in_addr *ip)
     case 36:        /* 036/8 is IANA reserved       */
     case 37:        /* 037/8 is IANA reserved       */
     case 39:        /* 039/8 is IANA reserved       */
-    case 41:        /* 041/8 is IANA reserved       */
     case 42:        /* 042/8 is IANA reserved       */
+    case 49:        /* 049/8 is IANA reserved       */
+    case 50:        /* 050/8 is IANA reserved       */
     case 55:        /* misc. U.S.A. Armed forces    */
-    case 127:       /* localhost */
-    case 197:
+    case 127:       /* 127/8 is reserved for loopback */
+    case 197:       /* 197/8 is IANA reserved       */
+    case 223:       /* 223/8 is IANA reserved       */
       return 1;
     default:
       break;
     }
 
+
+  /* 077-079/8 is IANA reserved */
+  if (i1 >= 77 && i1 <= 79)
+    return 1;
+
+  /* 092-123/8 is IANA reserved */
+  if (i1 >= 92 && i1 <= 123)
+    return 1;
+
   /* 172.16.0.0/12 is reserved for private nets by RFC1819 */
   if (i1 == 172 && i2 >= 16 && i2 <= 31)
     return 1;
 
+  /* 173-187/8 is IANA reserved */
+  if (i1 >= 173 && i1 <= 187)
+    return 1;
+
   /* 192.168.0.0/16 is reserved for private nets by RFC1819 */
   /* 192.0.2.0/24 is reserved for documentation and examples */
+  /* 192.88.99.0/24 is used as 6to4 Relay anycast prefix by RFC3068 */
   if (i1 == 192) {
     if (i2 == 168)
       return 1;
-    else if (i2 == 0 && i3 == 2)
+    if (i2 == 0 && i3 == 2)
       return 1;
+    if (i2 == 88 && i3 == 99)
+      return 1;
+  }
+
+  /* 198.18.0.0/15 is used for benchmark tests by RFC2544 */
+  if (i1 == 198 && i2 == 18 && i3 >= 1 && i3 <= 64) {
+    return 1;
   }
 
   /* reserved for DHCP clients seeking addresses, not routable outside LAN */
@@ -1776,6 +1785,11 @@ int ip_is_reserved(struct in_addr *ip)
   if (i1 == 204 && i2 == 152 && (i3 == 64 || i3 == 65))
     return 1;
 
+  /* 224-239/8 is all multicast stuff */
+  /* 240-255/8 is IANA reserved */
+  if (i1 >= 224)
+    return 1;
+
   /* 255.255.255.255, note we already tested for i1 in this range */
   if (i2 == 255 && i3 == 255 && i4 == 255)
     return 1;

nmap_error.h

@@ -126,6 +126,10 @@
 #include <unistd.h>
 #endif
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 void fatal(const char *fmt, ...)
      __attribute__ ((format (printf, 1, 2)));
 void error(const char *fmt, ...)
@@ -134,5 +138,10 @@ void pfatal(const char *err, ...)
      __attribute__ ((format (printf, 1, 2)));
 void gh_perror(const char *err, ...)
      __attribute__ ((format (printf, 1, 2)));
+
+#ifdef __cplusplus
+}
+#endif
+
 #endif /* NMAP_ERROR_H */
 

output.cc

@@ -199,6 +199,79 @@ static int getServiceXMLBuf(struct serviceDeductions *sd, char *xmlbuf,
   return 0;
 }
 
