3.84ALPHA1 release imminant

2025-12-18 05:29:02 +00:00 · 2005-08-11 05:07:01 +00:00
parent d0369ebb4f
commit b3923483ea
22 changed files with 943 additions and 937 deletions
--- a/25
+++ b/25
@@ -1,10 +1,6 @@
 # Nmap Changelog ($Id$)
-Nmap 3.83DC13
+Nmap 3.84ALPHA1
 o Removed WinIP library (and all Windows raw sockets code) since MS
  has gone and broken raw sockets.  Maybe packet receipt via raw
  sockets will come back at some point.
 o Added the ability for Nmap to send and properly route raw ethernet
  packets cointaining IP datagrams rather than always sending the
@@ -85,11 +81,15 @@ o Added "Exclude" directive to nmap-service-probes grammar which
  probes, etc.  If you really want to scan all ports, specify
  --allports.  This patch came from Doug Hoyte (doug(a)hcsw.org).
-o Added a stripped-down version of Dug Song's excellent libdnet
+o Added a stripped-down and heavily modified version of Dug Song's
-  networking library (v. 1.10).  This helps with the new raw ethernet
+  libdnet networking library (v. 1.10).  This helps with the new raw
-  features.  I made various changes, which are described in
+  ethernet features.  My changes are described in
  libdnet-stripped/NMAP_MODIFICATIONS
 o Removed WinIP library (and all Windows raw sockets code) since MS
  has gone and broken raw sockets.  Maybe packet receipt via raw
  sockets will come back at some point.
 o Chagned the interesting ports array from a 65K-member array of
  pointers into an STL list.  This noticeable reduces memory usage in
  some cases, and should also give a slight runtime performance
@@ -115,6 +115,15 @@ o Added a bunch of RPC numbers from nmap-rpc maintainer Eilon Gishri
 o Added some new RPC services to nmap-rpc thanks to a patch from
  vlad902 (vlad902(a)gmail.com).
 o Fixed a bug where Nmap would quit on Windows whenever it encountered
  a raw scan of localhost (including the local ethernet interface
  address), even when that was just one address out of a whole network
  being scanned.  Now Nmap just warns that it is skipping raw scans when
  it encounters the local IP, but continues on to scan the rest of the
  network.  Raw scans do not currently work against local IP addresses
  because Winpcap doesn't support reading/writing localhost interfaces
  due to limitations of Windows.
 o The OS fingerprint is now provided in XML output if debugging is
  enabled (-d) or verbosity is at least 2 (-v -v).  This patch was
  sent by Okan Demirmen (okan(a)demirmen.com)
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
-export NMAP_VERSION = 3.83.DC17
+export NMAP_VERSION = 3.84ALPHA1
 NMAP_NAME= nmap
 NMAP_URL= http://www.insecure.org/nmap/
 NMAP_PLATFORM=@host@
--- a/NmapOps.cc
+++ b/NmapOps.cc
@@ -101,7 +101,9 @@
 #include "nmap.h"
 #include "nbase.h"
 #include "NmapOps.h"
 #ifdef WIN32
 #include "winfix.h"
 #endif
 NmapOps o;
@@ -268,7 +270,11 @@ bool NmapOps::RawScan() {
 void NmapOps::ValidateOptions() {
-
+#ifdef WIN32
 	const char *privreq = "that WinPcap version 3.1 or higher and iphlpapi.dll be installed. You seem to be missing one or both of these.  Winpcap is available from http://www.winpcap.org.  iphlpapi.dll comes with Win98 and later operating sytems and NT 4.0 with SP4 or greater.  For previous windows versions, you may be able to take iphlpapi.dll from anotyer system and place it in your system32 dir (e.g. c:\\windows\\system32)";
