PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-18 13:39:02 +00:00
Code Issues Projects Releases Wiki Activity

about to work on a bug that kx reported

Browse Source
This commit is contained in:
fyodor
2005-12-28 08:58:56 +00:00
parent 1c4d766a09
commit d8ce1cfe41
10 changed files with 64 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG
View File

@@ -1,5 +1,14 @@
# Nmap Changelog ($Id$) # Nmap Changelog ($Id$)
o Added --max_retries option for capping the maximum number of
retransmissions the port scan engine will do. The value may be as low
as 0 (no retransmits). A low value can increase spead, though at the
risk of losing accuracy. The -T4 option now allows up to 6 retries,
and -T5 allows 2. Thanks to Martin Macok
(martin.macok(a)underground.cz) for writing the initial patch, which I
changed quite a bit. I also updated the docs to reflect this neat
new option.
o Improved the NmapFE port to GTK2 so it better-conforms to the new o Improved the NmapFE port to GTK2 so it better-conforms to the new
API and you don't get as many annoying messages in your terminal API and you don't get as many annoying messages in your terminal
window. Thanks to Priit Laes (amd(a)store20.com) for writing these window. Thanks to Priit Laes (amd(a)store20.com) for writing these

2
Makefile.in
View File

@@ -1,4 +1,4 @@
export NMAP_VERSION = 3.95 export NMAP_VERSION = 3.96ALPHA1
NMAP_NAME= Nmap NMAP_NAME= Nmap
NMAP_URL= http://www.insecure.org/nmap/ NMAP_URL= http://www.insecure.org/nmap/
NMAP_PLATFORM=@host@ NMAP_PLATFORM=@host@

9
NmapOps.cc
View File

@@ -208,6 +208,7 @@ void NmapOps::Initialize() {
max_rtt_timeout = MAX_RTT_TIMEOUT; max_rtt_timeout = MAX_RTT_TIMEOUT;
min_rtt_timeout = MIN_RTT_TIMEOUT; min_rtt_timeout = MIN_RTT_TIMEOUT;
initial_rtt_timeout = INITIAL_RTT_TIMEOUT; initial_rtt_timeout = INITIAL_RTT_TIMEOUT;
max_retransmissions = MAX_RETRANSMISSIONS;
min_host_group_sz = 1; min_host_group_sz = 1;
max_host_group_sz = 100000; // don't want to be restrictive unless user sets max_host_group_sz = 100000; // don't want to be restrictive unless user sets
max_tcp_scan_delay = MAX_TCP_SCAN_DELAY; max_tcp_scan_delay = MAX_TCP_SCAN_DELAY;
@@ -453,6 +454,14 @@ void NmapOps::setInitialRttTimeout(int rtt)
if (rtt < min_rtt_timeout) min_rtt_timeout = rtt; if (rtt < min_rtt_timeout) min_rtt_timeout = rtt;
} }
void NmapOps::setMaxRetransmissions(int max_retransmit)
{
if (max_retransmit < 0)
fatal("NmapOps::setMaxRetransmissions(): must be positive");
max_retransmissions = max_retransmit;
}
void NmapOps::setMinHostGroupSz(unsigned int sz) { void NmapOps::setMinHostGroupSz(unsigned int sz) {
if (sz > max_host_group_sz) if (sz > max_host_group_sz)
fatal("Minimum host group size may not be set to greater than maximum size (currently %d)\n", max_host_group_sz); fatal("Minimum host group size may not be set to greater than maximum size (currently %d)\n", max_host_group_sz);

3
NmapOps.h
View File

@@ -199,6 +199,8 @@ class NmapOps {
void setMaxRttTimeout(int rtt); void setMaxRttTimeout(int rtt);
void setMinRttTimeout(int rtt); void setMinRttTimeout(int rtt);
void setInitialRttTimeout(int rtt); void setInitialRttTimeout(int rtt);
void setMaxRetransmissions(int max_retransmit);
int getMaxRetransmissions() { return max_retransmissions; }
/* Similar functions for Host group size */ /* Similar functions for Host group size */
int minHostGroupSz() { return min_host_group_sz; } int minHostGroupSz() { return min_host_group_sz; }
@@ -284,6 +286,7 @@ class NmapOps {
int max_rtt_timeout; int max_rtt_timeout;
int min_rtt_timeout; int min_rtt_timeout;
int initial_rtt_timeout; int initial_rtt_timeout;
int max_retransmissions;
unsigned int max_tcp_scan_delay; unsigned int max_tcp_scan_delay;
unsigned int max_udp_scan_delay; unsigned int max_udp_scan_delay;
unsigned int min_host_group_sz; unsigned int min_host_group_sz;