+/* Print a detailed list of Nmap interfaces and routes to
+   normal/skiddy/stdout output */
+int print_iflist(void) {
+  int numifs = 0, numroutes = 0;
+  struct interface_info *iflist;
+  struct sys_route *routes;
+  NmapOutputTable *Tbl = NULL;
+  iflist = getinterfaces(&numifs);
+  int i;
+  /* First let's handle interfaces ... */
+  if (numifs == 0) {
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "INTERFACES: NONE FOUND(!)\n");
+  } else {
+    int devcol=0, shortdevcol=1, ipcol=2, typecol = 3, upcol = 4, maccol = 5;
+    Tbl = new NmapOutputTable( numifs+1, 6 );
+    Tbl->addItem(0, devcol, false, "DEV", 3);
+    Tbl->addItem(0, shortdevcol, false, "(SHORT)", 7);
+    Tbl->addItem(0, ipcol, false, "IP/MASK", 7);
+    Tbl->addItem(0, typecol, false, "TYPE", 4);
+    Tbl->addItem(0, upcol, false, "UP", 2);
+    Tbl->addItem(0, maccol, false, "MAC", 3);
+    for(i=0; i < numifs; i++) {
+      Tbl->addItem(i+1, devcol, false, iflist[i].devfullname);
+      Tbl->addItemFormatted(i+1, shortdevcol, "(%s)", iflist[i].devname);
+      Tbl->addItemFormatted(i+1, ipcol, "%s/%d", inet_ntop_ez(&(iflist[i].addr), sizeof(iflist[i].addr)), iflist[i].netmask_bits);
+      if (iflist[i].device_type == devt_ethernet) {
+	Tbl->addItem(i+1, typecol, false, "ethernet");
+	Tbl->addItemFormatted(i+1, maccol, "%02X:%02X:%02X:%02X:%02X:%02X",  iflist[i].mac[0], iflist[i].mac[1], iflist[i].mac[2], iflist[i].mac[3], iflist[i].mac[4], iflist[i].mac[5]);	
+      }
+      else if (iflist[i].device_type == devt_loopback)
+	Tbl->addItem(i+1, typecol, false, "loopback");
+      else if (iflist[i].device_type == devt_p2p)
+	Tbl->addItem(i+1, typecol, false, "point2point");
+      else Tbl->addItem(i+1, typecol, false, "other");
+      Tbl->addItem(i+1, upcol, false, (iflist[i].device_up? "up" : "down"));
+    }
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "************************INTERFACES************************\n");
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%s\n", Tbl->printableTable(NULL));
+    log_flush_all();
+    delete Tbl;
+  }
+
+  /* OK -- time to handle routes */
+  routes = getsysroutes(&numroutes);
+  u32 mask_nbo;
+  u16 nbits;
+  struct in_addr ia;
+  if (numroutes == 0) {
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "ROUTES: NONE FOUND(!)\n");
+  } else {
+    int dstcol=0, devcol=1, gwcol=2;
+    Tbl = new NmapOutputTable( numroutes+1, 3 );
+    Tbl->addItem(0, dstcol, false, "DST/MASK", 8);
+    Tbl->addItem(0, devcol, false, "DEV", 3);
+    Tbl->addItem(0, gwcol, false, "GATEWAY", 7);
+    for(i=0; i < numroutes; i++) {
+      mask_nbo = htonl(routes[i].netmask);
+      addr_mtob(&mask_nbo, sizeof(mask_nbo), &nbits);
+      assert(nbits <= 32);
+      ia.s_addr = routes[i].dest;
+      Tbl->addItemFormatted(i+1, dstcol, "%s/%d", inet_ntoa(ia), nbits);
+      Tbl->addItem(i+1, devcol, false, routes[i].device->devfullname);
+      if (routes[i].gw.s_addr != 0)
+	Tbl->addItem(i+1, gwcol, true, inet_ntoa(routes[i].gw));
+    }
+        log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "**************************ROUTES**************************\n");
+	log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%s\n", Tbl->printableTable(NULL));
+	log_flush_all();
+	delete Tbl;
+  }
+  return 0;
+}
+
 /* Fills in namebuf (as long as there is space in buflen) with the
    Name nmap normal output will use to describe the port.  This takes
    into account to confidence level, any SSL tunneling, etc.  Truncates
@@ -208,7 +281,6 @@ static void getNmapServiceName(struct serviceDeductions *sd, int state,
   char *dst = namebuf;
   int lenremaining = buflen;
   int len;
-
   if (buflen < 1) return;
 
   if (sd->service_tunnel == SERVICE_TUNNEL_SSL) {
@@ -1048,18 +1120,20 @@ void printosscanoutput(Target *currenths) {
     printosclassificationoutput(currenths->FPR->getOSClassification(), 
 				o.osscan_guess || !currenths->FPR->fingerprintSuitableForSubmission());
     