 #else
 	const char *privreq = "root privileges";
 #endif
  if (pingtype == PINGTYPE_UNKNOWN) {
    if (isr00t && af() == AF_INET) pingtype = DEFAULT_PING_TYPES;
    else pingtype = PINGTYPE_TCP; // if nonr00t or IPv6
@@ -353,35 +359,19 @@ void NmapOps::ValidateOptions() {
 #endif
    if (ackscan|finscan|idlescan|ipprotscan|maimonscan|nullscan|synscan|udpscan|windowscan|xmasscan) {
-#ifndef WIN32
+      fatal("You requested a scan type which requires %s.  Sorry dude.\n", privreq);
      fatal("You requested a scan type which requires r00t privileges, and you do not have them.\n");
 #else
      win_barf(0);
 #endif
    }
    if (numdecoys > 0) {
-#ifndef WIN32
+      fatal("Sorry, but decoys (-D) require %s.\n", privreq);
      fatal("Sorry, but you've got to be r00t to use decoys, boy!");
 #else
      win_barf(0);
 #endif
    }
    if (fragscan) {
-#ifndef WIN32
+      fatal("Sorry, but fragscan requires %s\n", privreq);
      fatal("Sorry, but fragscan requires r00t privileges\n");
 #else
      win_barf(0);
 #endif
    }
    if (osscan) {
-#ifndef WIN32
+      fatal("TCP/IP fingerprinting (for OS scan) requires %s.  Sorry, dude.\n", privreq);
      fatal("TCP/IP fingerprinting (for OS scan) requires root privileges which you do not appear to possess.  Sorry, dude.\n");
 #else
      win_barf(0);
 #endif
    }
  }
--- a/configure.ac
+++ b/configure.ac
@@ -761,4 +761,4 @@ AC_OUTPUT(Makefile)
 if test -f docs/leet-nmap-ascii-art.txt; then
 	cat docs/leet-nmap-ascii-art.txt
 fi
-echo "Configuration complete.  Type make to compile."
+echo "Configuration complete.  Type make (or gmake on some *BSD machines) to compile."
--- a/docs/nmap.usage.txt
+++ b/docs/nmap.usage.txt
@@ -1,4 +1,4 @@
-Nmap 3.83.DC16 Usage: nmap [Scan Type(s)] [Options] <host or net list>
+Nmap 3.84ALPHA1 Usage: nmap [Scan Type(s)] [Options] <host or net list>
 Some Common Scan Types ('*' options require root privileges)
 * -sS TCP SYN stealth port scan (default if privileged (root))
  -sT TCP connect() port scan (default for unprivileged users)
--- a/idle_scan.cc
+++ b/idle_scan.cc
@@ -962,6 +962,11 @@ void idle_scan(Target *target, u16 *portarray, int numports,
  if (target->timedOut(NULL))
    return;
  if (target->ifType() == devt_loopback) {
    log_write(LOG_STDOUT, "Skipping Idle Scan against %s -- you can't idle scan your own machine (localhost).\n", target->NameIP());
    return;
  }
  target->startTimeOutClock(NULL);
  /* If this is the first call,  */
--- a/libdnet-stripped/NMAP_MODIFICATIONS
+++ b/libdnet-stripped/NMAP_MODIFICATIONS
@@ -31,9 +31,15 @@ o A number of portability changes to remove errors/warnings during
 o Added libdnet-stripped.vcproj -- A Visual Studio.Net project file
  for dnet.
-o Changed eth_open() in eth-win32.c to more frequently consider the
+o Rewrote eth_open() for Win32 as its technique for translating from
-results of PacketGetAdapterNames() to be in single-char format rather
+  a dnet-named interface to a pcap-named one did not work on any of my
-than 2-byte wide characters.
+  systems.
 o Added intf_get_pcap_devname() function for Win32.  This tries to
  convert a dnet if name into its pcap equivalent.  It is a hack, but
  arguably better than the hacks that were there before.  The main
  down side is that it won't work with interfaces that don't have an
  IPv4 address configured.