27
docs/nmap.1
View File

@@ -2,7 +2,7 @@
.\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1).
.\" Instead of manually editing it, you probably should edit the DocBook XML .\" Instead of manually editing it, you probably should edit the DocBook XML
.\" source for it and then use the DocBook XSL Stylesheets to regenerate it. .\" source for it and then use the DocBook XSL Stylesheets to regenerate it.
.TH "NMAP" "1" "12/11/2005" "" "Nmap Reference Guide" .TH "NMAP" "1" "12/19/2005" "" "Nmap Reference Guide"
.\" disable hyphenation .\" disable hyphenation
.nh .nh
.\" disable justification (adjust text to left margin only) .\" disable justification (adjust text to left margin only)
@@ -39,11 +39,11 @@ when it cannot determine which of the two states describe a port. The port table
In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses. In addition to the interesting ports table, Nmap can provide further information on targets, including reverse DNS names, operating system guesses, device types, and MAC addresses.
.PP .PP
A typical Nmap scan is shown in A typical Nmap scan is shown in
Example\ 15.1, \(lqA representative Nmap scan\(rq. The only Nmap arguments used in this example are Example\ 14.1, \(lqA representative Nmap scan\(rq. The only Nmap arguments used in this example are
\fB\-A\fR, to enable OS and version detection, \fB\-A\fR, to enable OS and version detection,
\fB\-T4\fR \fB\-T4\fR
for faster execution, and then the two target hostnames. for faster execution, and then the two target hostnames.
Example\ 15.1.\ A representative Nmap scan.sp Example\ 14.1.\ A representative Nmap scan.sp
.nf .nf
# nmap \-A \-T4 scanme.nmap.org playground # nmap \-A \-T4 scanme.nmap.org playground
@@ -735,7 +735,7 @@ One of my highest Nmap development priorities has always been performance. A def
.PP .PP
Techniques for improving scan times include omitting non\-critical tests, and upgrading to the latest version of Nmap (performance enhancements are made frequently). Optimizing timing parameters can also make a substantial difference. Those options are listed below. Techniques for improving scan times include omitting non\-critical tests, and upgrading to the latest version of Nmap (performance enhancements are made frequently). Optimizing timing parameters can also make a substantial difference. Those options are listed below.
.TP .TP
\fB\-\-min_hostgroup <milliseconds>\fR; \fB\-\-max_hostgroup <milliseconds>\fR (Adjust parallel scan group sizes) \fB\-\-min_hostgroup <numhosts>\fR; \fB\-\-max_hostgroup <numhosts>\fR (Adjust parallel scan group sizes)
Nmap has the ability to port scan or version scan multiple hosts in parallel. Nmap does this by dividing the target IP space into groups and then scanning one group at a time. In general, larger groups are more efficient. The downside is that host results can't be provided until the whole group is finished. So if Nmap started out with a group size of 50, the user would not receive any reports (except for the updates offered in verbose mode) until the first 50 hosts are completed. Nmap has the ability to port scan or version scan multiple hosts in parallel. Nmap does this by dividing the target IP space into groups and then scanning one group at a time. In general, larger groups are more efficient. The downside is that host results can't be provided until the whole group is finished. So if Nmap started out with a group size of 50, the user would not receive any reports (except for the updates offered in verbose mode) until the first 50 hosts are completed.
.sp .sp
By default, Nmap takes a compromise approach to this conflict. It starts out with a group size as low as five so the first results come quickly and then increases the groupsize to as high as 1024. The exact default numbers depend on the options given. For efficiency reasons, Nmap uses larger group sizes for UDP or few\-port TCP scans. By default, Nmap takes a compromise approach to this conflict. It starts out with a group size as low as five so the first results come quickly and then increases the groupsize to as high as 1024. The exact default numbers depend on the options given. For efficiency reasons, Nmap uses larger group sizes for UDP or few\-port TCP scans.