-    if (currenths->FPR->overall_results == OSSCAN_SUCCESS && currenths->FPR->num_perfect_matches <= 8) {
+    if (currenths->FPR->overall_results == OSSCAN_SUCCESS && (currenths->FPR->num_perfect_matches <= 8 || o.debugging)) {
       if (currenths->FPR->num_perfect_matches > 0) {
         char *p;
 	log_write(LOG_MACHINE,"\tOS: %s",  currenths->FPR->prints[0]->OS_name);
-	log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" />\n", 
-		  p = xml_convert(currenths->FPR->prints[0]->OS_name));
+	log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" line=\"%d\" />\n", 
+		  p = xml_convert(currenths->FPR->prints[0]->OS_name), 
+		  currenths->FPR->prints[0]->line);
         free(p);
 	i = 1;
 	while(currenths->FPR->accuracy[i] == 1 ) {
 	  log_write(LOG_MACHINE,"|%s", currenths->FPR->prints[i]->OS_name);
-	  log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" />\n", 
-		    p = xml_convert(currenths->FPR->prints[i]->OS_name));
+	  log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"100\" line=\"%d\" />\n", 
+		    p = xml_convert(currenths->FPR->prints[i]->OS_name),
+		    currenths->FPR->prints[i]->line);
           free(p);
 	  i++;
 	}
@@ -1090,9 +1164,10 @@ void printosscanoutput(Target *currenths) {
 		currenths->FPR->accuracy[0] - 0.10; i++) {
             char *p;
 	    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,", %s (%d%%)", currenths->FPR->prints[i]->OS_name, (int) (currenths->FPR->accuracy[i] * 100));
-	    log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"%d\" />\n", 
+	    log_write(LOG_XML, "<osmatch name=\"%s\" accuracy=\"%d\" line=\"%d\"/>\n", 
 		      p = xml_convert(currenths->FPR->prints[i]->OS_name),  
-		      (int) (currenths->FPR->accuracy[i] * 100));
+		      (int) (currenths->FPR->accuracy[i] * 100), 
+		      currenths->FPR->prints[i]->line);
             free(p);
 	  }
 	  log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "\n");
@@ -1117,7 +1192,7 @@ void printosscanoutput(Target *currenths) {
       } else {
 	log_write(LOG_NORMAL|LOG_SKID_NOXLT|LOG_STDOUT,"No OS matches for host (test conditions non-ideal).\nTCP/IP fingerprint:\n%s\n", mergeFPs(currenths->FPR->FPs, currenths->FPR->numFPs, currenths->FPR->osscan_opentcpport, currenths->FPR->osscan_closedtcpport, currenths->MACAddress()));
       }
-    } else if (currenths->FPR->overall_results == OSSCAN_TOOMANYMATCHES || currenths->FPR->num_perfect_matches > 8)
+    } else if (currenths->FPR->overall_results == OSSCAN_TOOMANYMATCHES || (currenths->FPR->num_perfect_matches > 8 && !o.debugging))
       {
 	log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT,"Too many fingerprints match this host to give specific OS details\n");
 	if (o.debugging || o.verbose) {
@@ -1215,6 +1290,7 @@ void printserviceinfooutput(Target *currenths) {
   char hostname_tbl[MAX_SERVICE_INFO_FIELDS][MAXHOSTNAMELEN];
   char ostype_tbl[MAX_SERVICE_INFO_FIELDS][64];
   char devicetype_tbl[MAX_SERVICE_INFO_FIELDS][64];
+  char *delim;
 
   for (i=0; i<MAX_SERVICE_INFO_FIELDS; i++)
     hostname_tbl[i][0] = ostype_tbl[i][0] = devicetype_tbl[i][0] = '\0';
@@ -1271,25 +1347,29 @@ void printserviceinfooutput(Target *currenths) {
 
   log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "Service Info:");
 