 o Made some code changes to intf.c (the patch below).  This does the following:
--- a/libdnet-stripped/libdnet-stripped.vcproj
+++ b/libdnet-stripped/libdnet-stripped.vcproj
@@ -60,7 +60,7 @@
 			CharacterSet="2">
 			<Tool
 				Name="VCCLCompilerTool"
-				AdditionalIncludeDirectories="include"
+				AdditionalIncludeDirectories="include;&quot;..\mswin32\pcap-include&quot;"
 				PreprocessorDefinitions="WIN32;NDEBUG;_LIB"
 				RuntimeLibrary="4"
 				UsePrecompiledHeader="0"
--- a/mswin32/nmap.vcproj
+++ b/mswin32/nmap.vcproj
@@ -103,7 +103,7 @@
 				Name="VCCustomBuildTool"/>
 			<Tool
 				Name="VCLinkerTool"
-				AdditionalDependencies="ws2_32.lib IPHlpAPI.Lib wpcap.lib packet.lib nsock.lib libpcre.lib nbase.lib libdnet-stripped.lib $(NOINHERIT)"
+				AdditionalDependencies="nsock.lib libpcre.lib nbase.lib libdnet-stripped.lib ws2_32.lib IPHlpAPI.Lib wpcap.lib packet.lib $(NOINHERIT)"
 				OutputFile=".\Release/nmap.exe"
 				LinkIncremental="1"
 				SuppressStartupBanner="TRUE"
--- a/mswin32/winclude.h
+++ b/mswin32/winclude.h
@@ -74,24 +74,6 @@
 #include <netinet/tcp.h>  
 #include <netinet/udp.h>  
 //#include <packet_types.h>
 #include "winip\winip.h"
 /* This is kind of ugly ... and worse is that windows includes suply an errno that doesn't work as in UNIX, so if a file
 	forgets to include this, it may use errno and get bogus results on Windows [shrug].  A better appraoch is probably
 	the nsock_errno() I use in nsock. */
 // #undef errno
 // #define errno WSAGetLastError()
 /* Disables VC++ warning:
  "integral size mismatch in argument; conversion supplied".  Perhaps
  I should try to fix this with casts at some point */
 // #pragma warning(disable: 4761)
 /* #define signal(x,y) ((void)0)	// ignore for now
                                // later release may set console handlers
 */
 /* non-functioning stub function */
 int fork();
--- a/mswin32/winfix.cc
+++ b/mswin32/winfix.cc
@@ -132,17 +132,6 @@ int pcap_avail = 0;
 static void win_cleanup(void);
 static char pcaplist[4096];
 void win_barf(const char *msg)
 {
  if(msg) printf("%s\n\n", msg);
  printf("\nYour system doesn't have iphlpapi.dll\n\nIf you have Win95, "
  "maybe you could grab it from a Win98 system\n"
  "If you have NT4, you need service pack 4 or higher\n"
  "If you have NT3.51, try grabbing it from an NT4 system\n"
  "Otherwise, your system has problems ;-)\n");
  exit(0);
 }
 void win_init()
 {
 	//   variables
--- a/nmap.cc
+++ b/nmap.cc
@@ -107,7 +107,9 @@
 #include "timing.h"
 #include "NmapOps.h"
 #include "MACLookup.h"
 #ifdef WIN32
 #include "winfix.h"
 #endif
 using namespace std;
@@ -791,6 +793,12 @@ int nmap_main(int argc, char *argv[]) {
    fatal("You cannot use -F (fast scan) or -p (explicit port selection) with PING scan or LIST scan");
  }
 #ifdef WIN32
  if (o.sendpref & PACKET_SEND_IP) {
 	  error("WARNING: raw IP (rather than raw ethernet) packet sending attempted on Windows. This probably won't work.  Consider --send_eth next time.\n");
  }
 #endif
  if (spoofmac) {
    u8 mac_data[6];
    int pos = 0; /* Next index of mac_data to fill in */
--- a/nmap_winconfig.h
+++ b/nmap_winconfig.h
@@ -104,7 +104,7 @@
 #ifndef NMAP_WINCONFIG_H
 #define NMAP_WINCONFIG_H
-#define NMAP_VERSION "3.83.DC16"
+#define NMAP_VERSION "3.84ALPHA1"
 #define NMAP_NAME "nmap"
 #define NMAP_URL "http://www.insecure.org/nmap"
 #define NMAP_PLATFORM "i686-pc-windows-windows"
--- a/osscan.cc
+++ b/osscan.cc
@@ -159,7 +159,7 @@ int seq_response_num; /* response # for sequencing */