@@ -779,6 +779,19 @@ and triple or quadruple it for the
\fB\-\-min_rtt_timeout\fR \fB\-\-min_rtt_timeout\fR
is a rarely used option that could be useful when a network is so unreliable that even Nmap's default is too aggressive. Since Nmap only reduces the timeout down to the minimum when the network seems to be reliable, this need is unusual and should be reported as a bug to the nmap\-dev mailing list. is a rarely used option that could be useful when a network is so unreliable that even Nmap's default is too aggressive. Since Nmap only reduces the timeout down to the minimum when the network seems to be reliable, this need is unusual and should be reported as a bug to the nmap\-dev mailing list.
.TP .TP
\fB\-\-max_retries <numtries>\fR (Specify the maximum number of port scan probe retransmissions)
When Nmap receives no response to a port scan probe, it could mean the port is filtered. Or maybe the probe or response was simply lost on the network. It is also possible that the target host has rate limiting enabled that temporarily blocked the response. So Nmap tries again by retransmitting the initial probe. If Nmap detects poor network reliability, it may try many more times before giving up on a port. While this benefits accuracy, it also lengthen scan times. When performance is critical, scans may be sped up by limiting the number of retransmissions allowed. You can even specify
\fB\-\-max_retries 0\fR
to prevent any retransmissions, though that is rarely recommended.
.sp
The default (with no
\fB\-T\fR
template) is to allow ten retransmissions. If a network seems reliable and the target hosts aren't rate limiting, Nmap usually only does one retransmission. So most target scans aren't even affected by dropping
\fB\-\-max_retries\fR
to a low value such as three. Such values can substantially speed scans of slow (rate limited) hosts. You usually lose some information when Nmap gives up on ports early, though that may be preferable to letting the
\fB\-\-host_timeout\fR
expire and losing all information about the target.
.TP
\fB\-\-host_timeout <milliseconds>\fR (Give up on slow target hosts) \fB\-\-host_timeout <milliseconds>\fR (Give up on slow target hosts)
Some hosts simply take a Some hosts simply take a
\fIlong\fR \fIlong\fR
@@ -840,11 +853,11 @@ are similar but they only wait 15 seconds and 0.4 seconds, respectively, between
is Nmap's default behavior, which includes parallelization. is Nmap's default behavior, which includes parallelization.
\fBT4\fR \fBT4\fR
does the equivalent of does the equivalent of
\fB\-\-max_rtt_timeout 1250 \-\-initial_rtt_timeout 500\fR \fB\-\-max_rtt_timeout 1250 \-\-initial_rtt_timeout 500 \-\-max_retries 6\fR
and sets the maximum TCP scan delay to 10 milliseconds. and sets the maximum TCP scan delay to 10 milliseconds.
\fBT5\fR \fBT5\fR
does the equivalent of does the equivalent of
\fB\-\-max_rtt_timeout 300 \-\-min_rtt_timeout 50 \-\-initial_rtt_timeout 250 \-\-host_timeout 900000\fR \fB\-\-max_rtt_timeout 300 \-\-min_rtt_timeout 50 \-\-initial_rtt_timeout 250 \-\-max_retries 2 \-\-host_timeout 900000\fR
as well as setting the maximum TCP scan delay to 5ms. as well as setting the maximum TCP scan delay to 5ms.
.SH "FIREWALL/IDS EVASION AND SPOOFING" .SH "FIREWALL/IDS EVASION AND SPOOFING"
.PP .PP
@@ -1283,7 +1296,7 @@ Fyodor
Hundreds of people have made valuable contributions to Nmap over the years. These are detailed in the Hundreds of people have made valuable contributions to Nmap over the years. These are detailed in the
\fICHANGELOG\fR \fICHANGELOG\fR
file which is distributed with Nmap and also available from file which is distributed with Nmap and also available from
\fI\%http://www.insecure.org/nmap/nmap_changelog.html\fR. \fI\%http://www.insecure.org/nmap/changelog.html\fR.
.SH "LEGAL NOTICES" .SH "LEGAL NOTICES"
.SS "Nmap Copyright and Licensing" .SS "Nmap Copyright and Licensing"
.PP .PP