+  delim = " ";
   if (numhostnames) {
-    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, " Host%s: %s", numhostnames==1? "" : "s", &hostname_tbl[0][0]);
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%sHost%s: %s", delim, numhostnames==1? "" : "s", &hostname_tbl[0][0]);
     for (i=1; i<MAX_SERVICE_INFO_FIELDS; i++)
       if (hostname_tbl[i][0])
         log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, ", %s", &hostname_tbl[i][0]);
+    delim="; ";
   }
 
   if (numostypes) {
-    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "  OS%s: %s", numostypes==1? "" : "s", &ostype_tbl[0][0]);
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%sOS%s: %s", delim, numostypes==1? "" : "s", &ostype_tbl[0][0]);
     for (i=1; i<MAX_SERVICE_INFO_FIELDS; i++)
       if (ostype_tbl[i][0])
         log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, ", %s", &ostype_tbl[i][0]);
+    delim="; ";
   }
 
   if (numdevicetypes) {
-    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "  Device%s: %s", numdevicetypes==1? "" : "s", &devicetype_tbl[0][0]);
+    log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "%sDevice%s: %s", delim, numdevicetypes==1? "" : "s", &devicetype_tbl[0][0]);
     for (i=1; i<MAX_SERVICE_INFO_FIELDS; i++)
       if (devicetype_tbl[i][0])
         log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, ", %s", &devicetype_tbl[i][0]);
+    delim="; ";
   }
 
   log_write(LOG_NORMAL|LOG_SKID|LOG_STDOUT, "\n");

output.h

@@ -195,6 +195,10 @@ void printosscanoutput(Target *currenths);
    service scan (if it was performed) */
 void printserviceinfooutput(Target *currenths);
 
+/* Print a detailed list of Nmap interfaces and routes to
+   normal/skiddy/stdout output */
+int print_iflist(void);
+
 /* Prints the statistics and other information that goes at the very end
    of an Nmap run */
 void printfinaloutput(int numhosts_scanned, int numhosts_up, 

scan_engine.cc

@@ -2953,9 +2953,6 @@ static void begin_sniffer(UltraScanInfo *USI, vector<Target *> &Targets) {
 	fatal("ran out of space in dst_hosts");
       filterlen += len;
     }
-    len = snprintf(dst_hosts + filterlen, sizeof(dst_hosts) - filterlen, ")))");
-    if (len < 0 || len + filterlen >= (int) sizeof(dst_hosts))
-      fatal("ran out of space in dst_hosts");
   }
   filterlen = 0;
 
@@ -2964,7 +2961,7 @@ static void begin_sniffer(UltraScanInfo *USI, vector<Target *> &Targets) {
   if (USI->tcp_scan || USI->udp_scan) {
     if (doIndividual)
       len = snprintf(pcap_filter, sizeof(pcap_filter), 
-		     "dst host %s and (icmp or (%s and (%s", 
+		     "dst host %s and (icmp or (%s and (%s)))", 
 		     inet_ntoa(Targets[0]->v4source()), 
 		     (USI->tcp_scan)? "tcp" : "udp", dst_hosts);
     else len = snprintf(pcap_filter, sizeof(pcap_filter), 
@@ -2977,7 +2974,7 @@ static void begin_sniffer(UltraScanInfo *USI, vector<Target *> &Targets) {
   } else if (USI->prot_scan) {
     if (doIndividual)
       len = snprintf(pcap_filter, sizeof(pcap_filter), 
-		     "dst host %s and (icmp or (%s", 
+		     "dst host %s and (icmp or (%s))", 
 		     inet_ntoa(Targets[0]->v4source()), dst_hosts);
     else	
       len = snprintf(pcap_filter, sizeof(pcap_filter), "dst host %s",