 double avg_ts_hz = 0.0; /* Avg. amount that timestamps incr. each second */
 struct link_header linkhdr;
 struct eth_nfo eth;
- struct eth_nfo *ethptr; // for passing to send_ functions 
+struct eth_nfo *ethptr; // for passing to send_ functions 
 if (target->timedOut(NULL))
  return NULL;
@@ -302,7 +302,7 @@ if (o.verbose && openport != (unsigned long) -1)
   /* Test 8 */
   if (!FPtests[8]) {
     if (o.scan_delay) enforce_scan_delay(NULL);
-     upi = send_closedudp_probe(rawsd, target->v4hostip(), o.magic_port, closedport);
+     upi = send_closedudp_probe(rawsd, ethptr, target->v4hostip(), o.magic_port, closedport);
   }
   gettimeofday(&t1, NULL);
   timeout = 0;
@@ -1170,6 +1170,13 @@ int bestaccidx;
 if (target->timedOut(NULL))
   return 1;
 #ifdef WIN32
  if (target->ifType() == devt_loopback) {
    log_write(LOG_STDOUT, "Skipping OS Scan against %s because it doesn't work against your own machine (localhsot)\n", target->NameIP());
    return 1;
  }
 #endif
 if (o.debugging > 2) {
   starttimems = o.TimeSinceStartMS();
   log_write(LOG_STDOUT|LOG_NORMAL|LOG_SKID, "Initiating OS Detection against %s at %.3fs\n", target->targetipstr(), starttimems / 1000.0);
@@ -1699,7 +1706,8 @@ return AVs;
 }
-struct udpprobeinfo *send_closedudp_probe(int sd, const struct in_addr *victim,
+struct udpprobeinfo *send_closedudp_probe(int sd, struct eth_nfo *eth,
 					  const struct in_addr *victim,
 					  u16 sport, u16 dport) {
 static struct udpprobeinfo upi;
@@ -1729,18 +1737,14 @@ memset(data, patternbyte, datalen);
 while(!id) id = get_random_uint();
 /* check that required fields are there and not too silly */
-if ( !victim || !sport || !dport || sd < 0) {
+if ( !victim || !sport || !dport || (!eth && sd < 0)) {
  fprintf(stderr, "send_closedudp_probe: One or more of your parameters suck!\n");
  return NULL;
 }
 if (!myttl)  myttl = (time(NULL) % 14) + 51;
 /* It was a tough decision whether to do this here for every packet
   or let the calling function deal with it.  In the end I grudgingly decided
   to do it here and potentially waste a couple microseconds... */
 sethdrinclude(sd); 
- for(decoy=0; decoy < o.numdecoys; decoy++) {
+for(decoy=0; decoy < o.numdecoys; decoy++) {
  source = &o.decoys[decoy];
  memset((char *) packet, 0, sizeof(struct ip) + sizeof(udphdr_bsd));
@@ -1756,12 +1760,12 @@ sethdrinclude(sd);
  pseudo->length = htons(sizeof(udphdr_bsd) + datalen);
  /* OK, now we should be able to compute a valid checksum */
-realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ +
+  realcheck = in_cksum((unsigned short *)pseudo, 20 /* pseudo + UDP headers */ +
 		       datalen);
 #if STUPID_SOLARIS_CHECKSUM_BUG
  udp->uh_sum = sizeof(udphdr_bsd) + datalen;
 #else
-udp->uh_sum = realcheck;
+  udp->uh_sum = realcheck;
 #endif
  /* Goodbye, pseudo header! */
@@ -1799,12 +1803,12 @@ udp->uh_sum = realcheck;
    readudppacket(packet,1);
  }
-   if ((res = send_ip_packet(sd, NULL, packet, ntohs(ip->ip_len))) == -1)
+  if ((res = send_ip_packet(sd, eth, packet, ntohs(ip->ip_len))) == -1)
    {
      perror("send_ip_packet in send_closedupd_probe");
      return NULL;
    }
- }
+}
 return &upi;
--- a/osscan.h
+++ b/osscan.h
@@ -123,10 +123,9 @@ int os_scan(Target *target);
 FingerPrint *get_fingerprint(Target *target, struct seq_info *si);
 struct AVal *fingerprint_iptcppacket(struct ip *ip, int mss, unsigned int syn);
 struct AVal *fingerprint_portunreach(struct ip *ip, struct udpprobeinfo *upi);
-struct udpprobeinfo *send_closedudp_probe(int rawsd, 
