PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-23 16:09:02 +00:00
Code Issues Projects Releases Wiki Activity

Move the IP ID test after the tests for source ports, etc., because

Browse Source 
every false attempt degrades the IP ID filter. We only want to to call
it when we're pretty sure we have a match.
This commit is contained in:
david
2009-11-04 21:33:53 +00:00
parent d00a574ae0
commit af8f151972
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
scan_engine.cc
View File

@@ -4248,10 +4248,6 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
hss->target->v4hostip()->s_addr != ip2->ip_dst.s_addr) hss->target->v4hostip()->s_addr != ip2->ip_dst.s_addr)
continue; continue;
/* Checking IPID is a little more complex because you can't always count on it */
if (!allow_ipid_match(probe->ipid(), ntohs(ip2->ip_id)))
continue;
if (ip2->ip_p == IPPROTO_TCP && !USI->prot_scan) { if (ip2->ip_p == IPPROTO_TCP && !USI->prot_scan) {
struct tcp_hdr *tcp = (struct tcp_hdr *) ((u8 *) ip2 + ip2->ip_hl * 4); struct tcp_hdr *tcp = (struct tcp_hdr *) ((u8 *) ip2 + ip2->ip_hl * 4);
if (ntohs(tcp->th_sport) != probe->sport() || if (ntohs(tcp->th_sport) != probe->sport() ||
@@ -4273,6 +4269,10 @@ static bool get_pcap_result(UltraScanInfo *USI, struct timeval *stime) {
assert(0); assert(0);
} }
/* Checking IPID is a little more complex because you can't always count on it */
if (!allow_ipid_match(probe->ipid(), ntohs(ip2->ip_id)))
continue;
if (icmp->icmp_type == 3) { if (icmp->icmp_type == 3) {
switch(icmp->icmp_code) { switch(icmp->icmp_code) {
case 0: /* Network unreachable */ case 0: /* Network unreachable */