service_scan.cc

@@ -2012,6 +2012,7 @@ void servicescan_read_handler(nsock_pool nsp, nsock_event nse, void *mydata) {
     case ECONNRESET:
     case ECONNREFUSED: // weird to get this on a connected socket (shrug) but 
                        // BSD sometimes gives it
+    case ECONNABORTED:
       // Jerk hung up on us.  Probably didn't like our probe.  We treat it as with EOF above.
       if (probe->isNullProbe()) {
 	// TODO:  Perhaps should do further verification before making this assumption

tcpip.cc

@@ -1689,7 +1689,7 @@ bool NmapArpCache(int command, struct sockaddr_storage *ss, u8 *mac) {
    in 6 bytes), senderIP, and rcvdtime (can be NULL if you don't care)
    and returns 1.  If it times out and reads no arp requests, returns
    0.  to_usec is the timeout period in microseconds.  Use 0 to avoid
-   blocking to the extent possible, and -1 to block forever.  Returns
+   blocking to the extent possible.  Returns
    -1 or exits if ther is an error. */
 int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
 		       long to_usec, struct timeval *rcvdtime) {
@@ -1706,7 +1706,7 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
   if (to_usec < 0) {
     if (!warning) {
       warning = 1;
-      error("WARNING: Negative timeout value (%lu) passed to readip_pcap() -- using 0", to_usec);
+      error("WARNING: Negative timeout value (%lu) passed to %s() -- using 0", to_usec, __FUNCTION__);
     }
     to_usec = 0;
   }
@@ -1724,15 +1724,18 @@ int read_arp_reply_pcap(pcap_t *pd, u8 *sendermac, struct in_addr *senderIP,
 
   do {
 #ifdef WIN32
-    gettimeofday(&tv_end, NULL);
-    long to_left = MAX(1, (to_usec - TIMEVAL_SUBTRACT(tv_end, tv_start)) / 1000);
-    // Set the timeout (BUGBUG: this is cheating)
-    PacketSetReadTimeout(pd->adapter, to_left);
+    if (to_usec == 0)
+      PacketSetReadTimeout(pd->adapter, 1);
+    else {
+      gettimeofday(&tv_end, NULL);
+      long to_left = MAX(1, (to_usec - TIMEVAL_SUBTRACT(tv_end, tv_start)) / 1000);
+      // Set the timeout (BUGBUG: this is cheating)
+      PacketSetReadTimeout(pd->adapter, to_left);
+    }
 #endif
 
     p = (u8 *) pcap_next(pd, &head);
 
-    
     if (p && head.caplen >= 42) { /* >= because Ethernet padding makes 60 */
       /* frame type 0x0806 (arp), hw type eth (0x0001), prot ip (0x0800),
 	 hw size (0x06), prot size (0x04) */

tcpip.h

@@ -669,9 +669,13 @@ int ipaddr2devname( char *dev, const struct in_addr *addr );
 int devname2ipaddr(char *dev, struct in_addr *addr);
 /* Where the above 2 functions get their info */
 struct interface_info *getinterfaces(int *howmany);
-/* Check whether an IP address appears to be directly connected to an
-   interface on the computer (e.g. on the same ethernet network rather
-   than having to route).  Returns 1 if yes, -1 if maybe, 0 if not. */
+/* Parse the system routing table, converting each route into a
+   sys_route entry.  Returns an array of sys_routes.  numroutes is set
+   to the number of routes in the array.  The routing table is only
+   read the first time this is called -- later results are cached.
+   The returned route array is sorted by netmask with the most
+   specific matches first. */
+struct sys_route *getsysroutes(int *howmany);
 void sethdrinclude(int sd);
 
 /* Fill buf (up to buflen -- truncate if necessary but always

utils.h

@@ -102,15 +102,15 @@
 #ifndef UTILS_H
 #define UTILS_H
 
-#ifdef WIN32
-#include "mswin32\winclude.h"
-#else
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>
 #include <errno.h>
 #include <ctype.h>
+#ifdef WIN32
+#include "mswin32\winclude.h"
+#else
 #include <sys/types.h>
 
 #if HAVE_NETINET_IN_H