+struct udpprobeinfo *send_closedudp_probe(int sd, struct eth_nfo *eth,
-					  const struct in_addr *dest,
+					  const struct in_addr *victim,
 					  u16 sport, u16 dport);
 unsigned int get_gcd_n_ulong(int numvalues, unsigned int *values);
 unsigned int euclid_gcd(unsigned int a, unsigned int b);
 char *fp2ascii(FingerPrint *FP);
--- a/portlist.cc
+++ b/portlist.cc
@@ -609,56 +609,61 @@ Port *PortList::nextPort(Port *afterthisport,
 			 bool allow_portzero) {
  /* These two are chosen because they come right "before" port 1/tcp */
-  unsigned int current_proto = IPPROTO_TCP;
+  map<u16,Port*>::iterator iter;
  map<u16,Port*>::iterator iter = tcp_ports.begin();
-if (afterthisport) {
+  if (afterthisport) {
-  current_proto = afterthisport->proto;
+    if (afterthisport->proto == IPPROTO_TCP) {
-  
+      iter = tcp_ports.find(afterthisport->portno);
-  // This will advacne to one after the current
+      assert(iter != tcp_ports.end());
  while (iter != tcp_ports.end() && iter->second->portno <= afterthisport->portno) {
      iter++;
-  }
+      while(iter != tcp_ports.end()) {
-} 
+	if (!allowed_state || iter->second->state == allowed_state)
 /* if (afterthisport) 
   printf("Next Port After %d, %d\n", afterthisport->portno, iter->second->portno); fflush(0);
 */
 if (!allow_portzero && iter->second && iter->second->portno == 0) iter++;
 /* First we look for TCP ports ... */
 if (current_proto == IPPROTO_TCP) {
  if ((allowed_protocol == 0 || allowed_protocol == IPPROTO_TCP) && 
      current_proto == IPPROTO_TCP)
    while (iter != tcp_ports.end()) {
      if (!allowed_state || iter->second->state == allowed_state) {
 	//printf("Returning %d\n", iter->second->portno);
 	  return iter->second;
      }
 	iter++;
      }
      /* No more TCP ports ... */
      if (allowed_protocol != 0)
 	return NULL;
  /*  Uh-oh.  We have tried all tcp ports, lets move to udp */
  current_proto = IPPROTO_UDP;
      iter = udp_ports.begin();
-}
+    } else {
-
+      assert(afterthisport->proto == IPPROTO_UDP);
-if ((allowed_protocol == 0 || allowed_protocol == IPPROTO_UDP) && 
+      iter = udp_ports.find(afterthisport->portno);
-    current_proto == IPPROTO_UDP) {
+      assert(iter != udp_ports.end());
  while (iter != udp_ports.end()) {
    if (!allowed_state || iter->second->state == allowed_state) {
      //printf("Returning %d\n", iter->second->portno);
      return iter->second;
    }
      iter++;
    }
    while(iter != udp_ports.end()) {
      if (!allowed_state || iter->second->state == allowed_state)
 	return iter->second;
      iter++;
    }
    return NULL;
  } 
  // First-time call - try TCP ports first
  if (allowed_protocol == 0 || allowed_protocol == IPPROTO_TCP) {
    iter = tcp_ports.begin();
    while (iter != tcp_ports.end()) {
      if (!allowed_state || iter->second->state == allowed_state)
 	return iter->second;
      iter++;
    }
  }
  // Maybe we'll have better luck with UDP
  if (allowed_protocol == 0 || allowed_protocol == IPPROTO_UDP) {
    iter = udp_ports.begin();
    while (iter != udp_ports.end()) {
      if (!allowed_state || iter->second->state == allowed_state)
 	return iter->second;
      iter++;
    }
  }
  // Nuthing found
  return NULL;
 }
 /*  No more ports */
 return NULL;
 }
 // Move some popular TCP ports to the beginning of the portlist, because
 // that can speed up certain scans.  You should have already done any port
--- a/scan_engine.cc
+++ b/scan_engine.cc
@@ -690,7 +690,7 @@ bool GroupScanStats::sendOK() {
     don't give us a proper pcap time.  Also for connect scans, since