5
docs/nmap.usage.txt
View File

@@ -1,4 +1,4 @@
Nmap 3.95 ( http://www.insecure.org/nmap/ ) Nmap 3.96ALPHA1 ( http://www.insecure.org/nmap/ )
Usage: nmap [Scan Type(s)] [Options] {target specification} Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION: TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc. Can pass hostnames, IP addresses, networks, etc.
@@ -37,10 +37,11 @@ OS DETECTION:
--osscan_guess: Guess OS more aggressively --osscan_guess: Guess OS more aggressively
TIMING AND PERFORMANCE: TIMING AND PERFORMANCE:
-T[0-5]: Set timing template (higher is faster) -T[0-5]: Set timing template (higher is faster)
--min_hostgroup/max_hostgroup <msec>: Parallel host scan group sizes --min_hostgroup/max_hostgroup <size>: Parallel host scan group sizes
--min_parallelism/max_parallelism <msec>: Probe parallelization --min_parallelism/max_parallelism <msec>: Probe parallelization
--min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout <msec>: Specifies --min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout <msec>: Specifies
probe round trip time. probe round trip time.
--max_retries <tries>: Caps number of port scan probe retransmissions.
--host_timeout <msec>: Give up on target after this long --host_timeout <msec>: Give up on target after this long
--scan_delay/--max_scan_delay <msec>: Adjust delay between probes --scan_delay/--max_scan_delay <msec>: Adjust delay between probes
FIREWALL/IDS EVASION AND SPOOFING: FIREWALL/IDS EVASION AND SPOOFING:

5
nmap-service-probes
View File

@@ -1319,6 +1319,8 @@ match smtp-proxy m|^554 ([\d.]+) ([\w-_.]+) No mail service\r\n| p/Symantec SGS
match smtp-proxy m|^220 ([\w-_.]+) ESMTP Scalix SMTP Relay ([\d.]+); .*\r\n| p/Scalix smtp relay/ v/$2/ h/$1/ match smtp-proxy m|^220 ([\w-_.]+) ESMTP Scalix SMTP Relay ([\d.]+); .*\r\n| p/Scalix smtp relay/ v/$2/ h/$1/
match smtp-proxy m|^220 Traffic Inspector SMTP Gate \(SPAM protected\), ver\. ([\d.]+), ready at.*\r\n| p/Smart-Soft spam filtering smtp-proxy/ v/$1/ o/Windows/ match smtp-proxy m|^220 Traffic Inspector SMTP Gate \(SPAM protected\), ver\. ([\d.]+), ready at.*\r\n| p/Smart-Soft spam filtering smtp-proxy/ v/$1/ o/Windows/
match fw1-topology m|^Q\0\0\0$| p/Checkpoint FW1 Topology/ d/firewall/
softmatch smtp m|^220[\s-].*?E?SMTP[^\r]*\r\n| softmatch smtp m|^220[\s-].*?E?SMTP[^\r]*\r\n|
@@ -1783,6 +1785,7 @@ match honeypot m|^Microsoft Windows XP \[Version [\d.]+\]\n\(C\) Copyright 1985-
match tunnelvision m|^HELLO Welcome to Tunnel Vision \(([\d.]+)\)\n| p/Tunnel Vision VPN info/ v/$1/ match tunnelvision m|^HELLO Welcome to Tunnel Vision \(([\d.]+)\)\n| p/Tunnel Vision VPN info/ v/$1/
match domain m|^\x80\xf0\x80\x12\0\x01\0\0\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\x01| p/Microsoft DNS/ o/Windows/
##############################NEXT PROBE############################## ##############################NEXT PROBE##############################
Probe TCP GenericLines q|\r\n\r\n| Probe TCP GenericLines q|\r\n\r\n|
rarity 1 rarity 1
@@ -3635,8 +3638,6 @@ match nameserver m|^help\r\n\r\n\0\0\0\0\x20CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0
match nameserver m|^\x03\x03\x02$| p/Solaris Internet Name Server/ i/IEN 116/ o/Solaris/ match nameserver m|^\x03\x03\x02$| p/Solaris Internet Name Server/ i/IEN 116/ o/Solaris/
match nameserver m|^\0\x06\x01\0\0\x01\0\0\x03\x03\x02$| p/Solaris Internet Name Server/ i/IEN 116/ o/Solaris/ match nameserver m|^\0\x06\x01\0\0\x01\0\0\x03\x03\x02$| p/Solaris Internet Name Server/ i/IEN 116/ o/Solaris/
match http m|^HTTP/1\.0 \d{3} .*\r\nServer: CompaqHTTPServer/([.\w\d]+)\r\n|s p/Compaq Insight Manager HTTP server/ v/$1/
##############################NEXT PROBE############################## ##############################NEXT PROBE##############################
Probe TCP Help q|HELP\r\n| Probe TCP Help q|HELP\r\n|
rarity 3 rarity 3