     we don't get an exact response time with them either. */
  if (USI->scantype == CONNECT_SCAN || !pcap_recv_timeval_valid()) {
-    int to_ms = (int) MAX(to.srtt * .75 / 1000, 20);
+    int to_ms = (int) MAX(to.srtt * .75 / 1000, 50);
    if (TIMEVAL_MSEC_SUBTRACT(USI->now, last_wait) > to_ms)
      return false;
  }
@@ -2276,6 +2276,7 @@ static bool do_one_select_round(UltraScanInfo *USI, struct timeval *stime) {
  recvfrom6_t optlen = sizeof(int);
  char buf[128];
  int numGoodSD = 0;
  int err = 0;
 #ifdef LINUX
  int res;
  struct sockaddr_storage sin,sout;
@@ -2294,15 +2295,17 @@ static bool do_one_select_round(UltraScanInfo *USI, struct timeval *stime) {
    timeout.tv_sec = timeleft / 1000;
    timeout.tv_usec = (timeleft % 1000) * 1000;
-    if (CSI->numSDs)
+	if (CSI->numSDs) {
      selectres = select(CSI->maxValidSD + 1, &fds_rtmp, &fds_wtmp, 
 			 &fds_xtmp, &timeout);
 	  err = socket_errno();
 	}
    else {
      /* Apparently Windows returns an WSAEINVAL if you select without watching any SDs.  Lame.  We'll usleep instead in that case */
      usleep(timeleft * 1000);
      selectres = 0;
    }
-  } while (selectres == -1 && socket_errno() == EINTR);
+  } while (selectres == -1 && err == EINTR);
  gettimeofday(&USI->now, NULL);
@@ -3139,10 +3142,18 @@ void ultra_scan(vector<Target *> &Targets, struct scan_lists *ports,
 		stype scantype) {
  UltraScanInfo *USI = NULL;
  time_t starttime;
  if (Targets.size() == 0) {
    return;
  }
 #ifdef WIN32
  if (scantype != CONNECT_SCAN && Targets[0]->ifType() == devt_loopback) {
    log_write(LOG_STDOUT, "Skipping %s against %s because Windows does not support scanning your own machine (localhost) this way.\n", scantype2str(scantype), Targets[0]->NameIP());
    return;
  }
 #endif
  startTimeOutClocks(Targets);
  USI = new UltraScanInfo(Targets, ports, scantype);
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -79,7 +79,7 @@ distro:
 	$(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/mswin32
 	cd ../mswin32; cp -ra *.[hHcC] *.cc ARPA NET NETINET RPC icon1.ico \
                    ifaddrlist.h lib libpcap-note.txt nmap.rc \
-                    nmap_performance.reg nmap.sln nmap.vcproj winip pcap-include \
+                    nmap_performance.reg nmap.sln nmap.vcproj pcap-include \
                    /usr/tmp/nmap-$(NMAP_VERSION)/mswin32
 	$(SHTOOL) mkdir /usr/tmp/nmap-$(NMAP_VERSION)/$(LIBPCAPDIR)
--- a/targets.cc
+++ b/targets.cc
@@ -423,7 +423,7 @@ if (hs->randomize) {
 /* TODO: Maybe I should allow real ping scan of directly connected
    ethernet hosts? */
 /* Then we do the mass ping (if required - IP-level pings) */
- if (*pingtype == PINGTYPE_NONE) {
+ if (*pingtype == PINGTYPE_NONE || hs->hostbatch[0]->ifType() == devt_loopback) {
   for(i=0; i < hs->current_batch_sz; i++)  {
     initialize_timeout_info(&hs->hostbatch[i]->to);
     hs->hostbatch[i]->flags |= HOST_UP; /*hostbatch[i].up = 1;*/
@@ -1073,7 +1073,7 @@ while(pt->block_unaccounted) {
 	        case ECONNREFUSED:
 	        case EAGAIN:
 #ifdef WIN32
-//		  case WSAENOTCONN:	//	needed?  this fails around here on my system
+			case WSAENOTCONN:
 #endif
 		  if (sock_err == EAGAIN && o.verbose) {
 		    log_write(LOG_STDOUT, "Machine %s MIGHT actually be listening on probe port %d\n", hostbatch[hostindex]->targetipstr(), o.ping_synprobes[p]);
--- a/tcpip.cc
+++ b/tcpip.cc
@@ -138,8 +138,6 @@ extern void CloseLibs(void);
 #endif
 #ifdef WIN32
 #include "mswin32/winip/winip.h"
 #include "pcap-int.h"
 void nmapwin_init();