11
nmap.cc
View File

@@ -264,6 +264,7 @@ int nmap_main(int argc, char *argv[]) {
{"host_timeout", required_argument, 0, 0}, {"host_timeout", required_argument, 0, 0},
{"scan_delay", required_argument, 0, 0}, {"scan_delay", required_argument, 0, 0},
{"max_scan_delay", required_argument, 0, 0}, {"max_scan_delay", required_argument, 0, 0},
{"max_retries", required_argument, 0, 0},
{"oA", required_argument, 0, 0}, {"oA", required_argument, 0, 0},
{"oN", required_argument, 0, 0}, {"oN", required_argument, 0, 0},
{"oM", required_argument, 0, 0}, {"oM", required_argument, 0, 0},
@@ -418,6 +419,11 @@ int nmap_main(int argc, char *argv[]) {
} }
o.setMaxTCPScanDelay(scand); o.setMaxTCPScanDelay(scand);
o.setMaxUDPScanDelay(scand); o.setMaxUDPScanDelay(scand);
} else if (strcmp(long_options[option_index].name, "max_retries") == 0) {
int num_retrans = atoi(optarg);
if (num_retrans < 0)
fatal("max_retransmissions must be positive");
o.setMaxRetransmissions(num_retrans);
} else if (strcmp(long_options[option_index].name, "randomize_hosts") == 0 } else if (strcmp(long_options[option_index].name, "randomize_hosts") == 0
|| strcmp(long_options[option_index].name, "rH") == 0) { || strcmp(long_options[option_index].name, "rH") == 0) {
o.randomize_hosts = 1; o.randomize_hosts = 1;
@@ -748,6 +754,7 @@ int nmap_main(int argc, char *argv[]) {
o.setMaxRttTimeout(1250); o.setMaxRttTimeout(1250);
o.setInitialRttTimeout(500); o.setInitialRttTimeout(500);
o.setMaxTCPScanDelay(10); o.setMaxTCPScanDelay(10);
o.setMaxRetransmissions(6);
} else if (*optarg == '5' || (strcasecmp(optarg, "Insane") == 0)) { } else if (*optarg == '5' || (strcasecmp(optarg, "Insane") == 0)) {
o.timing_level = 5; o.timing_level = 5;
o.setMinRttTimeout(50); o.setMinRttTimeout(50);
@@ -755,6 +762,7 @@ int nmap_main(int argc, char *argv[]) {
o.setInitialRttTimeout(250); o.setInitialRttTimeout(250);
o.host_timeout = 900000; o.host_timeout = 900000;
o.setMaxTCPScanDelay(5); o.setMaxTCPScanDelay(5);
o.setMaxRetransmissions(2);
} else { } else {
fatal("Unknown timing mode (-T argment). Use either \"Paranoid\", \"Sneaky\", \"Polite\", \"Normal\", \"Aggressive\", \"Insane\" or a number from 0 (Paranoid) to 5 (Insane)"); fatal("Unknown timing mode (-T argment). Use either \"Paranoid\", \"Sneaky\", \"Polite\", \"Normal\", \"Aggressive\", \"Insane\" or a number from 0 (Paranoid) to 5 (Insane)");
} }
@@ -1611,10 +1619,11 @@ printf("%s %s ( %s )\n"
" --osscan_guess: Guess OS more aggressively\n" " --osscan_guess: Guess OS more aggressively\n"
"TIMING AND PERFORMANCE:\n" "TIMING AND PERFORMANCE:\n"
" -T[0-5]: Set timing template (higher is faster)\n" " -T[0-5]: Set timing template (higher is faster)\n"
" --min_hostgroup/max_hostgroup <msec>: Parallel host scan group sizes\n" " --min_hostgroup/max_hostgroup <size>: Parallel host scan group sizes\n"
" --min_parallelism/max_parallelism <msec>: Probe parallelization\n" " --min_parallelism/max_parallelism <msec>: Probe parallelization\n"
" --min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout <msec>: Specifies\n" " --min_rtt_timeout/max_rtt_timeout/initial_rtt_timeout <msec>: Specifies\n"
" probe round trip time.\n" " probe round trip time.\n"
" --max_retries <tries>: Caps number of port scan probe retransmissions.\n"
" --host_timeout <msec>: Give up on target after this long\n" " --host_timeout <msec>: Give up on target after this long\n"
" --scan_delay/--max_scan_delay <msec>: Adjust delay between probes\n" " --scan_delay/--max_scan_delay <msec>: Adjust delay between probes\n"
"FIREWALL/IDS EVASION AND SPOOFING:\n" "FIREWALL/IDS EVASION AND SPOOFING:\n"

4
nmap.h
View File

@@ -335,6 +335,10 @@ void *realloc();
#define INITIAL_RTT_TIMEOUT 1000 /* Allow 1 second initially for packet responses */ #define INITIAL_RTT_TIMEOUT 1000 /* Allow 1 second initially for packet responses */
#define HOST_TIMEOUT 0 /* By default allow unlimited time to scan each host */ #define HOST_TIMEOUT 0 /* By default allow unlimited time to scan each host */
#ifndef MAX_RETRANSMISSIONS
#define MAX_RETRANSMISSIONS 10 /* 11 probes to port at maximum */
#endif
/* If nmap is called with one of the names below, it will start up in interactive mode -- alternatively, you can rename Nmap any of the following names to have it start up interactivey by default. */ /* If nmap is called with one of the names below, it will start up in interactive mode -- alternatively, you can rename Nmap any of the following names to have it start up interactivey by default. */
#define INTERACTIVE_NAMES { "BitchX", "Calendar", "X", "awk", "bash", "bash2", "calendar", "cat", "csh", "elm", "emacs", "ftp", "fvwm", "g++", "gcc", "gimp", "httpd", "irc", "man", "mutt", "nc", "ncftp", "netscape", "perl", "pine", "ping", "sleep", "slirp", "ssh", "sshd", "startx", "tcsh", "telnet", "telnetd", "tia", "top", "vi", "vim", "xdvi", "xemacs", "xterm", "xv" } #define INTERACTIVE_NAMES { "BitchX", "Calendar", "X", "awk", "bash", "bash2", "calendar", "cat", "csh", "elm", "emacs", "ftp", "fvwm", "g++", "gcc", "gimp", "httpd", "irc", "man", "mutt", "nc", "ncftp", "netscape", "perl", "pine", "ping", "sleep", "slirp", "ssh", "sshd", "startx", "tcsh", "telnet", "telnetd", "tia", "top", "vi", "vim", "xdvi", "xemacs", "xterm", "xv" }

4
scan_engine.cc
View File

@@ -1139,7 +1139,7 @@ static void init_perf_values(struct ultra_scan_performance_vars *perf) {
perf->group_drop_cwnd_divisor = 2.0; perf->group_drop_cwnd_divisor = 2.0;
perf->group_drop_ccthresh_divisor = (o.timing_level < 4)? 2.0 : 1.5; perf->group_drop_ccthresh_divisor = (o.timing_level < 4)? 2.0 : 1.5;
perf->host_drop_ccthresh_divisor = (o.timing_level < 4)? 2.0 : 1.5; perf->host_drop_ccthresh_divisor = (o.timing_level < 4)? 2.0 : 1.5;
perf->tryno_cap = 12; perf->tryno_cap = o.getMaxRetransmissions();
} }
/* Order of initializations in this function CAN BE IMPORTANT, so be careful /* Order of initializations in this function CAN BE IMPORTANT, so be careful
@@ -3283,7 +3283,7 @@ void processData(UltraScanInfo *USI) {
if (tryno_capped && lastRetryCappedWarning != USI) { if (tryno_capped && lastRetryCappedWarning != USI) {
/* Perhaps I should give this on a per-host basis. Oh /* Perhaps I should give this on a per-host basis. Oh
well, hopefully it is rare anyway. */ well, hopefully it is rare anyway. */
printf("Warning: Giving up on some ports due to excessive retransmissions\n"); printf("Warning: Finishing early because retransmission cap hit.\n");
lastRetryCappedWarning = USI; lastRetryCappedWarning = USI;
} }
continue; continue;